EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

12.22.18

Patent Attorneys Still Insult Judges Because Their Clients, Notably Patent Trolls, Hate 35 U.S.C. § 101 (and Courts Are Correctly Applying It)

Posted in America, Courtroom, Microsoft, Patents at 5:07 pm by Dr. Roy Schestowitz

Judges have become ‘dangerous’ for the same reason peacemakers are ‘dangerous’

The profit motive

Summary: The Court of Appeals for the Federal Circuit (CAFC) and the Patent Trial and Appeal Board’s (PTAB) judges still receive scorn, mockery and disdain from people who make a living out of lawsuits; it has become a stain on the reputation of law firms — a simple fact they’re incapable of comprehending or unwilling to grasp

THE new Director of the U.S. Patent and Trademark Office (USPTO) likes to ignore the Federal Circuit or cherry-pick only decisions which suit his personal agenda. He also routinely mocks/belittles 35 U.S.C. § 101, hence the highest US court. He’s mostly supported by a ranting bunch of lawyers/attorneys like himself. Michael Borella, for instance, has just unleashed this latest complaint about 35 U.S.C. § 101, offering tips/pointers for bypassing it. “Opening scene,” he declared, “our intrepid patent attorney arrives early at her office for a productive day at work. With morning coffee sitting next to her monitor, she opens her email. She finds a few messages from clients and colleagues, as well as a new office action from the USPTO. Curious, she opens the Office action and scans through it, only to find that it contains yet another 35 U.S.C. § 101 rejection applying the dreaded Electric Power Group LLC v. Alstom S.A. decision.”

“These people dread PTAB because PTAB reduces the number of patents and limits the scope of acceptable patents.”Good. Get a real job. David Boundy (Cambridge Technology Law) has also just written for this site. After a bunch of PTAB-hostile blog posts and articles he claims: “My article shows that lapses of administrative law are not confined to Gil Hyatt (a petition for rehearing of Hyatt v. PTO is currently pending, as discussed on Patently-O (see “Agency Bad Guidance Practices at the Patent and Trademark Office: a Billion Dollar Problem”), nor are lapses confined to individual examiners.”

In our previous articles which mentioned Boundy (e.g. [1, 2]) we rebutted his claims, taking note of his financial motivations. These people dread PTAB because PTAB reduces the number of patents and limits the scope of acceptable patents. Anne Cullen, for instance, has just noted that “PTAB Cuts Some Huawei Patent Claims In Samsung Fight” and to quote what’s not behind paywall:

The Patent Trial and Appeal Board has handed a partial win to Samsung in a dispute over three Huawei cellular network patents, chucking all of the challenged claims…

This is very typical. They re-evaluate the examination.

Thanks to the Patent Trial and Appeal Board’s (PTAB) inter partes reviews (IPRs) the patent troll SMTM Technology may soon lose its sole ‘business’: patent lawsuits. With a “patent challenged as likely invalid,” Jain stated 4-5 days ago:

On December 17, 2018, Unified filed a petition for inter partes review (IPR) against U.S. Patent 8,958,853, owned and asserted by SMTM Technology, LLC, an NPE. The ‘853 patent, directed to automatically causing a mobile device to enter into an inactive mode when the mobile device is being used in a moving vehicle, has been asserted in district court litigation against Apple and Microsoft.

Here’s another chance to win a thousand bucks by helping to squash a questionable US patent:

On December 20, 2018, Unified added a $1,000 contest to PATROLL seeking prior art for US Patent No. 8553831 owned by Feng Ma. The ’831 patent, generally relates to a computed tomography imaging system used for medical diagnoses.

Last but not least, a patent troll called General Patent Corp. faces another (more recent) challenge:

On December 20, 2018, the Patent Trial and Appeal Board (PTAB) instituted trial on all challenged claims in an IPR filed by Unified against U.S. Patent 9,253,239 owned by Bradium Technologies, LLC, a General Patent Corp. subsidiary and NPE. As in its recent institutions against Realtime Adaptive Streaming and Mobility Workx, the Board once again rejected arguments that Unified’s members are real parties-in-interest in view of the Federal Circuit’s ruling in Applications in Internet Time, LLC v. RPX. The ’239 patent, directed to a “Optimized image delivery over limited bandwidth communication channels,” is not actively involved in district court litigation.

All the above are IPRs and these typically target patent trolls. Unfortunately, Steven Seidenberg has just come out again with loaded headlines, akin to those from climate change deniers. To quote:

Two recent academic papers examine whether Non-Practicing Entities (NPEs) deserve their reputation as patent trolls – but the papers reach conflicting conclusions. As discussed in the first part of this article, a paper published by Stanford’s Hoover Institution found that 26 publicly-listed NPEs invest in R&D and do little harm to America’s high tech sector. These findings, however, are less significant than they appear. Another paper, published by Harvard Business School (HBS), found that NPEs do on average behave as patent trolls. How important – and trustworthy – are the HBS findings?

“NPEs” and “patent trolls” are the same thing; they’re synonymous. They exist for nothing but lawsuits/extortion.

“”NPEs” and “patent trolls” are the same thing; they’re synonymous. They exist for nothing but lawsuits/extortion.”The other day Janal Kalis took note of a software patent’s invalidation (“US Pat 9516045, Resisting the spread of unwanted code and data; Alice/101 Kill by Dist. Ct. Affirmed by Fed.Cir.”) only for a patent trolls' attorney (Mr. Gross) to lose his mind and attack the judges (“Another terrible, bogus, illogical interpretation of 101 by the CAFC; I wonder if the fact that there was no 101 rejection at the PTO during prosecution affected their thinking? [] Taranto says that “filtering in content” is not a distinction over “filtering out content” and therefore is just abstract even as it is a clear computer function http://www.cafc.uscourts.gov/sites/default/files/opinions-orders/18-1407.Opinion.12-20-2018.pdf … Amazing how he goes out of way to trivialize technical distinctions when it suits his agenda [] Only in CAFC bizarro-land could physical operation – breaking an electronic file into pieces, and sorting conforming/non-conforming content- be considered as NOT directed to improving computer functionality. We’re being ruled by techno-illiterati http://www.cafc.uscourts.gov/sites/default/files/opinions-orders/18-1407.Opinion.12-20-2018.pdf … [] I’m convinced Judge Taranto is responsible for more than 90% of the mess concerning 101 at CAFC: http://www.cafc.uscourts.gov/sites/default/files/opinions-orders/18-1407.Opinion.12-20-2018.pdf … his opinions are arbitrary, illogical and results oriented; his attempted distinction of Finjan is completely technically incorrect…”).

“The bottom line is, trolls are often litigation proxies working at the behest of other entities.”Mr. Gross is supporting trolls, for whom he writes articles. His defense of Microsoft trolls like Finjan is hardly surprising either (Finjan is mentioned 4 times in page 4 of this decision).

Speaking of Microsoft trolls, Keith Bergelt from the Open Invention Network has just recalled Microsoft’s funding for SCO (Microsoft also funded Finjan). To quote:

Symbolically and functionally it’s extremely significant. The Open Invention Network (OIN) was formed in the wake of the SCO litigation against IBM, Red Hat and SUSE/Novell. SCO sued claiming to have Unix related functionality that was relevant to Linux.

This litigation was quietly funded by Microsoft, lasted several years and went nowhere. In the end, there was no liability and no culpability for the alleged infringements

The bottom line is, trolls are often litigation proxies working at the behest of other entities. It is a shell game. To argue that they don’t exist or that their patents do no harm is very dodgy an attitude/approach.

Maybe one day these trolls-friendly attorneys will regret what they said; this is why we need to keep this stuff well documented, properly preserved.

UPC Died in 2016 or 2017; But the EPO Continues to Issue Fake Software Patents That European Courts Reject

Posted in Europe, Law, Patents at 3:44 pm by Dr. Roy Schestowitz

The war on the EPC carries on

Alexander Ramsay, Bristows, and the UPC gold rush

Summary: Why the “UPC Preparatory Committee Update for 2018″ is laughable and it’s time for Team UPC to accept that it has been stopped in its tracks; the main problem is, the EPO continues defying the law as if courts do not exist (or don’t matter)

TO still herald an upcoming/imminent arrival of UPC is delusional and downright dishonest. Even the dishonest European Patent Office (EPO) no longer does this. SUEPO says absolutely nothing on the matter. So why is the subject still being brought up? Only Team UPC. These people are insane.

Gemma Barratt from Bristows, for example, has just repeated more or less what they probably wrote anonymously in the blog that's not theirs a few days ago, taking note of Alexander Ramsay (another dishonest person) and promoting it without even a link (how unprofessional). They are desperately trying to distract from the downfall and their disappointment when they write this:

In other ratification news this year, France, Italy, Luxembourg and the UK deposited their instruments of ratification for the Protocol on Privileges and Immunities (PPI) of the Unified Patent Court (UPC) and Bulgaria deposited its instrument for ratification of the Unified Patent Court (UPC) Agreement’s Protocol on Provisional Application (PPA) with the Secretariat.

That does not matter because there are constitutional challenges (several of them, even successful ones). Moreover, Brexit voids it all (UPCA) and the ratifier quit his job about a month ago. Here we are at the end of 2018; ‘unitary’ patents do not exist and UPC is by far the biggest political crime in Europe — a crime which nobody in the mainstream talks about (because they use cryptic language and spread lies to effectively keep critics out, repelling truth-tellers whom they anonymously demonise and slander).

“Team UPC hopes that dubious new courts will bypass national laws and allow software patents like the patent office does.”As it turns out, FFII “Will give a session on the Unitary Software Patents Urgency next week 28 dec at #35C3 #swpat #ffii #swpatv3 …”

To quote the abstract: “We will discuss the third attempt to install software patents in Europe, via the Unitary Patent Court (UPC). The thousands software patents of the EPO will be made enforceable. Litigation will be more expensive. We will have a dependent and uncontrollable European Patent Court. We will see patent trolls and US style litigation in Europe.”

Team UPC hopes that dubious new courts will bypass national laws and allow software patents like the patent office does. This is their plan (among others).

This is a very big deal because as the quality of European Patents (EPs) goes down there’s a growing danger that patent trolls equipped with software EPs will ruin Europe’s software industry.

“The biggest prize went to (or was stolen by) Battistelli.”Just before the weekend the EPO wrote: “Congrats again to European #InventorAward winners Agnès Poulbot and Jacques Barraud†!”

The biggest prize went to (or was stolen by) Battistelli. He must be counting his millions of Euros (even aside from his very fat bonuses and departure gift) somewhere in France. He passed millions in EPO budget to his threatre (at his other employer). How was he never punished for such blatant corruption? Well, welcome to the EPO and the UPC. Justice exists no more. The EPC doesn’t matter, ILO-AT is a joke, national laws don’t exist, and even international law is routinely violated.

Regarding patent scope, it continues to get yet worse over time. Over at JD Supra, McDonnell Boehnen Hulbert & Berghoff LLP’s Aaron Gin and Margot Wilson (yes, it’s Aaron Gin again, always with that same agenda) have just published “Global Artificial Intelligence Patent Survey”, presenting “AI” as “CII” at the EPO, which increasingly allows software patents in Europe under the guise of “AI” (more so under António Campinos). To quote the most relevant portion:

While Europe may not be a leader in terms of number of AI-related patent filings, patent applications in Europe that relate to IoT and 4IR technologies grew at a 54% annualized rate from 2014 to 2017.[32] Germany, France, and Great Britain, in particular, have significantly increased the number of AI-related patent filings in recent years.[33]

The EPO has expressed a dedication to developing examination practices which are friendlier to computer implemented inventions (CII), which include AI-related subject matter. For example, recently the EPO adopted a new approach to interdisciplinary software patent applications. Specifically, such applications can now be examined by a team of three examiners with diverse technical backgrounds. Additionally, recognizing the urgency and fast-pace of the industry, the EPO has indicated it aims to speed up examination according to a 12-18 month timeline from filing to either allowance or final rejection.

Furthermore, in May 2018, the European Patent Office (EPO) held a conference entitled “Patenting Artificial Intelligence.”[34] The conference centered on the challenges and opportunities of patenting AI-related innovations. Speakers shared lessons learned and strategies for approaching AI related patents.

European examination of all computer related inventions includes a two-prong approach. First, examination includes an eligibility determination of whether the invention is directed towards, for example, a mathematical process or an abstract concept. Second, the invention must be directed towards a technical solution to a technical problem.[35] While the first prong traditionally represents a relatively low bar,[36] European practitioners can encounter more issues with regard to the second prong. During the EPO conference, a heavy emphasis was placed on claiming as specifically as possible. In particular, AI-related innovations should be described and claimed as being developed for a specific implementation. Furthermore, the AI-related idea should be shown to be motivated by technical considerations of the internal functioning of a computer, such as speed and/or computation load.[37]

Sam Jones (GJE Intellectual Property) was also promoting software patents in Team UPC’s favourite blog. It’s that same trick (“AI”) and it was published yesterday:

The European Patent Office (EPO) is receiving ever increasing numbers of patent applications that include a ‘programmed computer’ as a key part of the described invention. Moreover, this growth in filings is being seen in technical fields that are not traditionally considered to be computer-centric. For example, according to EPO statistics, 40% of new patent applications filed in the healthcare space have an AI or machine learning aspect to them.

[...]

This has always been the position of the EPO when handling the exclusions to patentability, and so it is not surprising that the AI and machine learning section of the new Guidelines is largely business as usual. Inventions involving AI and machine learning will be patentable so long as they are described and claimed in the context of operation in a technical system or control of a technical process. Careful drafting will be sufficient to ensure that this requirement is met – describe and claim the AI or machine learning component in the context of the technical system in which it operates, not as an abstract entity, to obtain a granted European patent. AI or machine learning algorithms that are put to work in the context of non-technical systems, such as business processes, are not likely to be patentable.

Misuse of buzzwords like “AI” or “AIpatents” to push software patents into Europe isn’t a novel idea. In clear defiance of 35 U.S.C. § 101 the U.S. Patent and Trademark Office (USPTO) does something similar. Yesterday the EPO wrote: “For the #patent system, the Fourth Industrial Revolution has opened up a new era. For more from our Chief Economist’s recent speech on the topic, click here: http://bit.ly/AIpatents”

“Short of murdering critics (don’t laugh) and bribing constitutional judges there appears to be nothing left for them to do.”This is the person who is speaking at a patent trolls' event (from the US). Having recently embraced the “SDV” buzzword (mostly computer vision) on the same day they wrote: “Self-driving vehicle applications at the EPO come from hundreds of different applicants operating in a wide variety of industries. The top 500 were responsible for 80% of all self-driving vehicle applications at the EPO between 2011 & 2017.”

All these computer vision (algorithm) patents would likely be voided in Europe like they do — routinely in fact — in US courts. Team UPC was hoping to swap the courts with something farcical (presumably managed by corrupt Battistelli), but thankfully that hasn’t succeeded. In recent months they defamed and libeled UPC critics; they also spread fabricated (baseless and refuted) rumours to no avail. Short of murdering critics (don't laugh) and bribing constitutional judges there appears to be nothing left for them to do.

Links 22/12/2018: systemd 240, Wine 4.0 RC3, KDevelop 5.3.1 and KStars 3

Posted in News Roundup at 1:23 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • The Slimbook Eclipse: Powerful Enough to Put Other Linux Laptops in the Shade?

      If not I’d love to find the latest Linux laptop from Spanish PC company Slimbook neatly wrapped and waiting for me under my not-so-neatly decorated Christmas tree!

      The 15.6-inch workstation is being pitched at those working with HD multimedia creation, on-the-go Linux gaming, or serious number crunching.

    • Parabola officially supports librebooted Asus Chromebook C201

      Parabola now supports the Asus Chromebook C201 with the Linux-libre kernel. In the past, the furthest thing we achieved was to boot Parabola with the non-free CrOS kernel. However, that changed when a Parabola user reported at issue #1965 to successfully boot our beloved distro in this Librebooted ARM laptop. Users that wish to do this, just have to install the linux-libre-chromebook package, which has the signature to boot Linux-libre with Depthcharge in the C201.

    • Is it time for the Linux desktop?

      The vast majority of the world’s online services now run on Linux. Websites, communications packages, ERPs, databases and almost every software-as-a-service available online runs on, and is powered by, some variant on Linux— even the PS4 gaming console runs a flavor of it— so why in the majority of workplaces do the desktop machines still run Windows?

      Fire up your desktop computer or open the laptop, and it’s the Windows splash screen that greets us – mostly. Will that ever change, and will Linux ever make the transition to the everyday computing environment which many of us utilize to get work done?

    • Linux vs Windows [Ed: The same old myth-spreading and stigmas]

      However, if you are after speed and high performance, it may be a good idea to try out Linux. If ease of use and compatibility are the main priorities, then Windows may well be the best option.

  • Server

    • CI/CD and the New Generation of Software Delivery: an Interview with Harness

      Continuous integration and continuous delivery (CI/CD) is all the rage in the modern world of software development. But actually what is this pipeline process? It’s a method or set of principles for which development teams implement and deliver code more frequently and reliably.

      Continuous integration embodies a coding philosophy and set of practices propelling teams to implement small and frequent code changes into version control repositories, while the continuous delivery picks up where the CI ends and automates the application’s delivery

      Many platforms, such as Jenkins and CircleCI, exist to help companies and teams streamline the development and integration of their software stacks, but not much exists in the way of easing and automating the process of delivery. And with what does exist, the solutions tend to fall short with features and functionality, or they are overly complicated to configure in the first place.

    • Networking Vendors Flock To Embrace Open-Source Istio Service Mesh

      With cloud-native, technologies, anchored at the core by the open-source Kubernetes container orchestration system, a series of disparate containers can be connected together to enable a microservices architecture for distributed application delivery.

      Managing networking for containers is something that can become complex with larger applications, which is a challenge that the open-source Istio service mesh effort aims to help solve. With the service mesh approach, rather than each individual container needing its own networking, Istio disaggregates microservices networking connectivity, enabling services to be connected in a mesh.

      Istio had its’ 1.0 release on July 31 and at the recent KubeCon + CloudNativeCon NA 2018 conference that ran from Dec. 11-13, multiple networking vendors talked about their formal support, with different efforts.

    • Istio Multicluster on OpenShift

      Istio Multicluster is a feature of Istio–the basis of Red Hat OpenShift Service Mesh–that allows for the extension of the service mesh across multiple Kubernetes or Red Hat OpenShift clusters. The primary goal of this feature is to enable control of services deployed across multiple clusters with a single control plane.

      The main requirement for Istio multicluster to work is that the pods in the mesh and the Istio control plane can talk to each other. This implies that pods need to be able to open connections between clusters.

      In a previous article, this concept was demonstrated by connecting OpenShift SDNs with a network tunnel.

      Assuming this requirement can be met, either with the above approach or a similar one, the following describes how you can install Istio Multicluster.

    • Our Kubernetes deployment pipeline

      A few weeks ago I joined the web and design team here at Canonical, in the Base Squad, which is our backend team.
      One of the things that we are responsible for is deploying the code to our different staging and production environments.
      With multiple features being developed simultaneously, bugs being fixed, and some parts refactored on 27 websites and many projects it quickly becomes a complex problem to solve manually.

    • Kubernetes Federation V2 on OpenShift 3.11

      With datacenters spread across the globe, users are increasingly looking at ways to spread their applications and services across multiple locales or clusters. This need is driven by multiple use cases: from providing high availability, spreading load across multiple clusters while being resilient to individual cluster failures; to avoiding provider lock-in by using hybrid cloud solutions that have access to and make use of multiple clusters.

    • What You Need to Know About Red Hat Enterprise Linux 8 Beta

      “In the four years since Red Hat Enterprise Linux 7 redefined the operating system, the IT world has changed dramatically”

      Since its inception, Linux has been steadily growing in popularity in the corporate world, driven by IT managers and developers looking to address specific issues with flexible, open source solutions, writes Martin Percival, Senior Solution Architect, Red Hat. From its humble beginnings in enterprise IT, it is now at the centre of many of today’s enterprise technology environments.

      From the early 2000s, the growth of enterprise Linux has been nothing short of incredible. It’s fair to say that it’s at the heart of today’s global technology driven economy, having been embraced by companies including Amazon, Google, Netflix, Facebook, Twitter and many others. It powers many of the technology services we use everyday and it continues to grow in popularity.

    • Cloud Foundry And The PaaS You’re Already Running

      Following my previous Forbes articles about the resurgence of PaaS and the adoption of Kubernetes, I ran into Abby Kearns, executive director of Cloud Foundry Foundation, who was kind enough to read them. We exchanged some ideas about PaaS, Kubernetes, and the recent wave of acquisitions in the Cloud space. [Note: as a Forbes contributor, I do not have any commercial relationship with the Foundation or its staff.]

      For those of you who don’t know, Cloud Foundry encompasses multiple open source projects, the primary one being an open source cloud application platform built with container-based architecture and housed within the Cloud Foundry Foundation, which is backed by the likes of Cisco, Dell EMC , Google and others. It has commercial distributions which are offered by Pivotal, IBM and others (Ben Kepes has a great post on the tension between open-source CF and the distributions, on his blog). Cloud Foundry runs on BOSH, a technology that was originally (and almost presciently, you could say) designed to manage large distributed systems, and as such was container-ready back in 2010.

    • IBM-Red Hat: Open Source Goes Blue

      Known as a model that is based on open collaboration among communities of software developers and for generating revenue by support or services, open source has come a long way in recent years. But there are still obstacles that need to be overcome.

      Organizations have struggled with the open source model because it is often hard to sell to their leadership, difficult for end users to accept, and it can be confusing to understand what is supported by the vendor. There is also the question of who owns what (i.e. data, code, etc.) that needs to be addressed.

    • 5 IT job trends to watch in 2019

      In the near-term, however, there are other movements afoot in the IT talent market – from skyrocketing demand for open source talent and AWS experts to the complete rethinking of the responsibilities of key IT leadership roles. Here are five developments IT leaders and hiring managers should be thinking about.

    • Five Best Practices for DevOps Automation

      Open source libraries and frameworks play a crucial role in the DevOps environment that emphasizes the shorter development lifecycles, collaboration, and innovation. It’s important not to neglect the security of these open source components. Here we will talk about five things that one must consider concerning the safety of an open source project.

    • Open-source containers move toward high-performance computing

      Open-source containers are moving in a direction that many of us never anticipated.

      Long recognized as providing an effective way to package applications with all of their required components, some are also tackling one of the most challenging areas in the compute world today — high-performance computing (HPC). And while containers can bring a new level of efficiency to the world of HPC, they’re also presenting new ways of working for enterprise IT organizations that are running HPC-like jobs.

    • Six Key Components That Enable Kubernetes

      The open source Kubernetes project has generated a lot of hype and a lot of real world deployments in recent years.

      At its’ core, Kubernetes has long been defined as a container orchestration system. That is, it is a platform that provides mechanisms that enables users to deploy, schedule and manage application container deployments. Kubernetes, according to Brian Grant principal engineer at Google and Lead Architect of Kubernetes, is somewhat more than just a container orchestrator, providing a platform on which cloud-native applications can be deployed.

      Regardless of how Kubernetes is defined, it’s a platform that is made up of many different components and API abstractions. Getting a handle on all of it can be overwhelming as Kubernetes introduces multiple concepts and ideas that might not be familiar to users of traditional server virtualization technologies.

    • Kubernetes culture influences Google Cloud’s approach to enterprises

      Momentum for container technology has driven the Kubernetes’ management platform into the mainstream, and services for the open-source project look to scale up too.

      As cloud computing priorities shift to accommodate data exchanges across a widening array of workloads, demand for hybrid cloud technology where portable, containerized technologies can deploy software applications among cloud and on-premises environments alike. To maintain a balance between the community-driven ecosystem that gave Kubernetes its edge and the expansive enterprise market leaning more heavily on the tool, Google Cloud is working to imbue the mainstream with a supported culture of open-source values.

  • Audiocasts/Shows

    • 59: Genesynth, nox, urllib3, & PyCascades – Thea Flowers

      Thea Flowers is a Pythonista and open source advocate. She helps empower developers of all backgrounds and experience levels using Python and open source software and hardware.

      Thea is the creator of Nox, the co-chair of PyCascades 2019, the lead maintainer of urllib3, and a member of the Python Packaging Authority and Packaging Working Group.

    • Android vs iOS: Which spies on you more?

      Which mobile operating system spies on you the most? Android or iOS? In other words: Does a Google-powered Android phone or an Apple iPhone spend more time collecting and sending details about you (location, etc.) to company servers?

    • Great News, We Lied | User Error 55

      Whether new users have to suffer the pain of the command line, lying about Santa, and the best tech news of 2018.

      Plus we learn whether Dan is a hipster, and more.

  • Kernel Space

    • Linux 4.19.12
    • Linux 4.14.90
    • Linux 4.9.147
    • Linux 4.4.169
    • Linux 3.18.131
    • A Lot Of Media Driver Work For Linux 4.21 – Includes Intel IPU3, ASpeed Video Engine

      The media subsystem is seeing a lot of work going into the upcoming Linux 4.21 kernel cycle. Two pull requests of media feature work have already been sent in for this imminent merge window.

      Highlights of the media subsystem work for Linux 4.21 include:

      - The Intel IPU3 driver is being staged for this next kernel. This is for the Intel Image Processing Unit 3 (3rd Generation IPU) found in select Kabylake/Skylake U/Y-series products. The IPU processes images captured by a MIPI CSI2 receiver and interfaces with the kernel’s V4L2 subsystem. Intel developers have been working on this IPU3 driver for more than the past year. This IPU3 driver is big enough that it was sent in via its own secondary pull request.

    • Sound Updates Slated For Linux 4.21 Have AMD ACP3 Support, Other New Hardware Support

      In preparing for the Linux 4.21 merge window that is expected to open up over the holidays, the sound subsystem updates have already been submitted. There isn’t much in the way of core infrastructure work this cycle, but a lot of sound driver activity.

    • Linux 4.21 Is Going To Be A Big Release To Jump-Start The New Year

      While Linux 4.20 isn’t even expected for release until Sunday, which itself is delivering many new features and hardware support, the Linux 4.21 release is another big one that will start off the new year.

      Due to Christmas and New Years happening during the expected Linux 4.21 kernel merge window, many subsystem/driver maintainers have already been sending in their new feature pull requests early as they will be taking time off work. As such, there’s already quite a solid look at the likely features for Linux 4.21 — assuming Linus Torvalds doesn’t have any objections to the proposed code.

    • Systemd 240 Released To End 2018 On A High Note

      Zbigniew Jędrzejewski-Szmek, part of the systemd team at Red Hat, has taken the reins from Lennart Poettering to release systemd 240 ahead of Christmas.

      Systemd 240 offers up changes including using RdRand directly when needed (and safe to do so), support for unlocking encrypted boot drives with an external password file, a new systemd-run-generator command, the “systemd-analyze security” sub-command to analyze security/sandbox settings for service units, preparations for OCI container run-time support, a new Type=exec service type, raising the default resource limits for user-space processes, various cgroup improvements, portablectl is now officially supported, and literally dozens of other major changes to this most common Linux init system.

    • systemd 240 released

      systemd System and Service Manager

    • Linux Foundation

      • IBM and Intel’s Blockchain Tug of War

        When the governing board of Hyperledger approved a new supply chain project earlier this month, it marked a significant departure for the open-source blockchain consortium.

        Sawtooth Supply Chain, as the project is provisionally called, breaks new ground because it’s arguably the consortium’s first to really inhabit the application layer of the software stack. It’s built on top of the Sawtooth framework, which Intel contributed to Hyperledger.

        Prior to this, Hyperledger confined its work to the lower layers and eschewed the custom-design of blockchain application code with industry players in mind. That job was left to vendors to carry out in a proprietary manner – as IBM has been doing in its now-live food-tracking supply chain platform with the likes of Walmart.

      • Tensions Emerge Between Hyperledger Blockchain Group’s Biggest Supporters

        When the governing board of Hyperledger approved a new supply chain project earlier this month, it marked a significant departure for the open-source blockchain consortium.

        Sawtooth Supply Chain, as the project is provisionally called, breaks new ground because it’s arguably the consortium’s first to really inhabit the application layer of the software stack. It’s built on top of the Sawtooth framework, which Intel contributed to Hyperledger.

        Prior to this, Hyperledger confined its work to the lower layers and eschewed the custom-design of blockchain application code with industry players in mind. That job was left to vendors to carry out in a proprietary manner – as IBM has been doing in its now-live food-tracking supply chain platform with the likes of Walmart.

      • Hyperledger project joins forces with 12, including Citi and Alibaba Cloud

        Hyperledger, an open source blockchain consortium, has recently brought a large number of significant partners on board, including, Alibaba Cloud, Citi, Deutsche Telekom, we.trade, and 12 other members, who have joined forces with a network of companies and developers who are looking to cooperate in pushing blockchain technology forward, according to a press release.

        The news came out during the first day of the Hyperledger Global Forum in Switzerland, and according to Hyperledger’s Executive Director, ‘reflects the increasing importance of open source efforts to build enterprise blockchain technologies across industries and markets.’ While blockchain technology and crypto has made an impressive inroad into finance and business sectors, Hyperledger continues to also make progress in developing a vibrant open source software scene for the technology.

      • Hyperledger Adds Alibaba Cloud, Citi, Deutsche Telekom, we.trade and 12 more New Members at Hyperledger Global Forum

        Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced Alibaba Cloud, Citi, Deutsche Telekom, we.trade and 12 more organizations have joined the project. This news came during day one of the inaugural Hyperledger Global Forum in Basel, Switzerland.

      • Hybrid DevOps

        All three create a tight integration between the Development and Operations teams and increase the release to production. Now comes the Cloud Native approach which provides significant new power to the development group over Operations functions. This shift in power is often met with resistance from the Operations group.

        Any approach to DevOps requires a significant culture change in the development, quality assurance, and operations groups. This culture change is often the greatest barrier to successfully implementing a DevOps operating model. To address this reality, the best solution is to change the KPI’s on the development group from release to production time to the number of faults in production measured at the user’s screen. One of the biggest challenges to DevOps is that speed can be the enemy to reliability. Changing the metrics on developers greatly improves this sensitivity and therefore changing the metrics on Operations is also required. Operations can no longer blame developers for production faults if they do not tell them during development. This requires operations to be much more involved in reviewing the features and development activities than in the past.

        In the traditional “on-prem” environment, the roles and responsibilities of development teams and operations personnel do not so much change so much as combine to achieve the realization of DevOps. When this is applied to “Cloud,” it becomes more challenging due to the variety of consumption models, e.g., SaaS, PaaS, IaaS, and FaaS being used. Each type will represent a different development model and support challenge. Throw into this the Hybrid IT environment, and roles/responsibilities could become blurred. As businesses struggle to find the right fit for their workloads, IT is also struggling to align with this new paradigm. Best practices are still being defined, and configurations are being optimized, usually manually, in response to overages or worse security breaches.

        The Hybrid IT model is unique in that services can be delivered from multiple suppliers and any supplier’s service can compromise the service level. When implementing DevOps in a Hybrid IT climate, actors and roles must be aligned to the same business objectives, timelines, and concepts of Hybrid IT to fully leverage the capabilities of DevOps.

    • Graphics Stack

      • AMD Working On Making It Easier To Build & Install Radeon Open Compute (ROCm)

        Now that Radeon Open Compute 2.0 is shipping with OpenCL 2.0 support and many other improvements around Radeon GPU computing, a new focus by the developers working on ROCm is to make it easier to build and install on more Linux distributions.

        AMD/GPUOpen provides ROCm repositories for RHEL/CentOS 7 and Ubuntu LTS users in order to have easy access to release binaries for this Linux GPU computing stack. But those wanting to build from source on your own or utilizing a different Linux distribution, currently its quite a chore building ROCm. There are more than a dozen different code repositories for building the complete ROCm stack from the kernel module to various user-space libraries and different components. It’s not a straight-forward process and the documentation has been a bit lacking.

      • Linux Getting Driver Work To Support Tesla V100 NVLink GPUs On High-End POWER9 Servers

        IBM is working on the necessary upstream Linux kernel work for supporting the NVIDIA Tesla V100 GPUs on the POWER9 servers like what comprises the Sierra and Summit supercomputers.

        The V100 Volta GPUs on these POWER9 servers aren’t just conventional PCIe cards plugged in but connected via NVLink and allow for coherent memory and NPU/ATS support on the POWER9 CPU. IBM has been leading the Linux kernel work to allow for the unmodified NVIDIA POWER driver to work on this hardware.

      • Mesa Picks Up Faster Support For S3TC Decoding Using LLVM

        In the event you need to deal with software S3TC decoding rather than on the GPU in cases of hardware limitations or running within a VM, Mesa this week picked up a faster implementation.

        Roland Scheidegger of VMware landed a patch into Mesa 19.0 that makes use of the LLVM JIT code for decoding S3TC.

    • Benchmarks

      • The Performance Of Five Linux Distributions From Early 2016 To The End Of 2018

        With the end of another year upon us, there has been the start of many year-end benchmark comparisons looking at how various aspects of Linux performance has evolved over 2018. In this comparison though is going back further than that and seeing how five Linux distributions have experienced performance changes over the past nearly three years — using the CentOS, Clear Linux, Fedora, and openSUSE Linux distribution releases from early 2016 to their latest releases as of right now with their stable updates.

      • RadeonSI Gallium3D Made Some More OpenGL Performance Gains This Year

        From carrying out various benchmarks, the OpenGL performance of RadeonSI across the Mesa 18.x releases ranged from performing the same to in cases like Deus Ex: Mankind Divided being around 10% faster than just over one year ago. Not bad at all when considering most of the work on getting RadeonSI up to parity with their proprietary driver and the NVIDIA competition happened during 2016~2017 when it entered a really polished state.

        The only main downside this year with the RadeonSI driver is that there is still no OpenGL 4.6 support due to the SPIR-V ingestion support not yet being complete… The proprietary AMD OpenGL driver meanwhile does support OpenGL 4.6 but for most Linux games runs slower than RadeonSI. Overall it was quite an exciting year for open-source Radeon graphics with these RadeonSI performance improvements, significant RADV Vulkan performance/feature work, ironing out various open-source driver issues, and now as we prepare for 2019 there is the long-awaited FreeSync/Adaptive-Sync support set to be merged with the upcoming Linux 4.21. Now we just need to cross our fingers that next year’s Radeon Navi support will be in good open-source standing at launch.

  • Applications

  • Desktop Environments/WMs

    • Newaita Icon Theme – A Combination Of Old Style And Color Of Material Design Icon Theme

      Newaita icons is one of the latest icon theme that is very famous and talked about by so many users because it’s combination of old style and ultra modern look.

      It’s completely new and it’s not based on any other icon theme. This is material design icon theme category.

      It comes with two variants like light and dark.

      It looks good, flat, classic and ultra modern icon theme that makes your desktop more beautiful.

      Many users are raising a request to developer to add missing icons, he is immediately responding and adding those missing icons in high priority.

      This icons are compatible with most of the Linux desktop environments such as Gnome, Unity, Cinnamon, Mate, Lxde, Xfce and others.

    • K Desktop Environment/KDE SC/Qt

      • KDevelop 5.3.1 released

        We today provide a stabilization and bugfix release with version 5.3.1. This is a bugfix-only release, which introduces no new features and as such is a safe and recommended update for everyone currently using KDevelop 5.3.0.

        Important changes to AppImage: There have been a couple of significant changes to the AppImage, please check whether it still works for you distribution. The most significant changes were: AppImages are now created on a more recent version of CentOS, now 6.10 instead of 6.8 (which is EOL), plus we no longer ship libfontconfig (cf. commit), libfreetype & libz (cf. commit).

        You can find the updated Windows 32- and 64 bit installers, the Linux AppImage, as well as the source code archives on our download page.

      • KStars v3.0.0 is released!

        After 4 months of development, we present the KStars v3.0.0 release as an early Christmas present for our users worldwide.

        KStars v3.0.0 packs a lot of features and bugfixes as we strive to develop the most comprehensive planetarium platform for computers today.

      • Cantor 18.12 – KDE way of doing mathematics

        Curious to read about Cantor on LabPlot’s homepage? This is easy to explain. Cantor has got quite a lot of development in the last couple of months, also with great contribution from LabPlot developers. There is a close collaboration between these two KDE projects which we hope to intensify even further in future and to make better use of the common code and human resources in order to provide a strong computational and visualization platform for scientific purposes.

        In this blog post we want to highlight the more striking new features in Cantor 18.12 that was recently released. Since Cantor can run embedded in LabPlot (see the LabPlot 2.3 release announcement for couple of examples), all the features described below are of course also available for users using Cantor from within LabPlot.

        We invested quite a lot into improving the overall usability of Cantor’s worksheet. First improvement we want to mention is the handling of long running and waiting commands. In the past, when executing multiple commands at the same time, there was no feedback for the user which command is being calculated right now and which commands are waiting. In the current release we highlight the currently calculated command entry with a small animation of the prompt. The pending (meaning, queued but not being calculated yet) command entries are also highlighted so the user has the full picture of the processing status.

  • Distributions

    • New Releases

      • NuTyX 10.5 available

        NuTyX 10.5 available with cards 2.4.84

        I’m very please to annonce the new NuTyX 10.5 release.

        NuTyX 10.5 comes with kernel lts 4.14.89, glibc 2.28, gcc 8.2.0, binutils 2.30, python 3.7.1, xorg-server 1.20.3, qt 5.11.3, gtk 3.24.1, gimp 2.10.8, plasma 5.12.6 LTS, kf5 5.53.0, mate 1.20.3, xfce4 4.12.3, firefox 64.0, etc….

        A second kernel is proposed for people who want to use the very last version of the kernel 4.19.11

        NuTyX 10.4 user’s are invited to upgrade.

        4 news ISOs are available in 64 bits and 32 bits. Sizes are from 315 MB up to 1.29G. They are available on the download page.

        The 64 bits is available in “Fixed” and “Rolling” releases as a base and a MATE ISO.

        The installer has been spit in two installation modes: Simple and Advanced installation mode.

        Available graphical interfaces are: kde5, mate, xfce4, lxde, flwm, gnome, jwm, ratpoison, blackbox, fluxbox, openbox, bspwm, icewm, twm, etc.

        Gnome applications (which do not depend on systemd) are moved to the gui-extra collection.

        A new virtualbox-guest package is now available to give the possibility to easily test NuTyX in a virtual environment under virtualbox.
        The GIT projects

      • Freespire 4.5 Released

        Today our development team is proud to announce the release of Freespire 4.5, the free-and-open-source subset of our flagship Linspire operating system. Freespire 4.5 is a security and functionality update of the previous 4.0 release and is equivalent to the Linspire 8.0 base. This includes all security updates until Dec 15, 2018.

      • Freespire 4.5 Released For Letting The Linspire/Lindows Legacy Live On

        Freespire 4.5 is the company’s latest release of their free/open-source complement to Linspire 8.0. Freespire 4.5 is based on a Linux 4.15 kernel while making use of the Ubuntu LTS 18.04.1 base package set. Freespire is making use of the MATE 1.20 desktop environment, Chromium 71 as the default web browser, Geary for on-host email client needs, and Abiword and Gnumeric round out the office suite.

      • Freespire 4.5 Screenshot Tour
      • Peppermint 9 Respin Released

        Team Peppermint are pleased to announce Peppermint 9 Respin, the latest iteration of our operating system. Still based on the 18.04 LTS (long term support) code base, Peppermint 9 Respin still comes in both 64bit and 32bit flavours so older hardware is still supported. We hope you enjoy using it half as much as we enjoyed creating it.

      • SELKS5 RC1 – Threat Hunting and more…

        Yet another upgrade of our SELKS. We are very thankful to all the great Open Source projects and tools for making it possible to showcase Suricata with our new distro.

    • Screenshots/Screencasts

    • OpenSUSE/SUSE

      • SUSE x KubeCon; a Post-Mortem.

        Socks were handed out, interviews were recorded, Rubik’s cubes got solved, SUSE chameleons proliferated the masses; and now we are very tired. KubeCon taught us all a lot of new things from sessions on new projects like Envoy and Harbor, to discussions on the intersection of technology, society, and the future. We saw some interesting keynotes including one on the donation of Etcd to the Cloud Native Foundation (CNCF), and learned from end users about how they’re utilizing Kubernetes in their technology stacks today. We hope you met some good contacts, and hopefully enjoyed some of the post-show parties too – we loved the MoMo and the glass museum!

      • SUSE CaaS Platform 3 validated for SAP Data Hub 2.4

        We are happy to share the news that SUSE CaaS Platform 3 on premise is validated for SAP Data Hub 2.4 with SUSE Enterprise Storage as storage backend.

      • Google Summer of Code 2018

        One more year, Google Summer of Code (GSoC), a mentoring program in which openSUSE helps university students contribute to open source project, has come to an end. So, before 2018 ends as well and we start preparing for the new edition of GSoC, it is time to speak about all the great things that happened this year.

    • Fedora

      • Fedora Elections results

        The Fedora 29 election cycle has concluded. Here are the results for each election. Congratulations to the winning candidates, and thank you all
        candidates for running in this election!

      • Raspberry Pi improvements in Fedora 29

        So Fedora 29 is probably going to account for the largest single improvement to support on the Raspberry Pi support in Fedora since we added initial support in Fedora 25. It certainly wasn’t without issue, but after quite a bit of debug we’ve got the post release issues with the WiFi back to being stable!

      • FPgM report: 2018-51
    • Debian Family

      • December 2018 report: archiving Brazil, calendar and LTS

        Keen readers probably noticed that I didn’t produce a report in November. I am not sure why, but I couldn’t find the time to do so. When looking back at those past two months, I didn’t find that many individual projects I worked on, but there were massive ones, of the scale of archiving the entire government of Brazil or learning the intricacies of print media, both of which were slightly or largely beyond my existing skill set.

      • Debian is back in the Mastodon/GNU Social fediverse, follow fosstodon.org/@debian

        The GNU Social instance where the @debian account was hosted (quitter.se) shut down last May. Thanks to the Quitter.se admins for all this time!

        Long overdue, I’ve setup the @debian account with the feed of micronews.debian.org in other place (I still cannot selfhost properly, due to time constraints mostly). This time I chose a Mastodon instance, fosstodon.org. Thanks to the Fosstodon admins for hosting, and Carl Chenet for feet2toot.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 19.04 Makes It Easier to Manage Reboot-free Kernel Updates

            Users of Canonical’s Livepatch service — which lets you install Linux kernel updates without rebooting — will find additional settings available in Ubuntu 19.04.

            The feature, which made its desktop debut in Ubuntu 18.04 LTS, is free for Ubuntu desktop users on up to three separate machines.

            The Ubuntu Welcome screen includes live patch set-up as part of its fresh-install orientation but is easily skipped.

          • Flavours and Variants

            • Lubuntu kicks 32-bit Linux users to the curb

              It is the year 2018, and 2019 is right around the corner — 64-bit processors have been mainstream for a really long time. If you are still using a computer that is 32-bit only, it is time to toss it into a dumpster. No, I’m not being an elitist; it is simply time to move on. A much superior laptop can be had new for a few hundred bucks. Hell, you could probably buy a used 64-bit machine for under $100.

              With all of that said, I am proud of all Linux-based operating system maintainers that have the courage to ditch 32-bit processor support. Some misguided Linux community members will decry this, claiming that the open source kernel can breathe new life into old hardware. That’s true, but it’s time for the world to raise the bar on what the bottom is — all hardware can’t be supported forever. The latest major operating system to drop 32-bit support? Lubuntu.

            • Lubuntu, a Popular Ubuntu Flavor, To Stop Providing 32-Bit Releases

              Lubuntu, a popular Ubuntu flavor which announced earlier this year that it would stop supporting old hardware, is now dropping support for 32-bit x86 releases.

            • Linux Mint 19.1 Tessa released

              MATE is a classic desktop environment based on GNOME 2. It was Linux Mint’s default desktop environment for five years in the 2000s. MATE is lighter, thus faster, and more stable. Choose this if you have used MATE before and like it. Xfce is an extremely lightweight desktop environment. It has fewer features than Cinnamon and MATE but is extremely light on system resources. Choose this edition if you have an old computer (with less than 1GB of RAM, that is). A notable Xfce equivalent in the Ubuntu world is Lubuntu.

  • Devices/Embedded

Free Software/Open Source

  • ReactOS 0.4.11 Release Candidate Available For Testing The “Open-Source Windows”

    Should you have some extra time this holiday season and wish to dive into some fun operating system tests, the release candidate of ReactOS 0.4.11 is available. Two decades after its start, ReactOS continues striving to be an open-source operating system that offers binary compatibility with applications/games/drivers from Windows.

    During the ReactOS 0.4.11 cycle, developers have been working on kernel improvements around ensuring correct ACLs, fixes in dealing with reading/writing of large files, support for un-secure global names, and a variety of low-level improvements. There has also been a lot of Win32 subsystem work that’s ongoing to get more applications working, CD-ROM support by DOS programs, font improvements, and other changes.

  • NVIDIA Launches PhysX SDK 4.0, As Open-Source Physics Engine

    PhysX SDK 4.0 will be available on December 20, 2018. The engine has been upgraded to provide industrial grade simulation quality at game simulation performance.

    In addition, PhysX SDK has gone open source, starting today with version 3.4! It is available under the simple 3-Clause BSD license. With access to the source code, developers can debug, customize and extend the PhysX SDK as they see fit.

  • NVIDIA Open-Source PhysX SDK 4 is now available for download

    Two weeks ago, we informed you about NVIDIA’s plans to open source its PhysX SDK, meaning that developers using its latest version will be able to offer GPU-accelerated physics on both AMD and NVIDIA GPUs. And today, everyone can download and start using the latest version of PhysX via the PhysX SDK 4.

    PhysX SDK is a scalable multi-platform game physics solution supporting a wide range of devices, from smartphones to high-end multicore CPUs and GPUs. PhysX has already been integrated into some of the most popular game engines, including Unreal Engine (versions 3 and 4) and Unity3D.

  • NVIDIA Releases Open Source PhysX 4.0 SDK on GitHub

    As promised in the company’s initial announcement earlier this month, NVIDIA has released the newly open-sourced PhysX 4.0 SDK via GitHub. Now, thanks to its 3-Clause BSD license, any game developer, hardware company, or coding enthusiast can grab the latest version of NVIDIA’s realtime physics engine and tinker, improve, or implement it in hopefully creative new ways.

  • 7 things to look out for in 2019: Changes for open source, data privacy, and the cloud

    No one know what the future might hold, but we’re taking our best stab at it with some pretty educated guesses. The new year is just around the corner and we’ve asked a number of experts what they think is in store for developers in 2019.

    Today, we’re talking with another expert: Laurent Bride, CTO at Talend. What does he see in store for the world of technology in the coming year? More questions about data privacy and security, increased support for open source, and possibly more clarity for algorithms in 2019.

  • Opensource is what makes Bombay Stock Exchange the fastest exchange says BSE IT Chief Kersi Tavadia

    Sangram Aglave, Contributing Editor, BW Businessworld caught up with Kersi Tavadia, CIO, Bombay Stock Exchange at Cloudera Sessions Mumbai 2018 to learn about his career spanning across three decades and his experience in taking Bombay Stock Exchange (BSE) from proprietary to opensource.

  • Open Source At The Heart Of IT Transformation

    Traditional data centers are simply too rigid, slow and difficult to adapt to meet the requirements of the new digital business age. By contrast, organizations that focus on transforming their IT environment complete three times as many IT projects ahead of schedule, are four times more likely to report excellent levels of IT process automation, and are seven times more likely to view IT as a profit center and competitive differentiator.

    With so much at stake, many organizations start their efforts to transform by moving toward a software-defined infrastructure (SDI). This usually involves designing new cloud-native applications and deploying workloads to public cloud platforms. However, that doesn’t mean data centers are a thing of the past. When you factor in the explosive growth of business-critical applications and data, it becomes clear that these data centers will remain essential to progressive, digital-centric planning.

  • Marvel at Grafana Loki: The Prometheus of open source log backends

    Looking for a new logging backend system? Loki is a highly-available, multi-tenant log aggregation system by Grafana. Inspired by Prometheus, this logging backend system is optimized for Kubernetes users, is 100% open source, and has never turned into a snake and then stabbed anyone as far as we know.

  • Open source in the classroom soars in 2018

    As usual, open source continues to inspire innovation in both theory and practice. Our authors covered a broad range of topics within the education paradigm. We had something for everyone, including projects that could easily be applied in other settings.

  • Events

    • Linux Security Summit Europe 2018 Wrap-up

      The inaugural Linux Security Summit Europe (LSS-EU) was held in October, in Edinburgh, UK.

      For 2018, the LSS program committee decided to add a new event in Europe, with the aim of fostering Linux security community engagement beyond North America. There are many Linux security developers and users in Europe who may not be able to obtain funding to travel to North America for the conference each year. The lead organizer and MC for LSS EU is Elena Reshetova, of Intel Finland.

      This was my first LSS as a speaker, as I’ve always been the MC for the North American events. I provided a brief overview of the Linux kernel security subsystem.

    • Montreal Bug Squashing Party – Jan 19th & 20th 2019

      We are organising a BSP in Montréal in January! Unlike the one we organised for the Stretch release, this one will be over a whole weekend so hopefully folks from other provinces in Canada and from the USA can come.

      So yeah, come and squash bugs with us! Montreal in January can be cold, but it’s usually snowy and beautiful too.

    • FOSDEM talk about Futatabi

      Futatabi is a free software solution for doing instant replay, e.g. for sports production. It supports multiple cameras, high-quality realtime slow motion on the GPU through optical flow, and seamless integration with Nageru, my live video mixer. We’ll talk a bit about how interpolation through optical flow works, challenges in transporting the streams back and forth, and demonstrate a real-world sports production done earlier this year using Nageru and Futatabi.

    • HTTP/3 talk in Stockholm on January 22

      This time TCP is replaced by the new transport protocol QUIC and things are different yet again! This is a presentation by Daniel Stenberg about HTTP/3 and QUIC with a following Q&A about everything HTTP.

      The presentation will be done in English. It will be recorded and possibly live-streamed. Organized by me, together with our friends at goto10. It is free of charge, but you need to register.

  • Web Browsers

    • Google/Chrome

    • Mozilla

      • December 2018 – what extensions do I use in Firefox desktop
      • Privacy in practice: Mozilla talks “lean data” in India

        How can businesses best implement privacy principles? On November 26th, Mozilla hosted its first “Privacy Matters” event in New Delhi, bringing together representatives from some of India’s leading and upcoming online businesses. The session was aimed at driving a practical conversation around how companies can better protect user data, and the multiple incentives to do so.

        This conversation is timely. The European GDPR came into force this May and had ripple effects on many Indian companies. India itself is well on its way to having its first comprehensive data protection law. We’ve been vocal in our support for a strong law, see here and here for our submissions to the Indian government. Conducted with Mika Shah, Lead Product and Data Counsel at Mozilla Headquarters in Mountain View, the meeting saw participation from thirteen companies in India, ranging from SMEs to large conglomerates, including Zomato, Ibibo, Dunzo, Practo and Zeotap. There was a mix of representatives across engineering, c-level, and legal/policy teams of these companies. The discussions were divided into three segments as per Mozilla’s Lean Data framework, covering key topics: “Engage users”, “Stay Lean”, and “Build-in Security”.

      • KStars v3.0.0 Now Available, Malware Targeting IoT Devices Is Growing, Enhanced Privacy Settings for Mozilla’s Latest Firefox Focus, Coreboot 4.9 Released and Pivotal Announces Pivotal Cloud Foundry Platform Version 2.4

        Mozilla announces the latest release of Firefox Focus, introducing enhanced privacy settings. According to the Mozilla blog, “You can choose to block all cookies on a website, no cookies at all—the default so far—third party cookies or only 3rd party tracking cookies as defined by Disconnect’s Tracking Protection list. If you go with the latter option, which is new to Firefox Focus and also the new default, cross-site tracking will be prevented.” You can get the latest version of Firefox Focus from Google Play and in the App Store.

      • Introducing Basilisk, an open source XUL based browser and “close twin” to pre-Servo Firefox

        Yesterday, the team behind Pale Moon, an open-source web browser introduced Basilisk, which is supposedly a “close twin to Mozilla’s Firefox”. Basilisk is an open source web browser which is based on Mozilla’s XML User Interface Language (XUL). It is being introduced as primarily a reference application for development of the XUL platform it builds upon. It features Firefox-style interface and operation.

  • SaaS/Back End

    • Hortonworks’ Shaun Bierweiler Talks Enterprise Open Source Tools’ Use in Emergency Mgmt

      Shaun Bierweiler, vice president of Hortonworks‘ (Nasdaq: HDP) U.S. public sector business, has said enterprise open source tools such as Apache NiFi and Hadoop work to support emergency and disaster response operations by deriving actionable intelligence from data, ExecutiveBiz reported Dec. 3.

      Bierweiler, who also serves as president of Hortonworks Federal, noted in an interview published Nov. 28 that some tools support data in motion, which he said is important for emergency management because data from disparate sources can automatically move to the involved agencies’ own environments to inform their operations as well as provide a historical basis for more efficient strategies in the future.

  • Databases

    • Why does Oracle keep trashing MySQL, its own product?

      By most accounts, Oracle has been a reasonably good steward for MySQL, the open source database it picked up when Oracle acquired Sun Microsystems years ago. Oracle has contributed significant engineering resources to MySQL to ensure “improved performance in areas that were long considered impossible to address,” as former MySQL product executive Zack Urlocker once put it.

      More recently, Oracle CTO and chairman Larry Ellison has made no secret of his disdain for MySQL, telling analysts that “you’ve got to be willing to give up tons of reliability, tons of security, tons of performance to [use MySQL instead of Oracle because]…we have a huge technology advantage.” This would be fair game to call out against a competitor, but this is Ellison talking about a product that is primarily developed by Oracle.

  • CMS

    • Acquia transforms from WCM to digital experience platform

      Acquia is at the crossroads for WCM. As it takes advantage of shifting customer expectations for sophisticated conversations and intuitive interactions, the company is becoming a pre-eminent digital experience platform.

      Founded in 2007 as an open source business, Acquia continues to deliver enterprise-grade services for deploying Drupal within large organizations, while contributing code and technical leadership to Drupal’s independent open source development community.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • LLVM 7.0.1 Released To Deliver Various Bug Fixes While One ABI-Breaking Issue Remains

      Tom Stellard of Red Hat has announced the release of LLVM 7.0.1 that incorporates a variety of fixes introduced over the past few months.

      In the three months since LLVM 7.0, the release branch has landed a variety of bug/regression fixes and now culminated with the 7.0.1 point release to end out the year. A look through the merged patches can be found via the commits on release_70.

    • LLVM Developers Are Still Working On Their Massive Relicensing Effort

      It’s been over three years since the original proposal for re-licensing the LLVM compiler infrastructure and while they have reached community consensus on their new “Apache 2.0 with LLVM Exception” license, there’s still a big task at hand of getting all past contributors signing off on the process.

      The LLVM Foundation has been working on this big code re-licensing initiative in order to motivate new contributors, better protect users of LLVM code, protect contributors, and ensure a great ecosystem both for open and closed-source vendors. The re-licensing is about moving from a University of Illinois / NCSA Open-Source License (based on MIT/X11 and 3-clause BSD) and over to the Apache 2.0 license with an exception. The “LLVM Exception” to Apache 2.0 is for code compiled by LLVM to not impose the same redistribution conditions and when pairing LLVM code with GPLv2 code the user can opt for the indemnity provision. The expected new LLVM license in full can be read here.

  • FSF/FSFE/GNU/SFLC

    • grep @ Savannah: grep-3.3 released [stable]

      Here’s a snap release to fix a regression introduced in grep-3.2.
      See the NEWS below for details:

      Here are the compressed sources and a GPG detached signature[*]:

      https://ftp.gnu.org/gnu/grep/grep-3.3.tar.xz

      https://ftp.gnu.org/gnu/grep/grep-3.3.tar.xz.sig

      Use a mirror for higher download bandwidth:

      https://ftpmirror.gnu.org/grep/grep-3.3.tar.xz

      https://ftpmirror.gnu.org/grep/grep-3.3.tar.xz.sig

      [*] Use a .sig file to verify that the corresponding file (without the
      .sig suffix) is intact. First, be sure to download both the .sig file
      and the corresponding tarball.

    • sed @ Savannah: sed-4.7 released [stable]

      Here’s a snap release to fix a regression introduced in sed-4.6.
      See the NEWS below for details:

      Here are the compressed sources and a GPG detached signature[*]:

      http://ftp.gnu.org/gnu/sed/sed-4.7.tar.xz

      http://ftp.gnu.org/gnu/sed/sed-4.7.tar.xz.sig

      Use a mirror for higher download bandwidth:

      https://ftpmirror.gnu.org/sed/sed-4.7.tar.xz

      https://ftpmirror.gnu.org/sed/sed-4.7.tar.xz.sig

      [*] Use a .sig file to verify that the corresponding file (without the
      .sig suffix) is intact. First, be sure to download both the .sig file
      and the corresponding tarball.

    • Radio Gets Ridiculous

      Of course, he’s leveraging the analog conversion in the microcontroller as well as the ability to generate signals in software. You might think that’s going to be an anemic receiver. Granted, it won’t be a high fidelity long-range receiver, but it does interface with GNU Radio!

  • Public Services/Government

    • California launches new online repository to share open-source code

      The California Government Operations Agency last week launched a new website that will eventually host the state’s open-source software projects, allowing agencies, the technology industry and citizens to collaborate on the development of software used by the state government.

    • Four Myths About Open Source in Government (Contributed)

      Every year, the National Association of State Chief Information Officers (NASCIO) publishes its list of State CIO Top 10 Priorities, a checklist of the most important issues that will be on the to-do lists of CIOs across the country. This year’s list includes concerns about security and risk management, implementation and deployment of cloud services, and the need to consolidate and optimize services and infrastructure, to name a few.

      State CIOs may wish to consider turning to open source software for help in addressing these challenges and objectives. Open source can facilitate more flexible and agile IT infrastructure and is the underlying technology behind many popular cloud service platforms. Open source can also help organizations consolidate and centralize disparate services, making them easier and more cost-effective to manage.

      Many states and cities are actively embracing open source. California’s Government Operations Agency recently launched the California Code website, an open collaboration between agencies, industry partners and civic technologists working to create a more innovative, collaborative and effective government. The state has also certified the first open source, publicly owned election technology for use in Los Angeles County. Meanwhile, in Chicago, open source has been embraced by the Office of Budget and Management (OMB) to simplify and modernize the city’s annual financial reporting obligations. Yet, despite its many benefits, myths about open source persist.

  • Licensing/Legal

    • Parity Launches Beta Version of Tool Stack for Building Blockchains

      The beta version of Substrate is licensed under the GNU General Public License, but in order to provide maximum developer freedom, the tool’s repository will be moved to an Apache 2.0 license.

    • Ethereum Startup Parity Launches DIY Blockchain Tool Substrate

      Substrate is currently licensed under the GNU General Public License (GPLv3), Parity said, but it is planning to move to the Apache 2.0 open-source license for “maximum developer freedom.” Apache 2.0’s “widely permissive nature” will also encourage Fortune 500 companies to adopt the technology, the firm said.

    • The Cyclical Theory of Open Source

      But in a world in which appetites for open source software commercially are under threat from – among other areas – proprietary cloud based offerings, it is certainly possible that industry appetites and support for open source could be slowed if public models give way to private alternatives.

      Many of those that have resorted to problematic licenses, however, feel as if they’ve been left with little choice. In their view, they foot the bill for the majority of development on an open source asset, only to see a cloud provider pick up that code and offer it as a competitive service – often without so much as an acknowledgement of the open source codebase it’s derived from.

      The question facing these providers, and the market as a whole, is not whether or not the typical commercial open source vs cloud provider dynamic is optimal – it is clear that, while improving, it is not. The question rather is whether or not a license is an appropriate remedy for the issue.

    • Automated Compliance Tooling project announced, Code California launches, Tor funding, and more news

      When you think of open source projects, the first thing that comes to mind is probably code. There’s more to it than that. One vital aspect of open source that doesn’t get a lot of attention is license compliance. That could change, thanks to the ACT project that the Linux Foundation is launching.

      Short for Automated Compliance Tooling, ACT brings together four compliance projects: FOSSology, QMSTR, SPDX Tools, and Tern. The goal of ACT, according to the Linux Foundation, is to “consolidate investment in, and increase interoperability and usability of, open source compliance tooling.” In the end, this will help users and companies more easily “find up-to-date and current compliance documentation.”

    • New software licenses aim to protect against cloud providers

      Open-source companies are tired of being pushed around by cloud providers and technology giants. As a result, these companies are taking measures into their own hands with the development of new software licenses for their projects.

      For instance, earlier this year a group of businesses and developers came together under the Commons Clause, a initiative meant to add restrictions that limit or prevent the selling of open-source software.

    • Startups are taking on Amazon’s cloud with a controversial new plan, but experts warn it could undermine the foundations of open source

      In response, three smaller software companies behind some of the open-source software that Amazon and others rely on — Confluent, Redis Labs, and MongoDB — have gone on the defensive. In recent months, they’ve made changes to their licensing that prevent cloud platforms from profiting from the open-source code that they develop. Open source can’t be “free and unsustainable” research and development for tech giants, Confluent CEO Jay Kreps said last week.

  • Openness/Sharing/Collaboration

    • Open Data

      • ODI backs four local open geospatial data projects

        Each has received £15,000-25,000 for research to conclude by the end of March. The ODI will provide guidance, review and assistance to the project teams.

        Under one of the projects, Falkirk Council will work with geographic data sharing specialist thinkWhere to develop an open source mapping platform to present data from OpenStreetMap – a free wiki world map – to help community groups and citizens. The ODI cited the example of showing locations of food banks and community kitchens.

        The goal is to help community groups maintain data on OpenStreetMap rather than maintaining separate service directories.

        A consortium led by Oxfordshire Council has received support to develop an open source cycle route audit tool to assess the routes and inform local transport policy.

      • StreetCred Is Challenging Google Maps—and It Wants Your Help

        And more accurate, too, with serious assists from cryptocurrency-seeking mappers. Other companies rely on OpenStreetMap, a crowdsourced, open-source effort to create a complete and editable map of the world. (Think Wikipedia for maps.) OSM’s 1 million contributors are constantly adding to and updating its maps using GPS devices, aerial imagery, and info they enter manually.

        But open-source cartography isn’t always comprehensive or particular enough for the users Meech is targeting. If a company making a VR game for kids needs to know the location of every playground in Cincinnati, there’s no guarantee the volunteers will plug that in. So StreetCred might offer a future mapping army an extra crypto incentive to find, validate, and label those locations.

    • Open Access/Content

      • Curated, Open Source eBook from Learning 2018 Conference Published

        According to Elliott Masie, the Host & Curator of Learning 2018, “We have created this as an open source, shareable resource that will extend the learning from Learning 2018 to our colleagues around the world. We are using the Open Creative Commons license, so feel free to share!”

    • Open Hardware/Modding

      • On the first day of Christmas, MIPS sent to me: An open-source-ish alternative to RISC-V

        AI biz Wave Computing on Monday told the world it intends to open source the latest MIPS instruction set architecture (ISA) in the hope that fosters the development of more RISC-based custom chips.

        The outfit acquired MIPS, the fabless CPU design firm that had been sold twice before since 2013, back in June with the intention of using its well-established processor tech for running AI code on IoT devices at the edge of the network.

        Wave said under its MIPS Open Initiative, participants – who will be required to register – will have access to the 32-bit and 64-bit MIPS ISA at no charge, without any licensing or royalty fees. The key thing here is instruction set: the machine-code language your, for instance, C source compiles down to. It’s how the chip interfaces with software. It’s not how the insides of a processor works.

      • Western Digital SweRVs Towards Open Source with New RISC-V Core, ISS, and Cache Coherency

        Is open source changing the way we manage data? Western Digital, a data storage device company, switched to RISC-V’s open-source ISA (instruction set architecture) a year ago. This month, they announced a series of open-source, collaborative initiatives that aim to make data more open, from processor cores to memory caches.

        [...]

        Western Digital, a company best known for data storage devices, is one of the companies in the growing RISC-V environment. One year ago, they announced that they were moving to RISC-V. Now, they’re doubling down on their commitment to this open source architecture, aiming to facilitate new innovation and help lead the charge into the future of data processing and, eventually, data storage.

      • The End of Industrial Automation (As We Know It)

        At present, much embedded software (even if it originates in open source) includes many proprietary elements. For security reasons, today it’s increasingly important to update embedded software, but sadly this is often difficult or impossible to do. As a result, cybersecurity has become a chronic problem for embedded systems, especially in the consumer electronics segments. This creates other problems, too. Applications are inflexible. The operating systems and software tool chains are fragmented. Development speed is slow. Hardware/software integration remains problematic. And worse, there’s a relatively small base of experienced embedded system software developers.

      • China looks to private capital, open source technology for global tech game advantage

        China is racing against time to establish its own technological intellectual property, particularly in the semiconductor industry. The moves come amid growing pressure on Chinese tech companies overseas, underscored by the recent arrest of Huawei CFO Meng Wanzhou and punitive measures by the US on Huawei rival ZTE.

        This time around, China appears to be taking a more discreet approach, pursuing more low-profile strategies rather than eye-popping, state-led partnership initiatives such as the National Integrated Circuit (IC) Industry Investment Fund, which was set up in 2014 and raised RMB 138.7 billion ($20.1 billion) in its initial phase.

  • Programming/Development

    • Procedural Macros in Rust 2018

      Perhaps my favorite feature in the Rust 2018 edition is procedural macros. Procedural macros have had a long and storied history in Rust (and will continue to have a storied future!), and now is perhaps one of the best times to get involved with them because the 2018 edition has so dramatically improved the experience both defining and using them.

      Here I’d like to explore what procedural macros are, what they’re capable of, notable new features, and some fun use cases of procedural macros. I might even convince you that this is Rust 2018′s best feature as well!

    • GLPI version 9.4

      GLPI (Free IT and asset management software) version 9.4.0 RC1 is available. RPM are available in remi-glpi94 repository for Fedora ≥ 26 and Enterprise Linux ≥ 6.

    • PHP version 7.2.14RC1 and 7.3.1RC1

      Release Candidate versions are available in remi-test repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests (for x86_64 only), and also as base packages.

    • Python Logging Basics
    • “Live Development of a PyCharm Plugin” with Joachim Ansorg
    • Slow scheduled tasks after yesterday’s system update
    • Python 3 OOP Part 4 – Polymorphism
    • On how useful are R packages in Debian (100%)

      Debian distributes the R language for statistical analysis, data mining or bioinformatics (among others). Satellite to R are hundreds of packages (kind of function libraries), mostly distributed by CRAN and Bioconductor, which contribute a lot to the richness and versatility of the R ecosystem. Debian redistributes some of these packages in the Debian format. Like in all similar cases of “redistribution of a distribution”, there is a tension between Debian’s goals for its stable version, and the expectations of novelty for the users (in part because the development cycle of R is 6 months), and one sometimes wonder if there is a point for using the packages through Debian and not through the upstream repositories.

    • Anaconda Distribution 2018.12 Released

      We are changing versioning in Anaconda Distribution from a major/minor version scheme to a year.month scheme. We made this change to differentiate between the open source Anaconda Distribution and Anaconda Enterprise, our managed data science platform. Conda, will continue to use a major/minor versioning scheme.

      The number of 32-bit x86 Linux packages downloaded are a small fraction of downloads from Anaconda. As of this release, we no longer build 32-bit packages for Linux, aside from critical bug fixes. Linux 32 packages will reach end of life as of June 2019.

    • Why you should be using pathlib

      When I discovered Python’s new pathlib module a few years ago, I initially wrote it off as being a slightly more awkward and unnecessarily object-oriented version of the os.path module. I was wrong. Python’s pathlib module is actually wonderful!

    • Python Qt5 – simple draw with QPainter.

      Using the QPainter is more complex than a simple example.
      I try to create a simple example in order to have a good look at how can be used.
      The main goal was to understand how can have the basic elements of QPainter.

    • Python Nested Functions

      Functions are one of the “first-class citizens” of Python, which means that functions are at the same level as other Python objects like integers, strings, modules, etc. They can be created and destroyed dynamically, passed to other functions, returned as values, etc.

    • Geek of the Week: Kevin Lin walks the talk as he left Amazon to launch startup and host his own podcast

      If you want to get into the details, Vim is shorthand for Vi IMproved, which is an upgrade of Vi, a programmer’s text editor that was released in the ’70s. Vim is a modal editor which means that you operate it using multiple modes. Most text editors like Office have only one mode (Insert mode) where anything you type gets inserted into the text. You can do that in Vim but Vim also has ‘Command mode’ where the characters you type get executed as commands (eg. move 5 lines up, highlight all characters from the cursor to the next comma, repeat the last 5 commands on the next 7 lines, etc). Vim also comes with its own scripting language which means that you can make Vim do anything that a computer program can do.

      On average, Vim makes me 1000x more productive and I can’t ever imagine using anything else (especially not emacs).

    • Top 10 developer stories of 2018
    • Epoc.js: Open Source JavaScript Brain-Sensor Controller Software

      The recent transition from science fiction to reality for the brain-machine Interface, coupled with Atwood’s Law, “any application that can be written in JavaScript, will eventually be written in JavaScript,” had led to Epoc.js, an open source control software for the Emotiv line of brain sensors.

    • How the Eclipse Foundation is saving enterprise Java

      Amidst the angsty finger-pointing over the cloud giants’ supposedly one-sided relationship to open source (all take, no give), with the accompanying claim that open source will dry up without someone lining the pockets of the VCs who fund (very little of) the code, foundations keep generating lots of fantastic open source code. Often overlooked, these foundations play an unusually important role in the development of open source software, offering a vendor-neutral setting for competitors to cooperate with legal protections around IP and antitrust.

    • Eclipse Che 7 is Coming and It’s Really Hot (4/4)

      Eclipse Che has gained a great deal of interest in large enterprises that are moving to containers and want to standardize the developer workspace and remove intellectual property (source code) from hard-to-secure laptops. There are a number of features needed in order to make Che a simple-to-manage tool for these large and often private environments. Organizations want to secure workspaces, deploy them on new infrastructure, and make it easier for teams to collaborate while maintaining developer autonomy.

      For those reasons, we are working on a number of different facets to make Eclipse Che easier to run and simpler to administer and manage.

    • DSF calls for applicants for a Django Fellow

Leftovers

  • Science

    • Biological-Templating of a Segregating Binary Alloy for Nanowire-Like Phase-Change Materials and Memory

      One of the best strategies for achieving faster computers is to mitigate the millisecond-order time delays arising from the transfer and storage of information between silicon- and magnetic-based memories. Segregating-binary-alloy (SBA)-type phase-change materials (PCMs), such as gallium antimonide-based systems, can store information on 10 ns time scales by using a single memory structure; however, these materials are hindered by the high consumption of energies and undergo elemental segregation around 620 K. Nanowire-like PCMs can achieve low-energy consumption but are often synthesized by vapor–liquid–solid methods above 720 K, which would cause irreversible corruption of SBA-based PCMs. Here we control the morphology, composition, and functionality of SBA-type germanium–tin oxide systems using template-driven nucleation that leverages the electrostatic-binding specificity of the M13 bacteriophage surface. A wirelike PCM was achieved, with controllable and reliable phase-changing signatures, capable of tens of nanoseconds switching times. This approach addresses some of the critical material compositional and structural constraints that currently diminish the utility of PCMs in universal memory systems.

    • This Virus Will Help In Boosting Your Computer Speeds

      Researchers from Massachusetts Institute of Technology and Singapore University have devised a new manufacturing technique that will use a virus, albeit a biological one, to speed up modern computers. The research paper titled “Biological-Templating of a Segregating Binary Alloy for Nanowire-Like Phase-Change Materials and Memory” was originally published in the journal ACS Applied Nano Materials.

  • Health/Nutrition

    • Big Pharma Picks up on Medical Marijuana

      Under the agreement, the two companies may market Tilray’s nonsmokable, noncombustible medical marijuana products worldwide, develop new medical marijuana products together, and educate pharmacists and physicians about those products, according to the statement.

  • Security

    • Hack the Gov’t and Tell the NCSC? You’ll Now Get a Pat on the Back

      Security researchers who find vulnerabilities in UK government web services can now report them directly to the National Cyber Security Centre (NCSC), rather than wondering who to tell – and whether they’ll get prosecuted for doing so.

      That’s according to “Ollie” the NCSC’s vulnerability disclosure lead, who announced a new vulnerability reporting service in a blog published on Thursday.

      The service acknowledges the “crucial role security researchers play in helping to secure UK government web services”, he wrote.

    • China outrages West by doing the same commercial spying we do

      In what was a truly terrible year for privacy and cybersecurity, it’s appropriate to end it pointing out the hypocrisy of the media and western governments, and particularly Australia.
      Journalists at both News Corp and Nine have today cooperated with a coordinated international attack on “Chinese cyber-espionage”: at The Oz it’s “the Morrison Government has publicly condemned China for an economic espionage operation against Australia as the Trump administration announced it had charged the Chinese spies who were responsible”.
      At the SMH, it’s “an extraordinary penetration that has compromised the data of hundreds of businesses” with the Morrison government’s cyber security spruiker Alastair MacGibbon declaring “this is audacious, it is huge, and it impacts potentially thousands of businesses globally. We know there are victims in Australia”.

    • Air Force Fixes 120 Bugs, Pays $130K in Bounties

      The US Air Force’s third bug bounty program has concluded after a month-long hacking period, which ran from October 19 to November 22, 2018. As a result of their research findings, hackers were awarded more than $130,000 in bounties.

      According to the official results of Hack the Air Force 3.0 (HTAF 3.0), released by the U.S. Department of Defense (DoD) and HackerOne, the Air Force fixed over 120 valid security vulnerabilities, bringing the combined total of the three bug bounty challenges to more than 430 unique security vulnerabilities discovered and fixed. In total, researchers have earned more than $350,000 through the HTAF programs.

    • NCSC launches website vulnerability reporting service

      It provides a route for security researchers to inform the NCSC of any issues they detect, acknowledging the role played by people outside the organisation and public authorities.

      The service has been created as it can be difficult to find the right contact inside organisations for reporting a vulnerability that has been identified.

    • Linux DMA Mapping Updates Help Recover Losses Caused By Spectre V2 Retpolines

      Yet another pull request sent in early ahead of the holidays for the Linux 4.21 kernel merge window are the DMA-Mapping updates managed by Christoph Hellwig. Normally the DMA-Mapping changes aren’t really worth noting on Phoronix, but this time around it brings some improvements to help offset the overhead incurred by Retpolines for Spectre V2 mitigation.

      While the year started looking rather brutal for Linux performance due to the costs associated with Spectre and Meltdown mitigations, fortunately, as we end 2018 there has been a lot of that overhead reduced and other ongoing optimizations. The latest example of this is with the DMA-Mapping changes to help recover much of the impact Retpolines had on the DMA code.

    • Jumble Password – An Open-Source “Unique IDs and Passwords” Creator for Linux

      Electron-based app Jumble Password is basically a utility app for crafting unique and different passwords for you. This usually makes your password with the help of combining your name and your date of your birth. This app works using a random number or permutation algorithm which is named as the Fisher-Yates Shuffle Algorithm and this aids in jumbling up the sequences.

      One example can be such that you want to make a password for your website or project where you are working and so now you will get the opportunity to select any random names or any date for getting some unique suggestions every single time you click on the button SUBMIT. You will get a new password every time you submit the date and name and every password will be unique and new. You can select any of them for your use and if you do not like it you can again click on SUBMIT.

    • IoT malware up over 200 percent in 2018 [Ed: Measuring the wrong thing. Many of these are installed because of open ports and improper passwords.]
    • Security updates for Friday
    • Pivotal Cloud Foundry 2.4 Boosts Security With Compliance Scanner

      Pivotal is releasing version 2.4 of its Pivotal Cloud Foundry (PCF) platform on Dec. 20, providing organizations with a host of new capabilities to manage and deploy cloud-native applications.

      PCF is Pivotal’s commercial distribution, based on the open-source Cloud Foundry project, which provides platform-as-a-service (PaaS) capabilities for applications. In the PCF 2.4 update, Pivotal is adding zero downtime updates for application deployments, enabling organizations to roll out upgrades without downtime. PCF 2.4 also introduces a new compliance scanner in beta that will enable organizations to validate that the configuration of PCF deployments meets best practices.

      “We now have the ability to have zero downtime updates for the applications and the platform, and we’re doing that everywhere, whether you’re running vSphere or in OpenStack, GCP or AWS,” Richard Seroter, vice president of product at Pivotal, told eWEEK. “We’re highlighting the idea that you should be able to really go fast for all workloads on any infrastructure without sacrificing operability or security.”

    • Security operations activities to watch in 2019

      Open-source software and industry initiatives, such as MITRE ATT&CK framework and Apache Kafka, will contribute to security operations in 2019.

    • Tokeny Releases Open Source T-REX Security Token Standard With Decentralized Validation System

      Tokeny, a tokenization platform which focuses on compliance, has officially released the open source T-REX (Token for Regulated Exchanges) security token standard. It was designed to allow for the initial issuance and secondary market trading of security tokens in a compliant manner with a specific focus on trusted third-party KYC and AML services.

    • Recent open source flaw highlights danger of social engineering hacks

      When a compromised NPM package with malicious code targeted a popular bitcoin wallet, hackers managed to corrupt one of the JavaScript modules, called event-stream, used as part of the Copay bitcoin wallet application. The hackers would have been able to drain bitcoin wallets, although there is no evidence it was activated before it was discovered.

    • Red Hat’s David Egts: Feds Should Assess Open Source Code for Vulnerabilities [Ed: Also proprietary, albeit that's often hard or impossible. The back doors cannot be removed.]

      Egts wrote in a Nextgov opinion piece published Dec. 3 that agencies seeking to accelerate software procurement by using open source code should first assess if the repositories or libraries used have known vulnerabilities, deploy a code analyzer to identify issues or defects such as memory corruptions and take part in crowdsourced security initiatives to test defenses.

  • Defence/Aggression

    • Cleric: 1988 Lockerbie plane bombing will never be forgotten

      The tragedy of Lockerbie will never be forgotten, a Church of Scotland minister vowed Friday as memorial services were held in Scotland and the United States to honor the 270 people killed when a bomb brought a Pan Am plane down over the Scottish town 30 years ago.

      At a service at Dryfesdale Cemetery in Lockerbie, prayers were read, a moment of silence was held, and wreaths were laid before a memorial with the names of the 270 victims. Relatives of the victims and a representative of Queen Elizabeth II were among those attending.

    • The Real Russia. Today. Meduza looks at the post-presidential life of Mikhail Gorbachev, columnists parse modern-day Soviet nostalgia, and Russia targets the ‘BBC’

      For a century, the leaders of the Soviet and Russian governments either died without leaving their posts or left power for a quiet, private retirement. The only exception to that rule has been the final general secretary of the Central Committee of the Soviet Communist Party and the first president of the Soviet Union, Mikhail Sergeyevich Gorbachev. After witnessing the collapse of the country he led and handing over power to one of his political opponents, Gorbachev used his status as one of the most popular politicians in the world to make his own living and fundraise extensively for research and service projects. In the process, he also made multiple attempts to regain political authority in his homeland. On the 27th anniversary of the collapse of the Soviet Union, Meduza correspondent Ilya Zhegulev reports on how the former Soviet leader has spent his time in retirement.

    • ‘Crucify me right here’ The post-presidential life of Mikhail Gorbachev

      For a century, the leaders of the Soviet and Russian governments either died without leaving their posts or left power for a quiet, private retirement. The only exception to that rule has been the final general secretary of the Central Committee of the Soviet Communist Party and the first president of the Soviet Union, Mikhail Sergeyevich Gorbachev. After witnessing the collapse of the country he led and handing over power to one of his political opponents, Gorbachev used his status as one of the most popular politicians in the world to make his own living and fundraise extensively for research and service projects. In the process, he also made multiple attempts to regain political authority in his homeland. On the 27th anniversary of the collapse of the Soviet Union, Meduza correspondent Ilya Zhegulev reports on how the former Soviet leader has spent his time in retirement.

    • Our Poor, Defenseless Military Industrial Complex

      It is a sign of our times that our media attempt to decipher future government policy by analyzing the president’s tweets, like some bizarre game of telephone. Throughout November, there was speculation of a coming reduction in military spending, and when Donald Trump took to Twitter (12/3/18) to describe the $716 billion budget as “crazy,” media took this as confirmation.

      The prospect of a cut to the military elicited a storm of condemnation across the media landscape. The National Review (11/17/18) wrote that “cutting the resources available to the Pentagon is a bad idea,” noting that, “for decades, America has short-changed defense” meaning “America’s ability to defend its allies, its partners, and its own vital interests is increasingly in doubt.” In an article headlined “Don’t Cut Military Spending Mr. President” (Wall Street Journal, 11/29/18), Senate and House Armed Services committee chairs James Inhofe and Mac Thornberry claimed the military is in “crisis” after “inadequate budgets for nearly a decade,” and that “any cut in the Defense budget would be a senseless step backward.”

      More centrist outlets concurred. Forbes Magazine (11/26/18) began its article with the words, “The security and well-being of the United States are at greater risk than at any time in decades,” recommending a “sensible and consistent increase” to the budget. Bloomberg (19/11/18) recommended a consistent increase in military spending of 3 percent above inflation for five to ten years, while Reuters (12/4/18) noted the increased “risk” of a lower military budget.

  • Transparency/Investigative Reporting

    • UN experts urge UK to honour rights obligations over Julian Assange

      He has been living inside the embassy for more than six years, fearing he will be extradited to the United States if he leaves.

      The United Nations Working Group on Arbitrary Detention (WGAD), which concluded three years ago that Mr Assange was being arbitrarily deprived of his freedom and should be released, urged the UK Government to “honour its obligations”.

      In a statement from Geneva, the group said: “States that are based upon and promote the rule of law do not like to be confronted with their own violations of the law, that is understandable.

      “But when they honestly admit these violations, they do honour the very spirit of the rule of law, earn enhanced respect for doing so, and set worldwide commendable examples.

    • UN tells UK – Allow Assange to leave Ecuador embassy freely
    • U.N. tells UK – Allow Assange to leave Ecuador embassy freely

      The U.N. Working Group on Arbitrary Detention reiterated its finding published in February 2016 that Assange had been de facto unlawfully held without charge in the embassy, where he has now been holed up for more than six years.

      He initially took asylum to avoid being extradited to Sweden, where authorities wanted to question him as part of a sexual assault investigation. That investigation was dropped.

      Assange, whose website published thousands of classified U.S. government documents, denied the Sweden allegations, saying the charge was a ploy that would eventually take him to the United States where a prosecutors are preparing to pursue a criminal case against him.

      Britain says Assange will be arrested for skipping bail if he leaves the embassy, but that any sentence would not exceed six months, if convicted. It had no immediate comment on the experts’ call, but in June, foreign office minister Alan Duncan said Assange would be treated humanely and properly.

    • UN experts urge UK to honour rights obligations over Julian Assange

      United Nations human rights experts have repeated a demand that the UK abides by its international obligations and allows WikiLeaks founder Julian Assange to walk free from the Ecuadorian embassy in London.

      [...]

      In a statement from Geneva, the group said: “States that are based upon and promote the rule of law do not like to be confronted with their own violations of the law, that is understandable.

    • UN experts urge UK to honour rights obligations and let Mr. Julian Assange leave Ecuador embassy in London freely

      UN human rights experts today repeated a demand that the UK abides by its international obligations and immediately allows Wikileaks founder Julian Assange to walk free from the Ecuadorian embassy in London where he has been for over 6 years, fearing arrest by British authorities if he leaves, and extradition to the US.

      “States that are based upon and promote the rule of law do not like to be confronted with their own violations of the law, that is understandable. But when they honestly admit these violations, they do honour the very spirit of the rule of law, earn enhanced respect for doing so, and set worldwide commendable examples,” the United Nations Working Group on Arbitrary Detention (WGAD) said.

      In December 2015, the Working Group concluded in its opinion No. 54/2015 that Mr. Assange – who at the time had a European arrest warrant issued against him for an allegation of crimes committed in Sweden ‑ was being arbitrarily deprived of his freedom and demanded that he be released.

    • US Embassy Shopping List

      Today, 21 December 2018, WikiLeaks publishes a searchable database of more than 16,000 procurement requests posted by United States embassies around the world.

      All US embassies post requests for quotations and job listings on their websites when they need to purchase goods or services. In some cases, these requests may hint at covert activities performed by US agencies in the country. For example, in an August 2018 procurement request for “Tactical Spy Equipment”, the US embassy in El Salvador asked vendors to provide 94 spy cameras, most disguised as everyday objects such as ties, caps, shirt buttons, watches, USB drives, lighters, and pens. Similar spy cameras were also requested by the US embassy in Colombia.

      The majority of the procurement requests focus on mundane activities required for the day-to-day operation of embassies and consulates, such as construction projects, laundry service, and gutter cleaning. In one case, the US consulate in Guayaquil, Ecuador lost track of the number of fish in its fishpond and needed someone to count the fish and clean the pond. Interspersed among these banal requests are documents that provide insight into the priorities and agenda of the US Government abroad. For example, to promote trade interests in China, the US consulate in Shanghai requested the production of “three marketing and promotional videos that highlight U.S. beef quality”.

    • Wikileaks Releases “US Embassy Shopping List,” +16,000 Procurement Requests/Documents Released from US Embassies Worldwide

      Less than 24 hours after Twitter locked Julian Assange and Wikileaks staff members out of their online accounts, perhaps in anticipation of this very event, Wikileaks announced the release their latest leak. Officially entitled “US Embassy Shopping List,” the leak contains access to a searchable database of over 16,000 procurement requests posted/received by United States embassies around the world. While the majority of documents are rather mundane in nature, some of them shed light on some very interesting material/topics, including the US’s sponsorship of mass surveillance programs and operations – documenting the distribution of spy equipment to various countries around the world.

    • Guilty by innuendo: the Guardian campaign against Julian Assange that breaks all the rules

      An analysis of articles published by the Guardian over several months reveals what appears to be a campaign to link WikiLeaks founder Julian Assange with Russia and the Kremlin. But the paper has provided little or no evidence to back up the assertions. And amid recent revelations that Guardian journalists have associated with the psychological operations experts at the Integrity Initiative, we should perhaps be more sceptical than ever before.

    • Julian Assange: Could 50,000 people provide a human corridor?

      New Zealand citizen journalist Suzi Dawson, herself a whistleblower who has taken political asylum in Russia to avoid persecution by the New Zealand government, listed what she considered the ten most important achievements by Julian Assange and Wikileaks. This was in a interview with Jimmy Dore.

      [...]

      Can we get 50,000 people to show up at the Ecuadorian Embassy in London to provide him a “human corridor” to escape to another embassy? They can’t arrest or kill 50,000 people.

    • WikiLeaks & Assange defense locked out of Twitter for over 24 hours in alleged DDoS attack

      WikiLeaks Editor-in-Chief Kristinn Hrafnsson, who took over from co-founder Julian Assange in September, sounded the alarm on Friday, saying that editors were barred from the main account, which boasts over 5.41 million followers.

      The accounts of the WikiLeaks Task Force, Assange’s legal team, and Assange’s official defense team, were likewise inaccessible. The Assange Defense account is aimed at ending the whistleblower’s persecution and involuntary stay at the Ecuadorian Embassy in London, and has a 747,000-strong following. The WikiLeaks Task Force account is used by the team to debunk myths about the secret-spilling site, and to counter mainstream media narratives.

    • Time for Julian Assange’s ‘torment’ to end: father

      Assange has been living inside the Ecuadorian embassy in London for more than six years amid fears he will be extradited to the US if he leaves.

      He was visited on Thursday by his father John Shipton and two German MPs who are campaigning for him to be allowed to leave the embassy without being extradited.

      Shipton, who lives in Sydney, said his family wanted to see Assange in normal circumstances again.
      “It is time for this torment to end,” he said.

    • A veteran newspaper editor grapples with a seemingly simple question: What is journalism?

      How did a small British newspaper with origins in Manchester take on Rupert Murdoch’s empire, partner with WikiLeaks to release government secrets…

    • Peace Train: Julian Assange and the defense of democracy

      Effective democracy requires well-informed citizens. One of the greatest threats to effective democracy in modern capitalist societies is government secrecy. This prevents citizens from knowing about and attempting to control the actions of their own government. Mainstream media, owned by giant corporations and often in cahoots with the state, regularly fail to penetrate the secrecy shrouding crucial government actions.

      No organization has done more to make critical political information available to the public than WikiLeaks. Founded in 2006 by Julian Assange, an Australian computer programmer, WikiLeaks has published more than 12 million documents that governments around the world tried to keep secret. WikiLeaks became famous in 2010 when it published several hundred thousand documents provided by Chelsea Manning. This information revealed (among other things) cruel and illegal activities by U.S. soldiers in Iraq and Afghanistan as well as associated diplomatic cover-ups.

      Assange, who functioned as editor-in-chief of WikiLeaks until September 2018, has won numerous awards for investigative journalism. In 2009, he won the Amnesty International UK Media Award, and in 2010, he was honored by retired CIA officers with the Sam Adams Award. In 2011, Assange received the Martha Gellhorn Journalism Prize, and in 2015, he was awarded the Sydney Peace Prize.

    • UK told to honour obligations over Assange

      UN human rights experts have again demanded the UK abide by its international obligations and allow Julian Assange to walk free from the Ecuadorian embassy in London.

    • UK told to honour obligations over Assange
    • UN Tells Britain to Let Assange Leave Ecuador Embassy
    • Allow Assange to leave Ecuador embassy freely: UN tells UK
    • UN calls on UK to allow Julian Assange to leave Ecuador embassy freely
    • ‘Allow WikiLeaks founder Julian Assange to leave Ecuador embassy freely,’ UN tells UK
    • UN urges British officials to let Assange freely leave embassy
    • German MPs Visit Julian Assange at Ecuadorian Embassy in London
    • Ecuadorian Court Dismisses Assange’s Appeal on Embassy ‘Living Restrictions’
    • German MPs express solidarity during Julian Assange visit
    • UN experts call for Assange’s unconditional release as he loses last appeal over restrictive rules

      A UN-endorsed team of experts has urged London to “immediately” allow WikiLeaks co-founder Julian Assange to leave the Ecuadorian Embassy, as the court of last resort denied his appeal over a newly imposed set of ‘censure’ rules.

      Seong-Phil Hong, chair-rapporteur of the Working Group on Arbitrary Detention, and Michel Forst, special rapporteur on the situation of human rights defenders, reiterated calls for the UK to abide by international law and allow Assange to leave the Ecuadorian Embassy without any precondition.

    • Watch the 9th Vigil for Julian Assange with John Pilger, John Kiriakou and Ray McGovern

      Consortium News broadcast the 9th Online Vigil for Julian Assange Friday night. Among the special guests were journalist and filmmaker John Pilger, who visited Assange at the Ecuador embassy in London. Watch the replay here.

      The Unity4J vigil in support of WikiLeaks publisher Julian Assange began with CN Editor Joe Lauria interviewing John Pilger, who’s just been to see Assange. Other guests were former CIA agent and whistleblower John Kiriakou, and former CIA analyst Ray McGovern.

    • German MPs Visit ‘Most Important Whistleblower’ at Ecuadorian Embassy in London

      With the risk of Julian Assange being extradited to the US to stand trial apparently rising, German parliamentarians Sevim Dagdelen and Heike Hansel met with the WikiLeaks chief December 20.
      The pair — both members of Die Linke and the Bundestag’s foreign affairs committee — attended to pass on “greetings of solidarity” from their party and Assange’s “many supporters in Germany”, and discuss the prospect of a “humanitarian solution” to his effective solitary confinement at the diplomatic building.

    • ‘Assange is a Hero’: Wikileaks Revealed US Crimes in Conflict Zones – Campaigner

      Two German MPs have visited Wikileaks founder Julian Assange in the Ecuadorian embassy in London, on Thursday. Speculation is growing that the move could be part of a fresh effort to end Assange’s self-imposed exile.

    • US Embassy Purchase Orders Give Hints of American Spying Plans – WikiLeaks

      Embassy orders can also reveal other nuances of foreign policy, such as a request from the US consulate in Shanghai, China, seeking the production of “three marketing and promotional videos that highlight US beef quality,” the release said.

      Even the banal requests may be worth scrutiny because numerous secret programs are operated out of US embassies, the release noted.

      The release advised people scrolling through the list to note which job openings require security clearances and look for clues about the existence of infrastructure that would be useful to US intelligence services.

    • WikiLeaks exposes US embassies stockpiling spy gear

      US embassies abroad have been buying spying tools, papers released by WikiLeaks show. The documents revealed that one embassy has ordered almost 100 spy cams masked as ties, caps, pens, buttons and watches.

      The US Embassy Shopping List, a collection of over 16,000 procurement requests filed by US embassies around the globe, was published by WikiLeaks on Friday, a day after a targeted DDoS attack briefly disabled all of its Twitter accounts.

    • Julian Assange should walk free, UN tells UK
    • Demands surge for Britain to free WikiLeaks founder Julian Assange

      In December 2016, Swedish prosecutors and police finally agreed to Assange’s offer to put their “questions” to him in the United Kingdom. In May 2017, Sweden abandoned both the arrest warrant and the “suspicions” without any charges ever being laid. The May government in Britain, however, refused to drop the bail charges and made clear that it intended to prosecute Assange if he left the embassy.
      Michael Forst, the UN special rapporteur on the situation of human rights defenders, endorsed WGAD’s press release which stated:
      “The Swedish investigations have been closed for over 18 months now, and the only ground remaining for Mr. Assange’s continued deprivation of liberty is a bail violation in the UK, which is, objectively, a minor offense that cannot post facto justify the more than six years confinement that he has been subjected to since he sought asylum in the Embassy of Ecuador. Mr. Assange should be able to exercise his right to freedom of movement in an unhindered manner, in accordance with the human rights conventions the UK has ratified.”
      The statement concluded: “It is time that Mr. Assange, who has already paid a high price for peacefully exercising his rights to freedom of opinion, expression and information, and to promote the right to truth in the public interest, recovers his freedom.”
      The day before the UN Working Group issued this demand, Assange’s father John Shipton visited the persecuted publisher for over an hour. Two members of the German parliament, Sevim Dagdelen and Heike Hansel, were also permitted to meet with Assange.
      The visits were among the only contact Assange has had with anyone, apart from his lawyers and embassy staff, for over eight months. The Ecuadorian government, under its current president Lenín Moreno, shifted from defending Assange to joining with the US in persecuting the publisher. In March, in collaboration with the Trump administration, the embassy cut off all Assange’s communication with the outside world and denied him access to visitors in order to pressure him to leave the embassy, to be detained by Britain.

    • The international power struggle that’s leaving Julian Assange in a ‘very dangerous situation’

      WikiLeaks founder Julian Assange has recently faced a hostile media campaign – from the Guardian in particular. And this has come just as a power struggle in Ecuador threatens to push him out of the country’s embassy in London, leaving him exposed to possible extradition to the US.

      To analyse the effect that Ecuadorian politics have had on Assange’s struggle, The Canary spoke to an independent journalist who has written extensively about Ecuador. Joe Emersberger is a writer who focuses on Western media coverage of Latin America, and whose articles have appeared at FAIR and Counterpunch. And in an interview with The Canary, he discussed both the former Ecuadorian government which gave Assange asylum in the first place and the current government which has since turned against the WikiLeaks founder.

    • The UN just accused the Tory government of breaking international law over press freedom

      The United Nations Working Group on Arbitrary Detention (WGAD) accused Theresa May’s administration of violating international law over an issue of press freedom on 21 December.

      The human rights experts also demanded that the government allows WikiLeaks founder Julian Assange to walk free from the Ecuadorian Embassy, where he’s been since the former president granted him asylum in 2012.

    • UN calls on British authorities to allow Assange to leave Ecuadorian Embassy

      The group expressed concern that Assange’s “deprivation of liberty” was detrimental to his health and could “endanger his life.”

  • Environment/Energy/Wildlife/Nature

  • Finance

    • Malaysia Files Criminal Charges Against Goldman Sachs

      Malaysia filed criminal charges against Goldman Sachs and two former executives on Monday for their role in the alleged multibillion-dollar ransacking of state investment fund 1MDB.

      Attorney General Tommy Thomas said the government is seeking several billion dollars in fines from Goldman Sachs for breaches of securities laws that involved it making false and misleading statements to investors.

  • AstroTurf/Lobbying/Politics

    • Senate accuses social media companies of downplaying Russian propaganda

      The reports were compiled by the cybersecurity firm New Knowledge and by the Computational Propaganda Research Project, a study by researchers at the University of Oxford and Graphika, a social media analysis firm.

      The Oxford report details how Russians broke down their messages to different groups, including discouraging black voters from going to the polls and stoking anger on the right.

    • Secret Experiment in Alabama Senate Race Imitated Russian Tactics

      The secret project, carried out on Facebook and Twitter, was likely too small to have a significant effect on the race, in which the Democratic candidate it was designed to help, Doug Jones, edged out the Republican, Roy S. Moore. But it was a sign that American political operatives of both parties have paid close attention to the Russian methods, which some fear may come to taint elections in the United States.

    • Kids talk tech: ‘Nobody uses Facebook. It’s for old people’

      “Oh my God,” said Lachlan. “My mom is on her phone 24/7. She’s on so much, it’s scary.”

      Do they ever try to take the phones away from the parents?

      “We try,” says Kathi Keller, 12, but her mom has “a really good grip.”

    • How to Delete Facebook

      To make account deletion as painless as possible, here is a step-by-step guide. I also included steps on breaking up with Instagram, Facebook’s photo-sharing app, for those looking for a cleaner getaway.

    • North Carolina enacts voter ID law, overriding Dem governor’s veto

      Under the new law, voters will be asked for photo identification when they go to the polls starting next year, local outlet the News & Observer reported. Cooper last week vetoed the measure, saying it served to “suppress the rights of minority, poor and elderly voters.”

    • Trump Can and Should Be Indicted

      As evidence of law breaking by Donald Trump continues to emerge, commentators are speculating about whether a sitting president can be indicted. The Department of Justice has twice opined in the negative — during both the Nixon and Clinton administrations. But nothing in the Constitution would prevent Trump from being criminally indicted while he occupies the Oval Office.

    • Evangelicals Vote, “Nones” Falter

      In the 2018 election, America’s shrinking segment of white evangelicals mobilized strongly for the Republican Party – but the rising cohort of nonreligious Americans failed to exert their full political power.

    • What is Neoliberalism?

      Over the last eighteen years as I wrote for many progressive outlets, editors often asked me not to mention the word “neoliberalism,” because I was told readers wouldn’t comprehend the “jargon.” The situation is even worse with literary journals, my main territory, which are determined not to have anything to do with this vocabulary. This has begun to change recently, as the terminology has come into wider usage, though it remains shrouded in great mystery.

      People throw the term around loosely, as they do with “fascism,” with the same confounding results. Imagine living under fascism or communism, or earlier, classical liberalism, and not being allowed to acknowledge that particular frame of reference to understand economic and social issues. Imagine living under Stalin and never using the communist framework but focusing only on personality clashes between his lieutenants, or likewise for Hitler or Mussolini or Mao or Franco and their ideological systems! But this curious silence, this looking away from ideology, is exactly what has been happening for almost thirty years, since neoliberalism, already under way since the early 1970s, got turbocharged by the Democratic party under the Democratic Leadership Council (DLC) and Bill Clinton.[1]We live under an ideology that has not been widely named or defined.

  • Censorship/Free Speech

    • Slack ‘bans users’ who have visited US sanctioned countries
    • ‘Even woke comics aren’t safe from censorship’

      What we’re seeing across the Western world is a generation of people who have never lived without free speech and don’t understand why we need to protect it. But if you count all the countries in the world where it is genuinely possible to say what you think – even at the level of free speech we have in Britain, which I think is really under threat from state censorship – it is not a very long list. My own grandfather was a dissident from the Soviet Union. He had to leave for Britain because he disagreed with the regime. Other family members of mine have been persecuted for saying the wrong thing. There is a real danger that we end up creating a world in which people are controlling what you say and monitoring your behaviour.

      [...]

      My real concern is that in 20 years time, many of the students who think like this are going to be writing our laws, enforcing our laws and adjudicating on court cases. If they are encouraged to keep thinking this way now, they are not just going to grow out of it in 20 years’ time. They are going to impose this woke culture on the rest of society and then we will truly be screwed.

    • CPJ: More Than 250 Journalists Jailed Globally

      …of the jailed journalists – 70 percent – face anti-state charges, such as belonging to or aiding terrorist organizations, and 98 percent are imprisoned by their own governments.

      Reporters covering politics have the most dangerous beat, followed by human rights.

      For the third year in a row, Turkey, China, and Egypt are responsible for more than half of the world’s imprisoned reporters.`

  • Privacy/Surveillance

    • Walmart secured a patent to eavesdrop on shoppers and employees

      Walmart was granted a patent this week for a new listening system for its retail stores that, if ever deployed, may make some employees and shoppers uncomfortable. According to the filing and claims, it’s “an example system for capturing and analyzing sounds in a shopping facility.” In other words, it’s a kind of surveillance system.

      For example, this proposed listening system would be able to detect the rustling of shopping bags and the beeps at a register. Walmart could use this tech as an anti-theft solution to find out if number of items in a transaction and number of bags used checks out. It sounds like a reasonable application of technology in a major retail store, right?

    • Walmart Can Now Snoop Shoppers’ and Buyers’ Conversations After Securing Patent

      One of the leading cause of concerns in this age of the internet is private. Social media platforms like Facebook, Google Plus, etc. have been accused of leaking user data, and infringing the privacy of its users in the last few years. If companies spying on users on internet wasn’t enough, we have got more in real life as well. Today, Walmart was granted a patent for a new listening system for its retail stores, as the Verge reports.

    • Timothy May, early advocate of internet privacy, dies

      Timothy May, a physicist, polemicist and cantankerous advocate of internet privacy who helped start a movement aimed at protecting the privacy of individuals…

    • Timothy C. May, Early Advocate of Internet Privacy, Dies at 66

      The Santa Cruz County Sheriff-Coroner’s office confirmed his death but said that the cause had not yet been determined.

      As the rabble-rousing leader of a group called the Cypherpunks, Mr. May, in his writings, foreshadowed and influenced many of the concerns about privacy and government control that have come to dominate the internet age.

    • US Files Charges At Two ‘Chinese Government Hackers’

      Two Chinese men belonging to Advanced Persistent Threat 10 hacking group are charged by US authorities

      Two men belonging to a hacking group affiliated with China’s main intelligence service, have been charged by US authorities.

      Zhu Hua (Godkiller) and Zhang Shilong (Atreexp) allegedly worked for a company called Huaying Haitai Science and Technology Development Company and “acted in association with Chinese Ministry of State Security, the US court filing reveals.

    • Sigfox Azure IoT open source breakout board [Ed: “Azure IoT” = NSA PRISM surveillance]

      Makers and developers involved in Internet of Things projects may be interested in a new open source breakout board called the Sigfox, which has been specifically created to send data to Azure IoT. The project published to the Hackster.io website shows the process of creating the Internet of Things breakout board from scratch to soldering the Sigfox modem from Wisol then sending data to Azure IoT Hub.

    • ‘Zuckerberg Must Resign Now’: Outrage After Report Shows Facebook Let Corporate Partners Read Users’ Private Messages

      An incredibly damning indictment of Facebook, every single paragraph,” Trevor Timm, executive director of the Freedom of the Press Foundation, wrote of the Times report, which is the latest in a long line of recent revelations about Facebook’s intrusive—and possibly illegal—data practices.

      Citing hundreds of pages of internal company records and interviews with dozens of former employees, the Times reported that “Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent” and “gave Netflix and Spotify the ability to read Facebook users’ private messages.”

      Additionally, the Times found, Facebook “permitted Amazon to obtain users’ names and contact information through their friends, and it let Yahoo view streams of friends’ posts as recently as this summer, despite public statements that it had stopped that type of sharing years earlier.”

      “Facebook is a public trust that has broken our trust,” wrote author and NBC political analyst Anand Giridharadas in response to the Times report. “Mark Zuckerberg must resign now.”

    • Agencies able to monitor conversations without judicial oversight.

      It seems that the BJP has finally lost what little moral compass it held. Today, in a stunning order we lost all the ground that all our civil activist friends had hard-fought in the last few years making Right to Privacy a fundamental right . At least a decade worth of effort has been put down the drain. While the reasons are not hard to fathom, they just lost 5 state elections and instead of introspecting the reasons of why they lost, they have chosen to act in this brazen manner.

      The most worrying and interesting part at the same time is that the powers that have been given to the Central Agencies is without any judicial oversight so it’s pretty much given that they will use it more for their personal gains and enmity rather than any real or perceived threat to Indian sovereignty. They might be perceiving that losing in elections is tantamount to threat to Indian sovereignty. They forget that BJP!=India which means BJP is not equal to India, no political party is. In putting this order they are also putting precedents of fascist and dictatorial orders in a democratic, peace-loving country like India. The picture that emerges is a simple one, if they are going to lose, they might attempt these sort of orders in the hopes they can eavesdrop on the opposition, business leaders, threaten them etc. and by hook or crook win National elections which is supposed to be held in middle of next year nobody would be the wiser. They have made many changes in the highest court expecting that the judges that have been appointed would rule in their favor. And anyways, any filing of suit today would have a first hearing at least 3-4 months down the line or even later depending on dates of judges, court-room access etc. If nothing, the General Attorney from Government of India can always ask for more time.

      [...]

      Around 1991/92 unrelated to the Bombay riots 1992 there were communal riots even there where his shop was burned down. But due to relationships he had built up in Middle East, many Muslims and even some Parsis came to help him and get back on his feet. So while his children are well-placed, he did feel that the community relationships which have helped and guided him hoped didn’t get trampled by BJP which is trying to upset the easy relationships most communities have built over decades. I did hear some similar stories from other people as well. There are even lot of Assamese people who have emigrated to Kerala and they speak Malayalam better than the natives. In fact, Balasankar confided that the domestic helper who comes to their place to help out his mother and family, her son got 100/100 in Malayalam . This says something about the spirit of the place and the people therein.

    • Computers In India Will Now Be Under Government Surveillance

      According to an order issued by the Ministry of Home Affairs, all the computers will now come under the monitoring of a few agencies directed by the ministry in India.

    • DC attorney general sues Facebook over Cambridge Analytica

      The attorney general for Washington, D.C., filed a lawsuit against Facebook on Wednesday over its handling of the Cambridge Analytica scandal in what is the first government enforcement action the company has faced in the U.S. over its handling of user data in the incident revealed earlier this year.

    • NBC’s Kasie Hunt deleting Facebook account over privacy concerns

      “Unfortunately, I simply don’t trust them any more. I won’t be staying on the platform in 2019,” she said, adding that for now she would continue to use Facebook-owned Instagram.

    • Why Should Anyone Believe Facebook Anymore?

      Facts have proven to be inconvenient things for Facebook in 2018. Every month this year—and in some months, every week—new information has come out that makes it seem as if Facebook’s big rethink is in big trouble. The billions the company is spending to fix itself, along with slowing advertising growth in Europe and North America, have stalled revenues. Its once high-flying stock price is down 35 percent. Well-known and well-regarded executives, like the founders of Facebook-owned Instagram, Oculus, and WhatsApp, have left abruptly. And more current and former employees are beginning to question whether Facebook’s management team, which has been together for most of the last decade, is up to the task.

    • Facebook Faces Intensifying Pressure From Washington on Privacy

      “It is beyond obvious at this point that social media platforms are simply not up to the task of voluntarily ensuring the privacy and security of their users,” Senator Mark Warner, a Democrat from Virginia, tweeted on Wednesday. “Congress must step in.”`

    • Facebook Is a Problem. The System It Feeds Is a Bigger One.

      Don’t miss the forest for the trees, though. If it’s easy to ignore the ceaseless drone of ethical violations from the social network, turn your attention instead to the companies who happily shared in the harvesting of your personal data to bolster their own products — without clear disclosures or any consent whatsoever. Facebook is a problem, but the online economy that trades on your data is a bigger one.

    • Facebook admits that it allowed Netflix and Spotify to access your private messages

      Citing internal Facebook documents, The Times said Spotify could see the messages of more than 70 million Facebook users a month. The Times reported that Spotify, Netflix, and the Royal Bank of Canada could read, write, and even delete people’s messages.

    • How the Pokemon Company achieved GDPR compliance with minimal Gloom

      Augmented reality game Pokemon Go was something of a surprise hit when it launched in 2016, racking up 800 million downloads to date.

      That incredible scale carries with it a massive data lake of personally identifiable information for the Pokemon Company International though, including sensitive data about children. When combined with regulations such as GDPR, this creates a whole melee of potential compliance issues, which the company can’t afford to take any Chanseys with, and really has to catch them all.

    • If the Latest Facebook Revelations Won't Get You to Delete It, What Will?

      And that’s not even taking into account the blatant selling-out of Western democracy in the lead-up to the 2016 presidential election here in the US and the Brexit vote in England, of which a vomitous wave of depressing, awful proof just keeps washing over us.

      They’ve apologized, of course, and promised that they’ll work hard to earn back your trust. That’s one of the things Facebook is super good at: apologizing for breaching your trust. The company is among the world’s best apologizers. Whatever it is they’re apologizing for, they’re never really going do anything about it, but they’re very, very sorry you found out.

      They don’t have to do anything because they’ve done the math and know that’s enough: [...]

  • Civil Rights/Policing

    • Report: CBP’s Border Device Search Program Is An Undersupervised Catastrophe

      The CBP is searching more devices than ever and ramping up an “extreme vetting” program that includes biometric scans, demands for social media account passwords, and more intrusive searches across the board. As the number of device searches continues to increase, the agency’s technical chops and and internal oversight aren’t keeping pace.

      That’s according to recently-released Inspector General’s report [PDF], which finds little to like about the CBP’s search processes and policies, other than they occasionally manage to catch criminals attempting to enter the US. The CBP’s Office of Field Operations is supposed to be taking charge of device searches, ensuring they’re done effectively and intelligently. So far, it appears the OFO has taken a hands-off approach to management, resulting in bad practices and worse security.

    • We Need to Address Police Brutality in Alabama

      These are only a few of the names of those who have been in headlines after being brutalized or killed at the hands of law enforcement in the state of Alabama in recent years. Each of these incidents represent a state-wide pattern of police using excessive, and sometimes fatal, force against the people they’re supposed to protect and serve. Disproportionately, the victims are people of color with the violence occurring during routine interactions with police.

      Given their authority to use force in certain circumstances, police officers must be held accountable when they abuse or misuse their extraordinary powers. It is crucial that those entrusted such authority be committed to using it sparingly, equitably, legally, and in a racially unbiased way and that police departments have the proper policies in place to ensure its officers use force appropriately.

      [...]

      Most police, however, aren’t taking the problem seriously. A Pew Research Center poll released in 2017 found that two-thirds of the nation’s police officers believe the deaths of Black Americans during encounters with police are isolated incidents and not an indication of broader problems between law enforcement and the Black community. This reveals a disconnect between law enforcement and Black people. Culture shifts and internal reform are needed to prompt agents of the law to foster a positive, trusting relationship with communities they serve.

    • Punk rockers who fled to Sweden now face deportation back to Russia

      Two members of Russian protest group Pussy Riot have been denied asylum in Sweden, meaning the couple and their two young children could be deported back to their homeland.

      Alexey Knedlyakovsky and Lusine Djanyan fled Russia last year because they said they were targeted and threatened by the country’s security services for being prominent critics of President Vladimir Putin.

      Earlier this year, NBC News traveled to the remote town where the couple and their young son were living as they waited for a decision on their asylum application. Since then they have had another child.

      On Thursday, they learned their bid to remain in Sweden had been denied.

      “We do not think, we are sure: We will be put in jail,” Knedlyakovsky said of the prospect of being sent back to Russia. “This is a signal to all political activists in Russia that no one will defend them if something happens.”

    • Government-funded scheme to get women into cybersecurity will be overseen by man who assaulted a woman at a party

      The government has defended its decision to fund a cybersecurity training initiative for women overseen by a former GCHQ chief who admitted assaulting a woman two years ago.

      Brian Lord OBE, a former head of cyber and intelligence operations at GCHQ, is now managing director of Protection Group International (PGI), which has been awarded funding from the Department of Culture, Media and Sport (DCMS).

      Using the funding, PGI will run a cyber training programme for 40 women in January, focusing on candidates with no prior technical experience.

      [...]

      PGI emphasised that Mr Lord would not be directly involved with the scheme and said the assault was a “personal issue” unrelated to his role at PGI.

  • Intellectual Monopolies

    • US IP Attachés: China’s IP Policy ‘Hijacked’ By Local Interests In 2018; Bad Faith Filings A ‘Cancer’

      Two out of three United States intellectual property attachés based in China last week had tough words for China’s manipulation of IP policy and law over the past year, suggesting they at times “hijack” the legal process in favour of local interests, and are in a mad rush to become the world’s top patent and trademark filers regardless of quality to the point that it has become a “cancer” on the IP registration system. A third US IP attaché, however, took a friendlier and more patient view of China’s actions, downplaying concerns and urging US companies to allow it to continue.

    • Shareholder value analysis: what Qualcomm stands to gain or lose from $1.5B German iPhone ban

      Yesterday’s final (though appealable) judgment by the Munich I Regional Court–granting Qualcomm a Germany-wide injunction against iPhones older than the 2018 models over a power-efficient enveloper tracker chip design–is not merely wallet paper to decorate Qualcomm’s or Quinn Emanuel’s offices. Qualcomm immediately announced that posting the bond or making deposit required by the court for the right to enforce the injunction during an appeal (something that Reuters initially got wrong) “will be completed within a few days.” Apple, predictably, told the media that it was going to appeal. Otherwise the bond or deposit wouldn’t be necessary, but no one could have doubts for even one second whether Apple would appeal.

      There are technically two cases (one in which Apple Inc. is the defendant and another one where two European Apple entities, including the German company operating 15 local Apple Stores, are targeted). In the aggregate of the two cases, Qualcomm is now going to post a bond or make a deposit of more than $1.5 billion. As Judge Dr. Matthias Zigann explained yesterday, the amount is 60% less than what Apple’s counsel had demanded, and the court felt the massive reduction was justified by the fact that the 2018 iPhone models aren’t going to be affected (only iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, and–but it wasn’t on sale anymore anyway–the iPhone X). Qualcomm had disagreed with the amount, but failed to present facts that would have persuaded the court to slash it further.

    • J.P. Morgan: Qualcomm’s German win has ‘minimal impact’ on Apple

      We estimate that the financial impact of Apple’s stop-sale is likely minimal given: 1) Germany accounts for only 3% of total global shipments; and 2) Apple owns only 15 stores in the whole of Germany, which we estimate will account for only a modest portion of total sales in the country from the direct channel relative to the global average of 30%. We would expect the impact to be less than 1 mn shipments on an annualized basis…

    • Apple to pull some iPhones in Germany as Qualcomm extends global wins

      Chip supplier Qualcomm Inc won a second court skirmish in its worldwide patent battle with Apple Inc on Thursday, with the iPhone maker saying it would pull some older models from its German stores.

    • Spineology, Inc. v. Wright Medical Technology, Inc. (Fed. Cir. 2018)

      The Supreme Court changed the calculus on what conduct satisfies the “exceptional case” criteria for awarding attorney’s fees under 35 U.S.C. § 285 in its Octane Fitness, LLC v. ICON Health & Fitness Inc. and Highmark Inc. v. Allcare Health Mgmt. Sys., Inc. decisions. Under this clarifying precedent, the standard for finding an exceptional case in patent law was based on judicial discretion: district courts should exercise this discretion considering the totality of the circumstances and “in light of the considerations’ underlying the grant of that discretion.” Since these decisions, prevailing parties have increasingly sought and district courts have increasingly granted motions for finding a case exceptional and awarded attorneys’ fees and other sanctions on this basis. Last Friday, the Federal Circuit rendered an opinion, in Spineology, Inc. v. Wright Medical Technology, Inc. seeking to rein in the more vigorous assertions of the exceptional case doctrine under these Supreme Court precedents.

      The case arose in litigation over Reissue Patent No. RE42,757, arising from U.S. Patent No. 6,383,188, and directed to an “expandable reamer” used, according to the opinion, in orthopedic surgical procedures.

      [...]

      Finally, with regard to the litigation (mis)conduct basis for Wright’s appeal, in addition to being unpersuaded the Federal Circuit takes its own admonition against “get[ting] into the weeds” by relying on the District Court’s better understanding of the issues, saying that the District Court is in a better position to make these determinations (citing similar language in the Highmark case). The panel also rejected Wright’s request to remand for further argument on the “totality of the circumstances,” saying that it sees no evidence of abuse of discretion by the District Court, and that “[t]he district court ‘had no obligation to write an opinion that reveals [its] assessment of every consideration,’ and remand is unnecessary to obtain one,” citing Univ. of Utah v. Max-Planck-Gesellschaft, 851 F.3d 1317, 1323 (Fed. Cir. 2017).

      The opinion put the rhetorical cherry on top of its holding by awarding costs to Spineology. Whether this case remains an outlier or warning for trial counsel to take heed of the need to plead carefully regarding an award of attorneys’ fees and determination of exceptional case status remains to be seen, but district courts will certainly appreciate the extent to which the prudent exercise of their discretion remains tantamount before the Federal Circuit on these questions.

    • Copyrights

      • Did the Second Circuit destroy the market for pre-owned digital music?

        The Capitol Records v ReDigi ruling that pre-owned digital music sales infringe copyright “represents a textbook example of perceived outdated provisions of a law written prior to the digital age, enforced by judges who … are bound to interpret it as written”

      • Judge Recommends Dropping ISP Grande’s DMCA Safe Harbor Defense

        Texas-based Internet provider Grande Communications has no right to a safe harbor defense, US Magistrate Judge Andrew Austin argues. The ISP failed to adopt and reasonably implement a repeat copyright infringer policy. Judge Austin, therefore, recommends granting the RIAA labels’ motion for summary judgment on the matter. And there’s more bad news too.

      • Netflix Quick to File Complaint With New Thai Anti-Piracy Agency

        Netflix has become one of the first companies to file a copyright complaint with a newly-formed anti-piracy agency in Thailand. Launched just yesterday, COPTICS is a partnership between Thai police and the country’s Intellectual Property Department, which will aim to quickly block pirate sites, a process that currently takes months.

      • Only weeks remain until America’s Public Domain begins to grow again, for the first time in 21 years!

        This New Year’s Day, for the first time in 21 years, new works will enter the public domain in America: the Class of 2019 was all creating in 1923, and has been locked in copyright for 96 years.

        When Disney successfully lobbied Congress to extend copyright by 20 years in 1998, it stopped the clock on the public domain. 20 years ago, everything from 1922 became public. The next year, and the year after, and every year until 2019, nothing else entered the public domain.

      • Kim Dotcom Extradition Case Headed to the Supreme Court

        Kim Dotcom and former Megaupload colleagues Mathias Ortmann, Finn Batato, and Bram van der Kolk are being allowed to take their extradition battle to the New Zealand Supreme Court. A decision released this morning states that the case may be heard and that contrary to claims by the US Government, the Supreme Court does have jurisdiction in the matter.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts