Bonum Certa Men Certa

Links 24/3/2019: Microsoft Does Not Change; Lots of FOSS Leftovers





GNOME bluefish

Contents





GNU/Linux



  • Has Microsoft Changed?
    Microsoft’s billion-dollar PR department would like everyone to know that they have shed their old ways and evolved into a hip and woke gentle giant, but have they really?

    There is currency in being viewed this way in the public eye and public relations department would like you to believe this about X company because of the trust it fosters. Further, it is also the job of any public relations team to distract us from such and many others that contradict said narrative. In PR and good ol’ fashion propaganda alike, such tactics are referred to as spin. And when a company such as Microsoft employs a former marine and Defense Information School alumni to spin their web, facilitate their social wetwork, and maintain dossiers on journalists (an act of intimidation), it may be wise to remain skeptical.

    As such and rather than focusing on the ambiguous notion of change popularized by zealous employees raving in unison with fan sites shilled by PC ads masquerading as media outlets, it may be wise to highlight a few mainstay behaviors that Microsoft of old has been notorious for and see if they are existent today instead. From there, we can decide for ourselves whether Microsoft is truly the woke, edgy and reformed tech company that their PR and marketing departments would love everyone to believe or if they’re the same law firm with a software problem that they’ve always been with some minor aesthetic changes.

    [...]

    It often goes overlooked, but legal departments can carry as much or more weight than the office of the CEO and this is certainly not an exception for a company founded by the son of a prominent attorney. However, it’s also overlooked how much lawyers generally suck at change; go work for a few law firms if you doubt this. That said and despite Microsoft’s hip new CEO, Brad Smith, one of the largest individual shareholders of Microsoft, has been working within their office of the general counsel since the ‘90s, was named their general counsel towards the conclusion of their embarrassing anti-trust case with the US, and is now their Chief Legal Officer. As a consequence of their legal victories and the billions in revenue made possible through Brad Smith’s leadership, it is almost irrational to think that Microsoft’s legal department has changed as they have no incentive to do this.

    When considering Brad Smith’s clear specialty in the realms of damage control and anti-competition, even approached by Facebook recently, it is difficult to say whether Microsoft has changed much or if they just have the best (dirtiest?) lawyer in the room. After all and just as you tend to stop having to call your traffic attorney as much when you slow down and stop speeding, Microsoft wouldn’t need the Jose Baez of anti-competition on their payroll if they weren’t up to the same antics that got them in trouble in the first place.

    As a result of this, Microsoft Licensing, still overseen by the aforementioned Brad Smith, is still a complex, ever-changing labyrinth that is streamlined to ensnare businesses and add cost at every interchange. Even Azure, the lynchpin of their future, is a licensing hellscape of sorts that appears to borrow heavily from these same practices.

    Although Microsoft claims to be an equal opportunity company that is in the court of women now, 99% of sexual harassment and gender discrimination claims made by highly educated and accomplished women with everything to lose have been found to be meritless and are snuffed out by their HR and employee relations investigations team (ERIT) which Brad Smith also oversees. For what it’s worth, Kathleen Hogan, VP of HR at Microsoft, would like you to know that only 10% of discrimination and 50% of harassment claims are found to be hogwash, which is still garbage.

    [...]

    Despite their layoffs, aesthetic changes, and acquisitions though, Microsoft still appears to be employing the same people that they always have, especially within their highest ranks. In turn, these same people appear to be employing the same sort of employee required to build the same core suite of products that necessitate the same partner distribution network, the same marketing ploys, the same lock-in nature, and the same legal clout that they have been dependent on for decades to make this all possible, leaving little else to be changed beyond the paint on the walls.


  • Server



    • Is open source lock-in possible? [Ed: Well, it is possible, but a lot cheaper to exit and a lot less likely, too]
      Earlier this week, open source software company SuSE announced that it is strengthening its presence in the Asia-Pacific region following its acquisition by growth investor EQT from Micro Focus.

      Well-known for its SuSE Linux distro that got me into Linux during my student years, SuSE is now Europe’s leading Linux distribution, thanks in part to its German roots, but faces strong competition from its bigger US rival Red Hat.

      The two open source software companies have similar offerings, starting with Linux for the infrastructure piece, to container orchestration and OpenStack in the platform layer. But unlike Red Hat, which has Red Hat Ansible under its fold, SuSE does not appear to have a commercial version of the Ansible open source automation tool.


    • SUSE contrasts proprietary VMware with its open-source offering
      Open source company SUSE has taken a pot-shot at cloud infrastructure and business mobility vendor VMware, contrasting the latter's proprietary, closed-source offering with the OpenStack Cloud that it sells.

      A blog post by Ryan Hagen, consulting manager, Global SUSE Services, said that VMware owned the virtualisation market and had used its dominance "to proliferate into other parts of the data centre and create a very sticky situation that you have no way to escape".



    • Here’s how CIOs can address server, open source bottlenecks while implementing AI
      Updated PowerAI toolkit for POWER9 is now available for the first time on Red Hat, including Tensorflow, Caffe, Torch, Theano, and more of the open source community’s most popular deep learning frameworks accessible with an intuitive GUI interface. This makes PowerAI the first commercially supported AI software offering for Red Hat.


    • SD Times Open-Source Project of the Week: Sandboxed API
      This week’s highlighted open-source project aims to make it less burdensome to create sandboxes of C/C++ libraries.

      Google’s Sandboxed API (SAPI) was made open-source earlier this week. In addition, it also made its core sandboxing project, Sandbox2, available as part of the Sandboxed API.

      SAPI works by creating an almost-identical stub API after security policies are set up and library interfaces are created. The API forwards calls to the real library running in a sandboxed environment by using a custom RPC layer.
    • Safely play around with new software in Google’s open source Sandboxed API
      Software isolation isn’t a punishment; it’s a way to make sure your shiny new program that you picked up off of the internet plays nicely with your system and isn’t riddled with malware. Thanks to the newly open sourced Sandboxed API, developers can test out new options without putting their system at risk.

      Sandboxed API (SAPI) automatically generates sandboxes for C/C++ libraries. Security is not an afterthought with this project; each SAPI library utilizes a tightly defined security policy. While it’s only designed to handle part of a binary, the Sandboxed API can be used to try out a library or some other bit of code with an unknown security posture.


    • As Next ’19 approaches, Google confronts strategic challenges in the cloud
      Google has become one of the top-tier cloud vendors, with a key role in driving cloud-native open-source initiatives to ubiquitous adoption among enterprises and solution providers everywhere. It also remains a pacesetter in the core innovations behind cloud-native computing — especially in the Kubernetes container orchestration layer, the Istio mesh fabric and the Knative serverless abstraction layer.

    • TriggerMesh Releases Open Source Knative Event Sources for Multi-Cloud Environments
      TriggerMesh has released their latest open-source project, Knative Lambda Sources (KLASS). KLASS are event sources that can be used to trigger Knative functions in Kubernetes clusters. This enables AWS events to be consumed within a multi-cloud or on-premise environment. This release follows the release of Knative Lambda Runtimes which further enhance the TriggerMesh cloud platform.

      Knative Lambda Sources (KLASS, pronounced class) allow Knative event sources for AWS services. Written as Go event consumers and packaged as container sources which make use of CloudEvents. At the time of writing, KLASS supports events from Code Commit, Cognito, DDB, IOT, Kinesis, S3, SNS, and SQS.




  • Audiocasts/Shows





  • Kernel Space



    • Linux To Add Support For The MOTU 8Pre Digital Audio Workstation Hardware
      The MOTU 8Pre is a Firewire-connected device for digital audio workstations to be able to connect eight microphone inputs. The hardware itself is more than one decade old and in fact the manufacturer already discontinued the product, but with Linux 5.2 the kernel will be supporting this device.

      SUSE developer and Linux sound subsystem maintainer Takashi Sakamoto queued the support this week for supporting the MOTU 8Pre FireWire digital audio workstation device. Details on the support can be found via the enablement patch.


    • Linux Foundation



      • The Kodi Foundation joins the Linux Foundation
        The Kodi Foundation has long been a supporter of open source software and today the developer announces that it has joined the Linux Foundation as an Associate Member.

        The Linux Foundation is a non-profit consortium dedicated to fostering the growth of Linux and open source in general, and providing support for the open source community as well as sponsoring Linux creator Linus Torvalds, and maintaining the linux.com website.


      • The Kodi Foundation DOES NOT MAKE HARDWARE!
        Do you own a Kodi box? The open source home theater software runs on all manner of hardware, from Windows, Mac and Linux systems, to Kodi boxes and the Amazon Fire TV Stick.

        All of the many devices running Kodi have one thing in common though -- they aren’t official Kodi products, and they haven’t been made or licensed by the Kodi Foundation.


      • CommunityBridge gives better visibility into open source code [Ed: CommunityBridge gives Microsoft more control]
        “The Linux Foundation has done a fantastic job at bringing a diverse ecosystem on to one platform designed to mutualize resources,” said Eiso Kant, co-founder, and CEO of source{d}. “We’re thrilled to collaborate with the Open Source community and surface insights everyone needs to better manage, develop or contribute to their respective project codebases.”

        As a recent example, source{d} analyzed the Kubernetes project reporting that as it nears 2 million lines of code (including all languages and generated files), the 4-year-old open source project is showing many signs of maturity. The velocity of commits for the core Kubernetes project seemed to be slowing down as the community focus moves to infrastructure testing, cluster federation, Machine Learning, and HPC (High-Performance Computing) workloads management. With just under 16,000 methods, the Kubernetes API also seems to be stabilizing despite its high level of complexity.
      • DevOps Chat: The CD Foundation, with CloudBees’ Kohsuke Kawaguchi and Tracy Miranda
        The first projects to be hosted under the auspices of CD Foundation includes Jenkins, the open source CI/CD system, and Jenkins X, an open source CI/CD solution on Kubernetes. Both were developed by CloudBees. Netflix and Google, meanwhile, are contributing Spinnaker, an open source multi-cloud CD solution. Google is also adding Tekton, an open source project and specification for creating CI/CD components.

        Founding members of the CD Foundation include Alauda, Alibaba, Anchore, Armory, Autodesk, Capital One, CircleCI, CloudBees, DeployHub, GitLab, Google, Huawei, JFrog, Netflix, Puppet, Red Hat, SAP and Snyk.

        In this DevOps Chat we speak with Kohsuke Kawaguchi (aka KK), founder of Jenkins and CTO of Cloudbees, and Tracy Miranda, open source community director for CloudBees. They give us the insight behind the CD Foundation and what the future may be for Jenkins, JenkinsX and CloudBees.


      • The Continuous Delivery Foundation - what will it bring to DevOps?
      • Inside the new Continuous Delivery Foundation
        Does the world need yet another open source foundation? That is a question that was posed to the founding members of the CDF - the Continuous Delivery Foundation - which recently formed as an addition to the roster of sub-groups beneath the Linux Foundation.

        Skeptics might be brought over by the fact that Jenkins, Jenkins X, Netflix and Google's Spinnaker and Google's Tekton projects have all found themselves at the heart of the initiative, which is aimed at "developing, nurturing, and promoting open source projects, best practices and industry specifications" related to continuous delivery - in other words, speedy software cycles that are at the heart of the devops motto to 'fail fast'.

      • Open Source Project Fosters Data Teamwork Best Practices


      • Mainframe DevOps Using Zowe Open Source
        This session will demonstrate how to use the Zowe open source framework to extend modern devops tooling and practices to the mainframe and to enhance the mainframe developer experience. A follow-up to the overview session, the hosts will drill into the Zowe architecture while demoing key capabilities including the command line interface (CLI) and API Mediation Layer.





    • Graphics Stack





  • Applications



    • 6 Best Free Linux Desktop Search Engines
      Desktop search is a software application which searches the contents of computer files, rather than searching the internet. The purpose of this software is to enable the user to locate information on their computer. Typically, this data includes emails, chat logs, documents, contact lists, graphics files, as well as multimedia files including video and audio.

      Searching a hard disk can be painfully slow, especially bearing in mind the large storage capacities of modern hard disks. To ensure considerably better performance, desktop search engines build and maintain an index database. Populating this database is a system intensive activity. Consequently, desktop search engines will carry out indexing when the computer is not being used.

      One of the key benefits of this type of software is that it allows the user to locate data stored on their hard disk almost instantaneously. They are designed to be fast. They are not integrated with a different application, such as a file manager.

      Such software performs in a similar way to Windows Search and Spotlight in Mac OS X. All of the applications featured in this article are released under a freely distributable license


    • Roadmap for Teleirc v1.4
      Teleirc v1.4 is the next feature release of Teleirc. The targeted release date for v1.4 is by the end of April 2019 (i.e. the end of the academic semester for students involved with the project). Following v1.4, the project will likely enter brief hibernation until Fall 2019 when the RIT academic semester begins again.



    • Instructionals/Technical





  • Desktop Environments/WMs



    • Xfce's Screensaver Is Now Faster & Smarter About Conserving Power/Resources
      Xfce Screensaver 0.1.4 has been released and provides some significant underlying improvements. While people generally don't give much thought to screensavers in 2019, the new Xfce Screensaver release has finally added support for screen locking when the system goes to sleep (configurable option) and screensavers are now suspended when monitors are powered off via DPMS in order to conserve power, since it's a waste of resources to be displaying the screensaver when there is no monitor to see said screensaver. The v0.1.4 release also has better laptop lid support and better handling of monitor connection events.


    • K Desktop Environment/KDE SC/Qt



      • KDE Usability & Productivity: Week 63
        It’s time for week 63 in KDE’s Usability & Productivity initiative. These things are getting so huge I’m going to have to start splitting them up into multiple posts, because KDE contributors just don’t stop fixing and improving things! Expect more to come soon, but for now, here’s what we’ve got for you...


      • KDE Picking Up Thumbnail Previews For Blender Files, Continued UI Improvements
        It's Sunday and that means KDE developer Nate Graham is out with his (great) weekly recap of the interesting improvements made over the past week in KDE land.

        Some of the KDE improvements over the past week worth noting for KDE Applications 19.04 are Blender files now getting thumbnail previews and the Dolphin file manager can launched using the new Meta+E global keyboard shortcut.


      • Trying Out KDE Plasma 5.15


      • KDE Neon Installation Walkthrough






  • Distributions



    • New Releases



      • Zorin OS 15 Linux Beta Released for new desktop experience
        Zorin OS which is based on Ubuntu Linux and one of the best Linux alternative for Windows and MacOS operating systems has released its latest beta version with an overhaul in design. The Linux OS Zorin recently, on its blog revealed the features of the latest Zorin OSD 15 with a quite nice makeover.

        According to the blog of Zorin, the upcoming release has revamped the OS to give a new experience for apps installation and more user-friendly interface than before. The beta version runs on Gnome Shell 3.30 and the Linux kernel 4.1.




    • OpenSUSE/SUSE



      • SUSE acquisition by EQT complete, company repositions for growth
        Open source firm SUSE has completed the process of acquisition by its fourth owner — Swedish growth investor EQT — and says it would now be the largest independent open source company, a status that Red Hat once enjoyed until it was bought by IBM.

        In a statement, the company said it had expanded its executive team, added new leadership roles and experience to help stimulate growth.



      • Independent SUSE commits to open source community
        SUSE has announced the creation of the largest independent open source company following the completion of its acquisition by growth investor EQT from Micro Focus. With its ongoing momentum, portfolio expansion and successful execution in the marketplace, as a standalone business SUSE is now even better positioned to focus on the needs of customers and partners as a leading provider of enterprise-grade, open source software-defined infrastructure and application delivery solutions that enable customer workloads anywhere – on premise, hybrid and multi-cloud – with exceptional service, value and flexibility.


      • Growth investor EQT acquires SUSE; creates the largest independent open source company
        SUSE announced the creation of the largest independent open source company following the completion of SUSE's acquisition by growth investor EQT from Micro Focus.

        The newly independent SUSE has expanded its executive team, adding new leadership roles and experience to foster its continued momentum into this next stage of corporate development. Enrica Angelone has been named to the new post of chief financial officer, and Sander Huyts is SUSE's new chief operations officer. Thomas Di Giacomo, formerly chief technology officer for SUSE, is now president of Engineering, Product and Innovation. All three report to SUSE CEO Nils Brauckmann.




    • Debian Family



      • Derivatives



        • Canonical/Ubuntu



          • Ubuntu 19.04 Updates - 7 Things To Know
            Ubuntu 19.04 is scheduled to arrive in another 30 days. I've been using it for the past week or so, and even as a pre-beta, the OS is pretty stable and not buggy at all. Here are a bunch of things you should know about the yet to be officially released Ubuntu 19.04.










  • Devices/Embedded





Free Software/Open Source



  • DARPA takes on election security with open source
    The defense research agency is exploring the feasibility of locking down election systems with open-source software and secure hardware.


  • DARPA to Develop $10 Million Open Source Voting System
    The US election might be different in 2020 thanks to a project by DARPA (Defense Advanced Research Projects Agency), the US Department of Defense research division, aiming at bullet-proofing voting machines by moving away from proprietary software that can’t be properly evaluated for bugs, writes Motherboard.



  • DARPA Begins Development of Secure, Open-Source e-Voting System
    In July 2016, a dozen professional hackers tied to the Russian government infiltrated the servers of the Democratic National Committee and released thousands of confidential emails via WikiLeaks.

    The ongoing FBI investigation revealed that hackers targeted voter registration systems in 20 states and successfully breached four databases.

    The audacious DNC hack was an attempt to influence the U.S. presidential election and hit the American democracy as a whole in its heart.

    This unprecedented cyber attack showed just how vulnerable the American election system is and how urgent is the need for an overhaul.


  • DARPA is Developing a Secure Open Source Voting System
    The Defense Advanced Research Projects Agency (DARPA) is building an open source secured voting system worth $10 Million.


  • DARPA Researching How to Secure Our Voting Machines
    Importantly, they’re taking a different approach than other cybersecurity providers who try to thwart hacks with software patches. DARPA instead is looking at how the machine’s hardware—like circuits, buses, and I/O ports—could be harnessed and reconfigured to thwart intruders.

    This has real potential since in most cases. If there is a hardware solution to hackers trying to penetrate a system, there isn’t much a hacker can do without being present to physically interact with the machine—at least theoretically. Since software drives hardware, there will still be vulnerabilities for hackers to exploit, but DARPA seems to have a solution for this too.


  • DARPA is working on an open source, secure e-voting system
    The US Government is working on an electronic voting system that it hopes will prevent people tinkering with voting machines at the polls.


  • Jack Dorsey: Square Will Pay Bitcoin Devs To Build Open-Source Ecosystem
    In a move which underscored the tech mogul’s appreciation of both cryptocurrency and freely accessible innovation, Dorsey said he will hire “3-4 crypto engineers and 1 designer” to contribute to crypto full time – and pay them in BTC.

  • Twitter CEO Jack Dorsey Launches Open-Source Bitcoin Dev Team
    On March 20th, Jack Dorsey, CEO of Twitter & Square, announced that $32 billion payments company Square is planning on hiring up to five individuals to develop “open source contributions to the Bitcoin and crypto ecosystem.”

    Up to four of the possible open positions are for engineers–particularly those who have prior experience in building blockchains. One of the positions is for a designer. Each of the positions is full-time, and the new hires will either work at Square’s San Francisco headquarters or remotely. And hey, they can even be paid in Bitcoin.
  • Improving Bitcoin: Jack Dorsey Announces Open-Source Initiative Square Crypto
    Jack Dorsey—the CEO of Twitter and Square, announced “Square Crypto”—a team Dorsey is assembling to work full-time on improving the Bitcoin...


  • Open source toolkit eases reinforcement learning for robots
    The company describes gym-gazebo2 as a complex piece of software for roboticists that puts together simulation tools, robot middlewares (ROS, ROS 2), machine learning and reinforcement learning techniques. All together to create an environment where to benchmark and develop behaviors with robots. Setting up gym-gazebo2 appropriately requires relevant familiarity with these tools.



  • China Unicom's big bet on open source
    Driven in part by the advent of new 5G technologies, many of the world's largest telecommunications providers—AT&T, BT, CenturyLink, Telefonica, and more—have gone public with their plans to migrate to a microservices architecture running in a cloud to handle the massive jump in data they anticipate. Even at this pace, they still trail the hyperscale cloud service providers like Microsoft Azure, Google Cloud Platform, Amazon Web Services, and Facebook who pioneered the initial adoption of container software in their data centers.

    While these other telcos are lagging, China Unicom is not—in fact, the leading Chinese telco is already there. Even more interestingly, open source software is helping China Unicom lead the way to expand services and improve performance for its more than 320 million subscribers.

  • Engineering Nexus’ Fourth Meetup : Open source and beyond - building smarter QE platforms
    This initiative, which was kick-started with the hope of bringing the local tech industry together to share knowledge and develop Sri Lanka’s engineering practice, focuses on a different area of engineering at each Nexus.

    This time around, the meetup will revolve around harnessing open source technologies to surpass standard QE practices and build more innovative, effective and cost-efficient platforms. There will be three speakers from different firms in the local IT industry who specialize in varying technical areas, discussing topics under this collective theme.
  • Engineering Nexus' fourth meetup: Open Source and Beyond Building Smarter QE Platforms


  • Complex needs of comms and cloud infra drive open source activity
    There was ‘open’ of course – a common design, like ARM’s or MIPS’ processor cores, which could be licensed by anyone, by contrast with Intel’s rarely-shared x86. But now, emerging network hardware platforms, including white boxes, lend themselves to an extension of that openness, reaching even into full open source communities.


  • Events



    • Percona Reveals Full Conference Session Schedule for Percona Live Open Source Database Conference 2019


    • SUSE and Partners to Showcase Open Source Business Technologies that Transform at SUSECON in Nashville
      SUSE€® today announced sponsors, keynotes and breakout session details for its upcoming SUSECON 2019 global end-user conference, to be held April 1-5 in Nashville, Tennessee. With its theme "My kind of open," SUSECON showcases SUSE's dedication to collaboration and choice for partners, customers and community members. That openness shows in the latest software-defined infrastructure and application delivery solutions that are flexible enough to be deployed anywhere and are fueling digital transformation and business growth.


    • LibrePlanet Day 1: Trailblazing free software together
      On day one of LibrePlanet 2019, we welcomed 264 attendees to the Stata Center at the Massachusetts Institute of Techology (MIT). The LibrePlanet conference has now entered its second decade, and as software infiltrates more and more of daily life, there are many new and important ethical, social, legal, and technological questions to answer. Today's sessions examined the theme of "Trailblazing Free Software" from many different angles, addressing how we can apply the practical advantages of free software while maintaining and defending the indispensable principles behind it.

      LibrePlanet 2019 kicked off on Saturday, March 23rd with a moving, urgent keynote by Tarek Loubani, an emergency physician who splits his time between Canada and the Gaza Strip, focusing on the production and proliferation of free medical devices. Loubani's work involves gaining self-sufficiency and local independence for medical systems through the use of free techniques.

      Dr. Loubani described his journey from seeing change as the work of superheroes to a point of understanding change as built by millions of "tiny ants," working collaboratively to improve how we live. Beginning with stethoscopes, Dr. Loubani and other determined medical professionals and designers created free designs to 3D print cheap but high-quality medical devices, which can save lives in Gaza and other war-torn regions around the world. While many of the stories he told were tragic, Dr. Loubani's talk ended on a hopeful note, celebrating the dignity and ingenuity of the Palestinian people, and connecting it to the vibrancy and importance of the free software movement.




  • Web Browsers



    • 10 Best lightweight browsers for Linux or Ubuntu
      Web Browsers, the day when they started making our lives easier by allowing us to crawl the internet to today’s world; they have been gone through numerous technological advancements. Browsers are quite advance to handle high-end graphics, online videos, apps and more without the help of third-party software. But this also has made them heavy in terms of consuming hardware resources, means more RAM and storage space. Such kind of browsers works well on good system configuration machines, however, Linux operating systems those are running on old PC or laptops or low configuration systems require light browsers with a minimal approach to work fast.

      Mainstream browser or shall I say the dominated one: Google Chrome that Linux users refrain themselves from instaling it on their machines is rather resourced consuming browser. This is the main reason why most of the Linux OS like Ubuntu, Linux Mint, Centos and more come with Firefox Mozilla but somewhere it still not that much lightweight as we need it to be. So, I have done some research and gathered some lightweight Linux browsers.


    • Chrome





  • SaaS/Back End



    • DataWorks Summit 2019: Cloudera allays post-merger fears with ‘100% open-source’ commitment
      The 'new' Cloudera has committed to becoming a fully open-source company, having followed an open-core model prior to its $5.2 billion merger with former rival Hortonworks.

      All 32 of the current open source projects found between both Hortonworks and Cloudera's legacy platforms will remain available as cloud-based services on its new jointly-developed Cloudera Data Platform (CDP).


    • Q&A: Cloudera’s Fight Back Begins in 3, 2, 1… [Q&A: Cloudera CMO Mick Hollison on Cloud Rivals, Open Source Licencing and More...]
      Post-merger your companies are providing over 30 open source-based products and keeping both Hortonworks and Cloudera iterations of tools. Are you focussed enough?

      It’s certainly a very valid question. I think it’s more focused than it’s ever been. This whole galvanising concept of an enterprise data cloud is really pulling it all together.

      Once all of the open source components are delivered as cloud-based services, you quit worrying so much about which open source project you picked; you let the customers make those decisions. And honestly even for them it’s delivered as a service.

      They just know that it’s a service that provides them with a data warehousing capability a service that provides them with a data engineering or data pipeline capability.




  • Databases



    • Greenplum 6 ventures outside the analytic box
      It's about six months early, but Pivotal is talking about Greenplum version 6. It's a milestone release, as v6 is the one that will finally put the Greenplum database in full sync with the open source PostgreSQL trunk. And in turn, that has freed the development team to spread its wings to cover ground outside Greenplum's traditional MPP analytics footprint. At the Postgres Conference in New York this week, the company provided a peek into the roadmap for the next version that is currently scheduled for September release.





  • Net/CMS



    • Top 5 decentralized social networks
      Diaspora: It's been around for awhile and has more than a million users. Servers are independently run, and users own their data. Minds: This open source network has more than two million users and prides itself on a lack of censorship. The network focuses on news feeds, blogs, groups, and general discovery features. It uses peer-to-peer advertising and allows you to monetize your content. Mastodon: Probably the most familiar and most similar to Twitter, it operates on open source servers and has a 500 character limit. It uses anti-abuse tools, and moderators may step in quick. Sola: You don't follow anyone with this network. AI and user reaction spread information, trying to match quality content with people who would be interested in it. Any user can host a Sola node. It prides itself on being immune to blocking and censorship. Sola splits money it makes from ads, user payments, and partnerships with all of its users. Manyverse: This one stores data on user devices instead of servers and syncs using a platform called Scuttlebutt—this makes it usable offline. Data can even be synced directly between devices over Bluetooth.


    • How open source is making the move to Web 3.0 easier
      When HTTP first launched, it revolutionized how we interacted with the web.

      But the technology has not been able to keep up with the increasing data demands of advancements in AI, the rise of IoT and all the technologies that have allowed the tech sector to boom. With more data being packaged, processed and stored on the web than ever before, the drawbacks of HTTP have become abundantly clear.

      Web 3.0 represents a paradigm shift in the way users interact with, transport and store data in a truly decentralized manner. Answering the call for improved security protocols, especially for personal data, is one of the highest priorities for Web 3.0. By putting data protections back into the hands of the user, individuals will have more control over the data they produce – and how businesses can access and use that data.


    • The Apache Software Foundation Announces Apache€® CloudMonkey€® v6.0


    • The Apache Software Foundation Announces Apache€® Unomiâ„¢ as a Top-Level Project
      Powerful Open Source Customer Data Platform in use at Al-Monitor, Altola, Jahia, and Yupiik, among others.
    • The Apache Software Foundation Announces Apache Unomi as a Top-Level Project


    • Apache Unomi Could Prove a Major Customer Data Platform Disruptor
      Does your business need a Customer Data Platform (CDP) to store customer insights, such as behavioural data, or handle visitor profile management?

      Typically enterprises needing this kind of resource have had to pay for closed source proprietary software – open source alternatives are not thick on the ground.

      That means a: paying for a subscription; b: little configuration flexibility and c: few, if any, commercial CDPs offer integrators the genuine ability to build in a user interface for customers that lets them manage privacy, in a world in which that is becoming both a customer concern and regulatory priority apropos GDPR.


    • eLife Unveils Open Source Platform for Submissions and Peer Review
      eLife joined forces with the Collaborative Knowledge Foundation (Coko) for the first release of Libero Reviewer, an open source submission and peer-review platform that supports eLife’s editorial process. Other organizations can use the components of this solution as is or adapt them to meet their requirements.




  • Healthcare



    • NYU open-sources breast cancer screening model trained on over 200,000 mammography exams
      Breast cancer is the second leading cancer-related cause of death among women in the U.S. It’s estimated that in 2015, 232,000 women were diagnosed with the disease and approximately 40,000 died from it. And while diagnostic exams like mammography have come into wide practice — in 2014, over 39 million breast cancer screenings were performed in the U.S. alone — they’re not always reliable. About 10 to 15 percent of women who undergo a mammogram are asked to return following an inconclusive analysis.

      That’s why researchers at New York University are investigating an AI-driven technique that promises much higher precision than today’s tests. In a newly published paper on Arxiv.org (“Deep Neural Networks Improve Radiologists’ Performance in Breast Cancer Screening“), they describe a deep convolutional neural network — a class of machine learning algorithm commonly used in image classification — that notches an area under the ROC curve (AUC) of 0.895 in predicting the presence of a cancerous breast tumor. Moreover, they claim that when averaged with the probability of malignancy predicted by a radiologist from the AI system’s results, the AUC is higher than either method achieves separately.

      [...]

      The team began by sourcing a data set comprising 229,426 digital screening mammography exams (1,001,093 images) from 141,473 patients, each of which contained at least four images corresponding to the four views typically used in mammography screenings (right craniocaudal, left craniocaudal, right mediolateral oblique, and left mediolateral oblique). They extracted labels from 5,832 exams with at least one biopsy performed within 120 days of the screening mammogram, and then recruited a team of radiologists — all of whom were provided supporting pathology reports — to indicate where the biopsies were taken “at the pixel level.”



    • Will this new openness to open source heed past lessons?
      NHSX has listed open source as one of its priorities. For Ewan Davis, there is a keen sense of déjà vu – and a desperate desire for the many lessons of the past to be heeded.

      Open source seems to be back on the NHS agenda, courtesy of NHSX. The body lists one of its responsibilities as: “Making sure that all source code is open by default so that anyone who wants to write code for the NHS can see what we need.”

      As a new organisation NHSX has no corporate memory and so I thought it might be helpful to share my observations on what happened last time the NHS got excited about open source.

      It started when Tim Kelsey (peace be upon him) – then NHS England national director for patients and information – went on a trip to the USA. He saw the open source EHR VistA operating in the US Veterans Administration, decided it would be good for the NHS, and wrote it into Tech Fund 1 like Brighton through a stick of rock.

      I got involved, working for NHS England with guys from World VistA and OSERA to establish what would be needed to localise VistA for the NHS. We came up with a plan but the cost was more than NHS England was willing to pay. NHS VistA was doomed.

      Our work did lead to the creation of an open source programme within NHS England, though, which rapidly absorbed and refactored Tim’s next idea: Code4Health.


    • Visikol Releases Open Source 3Screenâ„¢ Python Library for Training Convolutional Neural Networks for Use in Digital Pathology
      Over the last two years, Visikol has leveraged its internal 3Screenâ„¢ image analysis software to provide its pharmaceutical Clients with unprecedented insights from their tissues. As a leader in the image analysis space, Visikol not only provides best-in-class services to its Clients, but also periodically makes useful 3Screenâ„¢ tools available to the academic community. To help the academic community with more easily adopting neural networks in image analysis, Visikol is launching a Python library to assist with training.





  • Pseudo-Open Source (Openwashing)



  • Funding



    • Google Launches "Season of Docs" Program to Improve Open Source Documentation
      Google has launched Season of Docs, a program which aims to improve documentation for open source projects. It will do this by building a mentoring relationship between open source contributors and technical writers, helping to create stronger and more comprehensive documentation for various open source technologies.

      The motivation for Season of Docs comes from the Open Source Survey, which demonstrated that good documentation is lacking for many open source projects. Google believes that this is because the creation of documentation is hard, and so in turn have created this program to improve it.




  • FSF/FSFE/GNU/SFLC



    • OpenStreetMap and Deborah Nicholson win 2019 FSF Awards
      This year the FSF awarded OpenStreetMap and the award was accepted by Kate Chapman, chairperson of the OpenStreetMap Foundation and co-founder of the Humanitarian OpenStreetMap Team (HOT).

      OpenStreetMap is a collaborative project to create a free editable map of the world. Founded by Steve Coast in the UK in 2004, OpenStreetMap is built by a community of over one million community members and has found its application on thousands of Web sites, mobile apps, and hardware devices. OpenStreetMap is the only truly global service without restrictions on use or availability of map information.




  • Licensing/Legal



    • Amazon Ups Its Game On Open Source, Elastic Shares Down By 5%
      After the year of ups and downs with its relationship with Elastic, AWS has launched its independent library of open source-code known as Open Distro.


    • With its Elasticsearch distribution, Amazon Web Services sends more shockwaves through open-source software
      Nobody really knows what lies ahead for the future of open-source software as cloud computing becomes the dominant force in enterprise tech, but the times are definitely changing.

      Just about anything that Amazon Web Services does has massive ripple effects throughout this world, and last week’s decision to release its own open-source version of Elasticsearch, a popular engine for searching and analyzing internal company data maintained by newly public company Elastic, was no exception. AWS open-source czar Adrian Cockcroft was careful to describe the Open Distro for Elasticsearch as a distribution, rather than a fork, but the move underscores a fundamental conflict between companies based around open-source projects and the growing popularity of cloud service providers.


    • Debunking the open source sustainability myth [Ed: Mac Asay siding with the exploitation and the closing of code (former employer)]
      Open source vendors are draping themselves in the flag of "sustainability" to try to garner support against AWS—it's not working. Here's why open source sustainability is fake news.



    • Open source a silent killer? CAST talks about their new alliance with Software Heritage [Ed: That typical pretense that proprietary software does not have security issues (it has back doors too) and proprietary licensing is somehow "safe" and "predictable" (the opposite is true). FUD by omission.]
      Combine IP lawsuits with the aforementioned security concerns and organisations could really have a problem on their hands, which is why the market for software composition analysis (SCA) tools is picking up a bit of steam. SCA tools aim to provide a ‘diagnostic' view of the all the OSS components that exist within a business and determine whether or not there is a vulnerability or particular licencing requirement to consider. CAST is one of these vendors, and they've just announced a new alliance with source code archival not-for-profit Software Heritage, with the aim of taking SCA one step further.

      Essentially CAST is working with Software Heritage, who oversee the world's largest open archive of software source code, to develop a ‘provenance index' which allows users to trawl through Software Heritage's archive using CAST's Highlight SCA software to identify the original occurrence of any given source file, and all of its subsequent occurrences. CAST says this will allow users to assess any third-party source code within Software Heritage's library of five billion plus known source code files, weeding out and vulnerabilities and licencing risks they present.


    • Types of open source software and Licenses
      Free and Open source software (FOSS) is a very popular term in the world of software because their license distribution terms.

      There are many open source software in the market. Many people may think that the most obvious feature of open source software is free, but it is not the case. They widely recognize because the availability of source code of the open source software available for anyone to modify.

      It means any developer or community can change the software to improve, adds features, fixing of bugs, distribution under own branding and more. However, the open source system also has copyright, which is also protected by law.

      While using/distribution of open source projects for some commercial or personal use, the users should not only indicate the products are from open source software and the name of the source code writer but also submit the modified products to open source software community, otherwise the modified products can be regarded as an infringement. The indifference of copyright awareness is the biggest obstacle to the development of open source.




  • Openness/Sharing/Collaboration



    • Open-source solution: Researchers 3D-print system for optical cardiography


    • Open-source solution for multiparametric optical mapping of the heart's electrical activity
      An international research team from the George Washington University, U.S., and the Moscow Institute of Physics and Technology, Russia, has developed an open-source solution for multiparametric optical mapping of the heart's electrical activity. The technique involves monitoring multiple parameters at once -- for example, both electrical excitation and the changes in the intracellular calcium concentration. This technique is a useful tool for enhancing our understanding of the mechanisms behind cardiac arrhythmias. The 3D models of the mapping system components and the source code for data analysis are openly available, enabling other research groups to benefit from the new solution. The study was published in Scientific Reports.



    • Open-source solution: Researchers 3D-print system for optical cardiography


    • Eight Sectors That Could Benefit From Open Source Programs [Ed: A push to distance "open source" away from actual code?]
      Members of Forbes Technology Council explain the pros of open source software and which business types could benefit most from it.


    • Open Source Fisheries yields good results in coastal districts
      The need now is to foster a shift to more sustainable resources of food such as inland culture fisheries. As many as 184 integrated farming demonstrations, which covers fish, vegetables and poultry have been piloted and 100 low-cost, locally made cages have been installed across the four districts, said Programme Manager OSF Karthik Ramesh said.



    • Dimitri Komatitsch (1970–2019)
      Dimitri Komatitsch had a profound impact on computational seismology and embodied the notion of open-source, collaborative research.


    • Open Hardware/Modding



      • Cost Sensitivity Analysis Performed for 3D Printed, Open Source Infant Clubfoot Brace
        Congential talipes equinovarus (CTEV), perhaps better known as clubfoot, is one of the most common congenital physical deformities, as it occurs at least once every 1,000 births. In countries like the US, CTEV is diagnosed at birth and treated while the patient is still a young child, using a method of weekly manipulation and casting, followed by an Achilles tenotomy. Then a foot abduction orthosis (FAO) is worn until the patient is about four years old so that the deformity will not reoccur. Unfortunately, these types of treatment options are not as readily available, or affordable, in developing countries like East Africa, where clubfoot can occur up to eight times every 1,000 births.






  • Programming/Development



    • 6 Best IDEs For C and C++ Programming Language
      Ability to understand and write code is something that makes a computer science graduate a programmer or developer. Majority of institutes start their curriculum with C programming language and then move to C++. Though C++ is also derived from C and offers object-oriented programming features, if you are not using a good IDE, you will probably have a hard time while coding.

      An Integrated Development Environment (IDE) helps a programmer a lot by providing all comprehensive facilities required for the development. It also improves the productivity of a developer with its useful tools, autocompletes capabilities and hundreds of shortcuts. Today, I will share some best IDEs for C and C++ developers that will not only make things easy but also make them accomplish more tasks in lesser time.


    • Fix errors with the python errors encyclopedia.


    • Using Tornado - first steps...


    • Python Dictionaries: Cheat Sheet


    • Deconstructing xkcd.com/1987/
      To me, the point of this xkcd comic is for Randall to be self-deprecating and point out how he let the Python situation on his computer get out of hand. Unfortunately people don't always pick up on this and instead decide to point at this picture and say, "see, Python is messed up!" But if you take the time to really look at the comic you will notice that pretty much none if it is directly Python's own fault (not knowing what pip is pointing at is pretty much the only thing you could point at and say is still the Python community's fault).



    • Wing Python IDE 7.0 Release Candidate 1
      The first release candidate of Wing Python IDE version 7 is now available through our Early Access Program.

      This release improves the array and data frame viewer, solves several issues in Python code intelligence, fixes VI mode jj and jk, fixes whole file PEP8 reformatting, and makes about 12 other improvements.


    • Microsoft's TypeScript programming language rising fast, almost makes top 10 [Ed: According to a Microsoft site ("RedMonk uses code repositories hosted on GitHub"), Microsoft is on the rise. Lousy research. Delete GitHub as it helps Microsoft craft propaganda. This kind of thing has been done for years. Anti-GPL FUD, claims that Microsoft is top contributor to FOSS and so on. As if GitHub is the same thing as FOSS. GitHub itself is proprietary. RedMonk itself lists Microsoft as a client. The author of this article habitually bashes Linux (for years) and the site is Microsoft-sponsored (through ads). Fernando Cassia said: "If shell and powershell are "programming languages" I'm an astronaut. It's hard to take any analysis based on raw github categories too seriously. I'm not sure JVM languages with a non-JVM counterpart are counted for instance. Is jruby counted in the same category as Ruby?"]
      RedMonk uses code repositories hosted on GitHub and discussions on Stack Overflow to rank programming languages.


    • How I learned Machine Learning
      The whole world is being computerised. When I started learning Python Programming, I figured out some introduction of Machine Learning. And when I listened one statement I got very interest. The statement was, "Machine Learning is a technology of programming in which If a machine is made it can learn to play football. It will get trained itself. " I was totally amazed by this sentence. And I also thought of learning Machine Learning.



    • List, Set and Dictionary Comprehensions in Python
      In this post, we will discuss the three Python comprehensions, i.e., list, set and dictionary comprehensions, with examples.


    • Endlessh: an SSH Tarpit

      This program opens a socket and pretends to be an SSH server. However, it actually just ties up SSH clients with false promises indefinitely — or at least until the client eventually gives up. After cloning the repository, here’s how you can try it out for yourself (default port 2222):



  • Standards/Consortia





Leftovers



  • Cruise Ship in Trouble; 1,300 Passengers Being Evacuated by Helicopter
    A cruise ship with engine problems sent a mayday call off Norway’s western coast on Saturday, then began evacuating its 1,300 passengers and crew amid stormy seas and heavy winds in a high-risk helicopter rescue operation.

    The Norwegian newspaper VG said the Viking Sky cruise ship ran into propulsion problems as bad weather hit Norway’s coastal regions on Saturday and started drifting toward land. Police in the western county of Moere og Romsdal said the ship’s captain, fearing his vessel would run aground, managed to anchor in Hustadsvika Bay, between the western Norwegian cities of Alesund and Trondheim, so the evacuations could take place.

    Rescue teams with helicopters and boats were sent to evacuate the cruise ship under extremely difficult circumstances.


  • Science



    • You can help “rescue” weather data from the 1860s

      The Weather Rescue project uses volunteers—a group you could join by visiting the website—to read the scanned paper records of the daily measurements from the network Fitzroy created, which span a century. The data has scientific value beyond historical curiosity.



    • The Very Mathematical History of a Perfect Color Combination
      It turns out I'm not alone. I'm not a coder by trade, but I like to use code editors for writing and organizing notes. While hunting for tools after switching from a Mac to Windows, I started to see Solarized Dark and its sibling Solarized Light, which uses the same 16-color palette, practically everywhere I looked. It's hard to say how many programmers use it. The design is free and open source, so there’s no tally of purchases. It’s available for every major code editor and many other programming tools. Microsoft even bundled it with its popular code editor VS Code. Solarized has a loyal following.





  • Health/Nutrition



    • Colorado wants to import prescription drugs from Canada. How it could work, and why it may not.
      Colorado is trying to become one of the first states in the nation to import prescription drugs from Canada, a bid to give consumers relief from soaring pharmaceutical costs.

      A bill making its way through the General Assembly with the support of Democratic Gov. Jared Polis would create a program to start importation by 2022. But hurdles abound. Federal approval is required, and in the 16 years since Congress authorized the practice in 2003, no state has ever obtained that permission.

      But that may change as a growing number of states are pressuring federal regulators. In Vermont, the legislature last year approved creating an importation program. And President Donald Trump supports doing so in at least some situations, suggesting a path forward on a practice that has long been opposed by federal administrations on both sides of the aisle.


    • Tens of Thousands of Heart Patients May Not Need Open-Heart Surgery
      Replacement of the aortic valve with a minimally invasive procedure called TAVR proved effective in younger, healthier patients.


    • Judge stays Kentucky’s fetal heartbeat bill, keeping the state’s lone abortion clinic open — for now
      A federal judge temporarily blocked a Kentucky law that would effectively ban abortions in the state on Friday — the latest battle site in the right’s campaign to bring legislation to the Supreme Court that could challenge Roe v. Wade.





  • Security



    • Webauthn in Linux with a TPM via the HID gadget
      Account security on the modern web is a bit of a nightmare. Everyone understands the need for strong passwords which are different for each account, but managing them is problematic because the human mind just can’t remember hundreds of complete gibberish words so everyone uses a password manager (which, lets admit it, for a lot of people is to write it down). A solution to this problem has long been something called two factor authentication (2FA) which authenticates you by something you know (like a password) and something you posses (like a TPM or a USB token). The problem has always been that you ideally need a different 2FA for each website, so that a compromise of one website doesn’t lead to the compromise of all your accounts.

      Enter webauthn. This is designed as a 2FA protocol that uses public key cryptography instead of shared secrets and also uses a different public/private key pair for each website. Thus aspiring to be a passwordless secure scalable 2FA system for the web. However, the webauthn standard only specifies how the protocol works when the browser communicates with the remote website, there’s a different standard called FIDO or U2F that specifies how the browser communicates with the second factor (called an authenticator in FIDO speak) and how that second factor works.

      It turns out that the FIDO standards do specify a TPM as one possible backend, so what, you might ask does this have to do with the Linux Gadget subsystem? The answer, it turns out, is that although the standards do recommend a TPM as the second factor, they don’t specify how to connect to one. The only connection protocols in the Client To Authenticator Protocol (CTAP) specifications are USB, BLE and NFC. And, in fact, the only one that’s really widely implemented in browsers is USB, so if you want to connect your laptop’s TPM to a browser it’s going to have to go over USB meaning you need a Linux USB gadget. Conspiracy theorists will obviously notice that if the main current connector is USB and FIDO requires new USB tokens because it’s a new standard then webauthn is a boon to token manufacturers.
    • Netgate€® Advances TNSRâ„¢ Open Source Secure Networking with Release 19.02


    • Using an OpenBSD Router with AT&T U-Verse

      I upgraded to AT&T's U-verse Gigabit internet service in 2017 and it came with an Arris BGW-210 as the WiFi AP and router. The BGW-210 is not a terrible device, but I already had my own Airport Extreme APs wired throughout my house and an OpenBSD router configured with various things, so I had no use for this device. It's also a potentially-insecure device that I can't upgrade or fully disable remote control over.

      Fully removing the BGW-210 is not possible as we'll see later, but it is possible to remove it from the routing path. This is how I did it with OpenBSD.



    • Report: EU to reject ban on Huawei [iophk: "for a minuscule fraction of the price, the countries could add wireless to openbsd and have done with the question permanently"]

      Citing four unnamed sources familiar with the decision, the outlet reported that Andrus Ansip, the European Commission’s digital chief, will present his recommendation next week.

      The proposal will reportedly advise member states to adopt the EU’s cybersecurity guidelines to coordinate and share information on their wireless networks.

      According to Reuters, the plan would be to allow countries to decide for themselves whether to ban Huawei.



    • Exclusive: EU to drop threat of Huawei ban but wants 5G risks monitored - sources

      European digital chief Andrus Ansip will present the recommendation on Tuesday. While the guidance does not have legal force, it will carry political weight which can eventually lead to national legislation in European Union countries.

    • Cybercriminals target the UK police force with ransomware [iophk: "Windows endangers whole countries, divest from proprietary software now; however, using Twitter in place of a public form of communication is stupid and probably illegal."]

      The organisation represents 119,000 police officers across England and Wales, and revealed it had been hit by ransomware in a statement on Twitter, complete with the thoroughly uncatchy #PFEWCyberAttack hashtag. The attack was reported on March 11, within the three days required under European law.



    • 'Critical' Denial-of-Service Bug Patched in Facebook Fizz
      A critical denial-of-service (DoS) vulnerability was found in Facebook Fizz, the social media giant's open source implementation of the Transport Layer Security (TLS) protocol, Semmle reports.



    • Facebook patches denial-of-service flaw in its open-source Fizz TLS implementation
      Facebook last month patched a critical denial-of-service vulnerability in Fizz, its open-source implementation for Transport Layer Security protocol TLS 1.3, researchers have reported.

      Unauthenticated remote attackers could exploit the flaw to create an “infinite loop,” causing the web service to be unavailable for other users and thus disrupting service, according to a March 19 blog post from Semmle, whose researcher Kevin Backhouse uncovered the issue.

      And because Facebook made Fizz’s source code available for public use last August, other web services can potentially be attacked this way as well if they fail to apply secure updates.


    • NSA Opts for Open-Source Sleuthing of Cyber Threats
      Cyber security is taking an open-source step forward with the National Security Agency's release of tools designed to reverse-engineer malware that holds people and companies hostage when their systems become infected.

      Unveiled at the recent RSA security conference in San Francisco, the NSA's Ghidra application for disassembling machine-instruction code covers a spectrum of operating systems and chip architectures for data centers and devices alike. By making the tool an open source kit, the Defense Department's top secret data intelligence agency is enlisting private developers to help it fight cyber crime.


    • Coalfire Labs Develops Open Source Password Cracking Tool
      Coalfire, a trusted provider of cybersecurity advisory and assessment services, announced today that the Coalfire Labs Research and Development (R&D) team released NPK, an open source tool that provides unprecedented password cracking capabilities to break the security surrounding hashed passwords.

      The distributed hash-cracking platform is built entirely of serverless components in Amazon Web Services (AWS) including Cognito, DynamoDB, and S3. It leverages the exceptionally powerful GPU instances in AWS to bring staggering hash cracking performance to a price tier in reach of a weekend tinkerer. It was designed for easy deployment and flexible usage.


    • Nitrokey Fido U2F Review & Rating
      The Nitrokey Fido U2F security key delivers two-factor authentication for the most popular sites on the web, and does so with impressive open-source bona fides.


    • Mozilla Releases Firefox 66.0.1 to Patch Two Critical Security Vulnerabilities
      Mozilla released the first point release to its latest Firefox 66 web browser to address two critical security vulnerabilities exposed during the Pwn2Own hacking contest event. Firefox 66.0.1 is now available, just a few days after the release of Firefox 66.0 earlier this week, to patch CVE-2019-9810 and CVE-2019-9813, two security vulnerabilities reported by Richard Zhu, Amat Cama, and Niklas Baumstark via Trend Micro's Zero Day Initiative.

      According to the security advisory published by Mozilla on March 22nd, CVE-2019-9810 describes a buffer overflow issue and missing bounds check flaw in the Firefox 66.0 release due to incorrect alias information in the IonMonkey JIT compiler for the Array.prototype.slice method
    • Ways to safeguard your privacy on the Net


    • Over 100,000 GitHub repos have leaked API or cryptographic keys


    • What Is Network Security? Types of Network Security - EC-Council Official Blog
      Over the past decade, the world has become more interconnected, with the advancement of new networking technologies. Similarly, our dependency on the Internet has reached an unimaginable level. A huge amount of personal, commercial, and confidential data is stored on either private or openly accessible networks. The significance of this intellectual data reflects the importance of network security in our lives. The probable threats to this data are sometimes not easy to detect or prevent. Conversely, the victims face a tough time in terms of time spent to recover the compromised data and money lost due to financial theft.



    • An Android Vulnerability Went Unfixed for Over Five Years


    • Meet the new generation of white hats
      The people who contribute and help maintain open source projects are pretty passionate about being proactive members of the community. They believe in helping to make the projects better and stronger for others to use. These discoveries have wide-reaching effects since open source projects easily find their way into large commercial products that depend on open source projects to help solve problems and add features that in-house developers would have to otherwise write themselves.

      Getting involved in finding vulnerabilities in open source projects can also be a great way for new researchers who are hoping to enter the security field can enhance their resume, which in turn will help them in the job hunt down the line.


    • 5 essential router security settings you need to check now
      The bad news: most people don’t give a second thought to their routers. This lack of know-how puts a lot of households in a dangerous position. The United States Computer Emergency Readiness Team (US-CERT) has issued an alert about Russian state-supported hackers carrying out attacks against a large number of home routers in the U.S.



    • Thousands of security flaws found on UK government websites

      Of the 3220 domain names registered under the .gov.uk domain ending – encompassing everything from central government departments to local and district councils – 524 have unpatched vulnerabilities. In total, the 524 insecure websites, including the National Archives, the Scottish prosecution service and the Health and Safety Executive, have about 7200 vulnerabilities between them.



    • [Windows] Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’ [iophk: "those who signed off on deploying Windows in a production environment need to be brought to justice;"]

      On the day of the attack, some of the companies’ Windows computers were hit with a blue screen error and their files encrypted, said the current employee, who asked to remain anonymous as they were not authorized to speak to the press.





  • Defence/Aggression



    • American History for Truthdiggers: A Cruel, Costly and Anxious 'Cold' War
      Nothing is inevitable. Not war, not peace. Those writers and politicians who tell readers or constituents otherwise are selling snake oil. So it is, oftentimes, with proclamations about the Cold War. Americans have been taught, programmed even, to believe that a permanently bellicose nuclear standoff with the Soviet Union was inescapable—such was the diabolical nature of global communism. There were no alternatives, we have been told, to a firm military response to Soviet aggression in the wake of World War II. This myth of inevitability served, and serves, a vital purpose. That purpose is to explain the seemingly unexplainable: how Soviet Russia, America’s valued ally in World War II, so quickly transformed, almost overnight, into a national boogeyman. You’re not supposed to ask tough questions or draw nuanced conclusions; to wit: Weren’t the U.S. and the Soviet Union ideological enemies long before they were allies (of convenience)? And, couldn’t different American policies have assuaged Soviet fears and lessened the atmosphere of tense standoff after 1945? To answer yes to either, of course, is to commit national heresy, but honest history demands that the scholar and student do exactly that.



    • Pilots trained for Boeing’s 737 Max airplane with “an iPad lesson for an hour”
      US pilots got an extra hour or two of training to prepare to use Boeing’s new 737 Max 8 aircraft, which has been involved in two deadly crashes in less than six months.

      The first crash involved a Lion Air flight in Indonesia that plunged into the sea soon after takeoff in October last year, killing all 189 on board. A week ago, an Ethiopian Airlines flight crashed six minutes after taking off, killing 157 people. After the second crash, China grounded the aircraft, and was quickly followed by other nations. The US Federal Aviation Administration initially allowed airlines in the US to keep flying the plane, but on Wednesday (March 13) grounded both the Max 8 and Max 9 models, citing refined satellite data and “physical evidence” found at the scene that showed similarities between the two crashes.

      The aircraft was developed to include changes to the flight control system that would sharply pitch the plane’s nose down if the onboard computer sensed an imminent stall. The system, known as the Maneuvering Characteristics Augmentation System, or MCAS, was incorporated because the plane has larger engines placed further forward on the craft, and so has a chance of facing a stall at lower speeds than earlier 737 variations. In the Lion Air flight, pilots appeared to be fighting against the system before the aircraft crashed, according to the preliminary accident report.


    • Pentagon Spending Is a Poor Job Creator
      The Trump administration touts weapons spending as the best way to bolster the American economy. It’s not.




  • Transparency/Investigative Reporting



    • Amid Assange’s ongoing censorship, all leftists must learn from Ecuador’s hostile takeover
      Chilean journalist Patricio Mery Bell made the documentary La Traición Cuántica (‘The Quantum Betrayal’). It sets out to convey the cynicism of current Ecuadorian president Lenín Moreno. Politicians who break campaign promises may be very common, but Moreno’s case really is stunning.

      Imagine Jeremy Corbyn, the day after he takes office in the UK, announcing that the Conservative Party manifesto is what he had really supported all his life. That would approximate what Moreno pulled off in Ecuador.


    • The Wiki effect on governance? Democracy in the pawnshop
      When the WikiLeaks papers were published some years ago, senior US officials urged the exposed governments to take evasive action. What could anybody do? There was turbulence across the world, though India took the revelations mostly below the radar, and the matter was more or less forgotten. Also, not everything was published, given the self-censorship the corporate media exercises selectively.

      Next month, and in May, India is going to have its crucial general elections. The Assange revelations, though not too recent, remain relevant, and they curiously offer a glimpse of how the stage may be set for both sides, away from public scrutiny. The cables importantly give a flavour of things that people are not generally told.


    • WikiLeaks probe: supporters say Chelsea Manning in 'solitary confinement'
      Chelsea Manning, the anti-secrecy campaigner who was jailed for refusing to testify to a grand jury investigating WikiLeaks, has been held in solitary confinement for over two weeks, supporters said on Saturday.

      Since being sent to a detention centre in Alexandria, Virginia earlier this month, "Chelsea has been placed in administrative segregation ... a term designed to sound less cruel than 'solitary confinement,'" the Chelsea Resists group said.

      "However, Chelsea has been kept in her cell for 22 hours a day.

      "Chelsea can't be out of her cell while any other prisoners are out, so she cannot talk to other people, or visit the law library, and has no access to books or reading material. She has not been outside for 16 days," they added.




  • Environment/Energy/Wildlife/Nature



    • Hurricanes to Deliver a Bigger Punch to Coasts
      When tropical cyclone Idai made landfall near Beira, Mozambique on March 14, a spokesperson for the UN World Meteorological Organization called it possibly the the worst weather-related disaster to hit the southern hemisphere.

      This massive and horrifying storm caused catastrophic flooding and widespread destruction of buildings and roads in Mozambique, Zimbabwe and Malawi. Mozambique’s President Filipe Nyusi feared the death toll might rise to more than 1,000 people.

      Cyclones, also known as hurricanes or typhoons, are intense wind storms that can take thousands of lives and cause billions of dollars in damage. They generate large ocean waves and raise water levels by creating a storm surge. The combined effects cause coastal erosion, flooding and damage to anything in its path.






  • Finance

    • [Older] Activision Blizzard to lay off nearly 800 employees after ‘record results in 2018’


    • Pinterest files for IPO, but avoids calling itself a social network

      The latest Silicon Valley company to file for an initial public offering is Pinterest, the San Francisco-based social network and image board that in recent years has built a large advertising and commerce business from its growing user base. The company, although it is still not profitable, says it earned more than $750 million in revenue last year, and it’s cut its losses from nearly $200 million in 2016 down to just under $75 million annually. Pinterest says it was in fact profitable in the fourth quarter of 2018, but not profitable enough to get out of the red for the full calendar year.

      The company, headed up by original co-founder and CEO Ben Silbermann, plans to go public on the New York Stock Exchange. [...]





  • AstroTurf/Lobbying/Politics



    • The Trump Investigations Are Far From Over
      Politics, punditry and human nature being as they are, the late-Friday news that special prosecutor Robert Mueller’s final report has been transmitted to the Attorney General (and will be described in summary form to Congress very soon) has spurred a frenzy of speculation, and the first of many leaks (credible and otherwise). The most prominent detail is that Mueller isn’t recommending any additional indictments in his probe of possible collusion with Russia by the Trump campaign or obstruction of justice by the president himself.

      If that is true, you can be sure that the president and his allies will gloat that even Robert Mueller admits that his investigation was a witch hunt producing nothing but fresh evidence that the president has been unjustly persecuted by rogue elements in the FBI and the Justice Department.
    • The DCCC’s Undemocratic Decision
      On Friday, the Democratic Congressional Campaign Committee, House Democrats’ campaign arm, announced that it will refuse to do business with vendors or consultants who support Democrats attempting to primary incumbent Democrats in blue districts. Firms that contract with the DCCC learned of its decision via a list of new hiring standards sent out Friday morning. “The core mission of the DCCC is electing House Democrats, which includes supporting and protecting incumbents,” the form reads. “To that end, the DCCC will not conduct business with, nor recommend to any of its targeted campaigns, any consultant that works with an opponent of a sitting Member of the House Democratic Caucus.”

      The most generous read of the DCCC’s decision is that it represents ordinary, nonideological professional cowardice. Anyone given the opportunity to create barriers for people who would compete with them for their jobs would likely do so, especially if it were possible to tuck their efforts away in an innocuous-looking form. A more ideological read would hold that the DCCC continues to be frustrated by the success of leftward congressional challengers such as Rep. Alexandria Ocasio-Cortez (D-N.Y.), who successfully “primaried” then-Democratic caucus chair Joseph Crowley, and hopes to nip the campaigns of these progressive challengers in the bud.

      The DCCC’s move to undercut primary challengers comes at a particularly ironic moment for the Democrats: 2020 candidates such as Pete Buttigieg and Elizabeth Warren have advanced the idea of abolishing the electoral college in order to empower the popular vote; meanwhile, Andrew Gillum has launched a massive voter registration drive in Florida; and Georgia’s Stacey Abrams is pushing back against voter suppression in her state. It would be fair to characterize the 2020 Democratic message as primarily centering on the importance of democracy itself, with due focus on enacting the will of the people.

      And that makes sense. Globally, thinkers in democratic countries have begun voicing concerns about the rise of strongman authoritarianism and the decline of democratic values. Democrats have led America’s contribution to this international defense of democracy, comparing Trump to the anti-democratic, illiberal leaders he praises: Kim Jong Un of North Korea, Rodrigo Duterte of the Philippines.

    • Hannity and Maddow: Across the Street but Worlds Apart
      For Sean Hannity, the “witch hunt” was finally over. Rachel Maddow considered it the start of something.

      The diametrically opposed opinion hosts, who vie for the distinction of the most popular in cable news, were the windows through which many Americans digested Friday’s news that special counsel Robert Mueller had concluded a nearly two-year investigation into Russian involvement in the 2016 election. While his report, or even a summary, has not been released, television news still had hours to fill talking about it.

      Fox News Channel’s Hannity, a close Trump ally, focused on reports there will be no additional indictments from Mueller.

      “The left’s favorite conspiracy theory is now dead,” Hannity said. “It is buried, and there was no collusion, no conspiracy, no obstruction. The witch hunt is over and there will be no further charges.”
    • Everyone Washington Supports, by Definition, Is a Moderate Centrist
      The Trump administration seems to have found their man in National Assembly leader and self-appointed president of Venezuela Juan Guaidó. Guaidó has been extremely attentive to US interests, promising to allow US oil companies to increase their activity in Venezuela. He has also pledged mass privatizations and harsh rounds of austerity, as FAIR contributor Ben Norton reported (Mint Press News, 1/24/19). Having met with and secured the support of the Trump administration before he acted, the previously unknown 35-year-old emerged as a prominent opponent of the leftist government, championed by right-wing nations in the region keen to see the end of President Nicolás Maduro’s administration.

      Despite this, or rather precisely because of it, the media are presenting Guaidó not as a conservative (or further still to the right), but as a centrist social democrat who can unite a fractured nation. CBC (1/23/19) and Forbes (1/24/19) both described him as a “centrist social democrat,” the former adding that he is also an activist and a “salsa-loving baseball fan.” Others went further, claiming that he and his party are “center left” (Reuters, 1/24/19) or even “socialist” (London Independent, 1/24/19). The New York Times (3/4/19) claimed, more broadly, that Gauidó had “captured the heart of the nation” and that “a vast majority of Venezuelans support him.”

      In reality, Guiadó’s Popular Will party has always represented the most radical right-wing elements of the Venezuelan opposition, perhaps the reason that Fox Business’ Trish Reagan (1/29/19) eagerly endorsed him as a “freedom fighter leading his country to democracy” amid “massive cheers from the people.” Popular Will has consistently favored confrontation and violence over negotiation; a recent opposition plan to amass an army of 200 soldiers to shoot their way across the border to bring Guaidó back into Venezuela after an overseas tour was only stopped by a panicked Colombian government, according to Bloomberg (3/6/19).
    • 'Put It To the People': One Million+ March in UK to Demand Brexit Rethink
      With the right-wing U.K. government of Prime Minister Theresa May under fire for the chaos unleashed by failed Brexit negotiations—and a final deadline swiftly approaching—more than a million people took to the streets of London and other cities on Saturday as part of "People's Vote" demonstrations demanding a new referendum on whether or not the country should leave the European Union.

      According to the Independent: the estimate of over one million demonstrators, "provided by the People's Vote UK, would make it the biggest march to be held in the UK since the Iraq War protest in 2003."
    • Mass Protest Vowed If Demand for Public Release of Mueller Report Not Met
      Democratic lawmakers are demanding the full contents of the report submitted by Special Counsel Robert Mueller to the Department of Justice on Friday be released to the public and progressive groups are vowing massive protests if the DOJ or the Trump administration do anything to hinder its disclosure.

      "It is absolutely critical that Attorney General William Barr makes special counsel Robert Mueller's report public in its entirety," declared MoveOn on Saturday as it urged people to sign a pledge for action. "There are over 500 events being planned if Barr covers up for Trump or if the Trump administration otherwise prevents the investigation from serving its public mission."

      Following Mueller's submission of the report on Friday, Barr said he would review its contents and report back to key congressional lawmakers as early as this weekend.
    • On Cherry-Blossom and Conflict-of-Interest Motifs: The Tacky, Relentless Selling of America
      While we await the Mueller findings, Trump is greedily hustling to squeeze every cent he can from hard-pressed taxpayers before - please please - prison or impeachment calls. Hence the new line of crap from his Trump Store, released last week for spring: A cherry-blossom-themed mess of mugs, shirts, soap et al "inspired" by Trump's D.C. Hotel that goes one step further into bizarre, grandiose hucksterism by plastering the name "Trump Hotels" and "Trump Washington D.C." over images of the White House and other Capitol buildings, evidently in hopes of convincing us the White House is a Trump Hotel and America is him. And yes: Not just tawdry, but illegal.

      The collection includes a long-sleeve shirt ($45), jumbo mug ($16) and soap set ($22) featuring both blatant lies - the soap reads "Trump Hotels" over an outline of the White House - and slimy, truth-fudging misrepresentation like the moniker "Trump Washington D.C." over the hotel and "our capital’s landmarks and iconic flora." Presumably, given the site also separately lists "Made in the USA" items, the blossomy stuff is all made in China. Responses on social media were mixed: One commenter said he's waiting for an I-never-cared-for-McCain mug, while #Kavanaugh's Beer noted, "I'm a beer and I understand the emoluments clause better than this guy."

      In other how-else-can-we-rip-off America news, a leaked recording has exposed oil and gas executives giddily boasting about their newly unprecedented presidential access - it's "worked out well"; the Republican National Committee just spent another $1,085.60 at Trump's D.C. hotel, bringing its total spending there to $404,077.57 since 2017; campaign filings show Trump has charged his own reelection campaign $1.3 million for rent, food, lodging and other expenses since taking office - $1.3 million of donor money that went straight into his slimy pocket - and, because grifters gonna grift, on Friday the Palm Beach County GOP held their annual Lincoln Day Dinner at - yes! - Mar-a-Lago.

    • Nationalism is trending, and Trump isn't doing anything about it [Ed: False. Trump does a lot to PROMOTE it. That's where his "base" comes from; that's also how he distracts from his endless corruption.]




  • Censorship/Free Speech

    • In China, 'Fortnite' Penalizes Minors for Playing Too Much

      But those games have to comply with Chinese laws, which means that anyone under the age of 18 is subject to restrictions such as those in Fortnite. Gamers in China have to register with the government to prove they’re not underage. Gaming addiction has been one of Chinese President Xi Jinping’s areas of social concern, even claiming that too much gaming has led to an epidemic of myopia among China’s children.



    • Google Unlocked Aims to ‘Uncensor’ Google Search Results

      Google Unlocked is a new extension for Chrome and Opera that attempts to 'uncensor' Google search results affected by DMCA notices. While it tends to work as advertised overall, it suffers from - surprise, surprise - an inability to distinguish between infringing and non-infringing URLs.



    • Google Stadia wants creators to play with fans, but could leave them vulnerable
      Google wants its upcoming game-streaming service, Stadia, to up the ante for live-streamed games on YouTube, but Google didn’t address the many ways its system could lead to harassment, demonetization, and other problems for creators





  • Privacy/Surveillance



    • Criminal Suspects Deserve Genetic Privacy, Too
      Almost a year ago, police apprehended Joseph DeAngelo—dubbed the Golden State Killer—for more than a dozen murders and 50 rapes committed in the 1970s and ’80s. His arrest was thanks to the advent of open-source DNA databases, which allowed law enforcement to match his DNA to that of a family member who had submitted their own genetic information for genealogical purposes. While this technology clearly helped bring DeAngelo to justice, it has raised a Pandora’s box of privacy concerns. One in particular has been largely neglected thus far by both policy advocates and the media.

      DNA testing, once an expensive technology, is now so inexpensive that approximately 26 million people have taken advantage of it. With sites like Ancestry.com and 23andMe, you can easily submit samples of your DNA and receive information about your family history and health. Both sites allow individuals to obtain raw DNA data files, which they can then upload to an open-source database like GEDmatch in order to connect them to distant family members. While the files are supposedly anonymous, one study found that an outside individual could identify an “anonymous” set of data using GEDmatch in just one day.
    • Amazon's Rekognition software lets cops track faces: Here's what you need to know
      Amazon Rekognition is the company's effort to create software that can identify anything it's looking at -- most notably faces.

      Business organizations and, yes, law enforcement agencies are already licensing that software for their own use. That means that you don't need to use Facebook or buy a face-scanning iPhone or a fancy video doorbell from Google-owned Nest or Amazon-owned Ring in order for facial recognition to be a part of your everyday life. With Rekognition, maybe it already is.


    • NSA Opens More of its ‘Hot Tech’ to Private Sector
      The agency’s Technology Transfer Program (TTP) recently added several new patents to its TTP portfolio, through which industry and entrepreneurs can license the patents for further innovation. But this year, NSA is framing its offering as a list of “hot technologies” available for licensing, in an apparent effort to spur further participation.

      Licensing a TTP patent can help a company attract funding, hire new people, and look to increase its market share. The NSA, for its part, gets its piece of the licensing pie while allowing private-sector innovation to improve on the technologies.


    • Facebook staff had access to hundreds of millions of people's passwords

      This time, the company acknowledges that it mishandled sensitive passwords for hundreds of millions of its users, primarily those who use its Facebook Lite product. The disclosure casts doubt on the company's abilities to protect its users' information as it focuses more on privacy.

      On Thursday, Facebook (FB) said it didn't properly mask the passwords of hundreds of millions of its users and stored them as plain text in an internal database that could be accessed by its staff.



    • Facebook Stored Millions Of User Passwords In Plain, Readable Text

      Unknown to hundreds of millions of Facebook users, their passwords were sitting in plain text inside the company's data storage, leaving them vulnerable to potential employee misuse and cyberattack for years.



    • Secret Emails Allegedly Show Facebook Knew About Cambridge Analytica Scandal Earlier Than Admitted

      Facebook and the attorney general are in court Friday to argue whether those emails can be viewed by the public. If unsealed, their contents might contradict sworn testimony Zuckerberg made before Congress last year. It’s part of a lawsuit filed by D.C. Attorney General Karl Racine, accusing Facebook of failing to protect user data.



    • Secret emails show Facebook knew about Cambridge Analytica earlier than they've said, DC AG claims

      The Beast reports late Friday that Facebook and the attorney general of Washington, D.C. “are sparring over an internal email chain that allegedly shows Facebook employees discussing Cambridge Analytica data harvesting scandal in September 2015.”

      That would have been a few months before Facebook told lawmakers--and the rest of America-- it learned that Cambridge Analytica, the dirty political data consulting firm founded by Trump backers, was grabbing information for millions of Facebook users without their knowledge or consent.



    • Facebook Is Accused of Knowing Cambridge Mined Its User Data

      At least three states are investigating the Menlo Park, California-based company’s user data-protection practices, as is a federal grand jury in New York. The U.S. Federal Trade Commission is investigating Facebook for its role in the Cambridge Analytica saga. On Thursday, the agency announced a broader probe of tech company data collection practices. Also on Thursday, Racine said he was unveiling legislation to bolster legal protections for the personal data of district residents.



    • Facebook knew about Cambridge Analytica earlier than thought

      It's just over a year ago that the Cambridge Analytica scandal fully blew up, and Facebook will have been hoping it would have gone away by now. Given that the company was forced to deny a 2016 meeting Wylie just a few days ago, it looks like this story has no plans of dying any time soon.



    • Finland to investigate Nokia-branded phones after data breach report

      Norwegian public broadcaster NRK reported on Thursday a data breach related to the Nokia 7 Plus model, built by HMD. It said the company had “admitted that an unspecified number of Nokia 7 Plus phones had sent data to the Chinese server.”

      Nokia, which receives royalties from HMD but has no direct investment in the firm, declined to comment.



    • Valve Software dreams of analyzing your brainwaves to tailor in-game rewards

      But one suggestion in particular raised our alarms: adjusting virtual goodies in a game on the fly. "We can figure out what kinds of rewards you like, and the kinds you don't," Ambinder suggested, potentially based on the physiological responses a player might have from getting loot. He didn't talk to the very severe privacy implications of this feedback loop, however, nor about the abuse potential for having a game pump players with loot-driven endorphins at the moment they might start getting bored. (Slot machine and loot box mechanics are already decried for artificially toying with player expectations to hook them longer.)





  • Civil Rights/Policing



    • Saudi Arabia and Iran share a mutual disdain for women who speak up


      Kate Maltby writes that Saudi Arabia and Iran, despite their deep political divisions, share one thing in common: a repression of feminists fighting for equality -- and the United States would do well to address this injustice.


    • Trump Signs Broad Executive Order [iophk: "the US does not have a monarchy (yet); does his office even have the authority to directly address this?"]

      President Trump on Thursday delivered on his promise of an executive order that would hold colleges that receive federal research funding accountable for protecting free speech.

      However, his bombastic rhetoric in a White House East Room ceremony wasn't matched by the modest language of the order.



    • Donald Trump’s Rhetoric Is No Longer Just Silly And Offensive: It's Dangerous And Undemocratic

      In repeating the mantra of fake news again and again, Trump is very much trying to mislead the public. His efforts at deception, however, go well beyond discrediting journalists and news outlets that are critical of him. Last week, we learned that Trump was actively engaged in efforts to influence the public statements and congressional testimonies of those in his employ. He has critiqued not only journalists, but also the speech of comedians who are critical of him as well Saturday Night Live. He has threatened to tighten libel laws and go after networks he does not like. All of this is dangerous and deeply undemocratic. So, it was shocking when at CPAC last week, the president talked about the need to protect free speech on campuses. No modern president has done more to threaten both free speech and a free and independent press than Donald Trump.



    • Trump Signs Executive Order Tying Grant Money to Free Speech

      It’s yet unclear how the order will be implemented and whether it will be used to cut off research funding to institutions found lacking in their free speech protections. Trump had announced the possibility of such an action in a speech on March 2.





  • Intellectual Monopolies



    • Tesla sues former employees, Zoox for alleged trade secret theft
      Tesla has filed a pair of lawsuits against a handful of former employees who went to work at self-driving vehicle startup Zoox and Chinese EV automaker Xiaopeng.

      The separate lawsuits filed late Wednesday allege former Tesla employees stole trade secrets and used them at their new places of employment. Tesla declined to comment on either lawsuit.


    • Tesla lawsuits target former employees over alleged trade-secret theft


    • Tesla sues self-driving startup Zoox and former employees for alleged trade secret theft
      The Silicon Valley automaker claims that four former employees stole “proprietary information and trade secrets to help Zoox leapfrog past years of work needed to develop and run its own warehousing, logistics, and inventory control operations.”

      [...]

      Tesla says the four former employees who went to Zoox — Scott Turner, Sydney Cooper, Christian Dement, and Craigh Emigh — “absconded with select proprietary Tesla documents useful to their new employer,” and that at least one used confidential information to poach other employees. Tesla says the group’s alleged theft was “blatant and intentional.”



    • Jotwell Review of Frakes & Wasserman's Irrational Ignorance at the Patent Office
      I've previously recommended subscribing to Jotwell to keep up with interesting recent IP scholarship, but for anyone who doesn't, my latest Jotwell post highlighted a terrific forthcoming article by Michael Frakes and Melissa Wasserman.


    • Irrational Ignorance at the Patent Office
      There is widespread belief that the Patent Office issues too many bad patents that impose significant harms on society. At first glance, the solution to the patent quality crisis seems straightforward: give patent examiners more time to review applications so they grant patents only to those inventions that deserve them. Yet the answer to the harms of invalid patents may not be that easy. It is possible that the Patent Office is, as Mark Lemley famously wrote, “rationally ignorant.” In Rational Ignorance at the Patent Office, Lemley argued that because so few patents are economically significant, it makes sense to rely upon litigation to make detailed validity determinations in those rare cases rather than increase the expenses associated with conducting a more thorough review of all patent applications. He supported his thesis with a cost-benefit calculation in which he concluded that the costs of giving examiners more time outweighs the benefits of doing so.

      Given the import of the rational ignorance concept to the debate on how best to address bad patents, the time is ripe to revisit this discussion. This Article seeks to conduct a similar cost-benefit analysis to the one that Lemley attempted nearly fifteen years ago. In doing so, we employ new and rich sources of data along with sophisticated empirical techniques to form novel, empirically driven estimates of the relationships that Lemley was forced, given the dearth of empirical evidence at his time, to assume in his own analysis. Armed with these new estimates, this Article demonstrates that the savings in future litigation and prosecution expenses associated with giving examiners additional time per application more than outweigh the costs of increasing examiner time allocations. Thus, we conclude the opposite of Lemley: society would be better off investing more resources in the Agency to improve patent quality than relying upon ex-post litigation to weed out invalid patents. Given its current level of resources, the Patent Office is not being “rationally ignorant” but, instead, irrationally ignorant.


    • SHOULD PATENT EXAMINERS GET MORE TIME?


    • Copyrights



      • On the #uploadfilter problem
        The copyright holders in europe are pushing hard mandate upload filters for internet. We have been here before - when they outlawed circumventing DRM. Both have roots in the same problem. The copyright holders look at computers and see bad things happening to their revenue. They come to IT companies and say "FIX IT". It industry comes back and says.. "We cant.. making data impossible to copy is like trying to make water not wet!". But we fail at convincing copyright holders in how perfect DRM or upload filter is not possible. Then copyright holders go to law makers and ask them in turn to fix it.


      • Pirate IPTV: Police Across Europe Carry Out ‘Largest Ever’ Operation

        In conjunction with Europol, police forces in Spain, UK, and Denmark, have carried out what is being described as the "largest ever" operation against a pirate IPTV network. Five people have been arrested, accused of crimes including IP violations, fraud, and money laundering.









Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
 
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day