Bonum Certa Men Certa

Links 9/7/2019: GNU Linux-libre 5.2, Kaidan 0.4.0



  • GNU/Linux

    • Desktop

      • How User Revolts Shaped the Linux Desktop

        The user revolts against KDE 4, Gnome 3, and Unity have left desktop Linux developers with a fear of innovation, exactly when that’s what’s needed.

        Between 2008 and 2011, KDE, Ubuntu, and Gnome all released radically new interfaces. The mediocre reception received by all three has left developers so cautious that innovation on Linux desktop environments has been curtailed, except for minor changes. Yet innovation on the desktop is long overdue.

        Before this brief era, Linux DEs were focused on equaling the functionality of their proprietary equivalents. However, by 2005 this goal had been realized and developers had begun discussing what should come next. Particularly among KDE developers, the feeling was that Linux DEs had the chance to become pacesetters in interface design.

      • Test 200+ Linux And Unix Operating Systems Online For Free

        A while ago we have covered about OSBoxes, a website that offers a collection of free, ready-to-use Linux and Unix VMs. You can download and try them on your Linux system using VirtualBox or VMWare workstation. Today, I stumbled upon a similar service named “DistroTest”. Unlike OSBoxes, DistroTest allows you to try the live Linux and Unix operating systems for free. You can test 200+ Linux and Unix operating systems online without having to install them locally. Just visit the website, choose the Linux/Unix distro of your choice and fire it up!

        Two good Samaritans named Klemann Andy and Forster Tobias have hosted this web service on Debian using Qemu. There is no restrictions to use the public distros listed here. You can use all functions of the system as the way you do in your local system. You can install and uninstall software.

      • Linux Vs Windows: Which Is The Best OS For Data Scientists? [Ed: Technically weak article with glaring factual errors]

        Linux has many software choices when it comes to doing a specific task compared to Windows. One could search for a text editor on Freshmeat and get a number of results. Software on Linux comes with more features and greater usability than software on Windows.

    • Server

      • Happy 20th Birthday SAP Linux Lab!

        1999 marks the year SAP solutions were deployed on Linux for the first time. To ensure joint support between SAP, server vendors and Linux distributors like SUSE, SAP established the Linux Lab. Over the years many, many projects were successfully concluded, starting with porting SAP R/3 to IBM zSeries or IBM pSeries, to supporting SAP’s Next-Generation in-memory database HANA, to delivering Data Hub and HANA via Containers to customers.

      • IBM

        • Deliver open hybrid cloud’s value with simple, customer-centric strategies

          More and more enterprises are evaluating hybrid cloud architectures to support their operations, but they have questions about integrating public clouds with their existing private clouds. Ranga Rangachari, vice president and general manager of storage and hyperconverged infrastructure at Red Hat, spoke with SiliconANGLE’s show theCUBE at the recent Google Cloud Next ‘19 event to dig into what hybrid cloud means for customers, Red Hat, and the broader ecosystem. The interview covered open hybrid cloud adoption, today’s customer priorities, and the power of the ecosystem to solve customer problems today and into the future.

        • 10 tips for reviewing code you don’t like

          As a frequent contributor to open source projects (both within and beyond Red Hat), I find one of the most common time-wasters is dealing with code reviews of my submitted code that are negative or obstructive and yet essentially subjective or argumentative in nature. I see this most often when submitting to projects where the maintainer doesn’t like the change, for whatever reason. In the best case, this kind of code review strategy can lead to time wasted in pointless debates; at worst, it actively discourages contribution and diversity in a project and creates an environment that is hostile and elitist.

          A code review should be objective and concise and should deal in certainties whenever possible. It’s not a political or emotional argument; it’s a technical one, and the goal should always be to move forward and elevate the project and its participants. A change submission should always be evaluated on the merits of the submission, not on one’s opinion of the submitter.

        • The case for making the transition from sysadmin to DevOps engineer

          The year is 2019, and DevOps is the hot topic. The day of the system administrator (sysadmin) has gone the way of mainframes if you will—but really, has it? The landscape has shifted as it so often does in technology. There is now this thing called DevOps, which can’t exist without Ops.

          I considered myself on the Ops side of the aisle prior to the evolution of DevOps as we know today. As a system administrator or engineer, it feels like you are stuck in a time warp, with a small tinge of fear because what you knew and must learn varies greatly, and is now much more time-sensitive than you might have anticipated.

    • Audiocasts/Shows

    • Kernel Space

      • [Sparky] Linux kernel 5.2

        The first release of Linux kernel of the new 5.2 line just landed in Sparky “unstable” repository.

      • Linux 5.2 Released : Update Linux Kernel In Ubuntu

        There are multiple ways to update Linux Kernel in Ubuntu and Ubuntu based operating systems.

      • Linux 5.2 And Debian 10 “buster” Released For Linux Enthusiasts

        Kernel 5.2 also continues to add more speculative execution bug fixes for Intel CPUs. There are new GPU drivers as well for ARM Mali devices.

        Apart from these changes, kernel 5.2 comes with the usual bug fixes for different drivers, better hardware support for new and older hardware, and better display performance.

      • Kernel 5.2 Is Out, Tutanota Launches a Fully Encrypted Calendar, ISPA UK Announces Internet Hero and Villain Nominations, Tesla to Start Providing a Free Self-Driving Chip, and System76's Thelio Desktop Now Available with Third-Gen AMD Rizen Processors

        Kernel 5.2 has been released. Linus Torvalds writes, "...there really doesn't seem to be any reason for another rc, since it's been very quiet. Yes, I had a few pull requests since rc7, but they were all small, and I had many more that are for the upcoming merge window. Part of it may be due to the July 4th week, of course, but whatever - I'll take the quiet week as a good sign."

      • Linux Kernel 5.2 Released, This is What’s New

        Arriving pretty much bang on schedule, the Linux kernel 5.2 release was announced to the world with little of Linus Torvalds’ usual fanfare.

        Instead, the Linux founder opted for a quiet introduction when announcing the update on the Linux Kernel Mailing List.

        He writes: “…despite a fairly late core revert, I don’t see any real reason for another week of rc, and so we have a v5.2 with the normal release timing”.

        Each and every update to the Linux kernel, be it big or small, brings a stack of welcome improvements, drivers, hardware support, graphics compatibility and more. Linux Kernel 5.2, dubbed the “Bobtail Squid” (blame Linus’ scuba diving hobby the moniker), is no exception.

      • Double delight for Linux lovers as kernel 5.2 and Debian 10 debut

        The weekend has given Linux users two big new releases to contemplate!

        Those who like new cuts of the kernel have version 5.2 to consider. Linus Torvalds signed it off on Monday, Australian time.

        The biggest feature in 5.2 is probably support for Intel’s forthcoming Comet Lake architecture, which will power the tenth generation of its Core desktop and mobile CPUs due. The new silicon is due to ship late in 2019 and appear in products early the next year. Linux 5.2 also includes many tweaks that improve its performance on laptops.

        The kernel also now supports a handful of extra ARM-powered single-board computers.

        The other big new release is Debian 10 “Buster”, which officially debuted on Sunday 7 July, Australian time. But this cut of Debian had actually already been available since 25 June as part of the new version of Raspbian OS, the Raspberry Pi Foundation’s preferred OS for its single board computers.

        The Foundation described Buster as offering “no huge differences” compared to its predecessor. “In a sad reflection of the way the world is nowadays, most of the differences are security changes designed to make Buster harder to hack,” wrote Simon Long, a senior principal software engineer at the Pi Foundation.

      • Microsoft admitted to private Linux developer security list [Ed: Little by little, Microsoft seizes greater control over its competition]

        Most open-source development work, like the name says, is done in the open. The exception is the first stages of security work. Unpatched security holes, however, are discussed and fixed behind closed doors. Now, Microsoft has been admitted to the closed linux-distro list.

        Microsoft wanted in because, while Windows sure isn't Linux, the company is, in fact, a Linux distributor. Sasha Levin, a Microsoft Linux kernel developer, pointed out Microsoft has several distro-like builds -- which are not derivative of an existing distribution -- that are based on open-source components.

      • Confirmed: Microsoft Will Join The Private Linux Kernel Mailing List [Ed: Swapnil became a Microsoft propagandist. A few paragraphs down he repeats marketing points of the company.]

        However, it wasn’t all praise. Levin had to prove to the community whether it qualifies to join the list or not. After a long and quite intensive discussion, it all but certain that Microsoft will be accepted into the mailing list, possibly, by the end of this week.

      • 64-Bit ARM Changes Already Sent In For The Linux 5.3 Kernel

        Due to summer holidays, the 64-bit ARM (AArch64/ARM64) architecture changes were already sent in days ago for the Linux 5.3 kernel merge window.

      • There's A Kernel Subsystem Being Dropped In Linux 5.3 As Easier To Start Over Than Fix

        The GPIO updates for the newly-opened Linux 5.3 kernel merge window is dropping the FMC subsystem as they deem it easier to re-start from scratch writing that code than to try to repair it, or "start over using the proper kernel subsystems than try to polish the rust shiny." Funny enough, this code is being used by the CERN's well known Large Hadron Collider.

        After talking about it for months on the kernel mailing list, the Linux 5.3 kernel is set to delete the FMC bus subsystem that was developed by CERN and others for the past roughly seven years. FMC is for supporting the FPGA Mezzanine Card specification for modules connecting FPGAs and other devices with I/O. The FMC subsystem code works and is even used by CERN's LHC particle accelerator, but continued work on the FMC kernel code has revealed architectural faults.

      • Jailhouse 0.11 released
        Long time, no release: Version 0.11 is finally available. Several last-minute
        issues delayed this, though that's not a real excuse for having so many months
        since the last one. Time-wise, this should have been two releases.
        Changeset-wise, we are in the same dimension as usual: 140 commits, 185 files
        changed, 4057 insertions, 1437 deletions.
        
        

      • Jailhouse 0.11 Hypervisor Brings New CPU Support, Spectre V2 Mitigation For ARM

        The past several years Siemens and others have been working on Jailhouse as a Linux-based partitioning hypervisor for bare metal appliances. Their previous release was all the way back during last year's Oktoberfest and now with construction for this year's fest kicking off at the wiesn, the developers happen to be releasing their next version of Jailhouse.

        New CPU/target support with Jailhouse0 .11 include the Marvell MACCHIATObin, Xilinx Ultra96, Microsys miriac SBC-LS1046A, and Texas Instruments AM654 IDK.

      • GNU Linux-libre 5.2-gnu
        GNU Linux-libre 5.2-gnu sources and tarballs are now available at
        http://www.fsfla.org/selibre/linux-libre/download/releases/5.2-gnu/.
        It didn't require any deblobbing changes since -rc7-gnu.  Binaries are
        on the way.
        
        

        The most relevant change in this release is Sound Open Firmware support: I had not realized the SOF files were Free Software in recent earlier releases, so the requests for these files were disabled in them. Only while cleaning up the new kernel module specifically devoted to SOF-supporting devices did I realize my mistake. I look forward to the day when assuming a firmware name is a blob is no longer a safe bet.

        Several new drivers required cleaning up due to blob loading: mt7615, rtw88, rtw8822b, rtw8822c, btmtksdio, iqs5xx, ishtp, and ucsi\_ccg. Cleaning up needed adjustments for microcode docs, ixp4xx, imx-sdma, amdgpu, nouveau, and goya. The r8822be driver was removed upstream, in favor of rtw8822[bc], so its cleaning code is also gone.

        I'm still undecided as to whether to backport the SOF changes to 5.1 and to the already EOLed 5.0 series. If there is interest, please let us know, or, if you feel adventurous, just use the 5.2 deblob-check, and, in deblob-5.[01], change:

        reject_firmware sound/soc/intel/common/sst-acpi.c

        to

        maybe_reject_firmware sound/soc/intel/common/sst-acpi.c

        and run it with --force, so that it ignores a potential complaint about sound/soc/intel/common/soc-acpi-intel-hda-match.c not changing. I have not tested this myself with the earlier releases, but I wouldn't be at all supriprised if this is all it takes.

        With failure or success, please let us know how it goes.

        For up-to-the-minute news, join us on #linux-libre of irc.gnu.org (Freenode), or follow me (@lxoliva) on Twister http://twister.net.co/, Secure Scuttlebutt, GNU social at social.libreplanet.org, Diaspora* at pod.libreplanetbr.org or pump.io at identi.ca. Check my web page (link in the signature) for direct links.

        Be Free! with GNU Linux-libre.

        What is GNU Linux-libre? ------------------------

        GNU Linux-libre is a Free version of the kernel Linux (see below), suitable for use with the GNU Operating System in 100% Free GNU/Linux-libre System Distributions. http://www.gnu.org/distros/

        It removes non-Free components from Linux, that are disguised as source code or distributed in separate files. It also disables run-time requests for non-Free components, shipped separately or as part of Linux, and documentation pointing to them, so as to avoid (Free-)baiting users into the trap of non-Free Software. http://www.fsfla.org/anuncio/2010-11-Linux-2.6.36-libre-debait

        Linux-libre started within the gNewSense GNU/Linux distribution. It was later adopted by Jeff Moe, who coined its name, and in 2008 it became a project maintained by FSF Latin America. In 2012, it became part of the GNU Project.

        The GNU Linux-libre project takes a minimal-changes approach to cleaning up Linux, making no effort to substitute components that need to be removed with functionally equivalent Free ones. Nevertheless, we encourage and support efforts towards doing so. http://libreplanet.org/wiki/LinuxLibre:Devices_that_require_non-free_firmware

        Our mascot is Freedo, a light-blue penguin that has just come out of the shower. Although we like penguins, GNU is a much greater contribution to the entire system, so its mascot deserves more promotion. See our web page for their images. http://linux-libre.fsfla.org/

        What is Linux? --------------

        Linux is a clone of the Unix kernel [...]

        (snipped from Documentation/admin-guide/README.rst)

        -- Alexandre Oliva, freedom fighter he/him https://FSFLA.org/blogs/lxo Be the change, be Free! FSF Latin America board member GNU Toolchain Engineer Free Software Evangelist Hay que enGNUrecerse, pero sin perder la terGNUra jamás - Che GNUevara

      • GNU Linux-libre 5.2-gnu Blesses Sound Open Firmware, Cleans Other Drivers

        Following last night's Linux 5.2 kernel release, the GNU folks maintaining their GNU Linux-libre off-shoot that de-blobs the kernel of being able to load binary-only firmware/microcode files or the ability to load binary-only kernel modules is out with their re-based kernel.

        GNU Linux-libre 5.2-gnu was another busy release for them with having to keep up in cleaning the new/extended drivers that get added and working around or disabling any binary blobs they may optionally support or require. In the case of Linux 5.2, they've had to do some cleaning around Realtek's new RTW88 WiFi driver that is replacing the RTLWIFI driver. They've also had to make changes to a number of other Realtek and Mediatek drivers among others along with adjustments for AMDGPU and Nouveau GPU binary firmware along with the Goya accelerator.

      • Ryabitsev: Patches carved into developer sigchains

        Konstantin Ryabitsev has posted a lengthy blog entry describing his vision for moving away from email for kernel development.

      • Patches carved into developer sigchains



        The “decent” tool is fiction, but the SSB framework I'm describing is not. SSB stands for “Secure Scuttlebutt” (it's nautical slang for “gossip,” so please stop guffawing). SSB is a distributed gossip protocol that is built on the concept of replicating individual “sigchains,” which are very similar in concept to git. Each record references the hash of the previous record, plus SSB uses an ECC key to cryptographically sign every new entry, such that the entire chain is fully verifiable and attestable. Unless someone has access to the ECC secret key created at the beginning of the SSB chain, they would not be able to add new entries — and unless the chain has never been replicated anywhere, all entries are immutable (or the replication simply breaks if any of the existing records in it are modified).

        The sigchains are only part of the story — SSB also offers a decentralized replication protocol that works hard to make sure that there is no single point of trust and no single point of failure. It is able to replicate using “pub” servers that merely work as convenient mediators, but are unnecessary for the overall health of the SSB fabric. SSB replication can be done peer-to-peer via local network, over the Internet, via Tor, sneakernet, or anything at all that is able to send and receive bits.

        The end-tool on the client uses these individual feeds to assemble a narrative, using message-id cross-references to construct threads of conversations. SSB is envisioned as a fully-private and fully-decentralized social network where each participating individual shares an immutable activity record choosing how much to share publicly, how much to share with specific individuals, and how much to keep fully private.

        I suggest we co-opt SSB for free software development to make it truly decentralized, self-archiving, and fully attestable in all developer interactions.

      • Why Linux Is Developed In Public: Linus Torvalds

        When we asked if Torvalds would prefer a private mailing list where the community can discuss things candidly without worrying about bloggers sensationalizing things, he said no.

      • Linux 5.3 Adds Support For Intel Multi-Die CPU Topology

        Intel's patches for supporting the multi-die topology of Cascadelake-AP processors is now going into the Linux 5.3 kernel.

        These patches have been sitting on the mailing list the past number of months for dealing with the multi-chip package of Cascadelake "Advanced Performance" processors where their dies are connected via UPI links.

      • x86 CPU Changes For Linux 5.3 Bring Intel UMWAIT, Zhaoxin, Engineering Train Wreck

        Thomas Gleixner sent in his various x86 code updates early this morning for the just kicked off Linux 5.3 kernel cycle.

        Some of the notable x86 CPU changes for Linux 5.3 include:

        - Official x86 Zhaoxin CPU support for these Chinese desktop CPU processors based on VIA Centaur IP. There were some kernel patches last year for Zhaoxin while with this next kernel release the support appears in order.

      • The Ryzen 3000 Boot Problem With Newer Linux Distros Might Be Due To RdRand Issue

        As outlined yesterday, AMD's Ryzen 3000 processors are very fast but having issues booting newer Linux distributions. The exact issue causing that boot issue on 2019 Linux distribution releases doesn't appear to be firmly resolved yet but some are believing it is an RdRand instruction issue on these newer processors manifested by systemd.

        For those that missed my launch day article, check it out for more details and then all the benchmarks for when running very performant on the likes of Ubuntu 18.04 LTS where the issue does not occur. What people are jumping on today are the old reports of AMD RdRand problems for using this hardware RNG instruction causing issues on older pre-Zen2 processors. It is possible though the RdRand support regressed even further and thus in worse shape with Zen 2, but I haven't seen that officially acknowledged by AMD nor if it firmly addresses the issue.

      • Linux Foundation

        • Automotive Grade Linux reveals new members

          Automotive Grade Linux (AGL) says Wuhan Bluestar Technology has joined as a Silver member, while Candera, IDW Technologies, Reutlingen University and T-Systems have joined in the Bronze category.

          AGL is a collaborative cross-industry effort developing an open source platform for connected car technologies,

          "We are excited to expand our growing, global community with five new members," said AGL executive director at the Linux Foundation, Dan Cauchy.

          "We look forward to working with them as we continue to expand the AGL platform including instrument cluster, telematics and vehicle-to-cloud connectivity."

          AGL is an open source project at the Linux Foundation bringing together automakers, suppliers and technology companies to accelerate the development and adoption of a fully open, shared software platform for all technology in the vehicle, from infotainment to autonomous driving.

      • Graphics Stack

        • LLVMpipe Software OpenGL Implementation Picks Up More GL4 Extensions

          It's 2019 and OpenGL 4.6 remains the latest version of this once predominant graphics API yet Mesa's Gallium3D LLVMpipe software rasterizer is still only exposing OpenGL 3.3.

          LLVMpipe while the default fallback on many Linux desktops in the case of no hardware OpenGL support doesn't receive too much attention these days. At least this weekend Red Hat's David Airlie did contribute a handful of improvements to LLVMpipe for Mesa 19.2.

        • Vulkan 1.1.114 Released With Image-Less Framebuffer Support

          Vulkan 1.1.114 is another weekly update to the Vulkan graphics API specification... With this update does come a new extension of some interest.

    • Benchmarks

      • Benchmarking Valve's RADV+ACO Yields Fastest Open-Source Radeon Vulkan Driver

        Last week Valve formally announced their new Radeon shader compiler for AMD's open-source Linux graphics drivers. At this stage it's an out-of-tree solution providing generally faster performance to the Mesa RADV Vulkan driver over the current AMDGPU LLVM shader compiler but they also have ambitions of wiring it up to the RadeonSI OpenGL driver once mature too, assuming AMD's developers are willing to make use of this new compiler code. For those wondering about the Vulkan performance, here are our independent benchmarks of the current Mesa 19.2 RADV performance with the LLVM shader compiler compared to Valve's new "ACO" compiler back-end and then also using AMD's official AMDVLK reference driver that is also leveraging LLVM.

    • Applications

      • 9 Best Free Linux Astronomy Apps (Updated 2019)

        Astronomy is a branch of science that deals with the study of celestial objects (including stars, planets, moons, comets, asteroids, meteor showers, nebulae, star clusters and galaxies) and other phenomena.

        Like many others, I was introduced to the world of astronomy by the venerable Sir Patrick Moore. For anyone who does not know, Sir Patrick was an amateur astronomer who presented The Sky at Night, the longest-running television programme, for over 54 years, and made an outstanding contribution to astronomy.

        Astronomy is particularly well suited to the layperson. It’s a wonderful hobby which has almost no age limits, it is open to individuals of all financial means, and there is always the potential for an amateur to discover something that has eluded professional astronomers, or to help monitor stars and track asteroids. Even with the unaided eye, there is much to study in the night sky including constellations, shooting stars, planets, and of course the moon, the Earth’s only natural satellite.

        There is a wide variety of free astronomy software available for Linux that offer real benefits to astronomy enthusiasts. This category of software lets you map the night sky, plan detailed observations, control telescopes, present star charts, offer observing logs, and much more.

        This article focuses on selecting the best free astronomy software available for Linux. Hopefully, there will be something of interest here for anyone who wants to study the sky. Here’s our recommendations.

    • Instructionals/Technical

      • How to Check the Kernel Version in Linux
      • How to fix the KDE Plasma panel crash problem
      • Fedora 30 : Using the python-wikitcms.
      • Running your own mail server

        Not too long ago there was some hubub around https://myaccount.google.com/purchases. In brief, if you use google mail, it tracks your purchases through receipts received in email. Now, some people see this as no big deal or even a feature. Others see it as a privacy invasion, and are reminded that all their data can be mined by the email provider and possibly third parties. Of those, some advoate getting a paid email provider. Agreed, that provides less incentive to monetize your data… but only a bit. Eventually, any company, however good its initial intentions, goes through leadership changes, is bought out, or goes bankrupt. At that point, your data is one of the assets being bargained with.

        The other alternative, of course, is to run your own mail server. I won’t lie – this is not for everyone. But it’s not as bad as some make out. I recently reinstalled mine, so I wrote down the steps I took, and will leave them here. I’ve been holding onto this for at least 6 months hoping to eventually run through them again to work out some of the finer details. That hasn’t happened yet, so I’ll just post what I have now as a start.

        Running your own mail server is not free. In particular, you’ll need to pay for a domain name ($10-15/year), and some place to run the mail server. If you have an always-on machine at home, and stable IP address, then you can run it there. You can pay for a tiny cloud instance on amazon/rackspace/digitalocean/etc. There are cheaper options (including “one year free” amazon micro instances), but a small digitalocean instance will be $5/month. Personally, I keep a large server online for running many VMs and containers, and run the mail server there.

      • How to Use User Mode Linux

        User Mode Linux is a port of the Linux kernel to itself. This allows you to run a full blown Linux kernel as a normal userspace process. This is used by kernel developers for testing drivers, but is also useful as a generic isolation layer similar to virtual machines. It provides slightly more isolation than Docker, but slightly less isolation than a full-blown virtual machine like KVM or VirtualBox.

        In general, this may sound like a weird and hard to integrate tool, but it does have its uses. It is an entire Linux kernel running as a normal user. This allows you to run potentially untrusted code without affecting the host machine. It also allows you to test experimental system configuration changes without having to reboot or take its services down.

      • How to use multiplexing to speed up the SSH
      • How to Encrypt Messages With PGP When Using Darknet Markets
      • How To Find Virtualbox Version From Commandline In Linux
      • How to install Nvidia drivers in Fedora 30 guide
      • How to search for YouTube videos on Ubuntu Desktop
      • How to Install Node.js in RHEL 8
      • How to install R on Ubuntu (16.04/18.04)
      • Command line quick tips: Permissions
      • Analyze ACPI Tables in a Text File with FWTS
    • Games

      • SkateBIRD entering the final day of funding, getting a little Them's Fightin' Herds crossover

        SkateBIRD, a game about birds on skateboards (that's actually pretty sweet) is closing in on the last day of funding. They've also announced some more fun stuff coming to it and the demo will vanish after the Kickstarter, so be quick.

      • GOG are having a big sale for French developers, plus recent releases of Eternam and Leo the Lion

        Three bits of GOG news in one for you DRM-free shopping fans today, as not only are they doing a big sale they also recently revived two more classic games.

        First up, the classic 1992 comedy adventure Eternam was released on GOG earlier this month. Little late on picking it up since the Linux build wasn't actually available right away but now it is. Next up is Leo the Lion (original Polish name: Lew Leon), another retro classic action-platformer from 1996. GOG just released it today!

      • Some early thoughts on A.N.N.E, the platformer and space shooter hybrid

        Now that A.N.N.E is finally available to play in Early Access, I have played it and I have some thoughts to share on what to expect from this stylish platformer and space shooter hybrid. Article may contain spoilers.

      • Key reseller G2A is back in the spotlight again, as a petition is up to ask them to stop selling indie games

        G2A, the key reseller that isn't particularly liked by most game developers is having some time in the spotlight and as usual, it's not for good reasons.

        They have a bit of a history with developers, something I've written about before and even the first comment on that article was about keys being revoked that were purchased from G2A. They're a very shady company and I shall continue to urge people to support developers and shop elsewhere. You would think after Gearbox pulled the plug on their deal with G2A, that lessons would have been learned but it appears not.

      • Business sim city-builder "Summer Islands" recently added Linux support

        Inspired by the classic game Holiday Island, Summer Islands recently entered Early Access and the developer has now added Linux support to it on Steam.

        Summer Islands is a game about building the perfect resort, so it's a business sim city-builder. You will need to manage your finances, as you attempt to attract more tourists.

      • BittBoy Review: A Tiny Gaming Handheld To Slide In Your Backpocket

        Back in my childhood days, I didn’t own a Gameboy or even a Real Nintendo Console; however, I did have a console that worked on cassettes, labeled as “10,000 games in 1.” Obviously, I couldn’t find the hidden 999 games on the console.

        However, the handheld gaming console that I am going to talk about supports nearly all ’90s games and consoles [emulators]. BittBoy comes pre-loaded with emulators such as NES, SNES, Atari, Gameboy, Gameboy Advance and more.

      • Single-player roguelike deck-builder "Roguebook" from the developer of Faeria is fully funded

        That's a tick in the box for another game confirmed to be coming to Linux, as Abrakam's single-player roguelike deck-builder "Roguebook" has been fully funded. The campaign on Kickstarter ended today with €66,810 from 2,706 backers and the Linux Alpha they provided does work well, so hopefully there will be no issues through development.

      • The Lion King, Aladdin and The Jungle Book no longer available on Steam, some about to leave GOG too

        Three classics are no longer available for sale on Steam, with nothing announced to say why. However, GOG at least have given a bit of warning that they're about to go.

      • More Xen content is coming to Black Mesa on August 1st

        Crowbar Collective announced on the weekend, that the Black Mesa Xen beta is due to expand on August 1st.

        After releasing the Technical Beta for Windows on June 25th, they said on August 1st they're going to add in the complete Xen and Gonarch's Lair chapters to public beta. A few weeks after that, they're planning to add in the concluding chapters: Interloper, Nihilanth, and Endgame.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • OpenExpo 2019 After Dark

          OpenExpo is an event aimed a businesses and the public sector. Top topics usually revolve around cloud computing, big and open data, IoT, and as of late, blockchain technologies. 2019 was its sixth edition, held on the 20th of June in “La Nave” on the outskirts of Madrid.

          Organisers tell us that 2800 visitors attended this year’s event. There were about 120 speakers and 70 exhibitors with booths. From what we could garner, most visitors were representatives of public institutions, consulting companies, and software development companies, especially from the field of cloud computing.

        • Updates on Krita on android

          It has been a long time since I posted a blog (1 month+). In fact it might even seem the Krita ran on Android and now GSoC is done. Well, not quite. There’s still a lot to be done.

        • Kaidan 0.4.0 released!

          After more than one and a half years there finally is a new release. Kaidan 0.4.0 is the biggest update until now and apart from some bug-fixes and many minor and major features increasing the usability, Kaidan now has multiplatform-support for all common operating systems like Linux, Windows, Android and macOS.

        • Interview with Enrique Gan

          Sycra Yasin posted a video showcasing Krita back in 2013 and I ended up trying it out some time in the summer of 2015. I think I got my first and current drawing tablet a month after and started churning out digital art with Krita since.

      • GNOME Desktop/GTK

        • GNOME Settings: new Search panel

          I haven’t been working on GNOME Settings for quite some time now. Currently, I am focusing mostly on GNOME Boxes, Usage, and Fedora Silverblue. To be fair I still have some love for Settings and I enjoy context-switching once in a while to hack on code bases which I don’t face daily. Unfortunately I can’t do this more often.

          A few years ago I pushed a WIP version of the Settings “Search” panel that never got merged because we were in a moment of transition in the project and at the time we thought that introducing Drag & Drop capabilities to GtkListBox would make sense still in gtk3. Fast forward, we are far from even starting to port Settings to gtk4, but people got to use the panels! For this reason, I rebased and iterated a bit over the Search panel in order to make it identical to the mockups. The final result is previewed below and will be available in our next stable release, 3.34.

        • Bolt 0.8 update

          Christian recently released bolt 0.8, which includes IOMMU support. The Ubuntu security team seemed eager to see that new feature available so I took some time this week to do the update.

        • Gtk-rs tutorial

          Leonora Tindall has written a very nice tutorial on Speedy Desktop Apps With GTK and Rust. It covers prototyping a dice roller app with Glade, writing the code with Rust and the gtk-rs bindings, and integrating the app into the desktop with a .desktop file.

        • Battle of the Bilerps: Image Scaling on the CPU

          I’ve been on a quest for better bilerps lately. “Bilerp” is, of course, a contraction of “bilinear interpolation“, and it’s how you scale pictures when you’re in a hurry. The GNOME Image Viewer (née Eye of GNOME) and ImageMagick have both offered somewhat disappointing experiences in that regard; the former often pauses noticeably between the initial nearest-neighbor and eventual non-awful scaled images, but way more importantly, the latter is too slow to scale animation frames in Chafa.

          So, how fast can CPU image scaling be? I went looking, and managed to produce some benchmarks — and! — code. Keep reading.

    • Distributions

      • Linux Lite Users Are the First to Try Linux Kernel 5.2, Here's How to Install It

        Announced by Linus Torvalds on June 7th, 2019, Linux kernel 5.2 is now the most advanced kernel series featuring a new open-source firmware for DSP audio devices, a new mount API for mounting file systems, new open-source GPU drivers for ARM Mali devices, and a new CPU bug infrastructure to protect devices against the Intel MDS hardware flaws.

        Linux kernel 5.2 also improves resource monitoring for Android devices, adds some notable performance improvements to the BFQ I/O scheduler, allows case-insensitive names in the EXT4 file system, and introduces a new, Arch-independent "mitigations=" boot option to make it easier to enable and disable mitigations for CPU vulnerabilities.

      • Kali Linux arrives on Raspberry Pi 4

        The Kali Linux team says that in addition to the impressive hardware of the new model, the Pi 4 now also benefits from Kali Linux support complete with on-board Wi-Fi monitor mode. At the moment, Kali Linux for Raspberry Pi 4 is only available in a 32-bit variant, but a 64-bit version is promised "in the near future". Offensive Security says that because of the popularity of Kali on previous versions of Raspberry Pi, it moved quickly to support the latest version.

        Getting up and running is no different to installing Kali Linux on previous versions of Raspberry Pi, and you'll find full instructions here.

        If you're happy to stick with the 32-bit version of Kali Linux for Raspberry Pi 4, you can grab it from the Kali ARM download page. If not, you'll just have to wait a bit longer for 64-bit support.

      • PCLinuxOS/Mageia/Mandriva Family

        • Mageia 7 Pushes Linux Desktop Boundaries

          Linux dispels the notion that one universal computing platform must define the features and functionality for all users. That is why so many distributions exist.

          The Mageia distro is a prime example of how freedom and choice are the hallmarks of open source operating systems. Mageia 7 pushes the limits of personal choice and usability definitions.

          What gives Mageia Linux its edge is its independence. Mageia 7 is not based on a predefined Linux family of distributions.

      • Debian Family

        • Debian 10 'Buster' Linux arrives

          Debian, the most important, truly independent Linux distribution, has just released Debian 10 "Buster".

          Apart from Debian, there are many important community Linux distros such as Fedora, which is the foundation for Red Hat Enterprise Linux (RHEL), and CentOS and openSUSE, which is SuSE Linux Enterprise Server (SLES)'s bedrock. Debian, however, stands alone. Its support comes purely from its community of users, not a company. At the same time, it is the core operating system for other important Linux distributions such as Canonical's Ubuntu. This means any Debian release is a big deal.

          That's not to say Debian is a cutting-edge Linux. It's not. If you want the bleeding edge, you want Fedora. But if stability is what you value, Debian is for you. For example, while the Linux 5.2 kernel has just been released, Debian 10 comes with October 2018's Linux kernel 4.19.

          Debian also supports no fewer than 10 different hardware architectures. These are: 64-bit Intel; 32-bit Intel; Motorola/IBM PowerPC; 64-bit IBM S/390 mainframe; both 32-bit ARM, and 64-bit ARM; and the almost obsolete 32-bit MIPS and 64-bit MIPS architectures.

          Buster also comes with better Unified Extensible Firmware Interface (UEFI) support for the x86 32 and 64-bit architectures and ARM 64-bit. With this, Debian should work out of the box on most Secure Boot-enabled machines.

        • Debian 10 “Buster” Released

          It is a stable version and is based on Linux Kernel 4.19. It will use Wayland display server instead of Xorg.

          The UEFI (Unified Extensible Firmware Interface) support which was first introduced in Debian 7 has been improved in the latest version of Debian. Users should no longer need to disable Secure Boot support in the firmware configuration as Secure Boot support is included in this release for amd64, i386 and arm64 architectures which will work out of the box on most Secure Boot-enabled machines. It will feature more than 59,000 other ready-to-use software packages, built from nearly 29,000 source packages. Debian can be installed in 76 languages.

        • Debian 10 'Buster' Linux released

          Debian, one of the longest-running Linux distributions around, has officially launched its tenth stable version: Debian 10 'Buster,' continuing the naming theme of characters from the Toy Story series of films.

          First released in 1993 by founder Ian Murdoch, and named for him and his wife Deb, Debian has grown to become one of the most popular Linux distributions around - in no small part thanks to acting as the upstream distribution for Canonical's Ubuntu Linux and its multifarious derivatives, as well as the Raspbian Linux distribution created for the Raspberry Pi family of single-board computers.

          Debian 10 'Buster,' the latest stable release, comes just over two years after Debian 9 'Stretch' - both continuing a naming convention going back to Debian 1.1 'Buzz,' taking character names from the Toy Story film series. It also comes with a major shift from the norm: When installed with the popular GNOME desktop, Debian 10 defaults to using the next-generation Wayland display server in place of the venerable Xorg - thanks to what the team describes as 'a simpler and more modern design, which has advantages for security.' Other desktop environments are also available, including KDE Plasma, Cinnamon, MATE, LXDE, LXQt, and Xfce.

        • Too close?

          At times of stress I’m prone to topical nightmares, but they are usually fairly mundane – last night, for example, I dreamed that I’d mixed up bullseye and bookworm in one of the announcements of future code names.

        • Andy Simpkins: Buster Release Party – Cambridge, UK

          With the release of Debian GNU/Linux 10.0.0 “Buster” completing in the small hours of yesterday morning (0200hrs UTC or thereabouts) most of the ‘release parties’ had already been and gone…. Not so for the Cambridge contingent who had scheduled a get together for the Sunday [0], knowing that various attendees would have been working on the release until the end.

          The Sunday afternoon saw a gathering in the Haymakers pub to celebrate a successful release. We would publicly like to thank the Raspberry Pi foundation [1], and Mythic Beasts [2] who between them picked up the tab for our bar bill – Cheers and thank you!

        • Debian 10 is here with updated software and enhancements

          The Debian Project announces the release of Debian 10, codenamed buster, with five years of support.

          Let’s learn more about Debian before discussing its new features and changes. Debian is a free-to-use operating system that comes with a variety of other software packages that are free as well. Many popular operating systems, including Kali Linux and Ubuntu, are based on Debian.

          The highly anticipated Debian 10 release took two years in the making. Accordingly, it has a lot of new stuff to offer, which we will discuss later. Also, the makers have termed this release as ‘stable,’ so you can start downloading it on its supported architectures or using it in production environments.

        • Linux Weekly Roundup #33

          We also know that Debian 11 will have the codename Bullseye.

        • The Perfect Server - Debian 10 (Buster) with Apache, BIND, Dovecot, PureFTPD and ISPConfig 3.1

          This tutorial shows how to prepare a Debian 10 server (with Apache2, BIND, Dovecot) for the installation of ISPConfig 3.1. The web hosting control panel ISPConfig 3 allows you to configure the following services through a web browser: Apache web server, Postfix mail server, Dovecot IMAP/POP3 server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, and many more.

      • Canonical/Ubuntu Family

        • Canonical’s GitHub Account ‘Hacked’ But Ubuntu Repos Are Safe [Ed: GitHub accounts are Microsoft's, not Canonical's, but whatever... Canonical's GitHub account compromised, so corporate media funded by Microsoft (CBS paid for ads etc.) says Ubuntu hacked; never mind if GitHub is actually a Microsoft platform... Blaming Canonical or Ubuntu, not GitHub or Microsoft. Remember, dear corporate media 'journalist' wannabes: When there's some system compromise due to weak/default passwords it's because of "Linux". If due to Microsoft/NSA back doors, blame "HACKERS!"]

          While the extent of the breach is still being investigated, the security team said that there is no indication that the source code or PII was affected.

          Moreover, the Launchpad infrastructure where the Ubuntu distribution is built and maintained has been disconnected from GitHub. There is also no sign that it has been affected.

          The mirror of the hacked Canonical GitHub account shows that the attacker created 11 new GitHub repositories sequentially named CAN_GOT_HAXXD_1. Surprisingly, those repositories were empty.

          So it seems that the hacking incident was limited to defacement only as there is no proof of existing data being changed or deleted.

          Meanwhile, a cyber-security firm called Bad Packets, tweeted that it detected internet-wide scans for Git configuration files just two days before the incident.

        • Ubuntu Weekly Newsletter Issue 586

          Welcome to the Ubuntu Weekly Newsletter, Issue 586 for the week of June 30 – July 6, 2019.

        • Design and Web team summary – 8 July 2019

          This was a fairly busy two weeks for the Web & design team at Canonical. Here are some of the highlights of our completed work.

        • GCC 9 Is Now The Default System Compiler Of Ubuntu 19.10

          As a change we had been expecting this cycle, Ubuntu 19.10 has upgraded to GCC 9 as the default system compiler over GCC 8.

          Ubuntu 19.10 (and Ubuntu 20.04 LTS) will be using GCC 9 stable as the default system compiler. The transition happened on Sunday with GCC 9 becoming the default compiler for Eoan. It's customary for Ubuntu to pull in new GCC releases with their xx.10 releases and to then carry forward that same version for their next xx.04 release, due to the GCC release timing generally coming too late for meeting their April release, and as such GCC 9 will be used for the Ubuntu 20.04 Long Term Support release.

        • GCC 9 now the default in eoan
          Hi,
          
          

          as previously announced in

          https://lists.ubuntu.com/archives/ubuntu-devel-announce/2019-June/001262.html

          GCC 9 is now the default in eoan. Using the Sunday to not disturb development during working hours with needed promotions and demotions.

          Matthias
    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open source in 2019, Part 2/3: The relative victory of open source

        All the benefits detailed in part 1 really explain why open source became so popular in the last 15 years. Open source is everywhere today. It has become the default way to build and publish software. You can find open source on every server, you can find open source on every phone... Even Microsoft, the company which basically invented proprietary software, is heavily adopting open source today, with great success. By all accounts, open source won.

        But... has it, really ?

        The server, and by extension the computing, networking, and storage infrastructure, are unquestionably dominated by open source. But the growing share of code running operations for this infrastructure software is almost always kept private. The glue code used to provide users access to this infrastructure (what is commonly described as "cloud computing") is more often than not a trade secret. And if you look to the other side, the desktop (or the user-side applications in general) are still overwhelmingly driven by proprietary software.

        Even contemplating what are generally considered open source success stories, winning can leave a bitter taste in the mouth. For example, looking at two key tech successes of the last 10 years, Amazon Web Services and Android, they both are heavily relying on open source software. They are arguably a part of this success of open source picture I just painted. But if you go back to part 1 and look at all the user benefits I listed, the users of AWS and Android don’t really enjoy them all. As an AWS user, you don't have transparency: you can’t really look under the hood and understand how AWS runs things, or why the service behaves the way it does. As an Android user, you can’t really engage with Android upstream, contribute to the creation of the software and make sure it serves your needs better tomorrow.

        So open source won and is ubiquitous... however in most cases, users are denied some of the key benefits of open source. And looking at what is called "open source" today, one can find lots of twisted production models. By "twisted", I mean models where some open source benefits go missing, like the ability to efficiently engage in the community.

      • Secure email provider Tutanota launches free encrypted calendar.

        Our encrypted calendar - Tutanota Calendar - has just been added to your secure emails. This new feature brings amazing privacy improvements. With our encryption expertise, we have not only made sure that all data you enter is encrypted, we are also encrypting notifications for upcoming events. In contrast to other calendar services, we do not know when you have an appointment, where you have an appointment, or with whom you have an appointment. Basically, we remain completely blind to your daily habits.

      • Women in code series: Joan Touzet

        Joan Touzet is an Apache Software Foundation (ASF) Member, Apache CouchDB PMC member and committer, with over 30 years of experience in commercial and open source software development. Based in Toronto, Canada, she currently works with Neighbourhoodie Software, running the CouchDB Development/Production Support team. In her spare time, Joan composes and records music, rides motorcycles, designs and builds electronic musical instruments, and pets cats. Gnomes over ponies.

      • Kiwi TCMS: Contributor profile: Aneta Petkova

        Aneta is a software engineer navigating the complex field of QA since her first "grownup" job. She's been working in the area of test automation for web applications using different programming languages and tools. Her mission is to inspire people to think about quality from the very inception of ideas and to blur the line between developers and QA specialists.

      • Events

        • 1st batch of talks approved!

          Since May we have been receiving speaker applications from all over the world, with lots of super interesting topics. We are very excited about what’s being prepared to make Ubucon Europe in Sintra one of the best!

        • [Ubucon's older] Call For Volunteers

          We are 4 months away from the Ubucon Europe 2019 meeting. It is very important to announce this event that will be held in Sintra on 10, 11, 12 and 13 October. From now on, you can contribute to the dissemination of the meeting and as such, share this information with the people you know in order to get further.

        • Arrival at CommCon 2019

          Last night I arrived at CommCon 2019 in Latimer, Buckinghamshire, a stone's throw from where I used to live in St Albans, UK. For many of you it is just a mouseclick away thanks to online streaming.

          It is a residential conference with many of the leaders in the free and open source real-time communications and telephony ecosystem, together with many users and other people interested in promoting free, private and secure communications.

          On Wednesday I'll be giving a talk about packaging and how it relates to RTC projects, given my experience in this domain as a Fedora, Ubuntu and Debian Developer.

        • CFP and Registration Open For Linux Piter Conference

          The conference gathers many key Linux people from all around the world. In the past we had Lennart Pottering (Red Hat), Christoph Hellwig, Stephen Hemminger (Microsoft), Monty Widenius (MariaDB Corporation AB), Bero Rosenkränzer (OpenMandriva), Rafael J. Wysocki (Intel) and many others joining the event.

        • Linux Plumbers Conference: VFIO/IOMMU/PCI Microconference Accepted into 2019 Linux Plumbers Conference

          We are pleased to announce that the VFIO/IOMMU/PCI Microconference has been accepted into the 2019 Linux Plumbers Conference!

          The PCI interconnect specification and the devices implementing it are incorporating more and more features aimed at high performance systems. This requires the kernel to coordinate the PCI devices, the IOMMUs they are connected to and the VFIO layer used to manage them (for user space access and device pass-through) so that users (and virtual machines) can use them effectively. The kernel interfaces to control PCI devices have to be designed in-sync for all three subsystems, which implies that there are lots of intersections in the design of kernel control paths for VFIO/IOMMU/PCI requiring kernel code design discussions involving the three subsystems at once.

        • Linux Plumbers Conference: Update on LPC 2019 registration waiting list

          Here is an update regarding the registration situation for LPC2019.

          The considerable interest for participation this year meant that the conference sold out earlier than ever before.

          Instead of a small release of late-registration spots, the LPC planning committee has decided to run a waiting list, which will be used as the exclusive method for additional registrations. The planning committee will reach out to individuals on the waiting list and inviting them to register at the regular rate of $550, as spots become available.

      • Web Browsers

        • Mozilla

          • Mozilla Firefox 68 Is Now Available to Download for Linux, Mac, and Windows

            The Mozilla Firefox 68 open-source and cross-platform web browser is now available to download for GNU/Linux, Mac, and Windows platforms ahead of tomorrow's official release. Scheduled to be released on July 9th, 2019, the Firefox 68 web browser can be downloaded and installed right now from Mozilla's official download servers. So if you can't wait until tomorrow's official release, you can go ahead and download Firefox 68 for GNU/Linux, macOS, and Windows operating systems.

            Mozilla Firefox 68 isn't an impress release as it only brings some minor improvements and not so exciting features. For example, it introduces a new reporting feature in about:addons to make it easier for users to report security and performance issues for add-ons and themes.

            It also adds support for accessing the Firefox Account settings directly from the hamburger menu, implements a full page color contrast audit capable of identifying all the elements on a web page that fail the color contrast checks, and brings WebRender support for Windows 10 users with AMD graphics cards.

      • SaaS/Back End

        • Data as a Service in a Hybrid, Multicloud World

          As it was emerging, cloud computing was seen as a fairly straight-up proposition for enterprises of finding a cloud, putting applications and data into it and running and storing it all on someone else’s infrastructure.

          But over the past few years, it’s become a complex mix of hybrid clouds and multiclouds, with some workloads and data staying on premises while others were pushed into the public cloud, and organizations using several public clouds at the same time. In the new world where data is at the center of everything and yet housed and used in multiple sites, having access to data wherever it resides and being able to move it quickly and easily between different clouds and between the cloud and core datacenter is crucial to an enterprise’s business success.

          Containers like Docker and the Kubernetes container orchestration platform have come onto the scene in part to help ease the portability of applications across the expanded distributed landscape. Over the past couple of quarters, startup Hammerspace has begun selling its data-as-a-service platform, a product designed to make the data as agile and easy to orchestrate across hybrid and multicloud environments as containers.

        • Ambedded’s ARM-based, Ceph Storage Appliance Goes Green

          With deep knowledge in open source software, distributed storage, embedded Linux and ARM-based architecture, Ambedded burst on the scene in 2013 as an innovator of software-defined storage.

          Today, with an ARM micro-server that leverages Ceph Unified Virtual Storage Manager (UVM), Ambedded has teamed up with SUSE Embedded to introduce SUSE Enterprise Storage 6 (also based on Ceph) to its line of storage appliances. The result is unified software-defined storage that provides object storage, block storage and file system in a single cluster. The Ambedded appliance delivers a high performing, low power storage option that can scale with ease, while helping mid-and large-scale enterprises avoid a single-point of failure by pairing a single-server node with a single-storage device.

        • OpenStack Networking

          If you’re familiar with OpenStack at all, you’ll know that it’s a collection of different components, or projects and not a single packaged piece of software. More than 30 different pieces of software make up OpenStack in its entirety ranging from networking to compute, to storage, to bare metal, to key management, orchestration, clustering and more. While OpenStack is widely recognized as being the leading open source cloud management platform, it’s not without its complexities. This can make it difficult to build if you don’t have the right skilled resources in-house, or if you need it up and running quickly so that you can use it for your business-critical systems and data.

      • Databases

        • Introducing Octo

          Octo is a YottaDB plugin for using SQL to query data that is persisted in YottaDB’s key-value tuples (global variables).

          Conforming to YottaDB’s standard for plugins, Octo is installed in the $ydb_dist/plugin sub-directory with no impact on YottaDB or existing applications. In addition to YottaDB itself, Octo requires the YottaDB POSIX plugin. The popularity of SQL has produced a vast ecosystem of tools for reporting, visualization, analysis, and more. Octo opens the door to using these tools with the databases of transactional applications that use YottaDB.

          [...]

          At present (early July, 2019), following an Alpha test with an intrepid user, Beta test releases of Octo are available, and YottaDB is working with a core set of Beta testers. Based on their feedback and on additional automated testing we will follow up with a production release of Octo, which we anticipate in late 2019. Octo currently supports read-only access from SQL, and is therefore useful in conjunction with imperatively programmed applications which update database state. As SQL supports all “CRUD” (Create, Read, Update, Delete) database operations, following the release of a production grade version of Octo for reporting (i.e., read-only access), we intend to work towards versions that support read-write access as well.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice Community Member Monday: Jun Nogata

          So, I live in Himeji, Japan where UNESCO World Heritage site Himeji Castle is. I work a part-time lecturer at a local university.

          I am a big fan of free and open source software (FOSS). I started to use Linux from Slackware 95, and I’m using Debian Sid at the moment. I am active in the Debian community in Japan and I’m also an OpenStreetMap mapper.

          I like listening to indie rock music, playing guitar and DJing sometimes. Also, I’m learning Korean – I want to talk to my friend DaeHyun Sung from the Korean LibreOffice community!

      • BSD

        • OpenBSD Community goes Platinum for 2019!

          The OpenBSD Foundation is happy to announce that individual contributions from the OpenBSD community have again exceeded CDN$50,000, making the community the 1st Platinum level donor for 2019!

      • Programming/Development

  • Leftovers

    • Science

      • A Complete History of Computers: From the 1800s to Now

        Can you imagine your life without a computer?

        Think about all of the things you wouldn’t be able to do. Send an email, online shop, find an answer to a question instantly.

        And that’s just the tip of the iceberg. We’ve come a long way from the very first computer, and even the first smartphone. But how much do you really know about their history and evolution? From floppy discs to cloud security, the Acorn to the Macintosh, let’s explore how far we’ve come.

    • Hardware

      • Professor faces 219-year prison sentence for sending missile chip tech to China

        Yi-Chi Shih, an electrical engineer and adjunct professor at UCLA, was found guilty last month by a Los Angeles jury, officials said in a statement this week. He was convicted on 18 counts, including making an illegal export and multiple fraud charges.

        Shih and another defendant, Kiet Ahn Mai, were found to have worked together to defraud an American semiconductor chip manufacturer. According to prosecutors, Mai posed as a potential customer to obtain chip designs from the unnamed company, then illegally sent the products to China.

    • Health/Nutrition

      • 500 Sydney Outdoor Workers Hold Walkout Over RoundUp Health Concerns

        The outdoor staff in Blacktown, a western suburb of Sydney, refused to continue spraying glyphosate and urged management to follow the lead of the several other city councils that have phased out Roundup and started to use other herbicides.

        The strike started last Wednesday after management ordered six staff members to either use Roundup or find other work, according to the United Services Union, which represents the striking workers, as The Sydney Morning Herald reported.

        "Outdoor staff responded by halting work and returning to their depots, leaving more than 10,000 bins uncollected," a union statement said, as reported by Channel 7 News in Australia.

        The workers decided to continue their protest on Thursday.

      • Blacktown council to trial new weedkiller after workers strike over Roundup

        A Sydney council will trial a new weed killer after more than 500 workers walked off the job due to concerns over the use of Roundup, which has been linked to cancer.

        Blacktown City Council sought an urgent hearing in the Industrial Relations Commissions on Thursday morning after thousands of garbage bins weren't collected.

      • Sydney council workers fight orders to use Roundup, go on strike

        A Sydney council will trial a new weed killer in a move being hailed as a "win" for more than 500 workers who walked off the job because of concerns over the use of the glyphosate-based Roundup, which has been linked to cancer.

        Outdoor staff at Blacktown City Council last month refused to continue using glyphosate sprays, urging management to follow the lead of other local councils which have banned the product and begun trialling safer alternatives.

    • Security

      • Various RememBear security issues

        AutoFill functionality of password managers is another typical area where security issues are found. RememBear requires a user action to activate AutoFill which is an important preventive measure. Also, AutoFill user interface will be displayed by the native RememBear application, so websites won’t have any way of messing with it. I found multiple other aspects of this functionality to be exploitable however.

        Most importantly, RememBear would not verify that it filled in credentials on the right website (a recent regression according to the developers). Given that considerable time can pass between the user clicking the bear icon to display AutoFill user interface and the user actually selecting a password to be filled in, one cannot really expect that the browser tab is still displaying the same website. RememBear will happily continue filling in the password however, not recognizing that it doesn’t belong to the current website.

        Worse yet, RememBear will try to fill out passwords in all frames of a tab. So if https://malicious.com embeds a frame from https://mybank.com and the user triggers AutoFill on the latter, https://malicious.com will potentially receive the password as well (e.g. via a hidden form). Or even less obvious: if you go to https://shop.com and that site has third-party frames e.g. for advertising, these frames will be able to intercept any of your filled in passwords.

      • Microsoft Confirms This Windows 10 Bug Could Crash VPN Services

        Microsoft has disclosed that a new bug in its Windows 10 OS could mess up with the VPN services running on your machine and show the error code “0xc000005.”

        As per the support page, it’s present in the Remote Access Connection Manager (RASMAN) service that’s required by the VPN services to function properly.

      • Microsoft Issues Warning For 50M Windows 10 Users

        The big one is VPNs. RASMAN handles how Windows 10 connects to the internet and it is a core background task for VPN services to function normally. Given the astonishing growth in VPN usage for everything from online privacy and important work tasks to unlocking Netflix and YouTube libraries, this has the potential to impact heavily on how you use your computer.

        [...]

        Why conservative? Because Microsoft states Windows 10 has been installed on 800M computers worldwide, but that figure is four months old. Meanwhile, the ever-reliable AdDuplex reports Windows 10 1903 accounted for 6.3% of all Windows 10 computers in June (50.4M), but that percentage was achieved in just over a month and their report is 10 days old. Microsoft has listed a complex workaround, but no timeframe has been announced for an actual fix.

      • Google Researcher Finds Nasty iMessage Bug That ‘Bricks’ iPhone

        This specific set of characters, when received on iMessage, can brick the phone — locking you out of everything on it. Once you receive this message, there is no way out of it, other than doing a factory reset. Also, any data that wasn’t backed up would be lost.

        The researcher, Natalie Silvanovich, is part of Google’s Project Zero team that hunts down zero-day vulnerabilities. She discovered the bug in April and explained how it affects iOS devices:

        “On a Mac, this causes soagent to crash and respawn, but on an iPhone, this code is in Springboard. Receiving this message will case Springboard to crash and respawn repeatedly, causing the UI not to be displayed and the phone to stop responding to input.”

      • New Cryptojacking Malware is Targeting Linux Servers [Ed: Attributing to "Linux" everything that can be maliciously installed on it]

        In the last few weeks, multiple cybersecurity research groups reported about the malware and, according to the researchers at Trend Micro, the malware not only targets a vulnerable server but also try to propagate in the entire network.

      • Security updates for Monday

        Security updates have been issued by Debian (dosbox, python-django, squid3, and unzip), Fedora (filezilla, libfilezilla, and samba), openSUSE (gvfs), Oracle (kernel), Red Hat (firefox and redhat-virtualization-host), SUSE (bash and libpng16), and Ubuntu (libvirt).

      • Can You Hear Me Now? Staying Connected During a Cybersecurity Incident

        We all know that communication is important. Anyone who's ever been married, had a friend, or held a job knows that's true. While good communication is pretty much universally beneficial, there are times when it's more so than others. One such time? During a cybersecurity incident.

        Incident responders know that communication is paramount. Even a few minutes might mean the difference between closing an issue (thereby minimizing damage) vs. allowing a risky situation to persist longer than it needs to. In fact, communication -- both within the team and externally with different groups -- is one of the most important tools at the disposal of the response team.

        This is obvious within the response team itself. After all, there is a diversity of knowledge, perspective and background on the team, so the more eyes on the data and information you have, the more likely someone will find and highlight pivotal information. It's also true with external groups.

        For example, outside teams can help gather important data to assist in resolution: either technical information about the issue or information about business impacts. Likewise, a clear communication path with decision makers can help "clear the road" when additional budget, access to

      • IoT Developer Orvibo Suffers Major Database Leak

        Recently, we saw a different kind of database leak. This leak did contain usernames and passwords as normal, but instead of them being for online services, they were for IoT devices. This makes it one of the first breaches where people’s physical devices were under threat due to a database leak.

      • Canonical, the company behind the Ubuntu Linux distribution, was hacked; Ubuntu source code unaffected [Ed: No. Microsoft GitHub got cracked. Not Canonical.]

        The unknown attacker(s) used a Canonical owned GitHub account whose credentials were compromised to unauthorizedly access Canonical’s Github account. According to a mirror of the hacked Canonical GitHub account, the hacker created 11 new GitHub repositories in the official Canonical account. The repositories were empty and sequentially named CAN_GOT_HAXXD_1, `with no existing data being changed or deleted.

      • Canonical's GitHub account was briefly compromised [Ed: No, that was Microsoft GitHub]
      • Ubuntu-maker Canonical's GitHub account hacked
      • Canonical’s GitHub Account Gets Hacked, and Its Page Gets Defaced [Ed: That's a Microsoft site, not a Canonical site]
      • Backdoor found in Ruby library for checking for strong passwords [Ed: FOSS catches security mischief fast, but this drama queen from ZDNet won't frame it like that and mostly ignores proprietary software back doors (this one was only downloaded a few hundreds of times, then caught). For instance, Microsoft steals the decryption keys from millions of people who set up disk encryption, but that doesn't seem to bother ZDNet (part of CBS, an advertiser to Microsoft)]
      • D-Link Settles With FTC, Agrees To Fix Its Shoddy Router Security

        While the shoddy Internet of Things sector gets ample heat for being a security and privacy dumpster fire, the traditional network gear sector has frequently been just as bad. A few years ago, for example, hardware vendor Asus was dinged by the FTC for offering paper-mache grade security on the company's residential network routers. The devices were frequently being shipped with easily guessable default usernames and passwords, and contained numerous, often obvious, security vulnerabilities.

        In 2017, the FTC also filed suit against D-Link, alleging many of the same things. According to the FTC, the company's routers and video cameras, which the company claimed were "easy to secure" and delivered "advanced network security," were about as secure as a kitten-guarded pillow fort. Just like the Asus complaint, the FTC stated that D-Link hardware was routinely shipped with easily-guessable default usernames and passwords, making it fairly trivial to compromise the devices and incorporate them into DDoS botnets (or worse).

      • Content Moderation At Scale Is Impossible: The Case Of YouTube And 'Hacking' Videos

        Last week there was a bit of an uproar about YouTube supposedly implementing a "new" policy that banned "hacking" videos on its platform.

        [...]

        Eventually, YouTube responded to all of this and noted a few things: First, and most importantly, the removal of Kozie's videos was a mistake and the videos have been restored. Second, that this wasn't a "new" policy, but rather just the company adding some "examples" to existing policy.

        This raises a few different points. While some will say that since this was just another moderation mistake and therefore it's a non-story, it actually is still an important point in highlighting the impossibility of content moderation at scale. You can certainly understand why someone might decide that videos that explain how to "bypass secure computer systems or steal user credentials and personal data" would be bad and potentially dangerous -- and you can understand the thinking that says "ban it." And, on top of that, you can see how a less sophisticated reviewer might not be able to carefully distinguish the difference between "bypassing secure computer systems" and some sort of fun hacking project like "launching fireworks over WiFi."

        But it also demonstrates that there are different needs for different users -- and having a single, centralized organization making all the decisions about what's "good" and what's "bad," is inherently a problem. Going back to Hutchins' and Halderman's points above, even if the Kinzie video was taken down by mistake, and even if the policy is really supposed to be focused on nefarious hacking techniques, there is still value for security researchers and security professionals to be able to keep on top of what more nefarious hackers are up to.

    • Transparency/Investigative Reporting

      • The reporter on the NYT's Bernie Sanders beat consistently fails to identify her sources as corporate lobbyists

        Ember's negative reporting on Sanders might be the result of her deep connections to the finance world: she came to the Times after a career as an analyst at the coal-boosting hedge fund Blackrock and she's married to Mike Bechek, son of the former CEO of Bain Capital, where he also worked.

        FAIR's Katie Halper has dug deep into Ember's network of go-to sources for quotes on why no one should vote for Sanders, showing that they are drawn from the ranks of the finance and corporate lobbyist world. [...]

    • Environment

      • Summer reading: Environment books that changed the world

        From Rachel Carsen's seminal literary depiction of a poisoned world in the early 1960s, Silent Spring, to David Wallace-Wells' profound climate crisis treatise, The Uninhabitable Planet (2019), here are six essential cautionary eco tales and nonfiction environmental books to be enjoyed in the shade of what is shaping up to be another scorching European summer.

      • Let Rivers Flood: Communities Adopt New Strategies for Resilience

        In 2016 California’s rainy season kicked off right on schedule, at the beginning of October. The rains came — and then just kept on coming. By February there was so much water filling Northern California’s rivers that Oroville Dam, the tallest in the country, threatened to break after its spillway and emergency spillways both failed.

        Water managers averted a crisis at the dam, but not before 180,000 people living downstream were evacuated.

        It was a wake-up call. In just a few months California had gone from five-year-drought to deluge, ending up with the second wettest year on record for the state. It served as a warning of things to come. With rising temperatures from climate change and an increase in the number of extreme storms predicted, scientists have warned of “climate whiplash” — more pronounced swings between wet and dry that could make floods even more dangerous and costly.

        It’s an issue that’s top of mind not just in California, but across the country. The United States just endured the wettest 12 months on record, and flooding this spring resulted in federal disaster declarations in Iowa, Kansas and Nebraska. Dozens of other states and counties declared emergencies, and at the time of this writing, floods had already claimed 67 lives nationwide. They’ve also caused billions of dollars in property damage and swamped farmers have experienced billions more in economic losses.

        In all of these cases, we see a common thread: It’s not just the direct blows from nature that are the problem. We’ve made things worse by paving over floodplains, channelizing rivers, and draining wetlands.

        But change could be on the horizon. Today more and more communities are beginning to realize that 20th century development practices are harmful. It’s ushering in a new era of thinking about floodplain management — one that involves letting rivers behave like rivers.

      • 'Staggering' UN Warning That Climate Crisis Disasters Now Occur Weekly Provokes Calls for Action

        A "staggering" new warning from a top United Nations official that climate crisis-related disasters are now occurring at the rate of one per week, with developing nations disproportionately at risk, provoked calls for immediate global action to combat the human-caused climate emergency.

      • Energy

        • Here Are Some of the Climate-Linked Disasters and Rollbacks Trump’s ‘Environmental Leadership’ Speech Didn't Cover

          President Donald Trump spoke to “America’s environmental leadership” in an address today, where he lived up to predictions and described the country’s air and water as clean (“crystal clean” even).

          The speech started late, and with a reference to the heavy rains that have flooded Washington, D.C., which today's Washington Post noted were unusual and consistent with the changes predicted by climate scientists.

          The rest of the world may be forgiven some skepticism about America’s environmental leadership — particularly under Trump. Within six months of taking office, Donald Trump had announced that he planned to pull the U.S. out of the Paris Agreement, the world’s framework for coordinating the international response to climate change, which scientists and world leaders have described as the most consequential environmental issue of our time.

        • Louisiana’s Cancer Alley Residents Take the Fight for Environmental Justice on the Road
          Last month, four residents from Louisiana neighborhoods impacted by air pollution traveled far from their Mississippi River parishes to Washington, D.C., and Tokyo, Japan, seeking help in their struggle for clean air.

          St. James Parish’s Sharon Lavigne and Barbara Washington, both fighting to prevent additional petrochemical plant construction near their homes, attended the Congressional Convening on Environmental Justice in Washington, D.C., on June 26.*

        • Climate Activists Respond to OPEC Official Calling Them ‘Greatest Threat’ to Big Oil

          Climate campaigners were undaunted when the secretary general of the Organization of the Petroleum Exporting Countries (OPEC) called their movement "perhaps the greatest threat" to the oil industry.

          "Thank you!" 16-year-old Swedish climate activist Greta Thunberg tweeted in response Thursday. "Our biggest compliment yet!"

      • Wildlife/Nature

        • Trump’s USDA Suspends Honeybee Survey

          The U.S. Department of Agriculture's (USDA) annual honeybee count has fallen victim to budget cuts, CNN reported Saturday.

          The suspension of the Honey Bee Colonies report is at least the third bee-related data set to be halted or reduced under the Trump administration, and comes three weeks after Trump's U.S. Environmental Protection Agency approved the emergency use of bee-killing pesticide sulfoxaflor on 13.9 million acres. It also comes as the population of bees, which help pollinate a third of edible crops, has been declining since 2006.

        • Honeybees hit by Trump budget cuts

          The US Department of Agriculture has suspended data collection for its annual Honey Bee Colonies report, citing cost cuts -- a move that robs researchers and the honeybee industry of a critical tool for understanding honeybee population declines, and comes as the USDA is curtailing other research programs.

          It's also another step toward undoing President Barack Obama's government-wide focus on protecting pollinators, including bees and butterflies, whose populations have plummeted in recent years. The annual survey, which started in 2015, gathers data on the number of honeybees per state by quarter, including those being lost with symptoms of colony collapse disorder, an issue that's made honeybees a darling of environmentalists and climate activists. It is at least the third bee-related dataset to be suspended under the current administration. "The decision to suspend data collection was not made lightly, but was necessary given available fiscal and program resources," according to a notice posted by the USDA's National Agricultural Statistics Survey. The USDA would not provide a figure for how much the agency was saving by discontinuing the survey.

        • This Dutch City Has Transformed Its Bus Stops Into Bee Stops

          In the Dutch city Utrecht 316 bus stops now have a green roof. They do not only look great, they also help capture fine dust, storage of rainwater and provide cooling in the summertime.

          It is one of many measures that could improve Utrecht's air quality. Did you know that after smoking, an unhealthy environment (including bad air quality) is the second cause of diseases in the Netherlands?

        • All 21 of Mississippi's beaches are closed because of toxic algae

          Summer's the perfect time to hit the beach -- unless you live in Mississippi.

          Along the state's Gulf Coast, all 21 of the state's beaches have been shut down for swimming due to a blue-green harmful algal bloom (HAB), according to the Mississippi Department of Environmental Quality (MDEQ). HABs occur when "colonies of algae -- simple plants that live in the sea and freshwater -- grow out of control and produce toxic or harmful effects on people" or wildlife, the National Oceanic and Atmospheric Administration (NOAA) says. The toxic algae can cause rashes, stomach cramps, nausea, diarrhea and vomiting, the state agency warned. Though the state says people can still use the sand portion of the beaches, they should avoid water contact or consumption of anything from the waters "until further notice."

        • Every Mississippi Beach Is Closed Due to Toxic Algae

          A toxic algal bloom has made the waters dangerous to humans and their pets. The Mississippi Department of Environmental Quality has shut down swimming at all of its beaches due to a blue-green harmful algal bloom, according to CNN.

          Toxic algae are dangerous to touch and poisonous when swallowed. It can cause rashes, stomach cramps, nausea, diarrhea and vomiting, the state agency warned.

        • All Mississippi beaches closed as toxic algae bloom blankets state's coast

          All of Mississippi's Gulf Coast beaches have been closed for swimming as the expanding bloom of toxic blue-green algae blankets the state's waters.

          On Sunday the Mississippi Department of Environmental Quality announced the closures of Pascagoula Beach West and Pascagoula Beach East, the final two state beaches that were open for swimming.

        • Officials close all Mississippi beaches due to blue-green harmful algal bloom

          All 21 of Mississippi's beaches have been shuttered for swimming due to the presence of toxic algae.

          The Mississippi Department of Environmental Quality announced two additional closures on Sunday due to a blue-green harmful algal bloom, after previous closures were issued for the 19 other beaches along the state's Gulf Coast.

          The two beaches that were shut down on Sunday are in Pascagoula, Mississippi, on the Alabama border.

        • Pascagoula the last coastal town to join algae-related water advisory

          Pascagoula’s beach is the latest to be placed under a water contact advisory tied to the ongoing blue-green algae bloom. Sunday’s advisory means the entire Mississippi coastline is now off-limits to swimming and fishing in the near-shore waters. Residents like Bill Kenan believe it is becoming a major problem for the entire area. “I had a feeling it was going this way. Water always flows west to east," Kenan explained. “It just keeps going and going and going. I don’t know if it’s ever going to get better. I hope it does." Some people spent their Sunday lounging on the sand, which MDEQ said is safe and still open for public use. Others chose to cool down in a nearby splash pad at Pascagoula Beach Park. Moss Point resident Clyde Sims said, “It just don’t look right to me. I like the clean pretty water, that’s why we go to Pensacola and places like that to get in the water.”

        • Toxic algae bloom forces Mississippi to close all the state's beaches

          The blooms can be triggered by many things, including changes in water temperature and fertilizer run-off, and once the colonies of algae — which are actually cyanobacteria — start growing rapidly, they produce toxins that can cause stomach cramps, diarrhea, vomiting, and rashes. People and their pets are being told to stay out the water and avoid any seafood caught in the affected areas, but they can still be on the sand.

        • Did Life on Earth Begin in the Deep Sea?

          When it comes to being otherworldly, alien and bizarre, the ocean has plenty to fuel the imagination and make your jaw drop: giant scuttling bugs, jelly-like blobfish, slimy mucus-drenched hagfish, hairy armed lobsters and almost anything else you could imagine.

          It's no big surprise that Hollywood science fiction films so often look to the deep for their monsters, landscapes and mystery. After all, the deep ocean is more alien to us than the surface of the moon.

          But bizarrely, some scientists think the ocean floor might well be the very place where life on our planet first evolved.

    • Finance

      • Deutsche calls time on global banking ambitions by cutting 18,000 jobs and setting up €74bn 'bad bank'

        Deutsche Bank has effectively called time on its global banking ambitions after it unveiled a much more radical than expected overhaul on Sunday.

        This will include setting up a "bad bank" stuffed with €74bn of toxic assets, closing down large units in its investment banking arm - including equities trading - and laying off about a fifth of its workforce.

        Following a supervisory board meeting in Germany at the weekend, the troubled bank said the drastic measures were needed to battle falling revenues and rising costs. The overhaul is expected to cost around €8bn.

    • Censorship/Free Speech

      • If You Want To Kill Google And Facebook, Leaving Section 230 Alone Is Your Best Hope

        We recently released our Don't Shoot The Message Board report, which details, with actual numbers, evidence of how Section 230 of the Communications Decency Act has encouraged and enabled a tremendous amount of investment in thousands of internet companies, building up real competition. At the event in Washington, DC, where we announced the paper, one of the questions from the audience focused on whether or not we should remove Section 230 protections from large companies as a way to deal with allegedly anti-competitive actions. The premise, put forth by the questioner, was that Google/Facebook/Amazon have benefited so much from Section 230 that that's why they're now so dominant -- and somehow removing the protections of 230 will somehow create competition.

        That's a very strange take, and one that doesn't seem supported by the evidence. Again, as our report showed, having CDA 230 created lots of investment in startups and new internet platform companies. Taking away Section 230 would create a massive liability and regulatory burden, which I'm sure the big internet companies wouldn't like, but which they could obviously handle. Smaller companies? Not so much. Removing CDA 230 would only serve to lock in Google, Facebook and Amazon.

    • Privacy/Surveillance

      • Encryption law making life harder for journalists: claim

        The passage of the Australian encryption law has made it harder for journalists to communicate with their sources without jeopardising their confidentiality, American cryptography fellow Dr Riana Pfefferkorn has claimed in a submission to an inquiry into the law.

      • Encryption law: 'Misunderstanding leading to IT industry concerns'

        The Department of Home Affairs says it is creating documentation to clarify the intended operation of the encryption law which was passed in December 2018, claiming that companies are concerned about it because they do not have a clear idea of their obligations under the law.

      • Twitter's Disinformation Data Dumps Are Helpful—to a Point

        A year later, Twitter released an archive of more than 10 million tweets, from 3,841 accounts it said were affiliated with the IRA, hoping to encourage “open research and investigation of these behaviors from researchers and academics.” The company has followed with additional data dumps, most recently last month when it released details of accounts linked to Russia, Iran, Venezuela, and the Catalan independence movement in Spain. All told, Twitter has shared more than 30 million tweets from accounts it says were “actively working to undermine” healthy discourse.

      • One in Ten UK Adults Are Now Cashless

        Meanwhile, the number of cash payments in the UK last year was just 11 billion, down 16% from 2017. Cash payments made up just 28% of all transactions last year, which is a huge decline from a decade ago when in 2008 cash payments accounted for 60% of transactions. And UK finance has predicted that in ten years’ time cash payments will make up just 9% of all transactions.

      • Only a third of us use cash every day so can you get around Nottingham without it? We tried it for a week

        We decided to see exactly what we could and couldn't do over a week in Nottingham without using banknotes and coins.

      • UK's newspaper launches pro-cash campaign, 'Keep Our Cash Manifesto'

        On June 9th, 2019, the daily mail's financial arm shared the story of a British baker who regrets adopting a cashless system after pressure from a bank to rent a card reader. Within this article, This is Money introduced a 5-point pro-cash campaign called, the 'Keep our Cash Manifesto'.

      • [Old] Which? leads new pro-cash campaign: Freedom to pay. Our way.

        The UK's top consumer affairs body, Which?, has recently launched a campaign in defence of the public's number one payment choice. Sign their petition and help protect public access to cash.

        Since 1956, Which? has been guiding tea-crazed Brits towards the nation's holy grail of kitchen appliances - the kettle. Now, they are using their platform and research insight to steer the country away from the dangers of an enforced cashless society.

      • Google still keeps a list of everything you ever bought using Gmail, even if you delete all your emails

        At the time of my original story, Google said users can delete everything by tapping into a purchase and removing the Gmail. It seemed to work if you did this for each purchase, one by one. This isn't easy — for years worth of purchases, this would take hours or even days of time.

        So, since Google doesn't let you bulk-delete this purchases list, I decided to delete everything in my Gmail inbox. That meant removing every last message I've sent or received since I opened my Gmail account more than a decade ago.

        Despite Google's assurances, it didn't work.

      • Google’s creepy Gmail purchase history can’t be deleted

        Additionally, since Google’s recommendation of deleting purchase receipts from your Gmail inbox doesn’t appear to work, these other recommendations may also do little to prevent purchase data from being collected.

        This report on Google’s purchase history is the latest in a series of stories that show how just how much data Google mines from Gmail and how difficult it often is to disable or opt-out of this data collection.

      • Is your Aadhaar data about to be monetised?

        The fourth chapter of the Economic Survey 2018-19 is entitled Data “Of the People, By the People, For the People”. It perhaps would be appropriate to quote relevant excerpts from that chapter to put the government’s thinking on commercial exploitation of data that it seems to be contemplating in a context.

        “The private sector may be granted access to select databases for commercial use. Consistent with the notion of data as a public good, there is no reason to preclude commercial use of this data for profit. [...]

      • Unnamed Nokia smartphone leaks with 3 rear cameras, could be new Nokia 8 series phone

        How do we know this could be a phone part of Nokia 8 series? We know because the Nokia 9, which is a flagship phone, has five cameras. So a phone with 3 rear cameras is likely to be placed one notch below it in the product line-up. Also, the Nokia 8 series is due for an upgrade.

      • EPIC to Appear Before Top European Court on US Surveillance

        This week EPIC Senior Counsel Alan Butler will appear before the Court of Justice for the European Union in the case Data Protection Commissioner v. Facebook. The case, known as "Schrems 2.0." follows the European Court's landmark decision in Schrems v. DPC striking down the "Safe Harbor" arrangement and leading to the creation of the "Privacy Shield."

      • The Privacy and Civil Liberties Oversight Board Signals It Will investigate NSA Surveillance, Facial Recognition, and Terror Watchlists

        After a long dormant stretch, the Privacy and Civil Liberties Oversight Board (PCLOB) has signaled it’s ready to tackle another big review of government surveillance and overreach. The PCLOB, an independent agency in the executive branch, last published a 2014 report on warrantless surveillance of the Internet by the U.S. intelligence community. While EFF welcomes the PCLOB’s efforts to bring oversight and transparency to the most controversial surveillance programs, we’ve disagreed with some of the Board’s findings, particularly on surveillance under FISA Section 702. So while it’s a good sign that the board is turning its attention to other major issues, its mixed history means it may be a little too soon to get your hopes up.

        This week, the board, which was created after a recommendation from the 9/11 Commission to look into the violation of civil liberties, released a strategic plan [PDF] that does not shy away from investigating some of the biggest threats to privacy in the U.S. According to the document, they will be looking into the NSA’s collection of phone records, facial recognition and other biometric technologies being used in airport security, the processes that govern terrorist watchlist, what they call “deep dive” investigations into NSA’s XKEYSCORE tool and the CIA’s counterterrorism activity, as well as many other government programs and procedures.

      • Announcing “Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks”

        Our phones hold a plethora of important, private information about our personal lives, and it’s not just their contents that matter: the data that our phones exchange with cell towers during basic connection procedures can reveal critical, and private, information. Perhaps you called the suicide prevention hotline from the Golden Gate Bridge; maybe you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after. The contents of those calls aren’t as secret as you might hope to someone who knows that the calls were made, and when. And just knowing the location a phone was in at a certain time, regardless of whether a call was made, could place someone at a protest—or at the scene of a crime.

        While the field of cell network security has been rapidly advancing, there’s also been a significant rise in the exploitation of cell network security bugs by criminals and law enforcement, who are using them to gain access to that private data. Devices known as Cell-Site Simulators (CSSs, a.k.a. Stingrays or IMSI-catchers) are increasingly being used by law enforcement for both dragnet and targeted surveillance; and several years ago we saw the first crackdowns against criminals using cell site simulators on a mass scale to deliver spam.

        Rightly, there’s been a lot of interest in—and confusion about—what CSSs are capable of. From activists worried about being targeted and tracked, to policy makers concerned about the privacy of their constituents, to technologists interested in learning about the security flaws so that they can deliver fixes, there’s a range in knowledge, though all of these groups have a stake in learning more. But the barrier to entry to the field of cell network security has historically been quite high, even if you already have a technical background. While there’s increasingly more highly technical research into the cell network attack techniques that CSSs rely on, very little exists for the average reader.

    • Freedom of Information/Freedom of the Press

      • Two journalists arrested, internet shut down amid disputed election in Mauritania

        The journalists are among more than 100 people who have been detained in the wake of Mauritania's disputed presidential elections on June 22, according to reports. According to the independent internet monitoring group Netblocks, the country has also faced a widespread [Internet] shutdown beginning shortly after the elections.

      • An hour with Noam Chomsky on fascism, nuclear weapons, climate change, Julian Assange & more

        Well, Assange is a similar case: We’ve got to silence this voice. You go back to history. Some of you may recall when Mussolini’s fascist government put Antonio Gramsci in jail. The prosecutor said, “We have to silence this voice for 20 years. Can’t let it speak.” That’s Assange. That’s Lula. There are other cases. That’s one scandal.

        The other scandal is just the extraterritorial reach of the United States, which is shocking. I mean, why should the United States—why should any—no other state could possibly do it. But why should the United States have the power to control what others are doing elsewhere in the world? I mean, it’s an outlandish situation. It goes on all the time. We never even notice it. At least there’s no comment on it.

        You can ask yourself: Why is this accepted? So, in this case, why is it acceptable for the United States to have the power to even begin to give even a proposal to extradite somebody whose crime is to expose to the public materials that people in power don’t want them to see? That’s basically what’s happening.

      • Months After The Law's Enactment, California Law Enforcement Agencies Are Still Blowing Off Public Records Requests

        This is no longer a question of law. Courts have repeatedly held the new law is retroactive, making records generated prior to the beginning of this year responsive to requests. The state's Attorney General, Xavier Becerra, has apparently decided to see how much of this year he can spend with his head up his ass. He's appealing a decision by a judge granting access to records involving the state's DOJ… which still has yet to release the records it was ordered to release.

        Other agencies have been a bit more compliant. The San Francisco PD has released a handful of records on four shootings by officers and the LAPD is continuing to release files on a rolling basis. In both cases, these agencies have upped their staffing to handle the influx of requests -- all without complaining publicly about their obligations.

        Other agencies have chosen to go the route of antagonistic compliance -- following the letter of the law while making it very clear they hate everything about the law and every requester taking advantage of it.

      • Local sheriff misconduct records still secret 6 months after transparency law took effect

        Months after law enforcement unions in Riverside and San Bernardino counties dropped their lawsuits arguing that some police misconduct records should remain secret, the sheriff’s departments in the two counties have yet to release records in accordance with a police misconduct transparency law that took effect in January.

        The two local sheriff's departments aren't the only agencies that still have yet to comply with the new law, the California Reporting Project has found. The project — a collaboration among 40 newsrooms across California including The Desert Sun — has found some departments are charging high fees, destroying the documents or ignoring court orders to produce the records.

    • Civil Rights/Policing

      • Incarceration Helped Fuel America’s Opioid Crisis, Study Suggests

        Researchers also found that on average, counties with the highest incarceration rates saw a drug mortality rate 54% higher than the rate among counties with the lowest incarceration rates.

        "You have similar communities that are poor, and one has a much higher rate of drug use than the other," King says. "Half of that seems to be explained by the incarceration rate."

        Across the U.S., more than 70,000 people died of drug overdoses in 2017, and most deaths were opioid-related, according to the Centers for Disease Control and Prevention. The drug epidemic has hit the country so hard that it's contributed to a falling life expectancy for Americans in recent years.

      • Economic decline, incarceration, and mortality from drug use disorders in the USA between 1983 and 2014: an observational analysis

        Reduced household income and high incarceration rates are associated with poor health. The rapid expansion of the prison and jail population in the USA over the past four decades might have contributed to the increasing number of deaths from drug use disorders.

      • Hong Kong Protesters Take Their Message to Chinese Tourists

        Hong Kong, a semiautonomous Chinese territory, has a separate political and judicial system and is governed based on a principle known as “one country, two systems.” But in recent years, as Beijing has grown more autocratic and increased efforts to integrate Hong Kong with the mainland, many here have become alarmed about the erosion of the city’s once-robust protections for civic freedoms and rule of law.

        While previous marches have been held in the downtown financial and business districts of Hong Kong Island, the march on Sunday is the first to take place in Kowloon, an area of Hong Kong that is attached to the Chinese mainland. It is being billed as an opportunity to engage with mainland Chinese in the hope that they will back the protesters.

        The Hong Kong protests have been heavily censored in the mainland, where they are portrayed by government officials and the state news media as being organized by “foreign forces” and spearheaded by violent “extreme radicals.”

      • Hundreds protest in Paris against deadly domestic violence

        Yelling “Enough” and carrying signs reading “Stop femicides” or “The planet needs women alive”, the crowd took to the Place de la Republique square as part of the demonstration organised by various women’s rights NGOs to protest the rate of femicides, the killing of a woman by a man because of her gender.

      • Christians in Africa: "You have three days to go or you will be killed!"

        Distressingly, these Christians have been finding themselves in the blind spot of the West: they are "too Christian" to get the Left's attention, but too far away for the Right. Africa's Christians are orphans. They have no "allies", John O'Sullivan writes.

      • CBP Agents Flocked To Closed Facebook Groups To Post Bigoted Memes And Insult Detainees

        According to this Politico report, not a single agent was ever punished or reprimanded for their comments and posts in this closed group. Sure, they're being denounced now by top Homeland Security officials, but it's years too late. CBP supervisors had an opportunity to pass this up the ladder three years ago but did nothing. Springing into action when there are no options left is no one's idea of heroic. There's no excusing the CBP's refusal to act when it was first notified. There's finally an Inspector General's investigation underway, but it will be months or years before we see results from this, if ever.

        The CBP continues to stand by its personnel, saying most of its staff are good people not prone to posting bigoted content to closed Facebook groups. This is a pretty safe stance to take when no one's outing the members of the 10-15 Group. But that stance has already passed its expiration date. The Intercept infiltrated the group and managed to make off with tons of screenshots before posts were deleted by members and moderators following the ProPublica article.

        Not only is The Intercept publishing the screenshots it grabbed, it's publishing them with the names of CBP agents on full display. Good. Speech has consequences and DC politicians have been promising retribution. With names out in the open, the Congressional bluff has been called. Put up or shut up, reps. And I'm sure the CBP Inspector General appreciates any input it can get, even if it has to come from outside sources.

      • Court Upholds Conviction Of Cop Who Threatened, Beat, Tased, And Arrested A Man For Complaining About Being Beaten By Him Earlier

        And it is a string of horrors. It's an undeniable story of just how much havoc a man with a badge and bunch of power can wreak on a "civilian." When it comes to police/citizen relationships, only one side holds all the cards. And unless someone has the wherewithal to lawyer up -- and continue to litigate through multiple court levels for multiple years -- the badge and the abused power go unchecked.

        Jeffrey Littlepage stuck it out. Good thing he did. Otherwise, Officer William Dukes might have skated on this string of horrors. Without Littlepage's tenacity, Dukes might be out of prison, free to roam around with a badge in hand and subject others to the same treatment he gave Littlepage.

        Littlepage's story starts with a traffic stop. It doesn't end until Officer Dukes is behind bars. In between, there's a hell of a lot of abusive activity by a man who never should have been allowed to carry a badge.

        Officer Dukes was presumably killing time waiting to fuck someone up when a call came in that someone had tried to run another driver off the road. For whatever reason, Dukes decided it was Littlepage. He didn't know who he was pulling over, so Littlepage won the SHIT COP lottery.

    • Internet Policy/Net Neutrality

      • Killing Net Neutrality Rules Did Far More Harm Than You Probably Realize

        We've noted repeatedly that the repeal of net neutrality did far more than just kill popular net neutrality rules. It effectively neutered the FCC's ability to do its job and oversee lumbering natural telecom monopolies. And, contrary to the claims of the telecom lobby, it threw any remaining authority to an FTC that lacks the resources or authority to do the job either. In short the repeal gave loathed telecom giants like Comcast and AT&T carte blanche to do pretty much anything they'd like to their captive customer bases, provided they're marginally clever about it.

        Here's one case in point: the previous FCC had passed some fairly basic rules requiring that ISPs be transparent about the kind of connection you're buying. As in, ISPs were required to not only inform you what kind of throttling or restrictions were on your line, but they were supposed to make it clear how many hidden fees you'd pay post sale. With those rules dead, the FCC's process now basically involves you complaining to the Ajit Pai FCC, and the agency doing jack shit about it. Under Pai's model, ISPs are allowed to bullshit you all they'd like in terms of caps, throttling, and other limits, as long as their bullshit is hidden somewhere in their website.

    • Monopolies

      • Copyrights

Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day