Bonum Certa Men Certa

Links 9/7/2019: Goodbye Red Hat (IBM Takeover Finalised), Mesa 19.1.2, D9VK 0.13



  • GNU/Linux

    • The Saga Of 32-Bit Linux: Why Going 64-Bit Raises Concerns Over Multilib

      Of course, some decisions are easier to make than others. Back in 2012 when Linus Torvalds officially ended kernel support for legacy 386 processors, he famously closed the commit message with “Good riddance.” Maintaining support for such old hardware had been complicating things behind the scenes for years while offering very little practical benefit, so removing all that legacy code was like taking a weight off the developer’s shoulders.

      The rationale was the same a few years ago when distributions like Arch Linux decided to drop support for 32-bit hardware entirely. Maintainers had noticed the drop-off in downloads for the 32-bit versions of their distributions and decided it didn’t make sense to keep producing them. In an era where even budget smartphones are shipping with 64-bit processors, many Linux distributions have at this point decided 32-bit CPUs weren’t worth their time.

      Given this trend, you’d think Ubuntu announcing last month that they’d no longer be providing 32-bit versions of packages in their repository would hardly be newsworthy. But as it turns out, the threat of ending 32-bit packages caused the sort of uproar that we don’t traditionally see in the Linux community. But why?

    • Desktop

      • The Current State Of AMD Ryzen 3000 CPUs And Radeon RX 5700 GPUs On Linux

        The cards launched on July 7, and AMD had its Radeon Software for Linux 19.30 package ready for customers. The downside? It's only supported on Ubuntu 18.04.2 LTS, and you'll run into problems trying to initialize the GPUs on newer distros. Compounding the problem is that, as mentioned by Phoronix, the RADV/AMDVLK Vulkan driver hadn't been published yet. (This is why my own benchmarks have been stalled, as I'd be limited to testing OpenGL.)

        But wait! Hours later, the RADV developer gurus at Valve and Red Hat beat AMD to the punch and squeezed Navi Vulkan support into the Mesa 19.2-devel package. Then, earlier today, a few more improvements focused on tessellation were wrapped up and are pending review.

        Here's what all this means for us "normal people" who don't want to cobble together random bits of open source code to get our game on with RX 5700. Your mileage may vary, but I found the "easiest" solution was to install Ubuntu 18.04 LTS, install the official AMD 19.30 packaged driver, then add the Oibaf PPA. A quick apt update / upgrade later, and you should be on Mesa 19.2-git which will enable Vulkan support. (And development is moving quickly on this, so regular updates are recommended.)

        Sadly, simple "out of box" support for Navi isn't landing until this autumn with kernel 5.2, so early adopters will need to go through some hoops and keep an eye on Mesa 19.2 development.

        Even with the bleeding edge software, I'm noticing some strange behavior (i.e. unplayable) with native games like Warhammer 40K: Dawn of War III and Dirt Rally.

        Bottom line: I don't think the RX 5700 Series is ready for prime time on Linux just yet, at least for gaming activities. I'm planning extensive coverage, however, so I'm keeping a vigilant eye on things.

    • Server

      • Linux a key player in the edge computing revolution

        In the past few years, edge computing has been revolutionizing how some very familiar services are provided to individuals like you and me, as well as how services are managed within major industries. Try to get your arms around what edge computing is today, and you might just discover that your arms aren’t nearly as long or as flexible as you’d imagined. And Linux is playing a major role in this ever-expanding edge.

        One reason why edge computing defies easy definition is that it takes many different forms. As Jaromir Coufal, principal product manager at Red Hat, recently pointed out to me, there is no single edge. Instead, there are lots of edges – depending on what compute features are needed. He suggests that we can think of the edge as something of a continuum of capabilities with the problem being resolved determining where along that particular continuum any edge solution will rest.

      • The DevOps guide to IoT projects

        Traditional development methods do not scale into the IoT sphere. Strong inter-dependencies and blurred boundaries among components in the edge device stack result in fragmentation, slow updates, security issues, increased cost, and reduced reliability of platforms.

        This reality places a major strain on IoT players who need to contend with varying cycles and priorities in the development stack, limiting their flexibility to innovate and introduce changes into their products, both on the hardware and software sides.

      • Cloud Application Platform vs Container as a Service vs VM hosted application

        In the “old days,” applications were always hosted in a traditional way on a physical server or a group of physical servers. However, physical servers are expensive, hard to maintain and hard to grow and scale. That’s when virtual machines (VM) grew in popularity. VMs provided a better way to maintain, grow and scale. That is, they were easier to backup and restore and migrate from one region to another and they were easier to replicate across multiple domains/zones/regions.

      • Sysadmin vs SRE: What's the difference?

        In the IT world, there has always been a pull between generalist and specialist. The stereotypical sysadmin falls in the generalist category 99 times out of 100. The site reliability engineer (SRE) role is specialized, however, and grew out of the needs of one of the first companies to know real scale: Google. Ultimately, these two roles have the same goal for the applications whose infrastructure they operate: providing a good experience for the applications’ consumers. Yet, these roles have drastically different starting points.

      • IBM

        • Unlocking the true potential of hybrid cloud with Red Hat partners

          Today, we announced that IBM’s landmark acquisition of Red Hat has closed and shared our vision for how our two companies will move forward together.

          You’ve heard that IBM is committed to preserving Red Hat’s independence, neutrality, culture and industry partnerships, and that Red Hat’s unwavering commitment to open source remains unchanged.

          There is a key part of that statement I want to focus on—partnerships.

          IBM has made a significant investment to acquire Red Hat, and respects that Red Hat wouldn’t be Red Hat without our partner ecosystem. Partners open more doors for open source than we can alone and are vital to our success.

        • Red Hat and IBM: Accelerating the adoption of open source

          Today, IBM finalized its acquisition of Red Hat. Moving forward, Red Hat will operate as a distinct unit within IBM, and I couldn't be more excited—not only for what today represents in the history of two storied technology companies, but what it means for the future of the industry, for our customers, and for open source.

          Red Hat's acquisition by IBM represents an unparalleled milestone for open source itself. It signals validation of community-driven innovation and the value that open source brings to users.

        • IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future

          IBM (NYSE:IBM) and Red Hat announced today that they have closed the transaction under which IBM acquired all of the issued and outstanding common shares of Red Hat for $190.00 per share in cash, representing a total equity value of approximately $34 billion.

          The acquisition redefines the cloud market for business. Red Hat’s open hybrid cloud technologies are now paired with the unmatched scale and depth of IBM’s innovation and industry expertise, and sales leadership in more than 175 countries. Together, IBM and Red Hat will accelerate innovation by offering a next-generation hybrid multicloud platform. Based on open source technologies, such as Linux and Kubernetes, the platform will allow businesses to securely deploy, run and manage data and applications on-premises and on private and multiple public clouds.

        • Q&A: IBM’s Landmark Acquisition of Red Hat

          Paul: Red Hat is an enterprise software company with an open source development model. A fundamental tenet of that model is that everything we do, from new practices that we learn to new technologies that we develop, goes back to the upstream community. By joining forces with IBM, our reach into customers will dramatically increase so we’ll be in a position to drive open enterprise technology a lot further. As for IBM, we’ve been partners for quite some time, but now existing IBM customers will have even more direct access to next-generation open source-based technologies that are at the cornerstone of hybrid cloud innovation.

        • Jim Whitehurst email to Red Hatters on Red Hat + IBM acquisition closing

          Last October, we announced our intention to join forces with IBM, with the aim of becoming the world’s top hybrid cloud provider. Since then, the promise IBM chairman, president, and CEO Ginni Rometty and I made has not changed. In fact, our commitment to that vision has grown - Red Hat will remain a distinct unit in IBM as we work to help customers deliver any app, anywhere, realizing the true value of the hybrid cloud. This morning, we can share that the most significant tech acquisition of 2019 has officially closed and we can now begin moving forward.

          We will be hosting an all-hands company meeting today (Tuesday, July 9) where you will hear from me, Ginni, Paul Cormier and IBM senior vice president of Cloud and Cognitive Software, Arvind Krishna. Details on logistics to follow; I hope you will join us.

          Since we announced the acquisition, I’ve been having conversations with our customers, partners, open source community members and more Red Hatters than I can count (I’ve been following memo-list as well!). What struck me most from those conversations was the passion. It’s passion not just for a company, but for what we do and how we do it—the open source way. That’s not going to change.

        • IBM Acquires Red Hat For $34 Billion

          IBM today closed the acquisition of Red Hat for $34 billion, marking one of the biggest acquisition of any open source company.

        • IBM Has Just Wiped Clean Red Hat’s Position on Software Patents

          Red Hat could sell itself to Microsoft and even considered that. We’re thankful that this never happened. But Red Hat’s main casualty will be its policy on patents. Since IBM calls all the shots it’s safe to assume that Red Hat’s staff has become or will become a major booster of software patents (or at best passive). We also envision IBM putting a lot of pressure on new joiners (from Red Hat) to apply for software patents, maybe ‘spiced up’ with buzzwords such as "hey hi" (AI) so as to dodge 35 U.S.C. €§ 101. It’s important for IBM to show up at the top of U.S. Patent and Trademark Office (USPTO) ladders. IBM also lobbies for software patents in Europe, so Red Hat is perhaps becoming a threat to Europe — even if only by extension.

        • Preserving the Red Hat developer experience

          In the months since the Red Hat acquisition by IBM was announced, I have been asked numerous times if this deal changes things for Red Hat’s Developer Program and Developer Tools group.

          My answer then and now is “no.”

          As has been stated elsewhere, Red Hat will remain independent because IBM appreciates our unswerving dedication to open source, our open culture, and our neutrality. Neither IBM nor Red Hat has any desire to change these foundational values.

          My group, which covers developer evangelism, the developer program and our developer tools, will remain independent from IBM’s developer group.

        • IBM Completes Its Acquisition Of Red Hat

          With this $34 billion (USD) acquisition, IBM says they will still let Red Hat retain its independence and neutrality, continue the same development model, Jim Whitehurst will continue to lead Red Hat, and IBM will maintain the existing Red Hat headquarters/facilities/brands/practices.

        • IBM Closes Landmark Acquisition of Red Hat for $34 Billion; Defines Open, Hybrid Cloud Future
        • IBM Closes Red Hat Acquisition, Kaidan 0.4.0 Released, Android Apps Can Track You Even If You Deny Permission, Debian Edu 10 "Buster" Now Available and MIT Researchers Create New AI Programming Language

          IBM closes its acquisition of Red Hat for $34 billion. From the press release: "The acquisition redefines the cloud market for business. Red Hat's open hybrid cloud technologies are now paired with the unmatched scale and depth of IBM's innovation and industry expertise, and sales leadership in more than 175 countries. Together, IBM and Red Hat will accelerate innovation by offering a next-generation hybrid multicloud platform. Based on open source technologies, such as Linux and Kubernetes, the platform will allow businesses to securely deploy, run and manage data and applications on-premises and on private and multiple public clouds." In addition, the release notes that IBM will preserve Red Hat's independence and neutrality, and also that "Red Hat's unwavering commitment to open source remains unchanged".

        • Miller: Red Hat, IBM, and Fedora

          Fedora project leader Matthew Miller reassures the community that IBM's acquisition of Red Hat, which just closed, will not affect Fedora.

          [...]

          If you have questions or would like to learn more about today’s news, I encourage you to review the materials below. For any questions not answered here, please feel free to contact us. Red Hat CTO Chris Wright will host an online Q&A session in the coming days where you can ask questions you may have about what the acquisition means for Red Hat and our involvement in open source communities. Details will be announced on the Red Hat blog.

        • Fedora Magazine: Red Hat, IBM, and Fedora

          Red Hat will continue to be a champion for open source, just as it always has, and valued projects like Fedora that will continue to play a role in driving innovation in open source technology. IBM is committed to Red Hat’s independence and role in open source software communities. We will continue this work and, as always, we will continue to help upstream projects be successful and contribute to welcoming new members and maintaining the project.

        • IBM Closes Red Hat Acquisition [Ed: Swapnil writes for Zemlin, links to his own blog which sometimes acts as a media partner]

          IBM has closed the acquisition of Red Hat today for approximately $34 billion. Post-acquisition, Red Hat will operate as a distinct unit within IBM and will be reported as part of IBM’s Cloud and Cognitive Software segment. Maintaining its branding and independence within IBM, Red Hat will continue to be led by Jim Whitehurst and its current management team. Whitehurst is joining IBM’s senior management team, reporting to Ginni Rometty.

        • IBM Closes Its $34 Billion Acquisition of Red Hat

          IBM closed its $34 billion acquisition of Red Hat, the companies announced Tuesday.

        • IBM closes its $34 billion acquisition of Red Hat

          IBM closed its $34 billion acquisition of Red Hat, the companies announced Tuesday.

          Shares of IBM were down less than 1% in late-morning trading.

          The deal was originally announced in October, when the companies said IBM would buy all shares in Red Hat for $190 each in cash.

          The acquisition of Red Hat, an open-source, enterprise software maker, marks the close of IBM's largest deal ever. It's one of the biggest in U.S. tech history. Excluding the AOL-Time Warner merger, it follows the $67 billion deal between Dell and EMC in 2016 and JDS Uniphase's $41 billion acquisition of optical-component supplier SDL in 2000.

          Under the deal, Red Hat will now be a unit of IBM's hybrid cloud division, according to the original announcement. The companies said Red Hat's CEO, Jim Whitehurst, would join IBM's senior management team and report to CEO Ginni Rometty.

        • IBM closes $34 billion Red Hat acquisition: Now it's time to deliver

          IBM has closed its $34 billion acquisition of Red Hat, vowed to keep its new unit independent, deliver innovative hybrid cloud stacks and grow. Now all IBM CEO Ginni Rometty has to do is execute since the Red Hat purchase will define her tenure.

          For customers of both companies, the next big milestone will be to see the roadmap for hybrid cloud integrations that can compete with VMware in enterprises. In addition, IBM has pledged to keep Red Hat neutral, open source focused and led by current management and CEO Jim Whitehurst.

          What IBM is trying to do is use its scale to turbo charge Red Hat's growth as well as bolster its own cloud unit. Red Hat's platform will instantly become global.

        • IBM wraps up purchase of Linux specialist in $34bn deal

          IBM said on Tuesday that it has closed its $34bn acquisition of software company Red Hat as it looks to ramp up its cloud computing business.

          Underscoring the drive into high-margin businesses, IBM in October agreed to buy Red Hat, the company’s biggest acquisition in its more than 100-year history.

          Ginni Rometty, IBM CEO since 2012, has steered the company towards faster-growing segments such as cloud, software and services and away from traditional hardware products, but not without a bumpy journey. The newer areas of focus have sometimes underwhelmed investors.

          The company, which won approval for the purchase from EU regulators in late June and US regulators in May, agreed to pay $190 a share for Red Hat, representing a 63% premium.

          Founded in 1993, Red Hat specialises in Linux operating systems, the most popular type of open-source software and an alternative to proprietary software made by Microsoft. IBM has faced years of revenue declines as it transitions from its legacy computer hardware business into new technology products and services.

          Red Hat CEO Jim Whitehurst and his management team will remain in place, and Whitehurst will join IBM’s senior management team and report to Rometty. IBM will maintain Red Hat’s headquarters in Raleigh, North Carolina, as well as its facilities, brands and practices. Red Hat will operate as a distinct unit within IBM.

    • Audiocasts/Shows

      • From BASIC to Ruby: Life lessons from first programming languages on Command Line Heroes

        The second episode of this Command Line Heroes season 3 drops today and it sent me back through a nostalgic look at the idea of first programming languages.

      • Episode 73 | This Week in Linux

        On this episode of This Week in Linux, we got a LOT of big news from the Linux Kernel, Debian, GRUB, openSUSE?s Open Build Service, Mageia, Whonix, Linux Mint and more. We?ll also check out some hardware news regarding a portable monitor, some new hardware from NVidia and some new hardware from AMD. Speaking of AMD, Valve announced some exciting news for AMD gamers by improving Vulkan Shaders. We?ll also take a look at a new GNOME Shell replacement called Material Shell that has a lot of potential. We?ve got some anniversaries to celebrate for ZorinOS and GamingonLinux. T.hen we?ll round out the show with more Linux Gaming news featuring Rocket Leage. All that and much more on Your Weekly Source for Linux GNews.

      • Thomas Lange: Talks, articles and a podcast in German

        Then I found an article in the iX Special 2019 magazine about automation in the data center which mentioned FAI. Nice. But I was very supprised and happy when I saw a whole article about FAI in the Linux Magazin 7/2019. A very good article with a some focus on network things, but also the class system and installing other distributions is described. And they will also publish another article about the FAI.me service in a few months. I'm excited!

        In a few days, I going to DebConf19 in Curitiba for two weeks. I will work on Debian web stuff, check my other packages (rinse, dracut, tcsh) and hope to meet a lot of friendly people.

    • Kernel Space

      • Linux 5.3 Lands Support For Tracking AVX-512 Usage

        After being delayed from earlier kernel cycles, Linux 5.3 will allow for tracking the last time a process made use of AVX-512 in order for user-space schedulers to provide better task placement.

      • Linux 5.3 Ready To Support Linux Guests On ACRN

        Back in March 2019 when Intel announced Sound Open Firmware, they also announced ACRN as a small footprint hypervisor intended for real-time and safety-critical use-cases. Now with Linux 5.3 this IoT-focused hypervisor can handle Linux guests on the ACRN hypervisor.

      • bolt 0.8 with support for IOMMU protection

        I already wrote about the general idea when the Thunderclap paper was published. But to quickly refresh everyone's memory: Thunderbolt, via PCIe, can directly access the main memory (DMA). This opens the door to attacks, the recent Thunderclap attack is a prominent example and demonstration of such an attack. To mitigate DMA attacks, security levels were introduced with Thunderbolt version 3. These new security levels require devices to be authorized before they can be used. On newer hardware and recent kernel versions, another mitigation scheme was introduced that facilitates the input–output memory management unit (IOMMU). The basic idea is to allow direct memory access for Thunderbolt devices only to certain safe memory regions and prevent devices accessing any memory area outside those. The availability of that feature is communicated by the kernel to userspace via the iommu_dma_protection sysfs attribute. If support is active boltd will change its behavior in a few novel ways. This is because we assume that as long as IOMMU protection as enabled, it is safe to authorize devices, even without asking the user. New devices that are not authorized are therefore automatically enrolled, but with a new iommu policy. In the case that IOMMU is turned off again, devices with this iommu policy won't automatically be authorized by boltd and will require explicit user interaction. Additionally, devices that are new but already authorized by the firmware, are now automatically imported, so we always have a record of devices that were attached to the system. Anybody who is interested in even more (technical) details can read bolt issues #128 (iommu) and #137 (auto-import).

      • Linux's Thunderbolt Manager Bolt 0.8 Adds IOMMU Protection

        Bolt, the Red Hat led project for managing Thunderbolt devices on Linux and their security, is out with their version 0.8 update to introduce better security for the growing number of Thunderbolt devices.

        The headline feature of Bolt 0.8 is introducing IOMMU protection. The Bolt IOMMU support is for using the IOMMU unit on newer hardware and supported by newer kernels to only permit DMA access by Thunderbolt devices to assigned/safe memory regions rather than being able to access any of the system memory. This should further help tighten the Linux security around Thunderbolt and complement the other security measures that have been in place following issues like Thunderclap.

      • Linux Kernel Community Agrees To Add Microsoft To Its Private Mailing List [Ed: A bunch of salaries from Zemlin PAC have turned Swapnil into a "true believer" in Microsoft lies]

        Microsoft recently applied to join a private Linux kernel mailing list that is meant for reporting and discussing security issues privately before they are made public.

        Why does Microsoft need to join this particular list and why does such a list exists in the first place when the kernel community runs its business publicly. Neither of the two is as complicated as it might seem.

      • Linux Foundation

        • ONAP Doubles-Down on Deployments, Drives Commercial Activity Across Open Source Networking Stack with ‘Dublin’ Release

          LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today announced the availability of ONAP Dublin and the addition of six new members. ONAP’s fourth release, Dublin, brings an uptick in commercial activity – including new deployment plans from major operators (including Deutsche Telekom, KDDI, Swisscom, Telecom Italia, and Telstra) and ONAP-based products and solutions from more than a dozen leading vendors – and has become the focal point for industry alignment around management and orchestration of the open networking stack, standards, and more.

          Combined with the availability of ONAP Dublin, the addition of new members (Aarna Networks, Loodse, the LIONS Center at Pennsylvania State University, Matrixx Software, VoerEir AB, and XCloud Networks) continues LFN’s global drumbeat of ecosystem growth for accelerated development and adoption of open source and open standards-based networking technologies.

      • Graphics Stack

        • Mesa 19.1.2
          Mesa 19.1.2 is now available.
          
          

          In this release we have:

          Different fixes for the Intel and AMD Vulkan drivers, Freedreno, the Meson build system, and some other fixes for other parts and/or drivers.

          Worth to mention a fix for a crash in Wolfenstein II with the RADV driver, and another fix relevant for DXVK on Intel gen7 drivers.

          Anuj Phogat (3): Revert "i965/icl: Add WA_2204188704 to disable pixel shader panic dispatch" Revert "anv/icl: Add WA_2204188704 to disable pixel shader panic dispatch" Revert "iris/icl: Add WA_2204188704 to disable pixel shader panic dispatch"

          Arfrever Frehtes Taifersar Arahesis (1): meson: Improve detection of Python when using Meson >=0.50.

          Bas Nieuwenhuizen (2): radv: Only allocate supplied number of descriptors when variable. radv: Fix interactions between variable descriptor count and inline uniform blocks.

          Caio Marcelo de Oliveira Filho (1): spirv: Ignore ArrayStride in OpPtrAccessChain for Workgroup

          Dylan Baker (2): meson: Add support for using cmake for finding LLVM Revert "meson: Add support for using cmake for finding LLVM"

          Eric Anholt (2): freedreno: Fix UBO load range detection on booleans. freedreno: Fix up end range of unaligned UBO loads.

          Eric Engestrom (1): meson: bump required libdrm version to 2.4.81

          Gert Wollny (2): gallium: Add CAP for opcode DIV vl: Use CS composite shader only if TEX_LZ and DIV are supported

          Ian Romanick (1): glsl: Don't increase the iteration count when there are no terminators

          James Clarke (1): meson: GNU/kFreeBSD has DRM/KMS and requires -D_GNU_SOURCE

          Jason Ekstrand (2): anv/descriptor_set: Only write texture swizzles if we have an image view iris: Use a uint16_t for key sizes

          Jory Pratt (2): util: Heap-allocate 256K zlib buffer meson: Search for execinfo.h

          Juan A. Suarez Romero (4): docs: add sha256 checksums for 19.1.1 intel: fix wrong format usage Update version to 19.1.2 docs: add release notes for 19.1.2

          Kenneth Graunke (2): iris: Enable PIPE_CAP_SURFACE_REINTERPRET_BLOCKS gallium: Make util_copy_image_view handle shader_access

          Lionel Landwerlin (2): intel/compiler: fix derivative on y axis implementation intel/compiler: don't use byte operands for src1 on ICL

          Nanley Chery (2): intel: Add and use helpers for level0 extent isl: Don't align phys_level0_sa by block dimension

          Nataraj Deshpande (1): anv: Add HAL_PIXEL_FORMAT_IMPLEMENTATION_DEFINED in vk_format

          Pierre-Eric Pelloux-Prayer (2): mesa: delete framebuffer texture attachment sampler views radeon/uvd: fix calc_ctx_size_h265_main10

          Rob Clark (1): freedreno/a5xx: fix batch leak in fd5 blitter path

          Sagar Ghuge (1): glsl: Fix round64 conversion function

          Samuel Pitoiset (1): radv: only enable VK_AMD_gpu_shader_{half_float,int16} on GFX9+

          Sergii Romantsov (1): i965: leaking of upload-BO with push constants

          Ville Syrjälä (1): anv/cmd_buffer: Reuse gen8 Cmd{Set, Reset}Event on gen7

          git tag: mesa-19.1.2
        • Mesa 19.1.2 Released - Led By Intel & Radeon Vulkan Driver Fixes

          For those riding the Mesa 19.1 stable release train, Mesa 19.1.2 is now available as the second point release to this quarterly update to this collection of open-source OpenGL/Vulkan drivers for the Linux desktop.

          On the Vulkan driver front, Mesa 19.1.2 brings a RADV fix for Wolfenstein II, an ANV Vulkan driver fix for DXVK with older Gen7 graphics, only enabling VK_AMD_gpu_shader_half_float and int16 for Vega and newer with RADV, and other Vulkan fixes.

        • NVIDIA 430.34 Linux Driver Brings SUPER Support

          NVIDIA today issued the 430.34 Linux driver as their newest update in the 430 stable series.

          The NVIDIA 430.34 driver doesn't bring any notable bug fixes but is focused on just providing new product support. This driver also includes the initial NVIDIA GeForce RTX SUPER support.

        • RADV Vulkan Driver Continues Further Refining Its Radeon RX 5700 "Navi" Support

          Back on 7 July, the open-source Mesa RADV Vulkan driver managed to deliver launch-day Navi support for these new 7nm GPUs. That first-cut support for this "community" open-source driver was working but various optimizations and features lacking. The developers at Valve, Red Hat, and Google have continued refining this Navi/GFX10 support for RADV.

          Two days later, there are already a number of RADV Navi/GFX10 support improvements merged and other work pending review. There is now merged tessellation support for Navi that was initially held up due to the code hanging on tessellation tests. There is also a number of fixes around the correct number of user SGPR registers for GFX10, among other fixes for these new Radeon RX 5700 series GPUs.

        • Radeon Graphics, Zombieload & Kernel Changes Intrigued Open-Source Fans In H1-2019
    • Applications

      • Top 15 Best Music Tag Editor Software for Linux system

        Music tag editor software implies a range of software that is used to edit metadata of multimedia files. Metadata stores all the information, for instance; artist, title, lyrics, conductor, album, length, track and embedded image in the audio file itself. There is numerous compatible best music tag editor software that is available on the Linux platform, among those some are open source and free thus; users can download and install them on their device.

      • Foliate Linux eBook Reader 1.4.0 Includes Wikipedia Lookup, Google Translate Support

        While new, having its first release back in May, Foliate is already a great EPUB eBook viewer, already incorporating most of the features you'd need in an eBook viewer.

        Besides these important to have features for an eBook viewer, the application also has various minor features that many will find useful, like viewing an eBook's metadata, remember where you left off, fullscreen mode, and more.

        It should be noted that Foliate does not support any formats other than EPUB though - it has no support for PDF or MOBI files.

        Foliate 1.4.0 was released recently with interesting new features and other changes. Until now, the Linux eBook reader only supported looking up words on Wiktionary - with the new 1.4.0 release though, it also supports looking up words on Wikipedia, dictd, and translating text using Google Translate.

      • Proprietary

        • Who’s Behind the GandCrab Ransomware? [iophk: Windows TCO]

          The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follows is a deep dive into who may be responsible for recruiting new members to help spread the contagion.

        • Microsoft has caused an uproar among its partners by canceling one of their favorite perks: software for their own use [paywall]

          Over the course of the next year, Microsoft will stop allowing its partners to use its software for their own businesses as a perk — and instead, charge them, same as anybody else.

        • Hey Microsoft, why is the Skype Snap app hopelessly outdated?

          The official Skype Snap app for Linux has not been updated in nearly six months, and Microsoft is yet to say why.

          When introducing the cross-distro build in early 2018, the company said the Skype Snap app would give it the “…ability to push the latest features straight to our users, no matter which device or distribution they happen to use.”

          Clearly, not.

          Because at the time of writing this post the Skype Snap app sits on version 8.34.0.78, which the Snapcraft store reports was ‘last updated’ in November 2018.

          However, the “regular” Linux version available to download from the Skype website is on version 8.47.0.73, released June 2019.

    • Instructionals/Technical

      • How to open system monitor in Ubuntu
      • xinput-gui: Simple Graphical Tool To Configure X Input Devices
      • How To Reset Lost Admin Password For Grafana
      • How to Format an SD Card for Use with Raspberry Pi
      • How to install Elasticsearch and Kibana on Linux
      • Install Siberian CMS with LAMP on Ubuntu 18.04 – Google Cloud
      • rdesktop – A RDP Client to Connect Windows Desktop from Linux
      • Jenkins tool and it’s basic terminology
      • Real Hands-On Labs at Linux Academy
      • API-first design with OpenAPI and Red Hat Fuse
      • What Really IRCs Me: Mastodon

        When it comes to sending text between people, I've found IRC (in particular, a text-based IRC client) works best. I've been using it to chat for decades while other chat protocols and clients come and go. When my friends have picked other chat clients through the years, I've used the amazing IRC gateway Bitlbee to connect with them on their chat client using the same IRC interface I've always used. Bitlbee provides an IRC gateway to many different chat protocols, so you can connect to Bitlbee using your IRC client, and it will handle any translation necessary to connect you to the remote chat clients it supports. I've written about Bitlbee a number of times in the past, and I've used it to connect to other instant messengers, Twitter and Slack. In this article, I describe how I use it to connect to yet another service on the internet: Mastodon.

        Like Twitter, Mastodon is a social network platform, but unlike Twitter, Mastodon runs on free software and is decentralized, much like IRC or email. Being decentralized means it works similar to email, and you can create your own instance or create an account on any number of existing Mastodon networks and then follow people either on the same Mastodon network or any other instance, as long as you know the person's user name (which behaves much like an email address).

        I've found Bitlbee to be a great interface for keeping track of social media on Twitter, because I treat reading Twitter like I was the operator for a specific IRC room. The people I follow are like those I've invited and given voice to, and I can read what they say chronologically in my IRC room. Since I keep my IRC instance running at all times, I can reconnect to it and catch up with the backlog whenever I want. Since I'm reading Twitter over a purely text-based IRC client, this does mean that instead of animated gifs, I just see URLs that point to the image, but honestly, I consider that a feature!

        Since Mastodon behaves in many ways like Twitter, using it with Bitlbee works just as well. Like with Twitter over Bitlbee, it does mean you'll need to learn some extra commands so that you can perform Mastodon-specific functions, like boosting a post (Mastodon's version of retweet) or replying to a post so that your comment goes into the proper thread. I'll cover those commands in a bit.

    • Wine or Emulation

      • D9VK 0.13 "Hypnotoad" is out, further advancing the D3D9 to Vulkan layer for Wine

        Developer Joshua Ashton today announced a brand new and rather large release of D9VK, the D3D9 to Vulkan layer for use with Wine.

        New features making it into this release includes fixed function support for everything but "lighting, texcoord transforms, spheremap texcoords and constant texture arg", noting that it should work well enough for most games "if you can deal with with them being fullbright". Also implemented as of this release is GetGammaRamp, ColorFill, disjointed timestamp queries, Hardware Cursor support, a way to workaround resource hazards (only necessary on AMD) and more.

      • D9VK 0.13 Brings Fixed Function Support, Other Features & Better Performance

        D9VK 0.13 is now available as the newest release of this project mapping Direct3D 9 atop Vulkan for accelerated Windows gaming on Linux.

    • Games

      • Physics-based building game "Besiege" just had a pretty big update, new levels and plenty of bug fixes

        Building machines to destroy in Besiege is pretty fun and it's progressing towards the final release with a pretty huge update now available for this physics-based building game.

        You can now actually rebind controls, two new levels were added with Mountain Barrier and Revolving Monolith, four new achievements and a new sorting system is available for those of you getting lost with tons of saved designs.

      • MineRalph is a reaction-based rolling platformer that might make you rage, demo available

        Chop Chop Games seem to have created a game that might frustrate the best of gamers with MineRalph, a rolling platformer. The idea is simple as you just need to control your momentum, with a very simple control system. However, it's surprisingly challenging and…very weird.

        The developer said it's designed to be difficult, with it being based on your own reaction timings. You can propel yourself around in 360 degrees with varying speeds, so it's easy to get it wrong and spectacularly fail. Chop Chop Games claim it's "best described as a crossover between Sonic the Hedgehog and Super Meat Boy - with the level design of Super Mario... and the control scheme of Angry Birds" and they're not far off with that description.

      • Defend The Keep, a fast-paced Tower Defense game will be coming to Linux next week

        Vanille Games have announced their Tower Defense game Defend The Keep will be releasing this month with full Linux support.

        They said they didn't think they would have enough time to do a Linux version, but enough people showed their interest in it so it's coming right away on July 16th. Sometimes developers just need that little push and as a strategy game fan, I'm happy about this news.

      • SteamVR has another beta up, with plenty of Linux fixes and other improvements

        With the Valve Index now out, Valve continue to make quick improvements to SteamVR with the latest Beta now available.

        For SteamVR, they've changed how games are launched from SteamVR Home to avoid a possible hang, changes to hopefully avoid "error 308" on startup, automatic firmware recovery for the Valve Index and Vive Pro and a fix for a rare spontaneous shutdown of vrserver caused by very briefly connected pipes.

        SteamVR Input had quite a few changes on this round, including new options for global rotation values and global deadzone value for thumbsticks. A new screen to test the input from any controller supported by SteamVR and more.

        Lighthouse got a change to device discovery to reduce the impact of misbehaving USB drivers and devices and the Index Controllers got updated default input bindings for legacy applications that don't have specific configs set along with improvements for applications built for trackpads.

      • SC Controller, the UI and driver for the Steam Controller has new releases out

        SC Controller is a truly wonderful bit of software, enabling the use and customization of the Steam Controller outside of Steam.

      • 3D platformer Marble Skies has left Early Access, multiplayer is coming

        Marble Skies, a 3D platformer that's actually pretty good has officially left Early Access and they're continuing to improve it with big new features.

        After adding Linux support back in April, it seems it left Early Access early this month, although they don't seem to have actually announced the full release anywhere I could find.

      • Tannenberg and Verdun both get gamepad support, plus some helpful balancing changes

        Tannenberg and Verdun, two first-person shooters that show WWI from different fronts both got updated, pulling in gamepad support. I've tested the gamepad support myself in Tannenberg and it does appear to work quite nicely. It's integrated properly into all the menus as well, so it's perfectly playable. Not sure how you will get on against players using a mouse though, since both games need good accuracy and reaction times.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Artix Linux 20190609 LXQT Run Through

          In this video, we look at Artix Linux 20190609.

        • Artix Linux 20190609

          Today we are looking at Artix Linux 20190909 snapshot. Artix Linux, formally known as the community edition of Manjaro has two isos. They have a Qt ISO, with both the Plasma and LXQt desktop environments, a person choose what one you like in the login manager, and the Gnome Classic ISO, with the MATE and LXDE desktop environments.

          Artix is Arch based and comes with the latest of Linux. So the latest Kernel, when I created the video it was 5.1 and it uses LXQt 0.14.1 and KDE Plasma 5.16.2. In the video below I looked at the LXQt edition and in my video with voice-overs on my other channel at the KDE Plasma edition. Enjoy!

        • Plasma + Usability & Productivity Sprint in Valencia, Spain

          The KDE Plasma and Usability teams recently converged on the beautiful Spanish city of Valencia for a combined development sprint. The teams admired Valencia's medieval architecture and stayed up until midnight eating sumptuous Mediterranean food. But of course, the real purpose was work!

          We camped out in the offices of the Slimbook company, which were generously made available for the sprint. The aim was not only to hack on Plasma and the Usability & Productivity initiative, but also to benefit from the cross-pollination opportunities provided by hosting both sprints at the same time and place.

        • Plasma Sprint 2019 in Valencia

          Last month the Plasma team met in Spain for their annual developer sprint. It was kindly hosted by Slimbook in their offices on the outskirts of Valencia. This time it was co-located with the Usability sprint and it was great to meet so many new faces there.

        • Usability & Productivity Sprint 2019

          In June 2019 I went to Usability & Productivity Goal Sprint in the beautiful city of Valencia! As I’m a relatively new KDE contributor this was my very first sprint experience and it was awesome. At the same time the Plasma Sprint took place and it felt more like one big sprint than two separate events. We were kindly hosted by Slimbook which also organized a bus that took us to their office in the morning and back to the hotel in the evening. A big thank you to them!

          In the first part of the sprint I mainly worked on continuing to improve Spectacle. You don’t know Spectacle? It is our screenshotting application with many settings: for example to control what should be captured, if you want to include your mouse cursor or to simply set a delay from when you press the button until the actual screenshot is taken.

    • Distributions

      • Fedora Family

        • Call for Fedora Women’s Day 2019 proposals

          Fedora Women’s Day (FWD) is a day to celebrate and bring visibility to female contributors in open source projects, including Fedora. This event is headed by Fedora’s Diversity and Inclusion Team.

          During the month of September, in collaboration with other open source communities, women in tech groups and hacker spaces, we plan to organize community meetups and events around the world to highlight and celebrate the women in open source communities like Fedora and their invaluable contributions to their projects and community.

          These events also provide a good opportunity for women worldwide to learn about free and open source software and jump start their journey as a FOSS user and/or a contributor. They also provide a platform for women to connect, learn and be inspired by other women in open source communities and beyond.

      • Debian Family

        • Upgraded my first host to buster

          I upgrade the first of my personal machines to Debian's new stable release, buster, yesterday. So far two minor niggles, but nothing major.

          My hosts are controlled, sometimes, by puppet. The puppet-master is running stretch and has puppet 4.8.2 installed.

        • Upgrade To Debian 10 From Debian 9 Stretch

          Debian 10 codename Buster is already has been released few days ago. It was released on July 6, 2019. Debian 10 is a LTS version and it will be supported for 5 years.

          In this post, we will show you how to upgrade to Debian 10 from Debian 9 Stretch operating system.

        • Debian 10 "Buster" Released with Download Links, Mirrors, and Torrents

          Debian 10 "Buster" released at 6 July 2019 with Long Term Support (LTS) lifespan of 5 years and 7 different desktop environments. Now, the Live Editions are available with Cinnamon, GNOME, KDE, XFCE, LXDE, LXQt, and MATE user interfaces. I listed here only the DVD versions and divided them into two architectures 32-bit and 64-bit. I also listed below the Checksums and where to get the Source Code ISOs. This is a compilation of all Debian 10 official download links including several mirrors and torrents. Happy downloading!

      • Canonical/Ubuntu Family

        • Debian vs. Ubuntu: The Similarities, Differences and Which One You Should Use

          Ubuntu received a lot of love in its earlier releases. It made many seemingly complicated operations, easier for beginners just coming into the world of Linux-based distributions. But around the time the Unity interface was launched, it started to get some hate, too.

          Objectively speaking, the interface was not good or bad, it did its job well. But it did it differently than what most people were used to. Then, some other changes, like inserting ads in the launch menu and changing the interface once again to Gnome, made some users dislike the distro even more and people began to look for alternatives, with one of them being Debian. Since Ubuntu is created from Debian, the two are very similar at the core. However, with the changes Canonical made to Debian to create Ubuntu, there are also a lot of differences, some of them subtle.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open education: There isn't an app for that

        Open source software has saved my district—Penn Manor School District in Lancaster County, Pennsylvania—more than a million dollars on its technology budget. But more importantly, making a deliberate and concerted effort to infuse open principles and practices into our learning environments has cultivated a vibrant and inclusive learning community that cuts across the school. And as a result, student success has exceeded our expectations.

        But how do schools put open ideas into practice to foster future innovators and leaders? It's not as simple as installing Linux on 4,000 student laptops, holding hands, and singing the alma mater in the high school cafeteria.

        An open schoolhouse values all learners' unique strengths and passions to help them reach their potential. This work does not begin and end with curricula, worksheets, and test scores. It starts with building connections, relationships, and trust with students. In this article, I'll explain how we put these ideas into practice.

      • Software in the Public Interest board elections

        Software in the Public Interest (SPI) has announced that nominations are open until July 15 for 3 seats on the SPI board.

      • Upcoming SPI board elections for 2019
        Hi everyone. This is a heads up about the upcoming SPI board
        elections. The primary purpose of this notice is to give some time to
        people to think about running for a board position. We have three
        seats available for a three year term:
        
        

        * President * General board member * General board member

        The formal nomination period will open on Monday, 1st July 2019 and run for a bit over two weeks. Elections, if required, will then run and results annouanced at the end of the month.

        * Monday July 1st 2019 00:00 UTC - Nominations open * Monday July 15th 2019 23:59 UTC - Nominations close * Wednesday July 17th 2019 00:00 UTC - Voting commences * Tuesday July 30th 2019 23:59 UTC - Voting closes * Wednesday July 31st 2019 UTC - Results announced

        Potential board members should be able to commit to attending the monthly board meetings, which are conducted publicly via IRC (#spi on the OFTC network). These take place at 20:00 UTC on the second Monday of every month. More details, including all past agendas and minutes, can be found at http://spi-inc.org/meetings/

        The ideal candidate will have an existing involvement in the Free and Open Source community, though this need not be with a project affiliated with SPI.

        Please do take the opportunity to ask any questions you may have about SPI board membership on the spi-general mailing list before the formal nomination period opens. You can also find various board members present on #spi on irc.spi-inc.org (OFTC).

        Tim Potter Secretary, Software in the Public Interest, Inc.
      • Events

        • openSUSE.Asia Summit 2019 Logo Competition Winner

          The votes are in and the openSUSE Project is happy to announce that the openSUSE.Asia Summit 2019 logo competition winner is Hervy Qurrotul from Indonesia. Congratulations Hervy! As the winner, Hervy will receive a “mystery box” from the committee.

          On this logo competition, we have 18 submissions from all over the world. All the designs are great. This logo competition is voted by openSUSE.Asia Committee and Local Team. Thank you for your vote.

      • Web Browsers

        • Mozilla

          • Latest Firefox Release Available today for iOS and Desktop

            Since our last Firefox release, we’ve been working on features to make the Firefox Quantum browser work better for you. We added by default Enhanced Tracking Protection which blocks known “third-party tracking cookies” from following your every move. With this latest Firefox release we’ve added new features so you can browse the web the way you want — unfettered and free. We’ve also made improvements for IT managers who want more flexibility when using Firefox in the workplace.

          • Mozilla is planning a Firefox VPN, with a beta expected in three months

            The paid-for options will be optional, though, and Dave Camp, senior vice president of Firefox said that "A high-performing, free and private-by-default Firefox browser will continue to be central to our core service offerings."

          • Firefox might get a built-in VPN later this year

            We asked Mozilla what was going on and they kindly told us: "In 2019, we are continuing to explore new product features and offerings. As part of this, small groups of browser users are invited at random to respond to surveys, provide feedback and potentially test proposed new features, products or services.

            "These explorations can easily be identified as they will always include the URL https://firstlook.firefox.com. And as always, what we are not experimenting with is the cost to access Firefox itself, which is now, and always will be free."

          • Changes in Firefox 68

            Firefox 68 is coming out today, and we wanted to highlight a few of the changes coming to add-ons. We’ve updated addons.mozilla.org (AMO) and the Add-ons Manager (about:addons) in Firefox to help people find high-quality, secure extensions more easily. We’re also making it easier to manage installed add-ons and report potentially harmful extensions and themes directly from the Add-ons Manager.

          • Firefox 68: BigInts, Contrast Checks, and the QuantumBar

            Firefox 68 is available today, featuring support for big integers, whole-page contrast checks, and a completely new implementation of a core Firefox feature: the URL bar.

          • Firefox 68 Released With JavaScript BigInt Support, Good WebRender Linux Performance

            Mozilla rolled out Firefox 68.0 as the newest version of their web-browser.

            Firefox 68 brings JavaScript BigInt support for being able to store very large numbers, similar to Google's Chrome addition last year.

            Firefox 68 also continues working on WebRender/Quantum code. Based on our early beta testing, Firefox 68 with WebRender is performing very well.

      • Productivity Software/LibreOffice/Calligra

      • FSF/FSFE/GNU/SFLC

        • GNU Linux-Libre 5.2 Kernel Released for Those Seeking 100% Freedom for Their PCs

          The GNU Linux-libre project has released the GNU Linux-libre 5.2 kernel, a 100% free version of the Linux kernel that doesn't include any proprietary drivers, firmware, or code. Based on the recently released Linux 5.2 kernel series, which introduces the Sound Open Firmware support for DSP audio devices, the GNU Linux-libre 5.2 kernel also ships with the open-source firmware, which wasn't included in previous versions of the GNU Linux-libre kernel because they were overlooked.

          "I had not realized the SOF files were Free Software in recent earlier releases, so the requests for these files were disabled in them," said developer Alexandre Oliva in a mailing list announcement. "Only while cleaning up the new kernel module specifically devoted to SOF-supporting devices did I realize my mistake."

      • Programming/Development

        • Ten Years of Erlang

          I've joined the Erlang community about 10 years ago, in the midst of its first major hype phase. Erlang, we were told, was the future of concurrency and parallelism. The easiest and fastest way to get it done, and you could get distribution for free too. Back then, things were just starting to get amazing. The virtual machine had recently gotten SMP support, before which you needed to run multiple VMs on the same computer to truly use all CPUs.

          I wanted to take a bit of time to reflect over most of that decade. In this post, I'll cover a few things such as hype phases and how this related to Erlang, the ladder of ideas within the language and how that can impact adoption, what changed in my ten years here, and I'll finish up with what I think Erlang still has to bring to the programming community at large.

        • Python list comprehension with Examples

          This tutorial covers how list comprehension works in Python. It includes many examples which would help you to familiarize the concept and you should be able to implement it in your live project at the end of this lesson.

        • Ibis: Python data analysis productivity framework

          Ibis is a library pretty useful on data analysis tasks that provides a pandas-like API that allows operations like create filter, add columns, apply math operations etc in a lazy mode so all the operations are just registered in memory but not executed and when you want to get the result of the expression you created, Ibis compiles that and makes a request to the remote server (remote storage and execution systems like Hadoop components or SQL databases). Its goal is to simplify analytical workflows and make you more productive.

        • Reasons Why Python is Good for AI and ML

          Artificial Intelligence (AI) and Machine Learning (ML) are the new black of the IT industry. While discussions over the safety of its development keep escalating, developers expand abilities and capacity of artificial intellect. Today Artificial Intelligence went far beyond science fiction idea. It became a necessity. Being widely used for processing and analyzing huge volumes of data, AI helps to handle the work that cannot be done manually anymore because of its significantly increased volumes and intensity.

        • The Python Software Foundation is looking for bloggers!

          The Python Software Foundation (PSF) is looking to add bloggers for the PSF blog located at http://pyfound.blogspot.com/. As a PSF blogger, you will work with the PSF Communication Officers to brainstorm blog content, communicate activities, and provide updates on content progression. Example of content includes PSF community service awardee profiles, details about global Python events and PSF grants, or recent goings-on within the PSF itself. One goal of the 2019 - 2020 PSF Board of Directors is to increase transparency around PSF activities by curating more frequent blog content.

        • Racket is an acceptable Python

          A little over a decade ago, there were some popular blogposts about whether Ruby was an acceptable Lisp or whether even Lisp was an acceptable Lisp. Peter Norvig was also writing at the time introducing Python to Lisp programmers. Lisp, those in the know knew, was the right thing to strive for, and yet seemed unattainable for anything aimed for production since the AI Winter shattered Lisp's popularity in the 80s/early 90s. If you can't get Lisp, what's closest thing you can get?

          This was around the time I was starting to program; I had spent some time configuring my editor with Emacs Lisp and loved every moment I got to do it; I read some Lisp books and longed for more. And yet when I tried to "get things done" in the language, I just couldn't make as much headway as I could with my preferred language for practical projects at the time: Python.

          Python was great... mostly. It was easy to read, it was easy to write, it was easy-ish to teach to newcomers. (Python's intro material is better than most, but my spouse has talked before about some major pitfalls that the Python documentation has which make getting started unnecessarily hard. You can hear her talk about that at this talk we co-presented on at last year's RacketCon. I'll leave that to her to discuss at some point however.) I ran a large free software project on a Python codebase, and it was easy to get new contributors; the barrier to entry to becoming a programmer with Python was low. I consider that to be a feature, and it certainly helped me bootstrap my career.

          Most importantly of all though, Python was easy to pick up and run with because no matter what you wanted to do, either the tools came built in or the Python ecosystem had enough of the pieces nearby that building what you wanted was usually fairly trivial.

        • Pipx – Install And Run Python Applications In Isolated Environments

          It is always recommended to install Python applications in Virtual Environments to avoid conflicts with one another. Pip package manager helps us to install Python applications in an isolated environments, using two tools namely venv and virtualenv. There is also another Python package manager named “Pipenv”, which is recommended by Python.org, to install Python applications. Unlike Pip, Pipenv automatically creates virtual environments by default. Meaning – you don’t need to manually create virtual environments for your projects anymore. Today, I stumbled upon a similar tool named “Pipx”, a free and open source utility that allows you to install and run Python applications in an isolated virtual environments.

          Using Pipx, we can easily install thousands of Python applications hosted in PyPI without much hassle. Good thing is you can do everything with regular user permissions. You need not to be “root” user or need not to have “sudo” permissions. It is worth mentioning that Pipx can run a program from temporary environment, without having to install it. This will be handy when you test multiple versions of same program often. The packages installed with Pipx can be listed, upgrade or uninstalled at any time. Pipx is a cross-platform application, so it can run on Linux, Mac OS and Windows.

        • Check-in #7: (5 July - 11 July)
        • PSF GSoC students blogs: Seventh Week [July 1st - July 7th] [3rd PSF Blog Post]
        • Python for NLP: Creating TF-IDF Model from Scratch

          This is the 14th article in my series of articles on Python for NLP. In my previous article, I explained how to convert sentences into numeric vectors using the bag of words approach. To get a better understanding of the bag of words approach, we implemented the technique in Python.

          In this article, we will build upon the concept that we learn in the last article and will implement the TF-IDF scheme from scratch in Python. The term TF stands for "term frequency" while the term IDF stands for the "inverse document frequency".

        • Highest used Python code in the Pentesting/Security world

          I think this is the highest used Python program in the land of Pentesting/Security, Almost every blog post or tutorial I read, they talk about the above-mentioned line to get a proper terminal after getting access to a minimal shell on a remote Linux server.

        • Gen: a general-purpose probabilistic programming system with programmable inference

          PLDI 2019 Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation

        • New AI programming language goes beyond deep learning

          In a paper presented at the Programming Language Design and Implementation conference this week, the researchers describe a novel probabilistic-programming system named “Gen.” Users write models and algorithms from multiple fields where AI techniques are applied — such as computer vision, robotics, and statistics — without having to deal with equations or manually write high-performance code. Gen also lets expert researchers write sophisticated models and inference algorithms — used for prediction tasks — that were previously infeasible.

          In their paper, for instance, the researchers demonstrate that a short Gen program can infer 3-D body poses, a difficult computer-vision inference task that has applications in autonomous systems, human-machine interactions, and augmented reality. Behind the scenes, this program includes components that perform graphics rendering, deep-learning, and types of probability simulations. The combination of these diverse techniques leads to better accuracy and speed on this task than earlier systems developed by some of the researchers.

        • Rodrigo Siqueira: Status Update, June 2019

          For a long time, I’m cultivating the desire of getting the habit of writing monthly status update; in some way, Drew DeVault’s Blog posts and Martin Peres advice leverage me toward this direction. So, here I’m am! I decided to embrace the challenge of composing a report per month. I hope this new habit helps me to improve my write, summary, and communication skills; but most importantly, help me to keep track of my work. I want to start this update by describing my work conditions and then focus on the technical stuff.

          The last two months, I have to face an infrastructure problem to work. I’m dealing with obstacles such as restricted Internet access and long hours in public transportation from my home to my workplace. Unfortunately, I cannot work in my house due to the lack of space, and the best place to work it is a public library at the University of Brasilia (UnB); go to UnB every day makes me wast around 3h per day in a bus. The library has a great environment, but it also has thousands of internet restrictions, for example, I cannot access websites with ‘.me’ domain and I cannot connect to my IRC bouncer. In summary: It has been hard to work these days. So, let’s stop to talk about non-technical stuff and let’s get to the heart of the matter.

          I really like to work on VKMS, I know this isn’t news to anyone, and in June most of my efforts were dedicated to VKMS. One of my paramount endeavors it was found and fixed a bug in vkms that makes kms_cursor_crc, and kms_pipe_crc_basic fails; I was chasing this bug for a long time as can be seen here [1]. After many hours of debugging I sent a patch for handling this issue [2], however, after Daniel’s review, I realize that my patch does not correctly fix the problem. Daniel decided to dig into this issue and find out the root of the problem and later sent a final fix; if you want to see the solution, take a look at [3]. One day, I want to write a post about this fix since it is an interesting subject to discuss.

          Daniel also noticed some concurrency problems in the CRC code and sent a patchset composed of 10 patches that tackle the issue. These patches focused on creating better framebuffers manipulation and avoiding race conditions; it took me around 4 days to take a look and test this series. During my review, I asked many things related to concurrency and other clarification about DRM, and Daniel always replied with a very nice and detailed explanation. If you want to learn a little bit more about locks, I recommend you to take a look at [4]; serious, it is really nice!

        • g_clear_signal_handler() in GLib 2.61.1

          It’s been a long time since I’ve blogged, so I thought I’d do a quick series on new APIs in the upcoming 2.62 release series of GLib.

          Today, it’s the g_clear_signal_handler() function added by Marco Trevisan. This is a simple helper function along the same lines as g_clear_pointer(), g_clear_error() and g_clear_handle_id(). Given a GObject and a signal handler ID, it disconnects the signal handler and clears the signal handler ID variable to zero.

        • Code with Google helps more students learn to code

          Melissa Schonig is a fifth-grade English and Language Arts (ELA) teacher at Lynhaven Elementary School where 40-50 percent of students are Latino, and many don’t have access to computers at home. She didn’t know much about computer science, but wanted her students to get familiar with coding because it can help with other skills, such as critical thinking and collaboration. So she tried a CS First activity where students coded different endings to the story they read in class. Melissa says that, in a short time, “the kids were problem solving, troubleshooting, and helping one another. It was incredible to hear the conversations about coding and the other concepts we were learning in the room.”

        • ‘Code With Google’ Offers Free Programming Lessons For Kids

          Programming is a crucial skill necessary for kids who are stepping into an increasingly software-driven world. However, the training resources required to learn coding aren’t readily available to everyone.

          To bridge this gap, Google has launched ‘Code With Google‘ — an educational resource that will help school teachers to teach the basics of programming to students.

        • PSF GSoC students blogs: Week 6: Client side and OOP

          I worked on client side by migrating functions written in basemap and creating the instance of topview to generate plot in cartopy

        • PSF GSoC students blogs: Weekly check in [week 6 - 01/07 - 07/07]
        • LLVM's RISC-V Compiler Back-End Looks To Go Official For 9.0 Release

          LLVM's RISC-V CPU back-end has made immense progress over the past few years and now for the LLVM 9.0 release due out at the end of August or early September could become official.

          The RISC-V compiler back-end currently within the LLVM tree has been treated as "experimental" but for the in-development 9.0 release it could become an "official" back-end. Alex Bradbury who maintains this RISC-V code has requested this official status change.

        • GammaRay 2.11.0 Release

          We have released version 2.11.0 of our Qt application monitoring tool GammaRay. GammaRay allows you to observe behavior and data structures of Qt code inside your program live at runtime.

          GammaRay 2.11 comes with a new inspection tool for Qt’s event handling, providing even more insights into the inner working of your application. Besides looking at the events and their properties as they occur the event

  • Leftovers

    • Health/Nutrition

    • Security

      • British Airways faces largest ever data breach fine for 2018 [intrusion]

        The penalty comes from the Information Commissioner’s Office, which says that personal data relating to around half a million passengers was compromised during [an intrusion] incident last year.

      • Seriously, stop using RSA

        Here at Trail of Bits we review a lot of code. From major open source projects to exciting new proprietary software, we’ve seen it all. But one common denominator in all of these systems is that for some inexplicable reason people still seem to think RSA is a good cryptosystem to use. Let me save you a bit of time and money and just say outright—if you come to us with a codebase that uses RSA, you will be paying for the hour of time required for us to explain why you should stop using it.

        RSA is an intrinsically fragile cryptosystem containing countless foot-guns which the average software engineer cannot be expected to avoid. Weak parameters can be difficult, if not impossible, to check, and its poor performance compels developers to take risky shortcuts. Even worse, padding oracle attacks remain rampant 20 years after they were discovered. While it may be theoretically possible to implement RSA correctly, decades of devastating attacks have proven that such a feat may be unachievable in practice.

      • Security updates for Tuesday

        Security updates have been issued by Arch Linux (irssi, python-django, and python2-django), Debian (libspring-security-2.0-java and zeromq3), Red Hat (python27-python), SUSE (ImageMagick, postgresql10, python-Pillow, and zeromq), and Ubuntu (apport, Docker, glib2.0, gvfs, whoopsie, and zeromq3).

      • Fileless Trojan “Astaroth” That Steals Credentials Is Back, Warns Microsoft [Ed: Well, had Microsoft actually cared about security it wouldn't have given NSA et al back doors or bug doors into everything it has]

        The team got alert when they noticed a sudden huge spike in the usage of the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed an algorithm designed to catch a specific form of file-less attack.

      • GitHub account of Canonical was hacked, Ubuntu source code is safe [Ed: It is a Microsoft platform, not a Canonical or Ubuntu platform]
      • GitHub account of Canonical compromised, but Ubuntu source code safe
    • Defence/Aggression

      • Iran's Uranium Enrichment Breaks Nuclear Deal Limit. Here's What That Means

        Similarly, military action against Iran's nuclear facilities would probably set the program back, but only temporarily. "You just can't bomb their program out of existence," says David Albright, president of the Institute for Science and International Security. "I think what you're left with is negotiations."

      • In Afghanistan, We Have Three Dreams

        Some of us have wondered, “Are people today too disconnected and frantic to calm down, in order to solve global challenges together? Are we so polarized and self-absorbed that we cannot stop judging one another or insisting on our partisan ways?”

        In Kabul, our thoughts and feelings are diverse, complicated and flawed, so we centre our three dreams on relationships.

        We have felt much joy in creating this video-letter. We dedicate it to planet earth and to everyone in the human family.

        We hope that each of us can take tiny actions to free ourselves from the ravages of money and power.

      • American History for Truthdiggers: Bush 41—Struggling in Reagan's Shadow

        His vice president was everything Ronald Reagan was not. The Hollywood actor in chief had far less political qualification “on paper” than his 1980 Republican primary opponent, George H.W. Bush. Though Reagan oozed optimism and soothed the American people with his confident, digestible rhetoric, he was certainly no policy expert or Washington insider. Bush was both. He was a man born of privilege, scion of a prestigious, wealthy family and son of a Republican U.S. senator from Connecticut, Prescott Bush. However, the mid-20th century was different from our own time; it was an era when affluence and social standing didn’t obviate a sense of duty to country and family honor. Bush, like so many thousands of the other members of the American aristocracy, volunteered for the U.S. military in response to the Japanese attack on Pearl Harbor.

        Not yet 19, he would become the youngest pilot in the U.S. Navy at that time, eventually flying dozens of combat missions in the Pacific theater. In September 1944 he was involved in an action that won him the Distinguished Flying Cross. In the words of the citation, “Bush pressed home an attack in the face of intense antiaircraft fire. Although his plane was hit and set afire at the beginning of his dive, he continued his plunge toward the target and succeeded in scoring damaging bomb hits before bailing out of the craft.” He was the only member of the three-man crew to live through the incident. Afterward, survivor’s guilt bled through his letters home.

        At war’s end Bush entered Yale. After moving to Texas and finding wealth and respect in the oil industry, he followed his father into politics. He won a House seat in the 1960s, then lost a race for the U.S. Senate (he was unable to shake his Eastern establishment image with Texas voters, try as he might). In the 1970s, he was appointed ambassador to the United Nations, director of the Central Intelligence Agency and head of the Republican National Committee (RNC). After Bush’s 1980 defeat in a rather bitter presidential primary battle with Reagan—in which the Texan declared that his opponent, a “supply-side theory” advocate, was proposing “voodoo economics”—the Gipper chose Bush as his running mate. They stood together at the helm of the executive branch for eight years, though Bush tended to work behind the scenes, overshadowed by Reagan’s big personality.

      • Iran Steps Further From Nuke Deal, Adding Pressure on Europe

        Iran increased its uranium enrichment Sunday beyond the limit allowed by its 2015 nuclear deal with world powers, inching its program closer toward weapons-grade levels while calling for a diplomatic solution to a crisis heightening tensions with the U.S.

        Iran’s move, coupled with its earlier abandonment of the deal’s limit on its low-enriched uranium stockpile, intensifies pressure on Europe to find any effective way around U.S. sanctions that block Tehran’s oil sales abroad.

        But the future of the accord that President Donald Trump unilaterally pulled the U.S. from a year ago remains in question. While Iran’s recent measures could be easily reversed, Europe has struggled to respond, even after getting a 60-day warning that the increase was coming.

      • Media Falsely Portrays Iran’s Nuclear Deal Breach As Dash To Bomb

        The International Atomic Energy Agency (IAEA)—the UN nuclear watchdog tasked with vigorously monitoring Iran’s nuclear program under the 2015 accord—confirmed this week that Iran exceeded the limit on its supply of low-enriched uranium (LEU). Unfortunately, with a few notable exceptions, reporting from many in the media on this development wasn’t great. Reporters and commentators portrayed Iran, not Donald Trump, as the primary provocateur, with many going so far as to claim, without any evidence whatsoever, that Iran is now racing to build a nuclear weapon.

        One goal of the Iran nuclear deal (the Joint Comprehensive Plan of Action or JCPOA) was to stretch the timeline to one year in terms of how long it would take Iran to enrich enough uranium for one bomb. To achieve that outcome, the United States, the UK, France, Germany, China, Russia, and Iran agreed that Tehran could continue enriching uranium for civilian energy purposes but also to cap the amount of LEU it could have on hand at any one time to about 660 pounds. Before the agreement, and ostensibly under the untenable George W. Bush-era policy of “zero enrichment,” Iran had amassed around 10,000 pounds of LEU, which if further refined, could be transformed into fuel for nuclear weapons. After the JCPOA’s implementation, Iran shipped out 98 percent of its LEU stockpile and verifiably maintained, until this week, the 660-pound cap, even after Trump last year unilaterally reimposed sanctions that were lifted as part of the deal.

      • Increasing Pressure on Europe to Salvage Nuclear Deal, Iran Announces Plans to Exceed Uranium Enrichment Cap

        The landmark nuclear agreement, officially called the Joint Comprehensive Plan of Action (JCPOA), was initially signed by Iran, the United States, the United Kingdom, France, Germany, China, and Russia. Since President Donald Trump violated the JCPOA and reimposed sanctions last year—eliciting global condemnation and warnings that his administration is paving a path to war—European and Iranian diplomats have been working to save the deal.

        At a news conference on Sunday, Iranian officials announced the enrichment plans and said the country would continue to reduce its commitments under the JCPOA every 60 days unless the deal's European signatories provide relief from Trump's sanctions.

      • Trump’s Economic War on Iran: 88% reduction in Oil Exports, 6% Shrinkage of Economy

        The United States is already at war with Iran, squeezing its economy down to nothingness. If another country tried to do this to the US just on a whim and with no UN or international-law basis, the US would certainly launch a war over it. Iran’s choices are much more limited because it is a small, weak, Third World country, with not so much as a proper air force. But countries without conventional military capabilities that are squeezed like this by an enemy reply with unconventional tactics.

        Trump did this to Iran despite Iran’s adherence to the 2015 nuclear deal or Joint Comprehensive Plan of Action (JCPOA), as certified quarterly by the UN International Atomic Energy Agency.

      • Dogs of War Howl for Blood in Iran While Americans Cheer US Bombers on July 4th

        President Trump’s order to the Pentagon to have an aerial parade of military aircraft over Washington, DC on July 4 provided a history lesson of America’s war mongering in the past two decades, and a terrifying view of what might appear in the skies of Iran if John Bolton gets his way.

        The combat aircraft that were cheered by Trump’s supporters as they flew low over the monuments in the nation’s capital have not been cheered by people in Afghanistan, Iraq, Pakistan, Libya, Syria, Yemen and Palestine as the same type of planes fly over their homes—terrifying and killing their children and wreaking havoc on their lives.

      • Could Trump’s tricks boost his ratings and settle the Syrian conflict?

        Recently the U.S. President Donald Trump formally launched his 2020 re-election campaign in front of a large crowd in Orlando, Florida. The campaign is gaining momentum. We have already seen the celebrities and politicians speeches, preliminary ratings and even the economic models of the New York Times predicting Trump’s victory.

        For his part, the candidate keeps on delighting the world community by posting promising Tweets to increase his popularity and to retake votes from his opponents.

        According to Gallup, 45% of U.S. adults believe Trump should be impeached over the various alleged scandals that have dogged his presidency, while 53% said he should not be.

        45% is too much for the sitting president, so it has been decided to increase his positions in the eyes of his anti-war base. In this case, we are not speaking about implementation of all his statements, but only about election promises that can snatch the next agenda from competitors.

        For instance, the situation is so with Trump’s report on the withdrawal of the U.S. troops from Afghanistan. It looks like the White House analysts are working on the same scenario.

    • Environment

      • Trump Speech on Environment Doesn't Pass Smell Test with Activists

        Samantha Gross, a fellow with the Cross-Brookings Initiative on Energy and Climate, is bothered by Trump's assertion that previous administrations had to choose between protecting the environment and growing the economy.

        "I just find this completely untrue," Gross, a former director of the Energy Department's Office of International Climate and Clean Energy, told VOA. "Environmental improvement and economic growth has gone hand in hand for decades."

      • The Meat-Allergy Tick Also Carries a Mystery Killer Virus

        Like its closest cousins, Bourbon virus seems to spend at least some of its time in ticks. The patient the virus was first isolated from—a 68-year-old man named John Seested in Bourbon County, Kansas—had a history of tick bites. The summer after its discovery there, CDC researchers found the virus in the bodies of several ticks collected elsewhere in Bourbon County. The species they found carrying the virus was the Lone Star tick, whose bite is more notorious for making people allergic to red meat. It’s also been shown to replicate inside tick cell lines in the lab.

      • Trump’s Misleading Speech on His Environmental Record Is a ‘True “1984” Moment’

        "This speech is a true '1984' moment," said David G. Victor, director of the Laboratory on International Law and Regulation at the University of California, San Diego, to The New York Times.

        At one point, the doublespeak prompted Fox News host Shepard Smith to interrupt the broadcast to point out that many of Trump's policies had been "widely criticized by environmentalists and academics," HuffPost reported.

        Smith then went on to list some of the more than 80 regulatory rollbacks the Trump administration has initiated, including the recent repeal of the Clean Power Plan that would have limited emissions from coal plants.

      • Trump Saw Opportunity in Speech on Environment. Critics Saw a ‘“1984” Moment.’

        Reviewing new polling data, consultants working for President Trump’s 2020 campaign discovered an unsurprising obstacle to winning support from two key demographic groups, millennials and suburban women. And that was his record on the environment.

        But they also saw an opportunity. While the numbers showed that Mr. Trump was “never going to get” the type of voter who feels passionately about tackling climate change, a senior administration official who reviewed the polling said, there were moderate voters who liked the president’s economic policies and “just want to know that he’s being responsible” on environmental issues.

        So for nearly an hour in the East Room on Monday afternoon, Mr. Trump sought to recast his administration’s record by describing what he called “America’s environmental leadership” under his command.

        Flanked by several cabinet members and senior environmental officials — one a former lobbyist for the coal industry and the other a former oil lobbyist — Mr. Trump rattled off a grab bag of his administration’s accomplishments, which he said included “being good stewards of our public land,” reducing carbon emissions and promoting the “cleanest air” and “crystal clean” water.

      • Fox News Cuts Into Trump Speech To Deliver A Brutal Real-Time Fact Check

        President Donald Trump’s favorite news network not only cut into his speech on Monday, but it also fact-checked him on live television.

        Trump on Monday attempted to tout his administration’s environmental record, but Fox News host Shepard Smith interrupted to say those policies have been “widely criticized by environmentalists and academics.”

        The Fox News host cited a New York Times report that found that more than 80 environmental rules and regulations have been repealed and/or rolled back, including multiple regulations regarding drilling, air pollution and wildlife.

      • Trump avoids climate change in speech on environmentalism

        President Trump touted his administration's environmental stewardship in a speech in the East Room Monday. It's a topic the 2020 Democratic presidential candidates bring up almost daily, but not one Mr. Trump often addresses. But a White House fact sheet obtained by CBS News ahead of the speech did not mention climate change, nor did the president. In his speech, the president claimed his administration is working diligently to improve the environment, insisting the environment and economy go hand-in-hand. The environment can't be strong without a strong economy, Mr. Trump said. The president did tout the importance of forest management to prevent fires in California, and blasted the "Green New Deal."

      • Energy

        • Green Party deputy leader welcomes electric Mini launch

          She said: “It is clear that the future of motorised transport has to be fossil fuel-free. In the UK we’ve been left far behind countries whose governments have pushed further and farther in this age of climate emergency, but this is a step forward.

          “We need to see our infrastructure – charging points and renewable electricity generation – also catching up with the best continental standards.

        • 'Bomb Trains,' a New Book on the Deadly, Ongoing Threat of Oil by Rail

          On July 6, 2013, a train hauling crude oil from North Dakota's Bakken region derailed in Lac-Mégantic, Quebec, resulting in fires and explosions that killed 47 people and wiped out a large part of the small Canadian town's center. At the time I was living in Albany, New York, which had become a major distribution point for Bakken oil delivered to the Port of Albany in mile-long trains like the one that devastated Lac-Mégantic. In the six months following the deadly disaster, several more trains of Bakken oil derailed and exploded across North America.

          As the risk of these oil trains became very apparent, I began investigating how the trains could be allowed to travel through communities like mine in Albany and started publishing my findings here at DeSmog. Now, just after the six year anniversary of the Lac-Mégantic disaster, I have compiled all of that research into the new book Bomb Trains: How Industry Greed and Regulatory Failure Put the Public at Risk.

      • Wildlife/Nature

        • Racing officials suspect deadly sea snail venom used as illegal drug

          A deadly venom found in sea snails which can paralyse fish within a second has emerged as the latest chemical suspected to have infiltrated horse racing, with authorities scrambling to organise testing for the powerful painkiller.

          Racing NSW and Racing Victoria integrity officials on Monday confirmed they had started screening for the mystery drug, which has subtypes known to be infinitely stronger than morphine.

    • Finance

    • AstroTurf/Lobbying/Politics

      • I Used Google Ads for Social Engineering. It Worked.

        After the ISIS campaign ended, Google left behind a blueprint. The blueprint shows, step by step, how you can create your own redirect ads to sway any belief or opinion — held by any Google user, anywhere in the world — of your choice.

        You don’t have to be a marketer with years of experience to do this. You just need to follow the instructions and put up a credit card (a few hundred bucks will suffice).

        Recently, I followed the blueprint and created a redirect campaign of my own.

      • Kim Darroch – the Simple Explanation

        The media is full of over-complicated theories as to who might have leaked Kim Darroch’s diplomatic telegrams giving his candid view on the Trump administration. I should start by explaining the FCO telegram system. The communications are nowadays effectively encrypted emails, though still known as “telegrams”: to the Americans “cables”. They are widely distributed. These Darroch telegrams would be addressed formally to the Foreign Secretary but have hundreds of other recipients, in the FCO, No.10, Cabinet Office, MOD, DFID, other government departments, MI6, GCHQ, and in scores of other British Embassies abroad. The field of suspects is therefore immense.

        [...]

        At a time when news management was the be all and end all for the Blair administration, Darroch was in charge of the FCO’s Media Department. I remember being astonished when, down the telephone, he called me “fucking stupid” for disagreeing with him on some minor policy matter. I had simply never come across that kind of aggression in the FCO before. People who worked directly for him had to put up with this kind of thing all the time.

        Most senior ambassadors used to have interests like Chinese literature and Shostakovitch. Darroch’s are squash and sailing. He is a bull of a man. In my view, the most likely source of the leaks is a former subordinate taking revenge for years of bullying, or a present one trying to get rid of an unpleasant boss.

      • Will Corporate Democrats Team Up to Block Warren and Sanders?

        The odds are now very strong that Joe Biden, Kamala Harris, Elizabeth Warren or Bernie Sanders will be the Democratic presidential nominee. New polling averages say they account for almost 70 percent of support nationwide, while no other candidate is anywhere near. For progressives who want to affect the news instead of just consume it, active engagement will be essential.

        Biden is the most regressive Democrat with a real chance to head the ticket. After amassing a five-decade record littered with odious actions and statements, he now insists that the 2020 campaign “shouldn’t be about the past” — an evasive and ridiculous plea, coming from someone who proclaims himself to be “an Obama-Biden Democrat” and goes to absurd lengths to fasten himself onto Obama’s coattails, while also boasting of his past ability to get legislation through Congress.

        As he campaigns, Biden persists with disingenuous denials. During the June 27 debate, he flatly — and falsely — declared: “I did not oppose busing in America.” On July 6, speaking to a mostly black audience in South Carolina, he said: “I didn’t support more money to build state prisons. I was against it.” But under the headline “Fact Check: Joe Biden Falsely Claims He Opposed Spending More Money to Build State Prisons,” CNN reported that “he was misrepresenting his own record.”

        Biden used the Fourth of July weekend to dig himself deeper into a centrist, status quo trench for his war on the progressive wing of the Democratic Party. During a repeatedly cringeworthy interview, Biden told CNN that what can’t be done includes Medicare for All, tuition-free public college and student debt cancelation. Bernie Sanders quickly responded with a tweet calling Medicare for All, debt-free college and a Green New Deal “the agenda American needs — and that will energize voters to defeat Donald Trump.”

      • Marianne Williamson is Right About American Elections

        Self-help guru Marianne Williamson isn’t likely to win the 2020 Democratic presidential nomination, despite having probably served the American public more ably than any of her opponents (among other things, her Project Angel Food delivers millions of meals to the seriously ill). Good works aside, she’s a little too “New Age,” spiritual, and individualist/voluntarist-oriented for a population increasingly viewing coercive government as its living and unquestionable God.

        That doesn’t mean we shouldn’t listen to her, though, especially when she points out major flaws in the system. At a July 3 campaign event in New Hampshire, Williamson discussed the “illusion of choice” in American elections, comparing them to Iran’s, where “you can vote for whoever you want, among the people that they tell you it’s OK to vote for.”

        Afterward, Williamson backed off just a hair, calling her remarks “a cautionary tale, not a direct analogy.” She shouldn’t have.

        Iran’s parliament, the Islamic Consultative Assembly, includes 290 representatives. Of those seats, 216 are split between three political parties, 66 are held by independents, and five are reserved for religious minorities.

        Of the 435 seats in the US House of Representatives, 434 are split between two political parties, with a lone independent holding the 435th. The US Senate is slightly more diverse — 98 of its seats are split between the two “major” parties, with a whopping two independents.

        Yes, “separation of church and state” is preferable to theocracy, but our two “major” parties, the Democrats and Republicans, exemplify an iron grip on rule by party establishments that even Iran can’t match.

        How do they do it? Why aren’t there any current members of Congress from the Libertarian, Green, or other “third parties?” And why are independent and “third party” members of Congress a rarity since early in the 20th century? Two reasons.

        One is that unlike the world’s parliamentary democracies, which use “proportional representation” measures to accord smaller parties at least token representation, the US uses single-member districts and first-past-the-post voting. In each district there’s one winner and everyone else loses.

    • Censorship/Free Speech

      • Deplatforming Won’t Work

        Gab is a Twitter alternative used by many neo-Nazis and alt-righters who have been (or know they would be) banned from actual Twitter. The unintended—but entirely predictable—consequence of throwing extremists off Twitter has been to create a large community of exiles on Gab. In Gabland, it is people who question Jewish conspiracy theories or the idea that the US should be a white ethnostate who are considered “trolls.” A similar community is developing on the YouTube alternative BitChute, whose Alexa ranking is rising quickly.

      • The UK's Entire Approach To 'Online Harms' Is Backwards... And No One Cares

        Back in April, the UK (with Theresa May making the announcement) released a plan to fine internet companies if they allowed "online harms" in the form of "abhorrent content." This included "legal" content. As we noted at the time, this seemed to create all sorts of problems. Since then, the UK has been seeking "comments" on this proposal, and many are coming in. However, the most incredible thing is that the UK seems to assume so many things in its plan that the comments it's asking for are basically, "how do we tweak this proposal around the edges," rather than, "should we do this at all?"

        Various organizations have been engaging, as they should. However, reading the Center for Democracy & Technology's set of comments to the UK in response to its questions is a really frustrating experience. CDT knows how dumb this plan is. However, the specific questions that the UK government is asking don't even let commenters really lay out the many, many problems with this approach.

        And, of course, we just wrote about some new research that suggests a focus on "removing" terrorist content has actually harmed the efforts against terrorism, in large part by hiding from law enforcement and intelligence agencies what's going on. In short, in this moral panic about "online harms", we're effectively sweeping useful evidence under the rug to pretend that if we hide it, nothing bad happens. Instead, the reality is that letting clueless people post information about their dastardly plans online seems to make it much easier to stop those plans from ever being brought to fruition.

      • Kali Linux Released For Raspberry Pi

        Last month, June Raspberry Pi foundation released RPi 4 with more memory options and useful features. Recently Kali Linux announced the release of its Kali Linux images for Raspberry Pi.

        Recently, Kali Linux tweeted the news of releasing the pentesting distro for RPi and got a good response from its followers.

      • Kali Linux For Raspberry Pi 4 Now Officially Released

        Kali Linux claims that the Raspberry Pi 4 will also benefit from the new Kali Linux distro because they have designed it to leverage the new Raspberry Pi 4 features.

        Kali Linux for Raspberry Pi 4 is only available in a 32-bit variant right now. But a 64-bit version is expected to be released shortly.

        The new Raspberry Pi is available in 1GB, 2GB or 4GB LPDDR4-2400 SDRAM. Apart from that, the Raspberry Pi 4 will house a more powerful CPU along with a quad-core Cortex-A72 (ARM v8) 64-bit SOC clocking at 1.5GHz.

        On the connectivity front, it has two USB 3.0 ports along with two USB 2.0 ports and a USB-C power supply for charging.

        The new forum of Kali Linux ARM architecture is already alive. You can download the new distro here.

      • Raspberry Pi 4 gets Kali Linux, a distro aimed at ethical hackers

        Kali features on our list of the best Linux distros for privacy and security. It’s the most popular penetration testing distro out there (the process whereby attacks are simulated on systems, by ethical hackers, with the aim of strengthening those systems against real hackers), with hundreds of built-in tools for those who want to get more serious about their security.

        As for the Raspberry Pi 4, the latest version makes some big promises, including entry-level desktop PC performance at an extremely cheap price – and it delivers on that front, more or less, although as we observed in our review, there are some heat issues.

      • Instagram Now Asks You To Rethink Hate Comments With New Feature [Ed: Facebook reads and analyses messages before you even send them. Thought police or censorship?]

        Aiming to control the bullying practices people often entrap themselves into, Facebook-owned Instagram has introduced two new features to solve the issue in a subtle way.

      • Facebook’s Priority Is To Fight Fake News About Facebook

        Facebook has become a breeding ground for spreading fake news. The company’s efforts have not amounted to anything significant when it comes to curbing fake news on the platform. However, a Bloomberg report suggests that the company cares deeply about fake news related to Facebook and has dedicated tools to fight it.

        During the 2016 U.S. presidential election, a hoax spread on Facebook — copy, paste and share this message with your friends, otherwise, Facebook will share your private information. The rumor was particularly effective in the U.S. and the Philippines.

      • How Facebook Fought Fake News About Facebook

        A month before the 2016 U.S. presidential election, a rumor spread on Facebook. People were sharing a viral gimmick familiar to email spammers: Copy and paste this message to all your friends, or Facebook will share your private information. The hoax took off, particularly in pockets of the U.S. and the Philippines.

        Inside Facebook Inc.’s Menlo Park, California, headquarters, a small group of staffers watched this rumor gain traction using a special software program they called Stormchaser. The tool was designed to track hoaxes and “memes” – silly, often untrue internet missives – about Facebook on the social network and other company-owned services including WhatsApp.

        Since 2016, Facebook employees have used Stormchaser to track many viral posts, including a popular conspiracy that the company listens to users through their phone’s microphone, according to three former employees. Other topics ranged from bitter protests (the #deleteFB movement) to ludicrous jokes (that Facebook Chief Executive Officer Mark Zuckerberg is an alien), according to one former employee. In some cases, like the copy-and-paste hoax, the social network took active steps to snuff them out. Staff prepared messages debunking assertions about Facebook, then ran them in front of users who shared the content, according to documents viewed by Bloomberg News and four people familiar with the matter. They asked not to be identified discussing private initiatives.

    • Privacy/Surveillance

      • The writing is on the wall for ads based on real-time bidding in the EU – and maybe everywhere

        Privacy News Online noted back in February a growing disquiet at the huge amounts of personal information that sites like Facebook and Google routinely gather about us, and how it is used for personalized advertising. Of particular concern is real-time bidding (RTB), which sees often extremely private information sent out to hundreds of potential advertisers, with no control over what they do with it. A formal complaint has been submitted to the data protection authorities in the UK and in Ireland, asking them to investigate the use of real-time bidding systems by Google and other adtech companies.

      • Thousands of Android apps can track your phone — even if you deny permissions

        Even if you say “no” to one app when it asks for permission to see those personally identifying bits of data, it might not be enough: a second app with permissions you have approved can share those bits with the other one or leave them in shared storage where another app — potentially even a malicious one — can read it. The two apps might not seem related, but researchers say that because they’re built using the same software development kits (SDK), they can access that data, and there’s evidence that the SDK owners are receiving it. It’s like a kid asking for dessert who gets told “no” by one parent, so they ask the other parent.

        [...]

        The study also singles out photo app Shutterfly for sending actual GPS coordinates back to its servers without getting permission to track locations — by harvesting that data from your photos’ EXIF metadata — though the company denied that it gathers that data without permission in a statement to CNET.

        There are fixes coming for some of these issues in Android Q, according to the researchers, who say they notified Google about the vulnerabilities last September. (They point to this official Google page.) Yet, that may not help the many current-generation Android phones that won’t get the Android Q update. (As of May, only 10.4 percent of Android devices had the latest Android P installed, and over 60 percent were still running on the nearly three-year-old Android N.)

      • Android Apps Can Access Your Data Even If You Refuse Permission: Study

        The study suggests that Android apps get unauthorized access to user data with the help of covert and side channels.

        For the uninitiated, covert channels allow apps to get permission to access user data from another app, and this process becomes easy as most of the apps are based on the same SDK (software development kit).

        Additionally, various side channel vulnerabilities that exist in the Android system could be used to extract crucial information such as the MAC address of a user’s device with the use of C++ native code.

        It is further suggested that many apps that use SDKs built by Baidu and Salmonads use the covert channel communication path to access the user’s IMEI number without his or her permission.

    • Freedom of Information/Freedom of the Press

      • Steve Wozniak warns people away from Facebook

        Given Wozniak deleted his Facebook account over a year ago, this perhaps shouldn't be a huge surprise, but nonetheless it's all that reporters from TMZ wanted to talk to him about when they accosted him at the airport. He'd probably have been equally keen to rail against legroom and a poor selection of in-flight movies if they'd given him the opportunity.

      • Facebook’s Libra Must Be Under Central Bank Oversight, PBOC Says

        Mu said the central bank’s research team tested Libra’s code and found it’s “still in an initial stage and the quality of the code isn’t stable.” He also said it’s questionable whether Libra would indeed use blockchain technology, because it can’t meet the high concurrent transaction requirements necessary for retail sales scenarios.

        The PBOC has been working on developing its own digital legal tender, but hasn’t announced a time table for issuing any such currency.

      • Christian Family Details Crackdown on Church in China

        Ren told The Associated Press that she had to report her whereabouts to police using social media whenever she went out. She was told her safety couldn't be guaranteed if she disobeyed.

      • Facebook and Twitter have not been invited to White House social media summit, sources say

        Such hearings have often strayed far from being fact-based conversations. At one hearing last year, Republicans invited the pro-Trump social media duo "Diamond & Silk" to testify. The duo spent the hearing spreading misinformation about social media companies. At other hearings, Republican lawmakers have cited information from right-wing sites like The Gateway Pundit to make their points.

      • British Airways faces $230 million fine. It would be a record under Europe's tough data privacy law

        Attackers were able to harvest customer details including log ins, payment cards, and travel booking details, according to the regulator. The airline disclosed the incident in September 2018.

        The €£183.4 million ($230 million) fine is roughly 1.5% of British Airways' annual revenue. The carrier, which is owned by IAG (ICAGY), said it would fight the penalty.

    • Freedom of Information / Freedom of the Press

      • Ukraine's public broadcasters want a free press. Can they survive the politics?

        Adding to the distrust is a perpetual problem that has long plagued Ukrainian journalism: jeansa. The term refers to unmarked, integrated political advertising paid for by a politician. The word originates from the notion of a cash bribe supposedly slipped into the pocket of a denim-sporting journalist.

      • Peace Petition Signatories Face Continued Prosecutions

        It was a petition more or less like any other that an antiwar academic might sign. But for the act of signing it, more than 700 scholars have been criminally charged with making propaganda for a terrorist organization, according to data published on the website of the signatories, who call themselves Academics for Peace.

      • ‘Mad’ Magazine Told the Truth About War, Advertising, and the Media

        Born in the troubled era of McCarthyism, Mad is dying in another squalid political epoch. Mad was arguably America’s greatest and most influential satirical magazine, a strange claim to make of a publication that was mostly read throughout its existence by children and teenagers, but still justifiable.

        Mad was often rude, tasteless, and childish—which made it all the more potent as a tributary of youth culture. The kids who read Mad learned from it to distrust authority, whether in the form of politicians, advertisers or media figures. That was a lesson that successive generations took to heart. Without Mad, it’s impossible to imagine underground comics, National Lampoon, Saturday Night Live, The Simpsons, The Daily Show, or Stephen Colbert. In the historical sweep of American culture, Mad is the crucial link between the anarchic humor of the Marx Brothers and the counterculture that emerged in the 1960s.

    • Civil Rights/Policing

      • The Hate-Crime Epidemic That Never Was: A Seattle Case Study

        A look through the data that has been made available from Seattle’s office of the City Auditor reveals that there is little basis for panic. First, most of the situations contained in the 500-plus documented incidents for 2018 turned out not to be hate crimes at all. Out of 521 confrontations or other incidents reported to the police at some point during the year, 181 (35 percent) were deemed insufficiently serious to qualify as crimes of any kind. Another 215 (41 percent) turned out to involve some minor element of bias (i.e., an ethnic slur used during a fight), but did not rise to the definition of hate crime. Only 125, or 24 percent, qualified as potential hate crimes—i.e., alleged “criminal incidents directly motivated by bias.” For purposes of comparison: There are 745,000 people living in Seattle, and 3.5-million in the metro area.

        Even that 125 figure represents an overestimate, at least as compared to what most of us imagine to be the stereotypical hate crime (of, say, a gang of white racists beating up someone of a different skin color). Seattle’s remarkably broad municipal hate-crime policies cover not only attacks motivated by racial or sexual animus, but also those related to “homelessness, marital status, political ideology, age and parental status.”

      • How Norway turns criminals into good neighbours

        What is the point of sending someone to prison - retribution or rehabilitation? Twenty years ago, Norway moved away from a punitive "lock-up" approach and sharply cut reoffending rates. The BBC's Emma Jane Kirby went to see the system in action, and to meet prison officers trained to serve as mentors and role models for prisoners.

        [...]

        "Not 'guards'," admonishes Hoidal gently, when I use the term. "We are prison 'officers' and of course we make sure an inmate serves his sentence but we also help that person become a better person. We are role models, coaches and mentors. And since our big reforms, recidivism in Norway has fallen to only 20% after two years and about 25% after five years. So this works!"

      • Donald Trump Keen to Cover for Mohammed Bin Salman No Matter What He Does As Executions Double in Saudi Arabia, Activists Say

        The number of executions in the first six months of the year is the highest recorded in the past five years, and more than double the 55 from the same period in 2018, according to a new report by the European Saudi Organisation for Human Rights.

        From January until the end of June, 122 people were executed in the ultra-conservative kingdom. Among them are six minors and 58 foreign nationals, from nations including Pakistan, Yemen and Syria. Three women were among those killed, one each from Saudi Arabia, Nigeria and Yemen.

      • Jeffrey Epstein, friend of presidents and princes, charged with sex trafficking

        In a development that shows that the #MeToo movement is chipping away at the wall of protection that powerful men have constructed around themselves, financier Jeffrey Epstein, who has ties to influential people such as Bill Clinton, Donald Trump and Prince Andrew, has been charged with new counts of sex trafficking, accused of luring dozens of girls as young as 14 to his homes and paying them for sex acts.

    • Digital Restrictions (DRM)

    • Monopolies

      • Why cannabis patent enforcement is in the weeds [Ed: Weed becoming legal only so that a bunch of parasitic lawyers will start suing for millions, over patents that have nothing to do with novelty (lots of prior art) but prohibition that cause lack of patents ]

        Until the US government legalises the sale and distribution of cannabis, enforcing patents in this field and obtaining the traditional benefits of these rights will be challenging, says Daniel Pereira of Oblon

        Marijuana, for medical and recreational purposes, is an area of great political, social and legal interest. By some accounts, the industry is rapidly growing leaps and bounds with large inflows of cash to state’s coffers.

      • Patents and Software Patents

        • New CRISPR Interference: The Details

          The declaration also contains the scheduling statement that there will be a telephone conference between APJ Katz and the parties on August 5th, and that four business days prior, the parties will submit a list of motions it proposes to file. (Except in instances where this list is vanishingly small, it is unlikely that the Board will grant the parties' motions to file all these proposed motions.) In the last interference, the Broad filed a motion that there was no interference-in-fact (unlikely in this interference); several motions that the Broad's dozen patents involved in the interference should be accorded the benefit of priority to 16 provisional applications; a motion that the University's claims corresponding to the count are unpatentable for lack of written description (granted); a motion that the University's claims corresponding to the count are unpatentable for lack of enablement (deferred); motions that the University claims are not patentable over "certain prior art" (deferred); and motions for access to pending Berkeley applications (which was denied). Berkeley's motions were in some ways more compelling, to the extent they suggested grounds for invalidating the Broad patents that were foreclosed by the PTAB's determination that there was no interference-in-fact. These motions included: a motion that all of the claims of all of the Broad's patents are invalid over the publication of the University's application in interference, based on an error in how the Broad's application was filed involving changes resulting from the America Invents Act (deferred); five motions to change the count (one was granted but mooted by the Board's decision); a motion for priority benefit to an earlier provisional application (granted); a motion that the Broad's involved claims are anticipated by certain prior art (deferred); a motion that each of the Broad's patents are unpatentable under the doctrine of obviousness-type double patenting (deferred); a motion that each of the Broad's patents are unpatentable for improper inventorship (deferred); and a motion that each of the Broad's patents were obtained by inequitable conduct (denied).

        • Qualcomm files motion with Ninth Circuit for partial stay of FTC antitrust remedies

          What Qualcomm's attorneys, now led by Goldstein & Russel's Tom Goldstein, put front and center is that the FTC brought the lawsuit with only two commissioners voting in favor (at the time, there were only three commissioners), and that former Qualcomm attorney (in terms of his positions, forget the "former") and now-Antitrust Assistant Attorney General Makan Delrahim and FTC commissioner Christine Wilson disagree. So they're trying to discredit the case and the ruling, and I have my doubts that this will impress the Ninth Circuit, especially given Judge Koh's stellar reputation throughout and beyond that circuit as well as the fact that her judgment is simply in the global antitrust mainstream in light of other decisions in the EU and in Asia (with a second EU antitrust hammer having been unofficially announced by DG COMP to come down in the months ahead, possibly just at a time when the Ninth Circuit will be working on a decision on this motion).

      • Trademarks

        • Celebrity misadventures in trade mark land

          In recent years, intellectual property rights have played a significant role in the growth of highly competitive global industries, like fashion and music. This is not to say the least in the United States, where both social media influencers and artists in the music industry have sought to register trade marks also to create a bridge with contemporary trends within the pop and culture scenes.

          One might wonder whether this trend might pose difficulties for relevant authorities in the assessment of trade mark applications. This may be particularly problematic when it comes to registering common pop phrases as trade marks, or when the chosen trade mark might raise cultural appropriation concerns.

          The latter difficulties presented themselves earlier this year when both Cardi B and Kim Kardashian attempted to register their brands with the US Patent and Trade Marks Office (USPTO).

      • Copyrights

        • Jacob Victor: Should Royalty Rates in Compulsory Licensing of Music Be Set Below the Market Price?

          Jacob Victor has a remarkable new article on copyright compulsory licenses, forthcoming in the Stanford Law Review. The article boldly wades into the notoriously convoluted history of the compulsory license option for obtaining rights to copyrighted music, and makes what I think is a very interesting and important normative argument about how compulsory license rates should be set. Other scholars who have written on compulsory licensing, whose work Victor addresses, include, to name only a few: Kristelia Garcia, Jane C. Ginsburg, Wendy Gordon, Lydia Pallas Loren, Robert P. Merges, Pam Samuelson, Tim Wu, and more herein.

          [...]

          This is where the conundrum of rate setting arises. If a rate setting entity is suddenly responsible for determining how much users, and thereby consumers, must pay to obtain access to music, instead of negotiating directly with rights owners, what policy should the rate-setting entity use to set rates?

          We might think the rate should simply be set at what it would have been, had a direct negotiation taken place. After all, the compulsory license is not a statement of non-infringement, like fair use. It is, rather, an alternative to direct negotiation.

          Scholars like Robert Merges have long viewed transaction costs as the main hurdle to ensuring fair and efficient access to IP-protected works, and have frequently applied the classic Calabresi/Melamed model to IP licensing. Viewing compulsory licensing as a mechanism in which government's role is limited to facilitating efficient licensing in the face of high transaction costs, in particular the multiplicity of dispersed music copyright owners, would therefore seem logical. (That said, Merges does not see a compulsory license as the best way; he prefers collective rights organizations that operate in the private sector without government involved at all).

          Wendy Gordon has gone further, arguing that even fair use, which is a statement of non-infringement, should be seen as a response to high transaction costs. Victor tactfully notes that "Gordon’s early work in this field is frequently contested, including by Gordon herself" (13). It seems circular to argue that whether an act of copying constitutes copyright infringement should itself be determined by whether the user could have gotten a license.

        • The relationship between musicians, master recordings and record labels

          The gist of Ms Swift’s complaint, which she posted on social media on June 30th, is that someone she does not like or trust is taking ownership of her master recordings—the tapes or digital files from which albums are pressed and released—and they are free to do with them as they please. Ms Swift was 15 when she signed to Big Machine, an independent label set up by Scott Borchetta in 2005. Her contract ceded ownership of her masters to the label.

        • BT Sport Subscribers Test Pirate Sites After UFC PPV Decision

          BT Sport is the current home for UFC events in the UK. However, a recent surprise decision to charge subscribers additional fees to watch big events saw many turn to piracy this weekend. It's a move that has the potential to not only affect UFC and BT Sport, but all premium broadcasters.

Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day