Links 11/7/2019: KDE Plasma 5.16.3 and Verifying Gentoo Election Results

Posted in News Roundup at 3:01 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Kernel Space

      • Linux 5.2 Release – Main Changes, Arm, MIPS & RISC-V Architectures

        Linus Torvalds announced the release of Linux 5.2 last Sunday: So I was somewhat pre-disposed towards making an rc8, simply because of my travels and.

      • Linux 5.3 Enables “-Wimplicit-fallthrough” Compiler Flag

        The recent work on enabling “-Wimplicit-fallthrough” behavior for the Linux kernel has culminated in Linux 5.3 with actually being able to universally enable this compiler feature.

        The -Wimplicit-fallthrough flag on GCC7 and newer warns of cases where switch case fall-through behavior could lead to potential bugs / unexpected behavior.

      • EXT4 For Linux 5.3 Gets Fixes & Faster Case-Insensitive Lookups

        The EXT4 file-system updates have already landed for the Linux 5.3 kernel merge window that opened this week.

        For Linux 5.3, EXT4 maintainer Ted Ts’o sent in primarily a hearty serving of fixes. There are fixes from coverity warnings being addressed to typos and other items for this mature and widely-used Linux file-system.

      • Providing wider access to bpf()

        The bpf() system call allows user space to load a BPF program into the kernel for execution, manipulate BPF maps, and carry out a number of other BPF-related functions. BPF programs are verified and sandboxed, but they are still running in a privileged context and, depending on the type of program loaded, are capable of creating various types of mayhem. As a result, most BPF operations, including the loading of almost all types of BPF program, are restricted to processes with the CAP_SYS_ADMIN capability — those running as root, as a general rule. BPF programs are useful in many contexts, though, so there has long been interest in making access to bpf() more widely available. One step in that direction has been posted by Song Liu; it works by adding a novel security-policy mechanism to the kernel.
        This approach is easy enough to describe. A new special device, /dev/bpf is added, with the core idea that any process that has the permission to open this file will be allowed “to access most of sys_bpf() features” — though what comprises “most” is never really spelled out. A non-root process that wants to perform a BPF operation, such as creating a map or loading a program, will start by opening this file. It then must perform an ioctl() call (BPF_DEV_IOCTL_GET_PERM) to actually enable its ability to call bpf(). That ability can be turned off again with the BPF_DEV_IOCTL_PUT_PERM ioctl() command.

        Internally to the kernel, this mechanism works by adding a new field (bpf_flags) to the task_struct structure. When BPF access is enabled, a bit is set in that field. If this patch goes forward, that detail is likely to change since, as Daniel Borkmann pointed out, adding an unsigned long to that structure for a single bit of information is unlikely to be popular; some other location for that bit will be found.

      • The io.weight I/O-bandwidth controller

        Part of the kernel’s job is to arbitrate access to the available hardware resources and ensure that every process gets its fair share, with “its fair share” being defined by policies specified by the administrator. One resource that must be managed this way is I/O bandwidth to storage devices; if due care is not taken, an I/O-hungry process can easily saturate a device, starving out others. The kernel has had a few I/O-bandwidth controllers over the years, but the results have never been entirely satisfactory. But there is a new controller on the block that might just get the job done.
        There are a number of challenges facing an I/O-bandwidth controller. Some processes may need a guarantee that they will get at least a minimum amount of the available bandwidth to a given device. More commonly in recent times, though, the focus has shifted to latency: a process should be able to count on completing an I/O request within a bounded period of time. The controller should be able to provide those guarantees while still driving the underlying device at something close to its maximum rate. And, of course, hardware varies widely, so the controller must be able to adapt its operation to each specific device.

        The earliest I/O-bandwidth controller allows the administrator to set maximum bandwidth limits for each control group. That controller, though, will throttle I/O even if the device is otherwise idle, causing the loss of I/O bandwidth. The more recent io.latency controller is focused on I/O latency, but as Tejun Heo, the author of the new controller, notes in the patch series, this controller really only protects the lowest-latency group, penalizing all others if need be to meet that group’s requirements. He set out to create a mechanism that would allow more control over how I/O bandwidth is allocated to groups.

      • TurboSched: the return of small-task packing

        CPU scheduling is a difficult task in the best of times; it is not trivial to pick the next process to run while maintaining fairness, minimizing energy use, and using the available CPUs to their fullest potential. The advent of increasingly complex system architectures is not making things easier; scheduling on asymmetric systems (such as the big.LITTLE architecture) is a case in point. The “turbo” mode provided by some recent processors is another. The TurboSched patch set from Parth Shah is an attempt to improve the scheduler’s ability to get the best performance from such processors.
        Those of us who have been in this field for far too long will, when seeing “turbo mode”, think back to the “turbo button” that appeared on personal computers in the 1980s. Pushing it would clock the processor beyond its original breathtaking 4.77MHz rate to something even faster — a rate that certain applications were unprepared for, which is why the “go slower” mode was provided at all. Modern turbo mode is a different thing, though, and it’s not just a matter of a missing front-panel button. In short, it allows a processor to be overclocked above its rated maximum frequency for a period of time when the load on the rest of system overall allows it.

        Turbo mode can thus increase the CPU cycles available to a given process, but there is a reason why the CPU’s rated maximum frequency is lower than what turbo mode provides. The high-speed mode can only be sustained as long as the CPU temperature does not get too high and, crucially (for the scheduler), the overall power load on the system must not be too high. That, in turn, implies that some CPUs must be powered down; if all CPUs are running, there will not be enough power available for any of those CPUs to go into the turbo mode. This mode, thus, is only usable for certain types of workloads and will not be usable (or beneficial) for many others.

      • Linux Foundation

        • EdgeX Foundry Announces Production Ready Release Providing Open Platform for IoT Edge Computing to a Growing Global Ecosystem

          EdgeX Foundry, a project under the LF Edge umbrella organization within the Linux Foundation that aims to establish an open, interoperable framework for edge IoT computing independent of hardware, silicon, application cloud, or operating system, today announced the availability of its “Edinburgh” release. Created collaboratively by a global ecosystem, EdgeX Foundry’s new release is a key enabler of digital transformation for IoT use cases and is a platform for real-world applications both for developers and end users across many vertical markets. EdgeX community members have created a range of complementary products and services, including commercial support, training and customer pilot programs and plug-in enhancements for device connectivity, applications, data and system management and security.

          Launched in April 2017, and now part of the LF Edge umbrella, EdgeX Foundry is an open source, loosely-coupled microservices framework that provides the choice to plug and play from a growing ecosystem of available third party offerings or to augment proprietary innovations. With a focus on the IoT Edge, EdgeX simplifies the process to design, develop and deploy solutions across industrial, enterprise, and consumer applications.

    • Benchmarks

      • The Performance Impact To AMD Zen 2 Compiler Tuning On GCC 9 + Znver2

        One of the areas that I always have “fun” benchmarking for new CPU launches is looking at the compiler performance. Following the recent Ryzen 3000 series launch I carried out some initial benchmarks looking at the current Zen 2 performance using the newest GCC 9 stable series with its “znver2″ optimizations. Here is a look at how the Znver2 optimizations work out when running some benchmarks on the optimized binaries with a Ryzen 9 3900X running Ubuntu 18.04 LTS.

        AMD developers introduced the initial Znver2 support into the GNU Compiler Collection last November and thus is part of the GCC 9 stable release that debuted in May. This was their initial cut support for the updated Zen microarchitecture but sadly hasn’t seen any enhancements since that initial commit. The Znver2 target does bring some alterations to the cost tables and enables the CLWB / RDPID / WBNOINVD instructions. But as we found out during the Ryzen 3000 briefings, there are more instructions new to Zen 2 besides those like RDPRU, so unfortunately this support while appreciated isn’t yet fully complete and likely missing various optimizations considering there haven’t been any updates since November. Sadly any improvements made now to their GCC Znver2 support won’t see users until the GCC 10 release in Q2’2020 and thus not making it into the likes of Ubuntu 20.04 LTS and other distributions.

    • Applications

    • Instructionals/Technical

    • Games

      • Test Tube Titans, a game about growing monsters and then sending them off to wreak havoc

        The developer of Test Tube Titans recently put up a Linux version of their in-development title and it’s quite amusing.

        Being completely honest, I’ve not laughed while playing a game as much as I did with Test Tube Titans when I first attempted to go out into the world with my creature. Due to the physics-based controls (which I’m awful at), you need to move your legs using different buttons to actually get anywhere. It’s clumsy but also highly entertaining! It’s designed with a gamepad in mind, so I checked it out using my Steam Controller hooked up with SC Controller and it works beautifully.

      • Surprise – Supraland for Linux is now available on GOG

        I will admit, I am quite surprised. Supraland from Supra Games recently released on GOG and it was only for Windows. The developer said some odd things about it all and now it seems they changed their mind, thankfully.

        Today, the Linux version of Supraland officially went live on GOG and GOG themselves sent over a copy for me to check out. I’ve already played through the demo on Steam and apart from some performance issues here and there, it’s a delightful game.

      • Ion Maiden has become Ion Fury, release date announced for August 15th

        In development from Voidpoint and 3D Realms, the retro FPS Ion Maiden has now become Ion Fury. They’ve also announced the final release for August 15th with a new trailer.

        Why the name change? Well, they were in a bit of a legal problem with the band Iron Maiden.

      • The Bard’s Tale IV: Director’s Cut to be launched August 27

        The dungeon crawler by Brian Fargo and inXile is set to finally launch on Linux soon. The new director’s cut will bring more than just a new coat of paint.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.16.3 Desktop Environment Released with More Than 30 Improvements

          KDE Plasma 5.16.3 comes two weeks after the KDE Plasma 5.16.2 update with more than 30 changes across various core components and apps, including Plasma Workspace, Plasma Desktop, Plasma Audio Volume Control, Plasma Networkmanager (plasma-nm), KWin, Plasma Discover, DrKonqi, KWayland-integration, plasma-browser-integration, plasma-integration, and kde-cli-tools.

          “Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.16.3. Plasma 5.16 was released in June with many feature refinements and new modules to complete the desktop experience. This release adds a fortnight’s worth of new translations and fixes from KDE’s contributors. The bugfixes are typically small but important,” reads the release announcement.

        • Plasma 5.16.3
      • GNOME Desktop/GTK

        • GNOME Software Moving Forward With Disabling Snap Plugin

          While currently Ubuntu makes use of GNOME Software as their “software center” (or “app store”) with Snap integration, as we wrote about recently Canonical has begun writing their own Snap Store. Given this and that they don’t plan to use GNOME Software in Ubuntu 20.04 LTS and thus have taken their developers away from working on the upstream support, GNOME developers are planning to disable the Snap plug-in for GNOME Software.

        • Heads up: No more snap plugin in gnome-software

          In Fedora 31 I’ll be disabling the snap plugin from GNOME Software. It’s never been enabled in RHEL and so this change only affects Fedora. It’s also not installed by default and so this change should only affect a few people. It’s also not really a FutureFeature, it’s a RemovalOfFeature but I’m happy to write something for the process and release notes if required. Recently Canonical decided that they are not going to be installing gnome-software in the next LTS, preferring instead to ship a “Snap Store by Canonical” rather than GNOME Software. The new Snap store will obviously not support Flatpaks (or packages, or even firmware updates for that matter). The developers currently assigned to work on gnome-software have been reassigned to work on Snap Store, and I’m not confident they’ll be able to keep both the old and new codebases in the air at the same time.

        • EFF Celebrating 29th Birthday with $20 Membership, Linode Launches New GPU-Optimized Cloud Computing Instances, Syncthing 1.2.0 Released, Kali Linux Now Available for RPi 4 and GNOME Devs to Disable Snap Plugin for GNOME Software

          GNOME developers plan to disable the Snap plugin for GNOME Software, as Canonical has started creating its own Snap Store and won’t be using GNOME Software in Ubuntu 20.04 LTS. According to Phoronix, “Canonical’s in-development Snap Store will obviously be focused just on their own Snap effort and not supporting the likes of Flatpak. Due to the likelihood that the GNOME Software Snap plug-in will quickly suffer from bit-rot and pose a maintenance burden to GNOME developers with little to no return, it’s certainly reasonable that they would at least disable this plug-in.”

        • Fedora is ‘Disabling’ the Snap Plugin for GNOME Software

          The Snap plugin for GNOME Software is being ‘disabled’ in Fedora 31, the distro’s next major release.

          Red Hat’s Richard Hughes announced the change on the Fedora developer mailing list, citing various issues with the plugins QA and long-term usefulness.

          Neal Gompa, who maintains the Snap package in Fedora, says the decision has “blindsided” him.

          So why is Fedora doing this?

          Well, code quality and concerns about the impact the plugin has on the overall GNOME Software user experience are cited:

    • Distributions

      • Gentoo Family

        • Verifying Gentoo election results via Votrify

          Gentoo elections are conducted using a custom software called votify. During the voting period, the developers place their votes in their respective home directories on one of the Gentoo servers. Afterwards, the election officials collect the votes, count them, compare their results and finally announce them.

          The simplified description stated above suggests two weak points. Firstly, we rely on honesty of election officials. If they chose to conspire, they could fake the result. Secondly, we rely on honesty of all Infrastructure members, as they could use root access to manipulate the votes (or the collection process).

          To protect against possible fraud, we make the elections transparent (but pseudonymous). This means that all votes cast are public, so everyone can count them and verify the result. Furthermore, developers can verify whether their personal vote has been included. Ideally, all developers would do that and therefore confirm that no votes were manipulated.

          Currently, we are pretty much implicitly relying on developers doing that, and assuming that no protest implies successful verification. However, this is not really reliable, and given the unfriendly nature of our scripts I have reasons to doubt that the majority of developers actually verify the election results. In this post, I would like to shortly explain how Gentoo elections work, how they could be manipulated and introduce Votrify — a tool to explicitly verify election results.

      • Fedora Family

        • Fedora Community Blog: GCI 2018 mentor’s summit @ Google headquarters

          Google Code-in is a contest to introduce students (ages 13-17) to open source software development. Since 2010, 8,108 students from 107 countries have completed over 40,100 open source tasks Because Google Code-in is often the first experience many students have with open source, the contest is designed to make it easy for students to jump right in. I was one of the mentors in this first time for Fedora program. We had 125 students participating in Fedora and the top 3 students completed 26, 25 and 22 tasks each.

          Every year Google invites the Grand-Prize winners and their parents, and a mentor to it’s headquarters in San Francisco, California for a 4 days trip. I was offered the opportunity to go and represent Fedora in the summit and meet these 2 brilliant folks in person. This report covers activities and other things that happened there.

        • Fedora mulls its “python” version

          There is no doubt that the transition from Python 2 to Python 3 has been a difficult one, but Linux distributions have been particularly hard hit. For many people, that transition is largely over; Python 2 will be retired at the end of this year, at least by the core development team. But distributions will have to support Python 2 for quite a while after that. As part of any transition, the version that gets run from the python binary (or symbolic link) is something that needs to be worked out. Fedora is currently discussing what to do about that for Fedora 31.

          Fedora program manager Ben Cotton posted a proposal to make python invoke Python 3 in Fedora 31 to the Fedora devel mailing list. The proposal, titled “Python means Python 3″, is also on the Fedora wiki. The idea is that wherever “python” is used it will refer to version 3, including when it is installed by DNF (i.e. dnf install python) or when Python packages are installed, so installing “python-requests” will install the Python 3 version of the Requests library. In addition, a wide array of associated tools (e.g. pip, pylint, idle, and flask) will also use the Python 3 versions.

          The “Requests” link above does point to a potential problem area, however. It shows that Requests for Python 3 III is not fully finished, with an expected release sometime “before PyCon 2020″ (mid-April 2020), which is well after the expected October 2019 release of Fedora 31. The distribution already has a python3-requests package, though, so that will be picked up as python-requests in Fedora 31 if this proposal is adopted. There may be other packages out there where Python 3 support is not complete but, at this point, most of the major libraries have converted.

        • NeuroFedora poster at CNS*2019

          With CNS*2019 around the corner, we worked on getting the NeuroFedora poster ready for the poster presentation session. Our poster is P96, on the first poster session on the 14th of July.


          Unfortunately, this time, no one from the team is able to attend the conference, but if you are there and want to learn more about NeuroFedora, please get in touch with us using any of our communication channels.

          To everyone that will be in Barcelona for the conference, we hope you have a fruitful one, and of course, we hope you are able to make some time to rest at the beach too.

      • Debian Family

        • Debian Edu 10 Operating System Released as a Complete Linux Solution for Schools

          Debian Edu, also known as Skolelinux, is a Debian-based GNU/Linux distribution designed to provide a complete solution for schools and other educational environments. It comes out-of-the-box with all the tools needed to quickly set up a completely configured school network in minutes, allowing users and machines to be easily added via the GOsa² web interface. Debian Edu features the Xfce desktop environment by default and it’s perfect for older computers.

          “Do you have to administrate a computer lab or a whole school network? Would you like to install servers, workstations and laptops which will then work together? Do you want the stability of Debian with network services already preconfigured? Do you wish to have a web-based tool to manage systems and several hundred or even more user accounts? Then Debian Edu is for you,” reads the release announcement.

        • Debian and code names

          Debian typically uses code names to refer to its releases, starting with the Toy Story character names used (mostly) instead of numbers. The “Buster” release is due on July 6 and you will rarely hear it referred to as “Debian 10″. There are some other code names used for repository (or suite) names in the Debian infrastructure; “stable”, “testing”, “unstable”, “oldstable”, and sometimes even “oldoldstable” are all used as part of the sources for the APT packaging tool. But code names of any sort are hard to keep track of; a discussion on the debian-devel mailing list looks at moving away from, at least, some of the repository code names.

          The issue was raised by Ansgar Burchardt, who wondered if it made sense to move away from the stable, unstable, and testing suite names in the sources.list file used by APT. Those labels, except for unstable, change the release they are pointing at when a new release gets made. Currently stable points to “Jessie Stretch” (Debian 9), while testing points to Buster. Soon, stable will point to Buster, testing will point at “Bullseye”, which will become Debian 11.

          He asked about using the release code names directly, instead, so that pointing a system at Stretch would continue to get packages from that release. But he also thought it would be nice to completely route around the code names, which “confuse people”.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • German data protection organization: use of Office 365 in schools is illegal

        The data protection officer of the German federal state of Hessen has warned that the cloud-based Office 365 solution is not a compliant solution for use in schools when student information is being stored on it. This fits with earlier, similar conclusions by the Swedish and Dutch governments – US cloud solutions are not GDPR compliant.

      • A Diatribe Concerning My Experiences With Gopher

        This is an article that will collect my opinions concerning Gopher experiences and practices, primarily those I dislike, with regards to conventions I’ve encountered and whatnot. I’ll update this article as I have more to write of and feel the want.

      • A Look at the Open-Source Tools Behind Today’s State-of-the-Art Visual Effects

        Today, Software Defined Visualization (SDVis) is the ultimate in the world of visualization, allowing the best-of-the-best to emerge. It’s hardly a secret in the world of scientific visualization, digital animation, and computer graphics (CG). Go to any hit movie these days, and the results of SDVis will be present to help make the incredible believable.

      • Events

        • Arturo Borrero González: Netfilter workshop 2019 Malaga summary

          This week we had the annual Netfilter Workshop. This time the venue was in Malaga (Spain). We had the hotel right in the Malaga downtown and the meeting room was in University ETSII Malaga. We had plenty of talks, sessions, discussions and debates, and I will try to summarice in this post what it was about.

          Florian Westphal, Linux kernel hacker, Netfilter coreteam member and engineer from Red Hat, started with a talk related the some works being done in the core of the Netfilter code in the kernel to convert packet processing to lists. He shared an overview of current problems and challenges. Processing in a list rather than per packet seems to have several benefits: code can be smarter and faster, so this seems like a good improvement. On the other hand, Florian thinks some of the pain to refactor all the code may not worth it. Other approaches may be considered to introduce even more fast forwarding paths (apart from the flow table mechanisms for example which is already available).

          Florian also followed up with the next topic: testing. We are starting to have a lot of duplicated code to do testing. Suggestion by Pablo is to introduce some dedicated tools to ease in maintenance and testing itself. Special mentions to nfqueue and tproxy, 2 mechanisms that requires quite a bit of code to be well tested (and could be hard to setup anyway).


          After lunch, Pablo followed up with a status update on hardware flow offload capabilities for nftables. He started with an overview of the current status of ethtool_rx and tc offloads, capabilities and limitations. It should be possible for most commodity hardware to support some variable amount of offload capabilities, but apparently the code was not in very good shape. The new flow block API should improve this situation, while also giving support for nftables offload. Related article in LWN: https://lwn.net/Articles/793080/

          Next talk was by Phil, engineer at Red Hat. He commented on user-defined strings in nftables, which presents some challenges. Some debate happened, mostly to get to an agreement on how to proceed.

      • Web Browsers

      • Productivity Software/LibreOffice/Calligra

        • What is the Open Document Format (ODF), and how is it developed?

          Open Document Format is LibreOffice’s native file format. (If you have a file with a .odt, .ods, .odp or .odg extension, then it’s an Open Document Text, Spreadsheet or Presentation file or Graphic respectively.)

          ODF is developed by OASIS, then submitted to ISO (the International Organization for Standardization), and then adopted as a standard. There is also a working group at ISO, which by the way also works on OOXML – which can then ask questions about development, and so on.

          For ODF we are now working on version 1.3. We had a “feature freeze” last summer. We have come so far that everything we wanted to have in it is available in the “editor version”. Now we’re going to fine-tune it, then we’ll be back in summer – so that was a whole year. Then comes the coordination process at OASIS, so it usually takes two years until a new version of the standard is ready.

      • Pseudo-Open Source (Openwashing)

        • This free open-source tool can help game developers make procedural ivy [Ed: Mono is a problem]

          This is a tool specifically for games being made in Unity, an engine which has been used to make plenty of games people don’t associate with it—games like Hearthstone, Cities: Skylines, Wasteland 2, Beat Saber, and Cuphead, for instance, were all made in Unity.

      • BSD

        • FreeBSD 11.3-RELEASE Released, Which comes with many Improvements

          The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 11.3-RELEASE on July 09th 2019.

          This is the fourth release of the stable release of FreeBSD 11 branch.


          The kernel will now log the jail ID when logging a process exit.

          Several feature additions and updates to userland applications.

          Several network driver firmware updates.

          Warnings for features deprecated in future releases will now be printed on all FreeBSD versions.

          Warnings have been added for IPSec algorithms deprecated in RFC 8221.

          Deprecation warnings have been added for weaker algorithms when creating geli providers.

      • Licensing/Legal

        • Popular licenses in OpenAPI

          Note: Before you start complaining, I realise this is probably a very sub-optimal solution code-wise, but it worked for me. In my defence, I did open up my copy of the Sed & Awk Pocket Reference before my eyes went all glassy and I hacked up the following ugly method. Also note that the shell scripts are in Fish shell and may not work directly in a 100% POSIX shell.

          First, I needed to get a data set to work on. Hat-tip to Mike Ralphson for pointing me to APIs Guru as a good resource. I analysed their APIs-guru/openapi-directory repository1, where in the APIs folder they keep a big collection of public APIs. Most of them following the OpenAPI (previously Swagger) specification.

      • Programming/Development

        • Infinite work is less work
          The first task of last week's Perl Weekly Challenge was to print the
          first ten strong and weak primes. A prime pn is "strong" if it's larger
          than the average of its two neighbouring primes (i.e. pn > (pn-1+pn+1)/2).
          A prime is "weak" if it's smaller than the average of its two neighbours.
          Of course, this challenge would be trivial if we happened to have a list
          of all the prime numbers. Then we'd just filter out the first ten that
          are strong, and the first ten that are weak. In fact, it would be even
          easier if we happened to have a list of all the strong primes, and a
          list of all the weak ones. Then we'd just print the first ten of each.
          But there are an infinite number of primes and of weak primes (and
          possibly of strong primes too, though that's still only conjectured),
          so building a complete list of the various subspecies of primes 
          is impractical in most programming languages.
  • Leftovers

    • Science

      • Apollo 11: ‘The greatest single broadcast in television history’

        “He was born in October 1893, so had grown up knowing roads with horse and buggy, and was absolutely thrilled to see history being made,” Mr Sills says. “The acceleration of technology seemed incredible, and [Cronkite] explained how amazing it was.”

      • As Visa Difficulties Persist, Scientists Push for Change

        There’s no hard data on how many researchers are affected. After an Iranian labmate at Western University in Canada couldn’t attend the Society for Neuroscience’s (SfN) conference last November in San Diego, Matthew Leavitt created a survey to assess the scale of the issue. He received 25 responses by researchers who were denied visas to attend conferences in the US and Canada. Of these, 21 were from Iranians, 2 from Syrians, and 1 from an Iraqi. “In my experience at scientific conferences pre-travel ban, Iran [was] of one of the most widely represented nationalities after the US, Canada, Germany, The Netherlands, and Japan,” Leavitt writes to The Scientist in an email.

        These figures are probably a gross underestimate: “I also received dozens of emails from people who were denied visas but hesitant to fill out the survey or speak publicly about their experiences for fear of retaliation, as well as academics who were not personally denied visas but shared stories of colleagues who were affected,” Leavitt explains.

    • Security

      • GnuPG 2.2.17 released to mitigate attacks on keyservers

        gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607]

      • Security updates for Thursday

        Security updates have been issued by Debian (dosbox and openjpeg2), Oracle (dbus and kernel), Scientific Linux (dbus), Slackware (mozilla), and SUSE (fence-agents, libqb, postgresql10, and sqlite3).

      • What Is Zero Trust Architecture?

        Zero Trust architecture might be popular now, but that doesn’t necessarily mean it’s for you. If you find your needs are met by your current security, you may not want to switch. That said, keep in mind that waiting until you have a security breach isn’t an ideal way to evaluate your security.

      • OpenPGP certificate flooding

        A problem with the way that OpenPGP public-key certificates are handled by key servers and applications is wreaking some havoc, but not just for those who own the certificates (and keys)—anyone who has those keys on their keyring and does regular updates will be affected. It is effectively a denial of service attack, but one that propagates differently than most others. The mechanism of this “certificate flooding” is one that is normally used to add attestations to the key owner’s identity (also known as “signing the key”), but because of the way most key servers work, it can be used to fill a certificate with “spam”—with far-reaching effects.

        The problems have been known for many years, but they were graphically illustrated by attacks on the keys of two well-known members of the OpenPGP community, Daniel Kahn Gillmor (“dkg”) and Robert J. Hansen (“rjh”), in late June. Gillmor first reported the attack on his blog. It turned out that someone had added multiple bogus certifications (or attestations) to his public key in the SKS key server pool; an additional 55,000 certifications were added, bloating his key to 17MB in size. Hansen’s key got spammed even worse, with nearly 150,000 certifications—the maximum number that the OpenPGP protocol will support.

        The idea behind these certifications is to support the “web of trust”. If user Alice believes that a particular key for user Bob is valid (because, for example, they sat down over beers and verified that), Alice can so attest by adding a certification to Bob’s key. Now if other users who trust Alice come across Bob’s key, they can be reasonably sure that the key is Bob’s because Alice (cryptographically) said so. That is the essence of the web of trust, though in practice, it is often not really used to do that kind of verification outside of highly technical communities. In addition, anyone can add a certification, whether they know the identity of the key holder or not.

      • FinSpy Malware ‘Returns’ To Steal Data On Both Android And iOS

        As per the researchers, the spyware was again active in 2018 and the latest activity was spotted in Myanmar in June 2019. These implants are capable of collecting personal information such as SMS, Emails, Calendars, Device Locations, Multimedia and even messages from some popular social media apps.

        If you are an iOS user, then the implant is only observed to work on jailbroken devices. If an iOS device is already jailbroken then this spyware can be remotely installed via different mediums like messaging, email, etc. However, the implants have not been observed on the latest version of iOS.

      • New FinSpy iOS and Android implants revealed ITW

        FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were first described in 2011 by Wikileaks and mobile implants were discovered in 2012. Since then Kaspersky has continuously monitored the development of this malware and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019. Late in 2018, experts at Kaspersky looked at the functionally latest versions of FinSpy implants for iOS and Android, built in mid-2018. Mobile implants for iOS and Android have almost the same functionality. They are capable of collecting personal information such as contacts, SMS/MMS messages, emails, calendars, GPS location, photos, files in memory, phone call recordings and data from the most popular messengers.

    • Environment

      • Warren reintroduces bill mandating climate disclosures by companies

        The Climate Risk Disclosure Act would direct the Securities and Exchange Commission, in consultation with climate experts at other federal agencies, to issue rules within the next year requiring companies to disclose their greenhouse gas emissions, fossil fuel assets and its risk management strategies related to the climate crisis.

      • Wildlife/Nature

        • Round-the-clock ‘bear cam 360′ goes live in Finland

          The live stream from Eastern Finland – which lasts more than 48 hours – begins Wednesday 10 July, 6pm Finnish time (1500 UTC) and ends at noon on Saturday.

        • Monarch Mishaps: When Trying to Help Actually Hurts

          Monarch butterflies haven’t had it easy lately. Populations of these beloved insects have crashed 80 percent or more in most parts of their range as a result of pesticides, habitat loss, climate change and other environmental threats. As a result, monarchs are now being considered for protection under the Endangered Species Act.

          A lot of people are working hard to protect monarchs, but one all-too-common activity intended to help may actually do more harm than good: mass releases of captive-raised butterflies.

    • Finance

    • AstroTurf/Lobbying/Politics

      • The Evolution of a Russian Troll

        In an interview with Foreign Policy this week, Malkevich confirmed that the men had met with Qaddafi’s son but denied that they had sought to interfere in the country’s factious politics. He said they were only conducting research and described the allegations as a project of the “deep state” in the United States.

      • The American Left Is Failing Hong Kong

        The fears are well-founded. Mainland China has sent operatives to Hong Kong to abduct businessmen and booksellers. The Hong Kong legislative council is already not fully democratic. The public elects only half of its 70 members; the other half is selected by so-called functional constituencies, which give pro-Beijing corporations and tycoons direct influence over policy. The result is a business-friendly legislature that disqualified elected officials who refuse to pledge allegiance to mainland China and essentially criminalized a pro-independence political party.

      • Your Boss Might Be Ripping You Off: How To Protect Yourself From Wage Theft

        Wage theft is a general term for paying workers less than what they’ve rightfully earned. Nobody knows exactly how much is stolen, but some experts estimate wage theft costs U.S. workers $50 billion a year. To put that number in perspective, all robberies, burglaries, and car thefts combined cost victims $14 billion, in 2012, according to FBI statistics.

      • Diplomats Fear Chilling Effect of British Ambassador’s Resignation

        “The leak of cables has a chilling effect on what diplomats are prepared to put in writing and send back,” said Amanda Sloat, a scholar at the Brookings Institution and a former State Department official. “I’m sure that British diplomats in embassies around the world are now going to be having similar concerns about things that they are writing in cables and sending back to London.”

    • Censorship/Free Speech

      • Why China is Hiding the Horrors of Its Past

        What is arguably most sensitive to the Chinese Communist Party are discussions of any historical events in which the CCP appears to be at fault, whether it be violence in Xinjiang or the Tiananmen Square Massacre. In the current political environment, these events call into question the legitimacy of the CCP, and therefore, information about them is increasingly restricted. But it wasn’t always this way. In the 1980s, public discussions and writings (known as “scar literature”) of the horrors of Mao’s rule were largely tolerated by the government. This was also a period when such history appeared to be less relevant, and therefore, less threatening to the Party. At that time, the country was reforming its political institutions, liberalizing its economy, and some high-ranking CCP officials were even considering full democratization.

      • Court Orders Cloudflare to Terminate Accounts of Pirate Sites

        An Italian court has ordered Cloudflare to terminate the accounts of several pirate sites. The ruling comes after a complaint from local broadcaster RTI, which successfully argued that Cloudflare can be held liable if it willingly fails to act in response to copyright infringement notices.

    • Privacy/Surveillance

      • Instagram will ask users to rethink posting something offensive

        Instagram is also due to launch another tool, called Restrict, designed to help users filter abusive comments without needing to block others. The tool will mean that restricted people will not be able to see when a user is active on on Instagram or when direct messages have been read.

      • Apple Watch vulnerability forces Apple to disable Walkie-Talkie

        Walkie-Talkie is an Apple Watch app that offers push-to-talk calls through a tweaked form of FaceTime Audio. It was added to the Apple Watch with last year’s release of watchOS 5. The app itself is still installed on users’ watches, but calls won’t go through.

      • Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping

        Apple was alerted to the bug via its report a vulnerability portal directly and says that there is no current evidence that it was exploited in the wild.

        The company is temporarily disabling the feature entirely until a fix can be made and rolled out to devices. The Walkie Talkie App will remain installed on devices, but will not function until it has been updated with the fix.

      • Facebook’s NPE Team will mess around making experimental apps

        “We decided to create this separate developer name to help set the appropriate expectations with people that, unlike Facebook’s family of apps, NPE Team apps will change very rapidly and will be shut down if we learn that they’re not useful to people,” said the social network.

      • Wiretap Report Says Courts Are Seeing Fewer Wiretap Requests, Fewer Convictions Linked To Wiretaps

        I’m not sure if this is supposed to be bad news or good news. Should we feel anything about it? Maybe dismay, because law enforcement just isn’t working as well as it used to? Some sort of disappointment that wiretaps aren’t turning into convictions as often as they used to in the past? A general malaise about the sheer number of inscrutable stats that government thrusts at us in an attempt to believe it actually cares about transparency?

        Maybe what we should feel is some sort of gratitude the system isn’t being abused quite as frequently. This gratitude shouldn’t be directed towards the court system, which has been a willing enabler of law enforcement abuse. It shouldn’t be directed towards law enforcement, which has repeatedly shown an ability to abuse any system it works with.

        No, if there’s anything that’s a positive sign in this report, all gratitude for this needs to go to journalists like Brad Heath, who uncovered abuse of wiretap authorities on a massive scale in his investigation for USA Today.

        For years, the DEA ran wiretap warrants through state courts in southern California. A majority of these warrants landed in front of a single judge. The DEA had California courts acting as enablers, allowing agents to bypass restrictions the DOJ places on seeking and deploying wiretaps. Having found an easy source for warrant approval, the DEA went back to the well time and time again, even as other federal law enforcement agencies expressed their concerns about the legality of this tactic.

      • White House Explores Social Media “Bias”

        The White House is today hosting a social media summit to examine allegations of bias and censorship. EPIC objected to an earlier White House survey on this topic, noting that the White House failed to protect the privacy of respondents.

      • Google should auto-delete aging user data by default

        Google have rolled out controls allowing signed-in users to have their collected location history, web searches, and activity data automatically deleted after three or 18 months. Controls to delete data had been available before, but users would have to revisit periodically and manually request the deletion of data.

        Google doesn’t yet prompt users to chose how long they want data to be stored, but they can go in and set their own preferences if they manage to find the auto-delete options.

    • Freedom of Information/Freedom of the Press

      • RSF took an unprecedented mission to Saudi Arabia to free jailed journalists

        At the start of the Global Conference for Media Freedom in London (10-11 July 2019), the international press freedom organisation Reporters Without Borders (RSF) revealed that it took an unprecedented mission to Saudi Arabia in April to advocate for the release of 30 jailed journalists. RSF views this measure as the only way to clear Riyadh’s way to the G20 chairmanship in the aftermath of the assassination of Jamal Khashoggi.

    • Civil Rights/Policing

      • Five-year jail sentence for Somali policeman who murdered a journalist

        [...] The sentence was not made public and RSF has only just learned of its existence.

        The verdict issued by a military court on 1 November 2018, a copy of which has been obtained by RSF, states: “In the court’s view, it has been clearly established that Abdullahi Ahmed Nur, a police sergeant working for the customs and finance department, committed the crime of which he is accused.”

      • [Old] Media seeks Justine Damond death video

        A legal stoush has broken out in the US over whether police video of Australian yoga instructor Justine Ruszczyk Damond naked and “gasping for breath in the last moments of her life” should be shown to the media and members of the public.

        Hennepin County District Judge Kathryn Quaintance ruled last week the police body camera video should only be viewed by the jury, lawyers and herself during Minneapolis police officer Mohamed Noor’s murder trial.

        A coalition of media organisations, led by the Minneapolis Star Tribune, challenged the judge’s ruling at a hearing on Friday.

      • Simulators teach police and their critics when to shoot [iophk: indoctrination]

        That is just one of the roughly 500 scenarios on the FATS (Firearms Training Simulator), an interactive machine designed, in the words of Detective Raul Hernandez, who puts nearly 1,000 Newark officers through their paces on the FATS twice a year, “to train our officers to survive an encounter with a person with a weapon.” Around 3,800 agencies in America, and hundreds more around the world, including the Canadian and Singaporean armies and the British defence ministry, use these machines.

      • The Gentrification Of A Cup Of Coffee

        Here I am, awakened during a dream in the wee hours. I dreamt my late father came into the kitchen and solemnly informed my mother that a cup of coffee was a multiple of his hourly pay and he would have to skip it… Effectively, that’s happening as wealthy people pay many dollars for cups of coffee without a thought for how the poorer folk get by. Getting by is not a concept when one buys $60K pickups to drive empty in city traffic or pays half a $million for an ordinary home that used to provide for a family of 5 to 20 children and now is occupied by 2.5 people.

      • Saudi Princess stands trial in Paris for alleged assault

        She stands accused of ordering her bodyguard Rani Saidi, who is also charged, to beat up the workman Ashraf Eid after he was seen taking a photo inside her home in September 2016.

        Eid, who worked in the luxury apartment block, had been called in to repair a damaged basin and told investigators he needed the pictures taken with his phone to carry out the work.

      • A former Scientologist says this is how Tom Cruise’s kids were turned against Nicole Kidman

        But after the split, she said the children lived in a “boot camp” experience isolated from other children at the center. Domingo says Rathbun ( who’s since left Scientology) was in charge of Connor and Isabella’s indoctrination into the faith.

    • Internet Policy/Net Neutrality

      • After more than 60 Internet cuts so far this year, India urged to overhaul legislation

        The Indian authorities are currently disconnecting the Internet at a rate of ten times a month, each time depriving an average of several hundred thousand people of all online information. This was the case on 5 July, in the Kashmiri district of Shopian, in India’s far north, where the Internet was disconnected as a “preventive measure” after a gunfight between separatist militants and paramilitaries.

      • [Old] Internet Shutdown Tracker

        We are tracking instances of Internet shutdowns in India to draw attention to the troubling trend of disconnecting access to Internet services.

      • Google Joins Talks In Bid To Salvage T-Mobile Merger

        We recently noted that the DOJ seemed to have shifted its thinking and is now likely to approve T-Mobile’s highly problematic $26 billion merger with Sprint. Why? As it stands, not only do such telecom mergers almost always result in significant layoffs (despite what T-Mobile is promising employees), the deal would eliminate one of just four major US wireless competitors, dramatically reducing any incentive to compete on price. So T-Mobile lobbyists have launched a hail Mary pass: they’re proposing spinning off a part of the company and potentially selling it to a competitor like Dish Network, creating a new fourth carrier.

        The problem: Wall Street doesn’t believe the assets Dish will obtain (like prepaid brand Boost Mobile) will be enough to craft a fully viable fourth character. There’s also a lot of doubt that Dish Network, with a long history of hoovering up valuable spectrum and then doing absolutely nothing with it, would actually be competent enough to pull such a plan off.

    • Monopolies

      • Road-tripping with the Amazon nomads

        To stock Amazon’s shelves, merchants travel the backroads of America in search of rare soap and coveted toys

      • Patents and Software Patents

        • STRONGER Patents—Bad Legislation

          There’ve been some minor changes, but the majority of the STRONGER Patents Act is a copy of the 2017 edition.

          That means that the bill still creates a standing requirement for inter partes reviews (IPRs), incentivizing patent owners to sit and wait until products are developed and profitable before filing their lawsuits and preventing product designers from testing the validity of a patent before making that investment.

          The bill still changes the standard of proof in IPRs to clear and convincing evidence–a standard district courts use in deference to the competence of the USPTO. The USPTO has no need to defer to its own competence—in fact, the multiple technically and legally trained judges composing a PTAB panel are significantly more competent than the single examiner spending an average of 19 hours to examine a patent.

          It still defines a real party in interest broadly enough that a stockholder might be a real party in interest and a crowdfunder almost certainly is. The real party in interest requirement was designed to prevent a company from using control or influence with another company to file an IPR that they wouldn’t have been able to file themselves, something the PTAB already actively polices, and the amended definition of real party in interest goes far beyond that point.


          But even the improvements are just eliminating harmful changes from the bill—they don’t actively improve the patent system and they don’t offset the harms to innovation that the bill would create. The STRONGER Patents Act of 2019 is not a bill that anyone should support if they care about U.S. innovation—a fire that only destroys your kitchen is better than a fire that burns down your entire house, but neither one is desirable.

          Over the past 7 years, IPR has provided a successful tool to eliminate patents that shouldn’t have been granted, resulting in lower-cost, less-frequent patent litigation, saving billions of dollars that can be spent on actual research and development instead of lawyers. And the reduction in litigation has come almost entirely from non-practicing entities, not the kind of productive operating companies that perform research and development.

          Why would anyone want a bill that tries so hard to eliminate a program that’s eliminated patents that never should have issued, reduced the amount of troll litigation, and even made litigation less expensive in the process?

        • Fastest Patents of 2019

          U.S. Patent No. 10,285,922 (110 days from earliest priority to issuance). The ‘922 Patent claims a “topical exfoliating formulation” that includes papain enzyme. Case was subject to a petition to make special based upon the inventor’s age of 65+. Applicant cited no references and the (primary) examiner only found two.

          U.S. Patent No. 10,343,988 (111 days from earliest priority to issuance). The ‘988 patent is directed to a new compound known as hydroxytyrosol thiodipropionic acid apparently useful for food preservation.

        • What Are We Really Talking About When We Talk About § 101?

          After the Senate’s recent § 101 hearings, Senators Tillis and Coons seem to have remained steadfast in their belief that patentable subject matter is a real problem for U.S. innovation. (It’s not.) But there’s a particular flaw in their belief. In a recent article penned by the two Senators, published in Law360, they state that because of § 101, “investors are reluctant to pursue the innovations that propel our country forward.”

          The reality is that § 101 isn’t being used to eliminate those innovations—it’s being used to prevent the kinds of patents on economic transactions that Tillis and Coons claim to want to prevent. Let’s take a look at some real examples.


          Outside of China (which is investing tens of billions of dollars in government funding of AI research), the U.S. remains by far the most popular jurisdiction for AI patent applications. And that growth has accelerated in the U.S. after the 2014 Alice decision compared to other jurisdictions. This suggests that Alice has actually led to increased AI investment as companies worry less about being sued for their AI work and can spend more time and money on actual R&D.

          As it turns out, when you look at § 101’s actual impacts on high tech, it’s been positive. § 101 has been getting rid of patents on processing and graphing data and on remotely authorizing purchases, not harming research into technologies like AI.

          If this is the best evidence of harm from § 101, I’d say the only problem is calling it a “problem” in the first place.

      • Trademarks

        • Are Trademarks FUCT? SCOTUS Strikes Down Ban On Registering “Immoral” And “Scandalous” Trademarks

          On June 24, 2019, in Iancu v. Brunetti, the Supreme Court of the United States struck down the Lanham Act’s ban on registering “immoral” or “scandalous” trademarks, two years after the Supreme Court struck down a similar ban on registering “disparaging” trademarks. The decision was a victory for skater, artist and entrepreneur Erik Brunetti, whose application to register a controversial trademark, FUCT, was denied on the basis that it was “immoral” or “scandalous.”

          Many are hailing the Brunetti decision as a victory for “free speech”—and it is. However, the decision has little to do with whether businesses can (or should) adopt and use profane marks, and everything to do with whether such marks are legally registerable by the U.S. Patent and Trademark Office (USPTO).


          Although the majority declined to adopt the narrow interpretation of the three dissenting justices on the basis that they would not “rewrite” the statute before them, they acknowledged that some speech-related restrictions could withstand constitutional scrutiny, signaling to Congress that the relevant provisions of the Lanham Act could be amended and upheld. The majority opinion seemingly acknowledged that language prohibiting registration of “lewd,” “sexually explicit” or “profane” marks may not violate the First Amendment, suggesting that Congress could adopt such language in an amended statute. Justice Alito emphasized exactly this point in his separate, concurring opinion, noting specifically that the majority opinion leaves room for Congress to adopt a “more carefully focused statute” prohibiting registration of marks “containing vulgar terms that play no real part in the expression of ideas.”

      • Copyrights

        • YouTube ‘Blocks’ Popular MP3 Stream-Ripping Sites

          Several stream-ripping sites have been unable to download and convert files from YouTube starting a few hours ago. It appears that the video streaming platform is actively blocking requests from these sites. While the reason for the sudden blocking efforts is unknown, the music industry would certainly welcome a more aggressive stance from YouTube.

Campinos is Already Widely Seen as Battistelli the Second, Even Among EPO Stakeholders

Posted in Deception, Europe, Patents at 10:57 am by Dr. Roy Schestowitz

Last week: António Campinos is Almost 100% the Same as Benoît Battistelli

Crashed car

Summary: The Frenchmen in charge of the EPO may have a taste (and waste) for wine, but they have no clue how to run a patent office (except into the ground); patent application numbers are meanwhile falling (a reduction in demand)

WITH clueless, nonscientific, law-unabiding people like Benoît Battistelli and António Campinos in positions of power no wonder software patents are being granted in Europe. Even in direct violation of the EPC. Patents are also being granted on life and nature. Anything goes…

“We worry that today’s EPO is already broken beyond repair.”“EPO and EUIPO study finds link between IPR and SME growth” says a new headline, treating words from the past and present agencies of Campinos (EPO and EUIPO) like the fountain of truth. Just as expected, AWA’s Christian Nielsen does not bother pointing out who funded this so-called 'study'

Yesterday the EPO kept googlebombing “SMEs” (because it's against them and therefore needs to deflect urgently).

The first such tweet said: “How can IP protection support your business? We’ll be discussing that at this event: https://bit.ly/2WuNry0 #startups #IPforSMEs pic.twitter.com/GmqAJBB3qo’ (see those two hashtags)

This hashtag, #IPforSMEs, appeared in another EPO googlebomb (second mention of “SMEs” on the same day).

To quote: “Patents can be used to shape a company’s technology competency profile. http://bit.ly/epoSMEstudies #IPforSMEs pic.twitter.com/l2xZl7Jmpy”

See? It’s “SMEs” everywhere. Pages, tweets, studies…

So the EPO is great for SMEs, right? Just like it’s great when it comes to quality (or so it wants us to believe). The EPO has just released a big report with “Transparency on quality of products and services” in the title. Transparency as in lies? They also say “products” as if applicants are “customers” as JUVE puts it (JUVE is comparing the EPO to a restaurant as if dining and monopolies are comparable).

The patent office mostly known across Europe for corruption (because of Željko Topić) has also just been mentioned in relation to the EPO. “On May 24, 2019, the Croatian Intellectual Property Office closed the public discussion on the new Patent Act draft,” PETOŠEVIĆ’s Anamarija Stančić Petrović wrote. As if they respect the law there. Outlaws seem to be running the patent system in Croatia. They’re thriving. They help foreign giants like Lufthansa crush small, local companies.

“Big drop in the meaning of the word “Innovation” in the past 50 years,” said this one Twitter user, so “say no to Software Patents…”

It was said in relation to the Moon mission (50 years ago) on the same day IP Kat asked in its headline: “Why is there less innovation?”

Patent lawyers overuse and misuse that word. They intentionally conflate it with patents, i.e. with monopolies. IP Kat is citing this March article and says: “According to the article, it is not that older employees are less productive. A study shows that while there may be some drop-off in the physical abilities of senior citizens, it is compensated by enhanced skills in such things as experience and connections. So it is not the decline in productivity of older workers per se.”

Having more and more patents does not mean more innovation and it may actually mean less of it. See how patents slowed down/curtailed by decades innovation in the UAV and 3-D printing space.

We worry that today’s EPO is already broken beyond repair. SUEPO is relatively quiet and there has been no update in over a month from RIP-Kat, which was supposed to be a forum to replace the now-censored IP Kat. One new IP Kat comment from Kant says: “Why did the legislators bother with including [patent] added subject matter as a ground for revocation in the first place?”

This was said in relation to the latest of many eliminations of European Patents in top European courts. The full comment:

What is also amusing is the consideration of German practice regarding added subject matter to be logical. Before the Federal Patent Court, one of the grounds for revocation is the presence of added subject matter. Should such added subject matter however be identified, the patent is not revoked. Instead a conceptual bubble is drawn around the added subject matter and if the rest is novel and inventive, the patent can be maintained, bubble and all.
Why did the legislators bother with including added subject matter as a ground for revocation in the first place?

Things sour at the EPO even further, based on RIP-Kat comments, with false promises reported by insiders. Anonymous commenter wrote: “The rewards exercise is already delayed. No announcement on the bonuses for the performance of 2018 has ever been made. Yes, you read it right. For 2018, and we are now in June 2019! The figures were obviously available in December 2018 and bonuses could have been paid in December 2018, like everywhere else, or in January 2019, but neither HR under the sublime Elodie Bergot, not the top management under Campinos have done anything about it.”

“Anonymous Impunity” then said in response: “Nor do they care. Allegedly 2/3 will receive something, but rumours have it that the COOs have cut that down to less than half of “eligible” employees will receive something. They are noticing the breakdown of the current “rewards” system, and are giving it a big push over the cliff. Also, the delayed payout and the interest on that money awards to something already. It’s prudent management…”

It is utterly terrible management and just as we predicted all along it’s depressing participation in the EPO, both as staff and as applicants. The EPO management lies to everyone yet again (about "quality") as the number of patent applications falls — something that even JUVE nowadays mentions (the aforementioned article about restaurants, comparing a patent/monopoly-granting authority to cuisine!).

Ben Wodecki (IPPro Magazine) wrote about it about a day ago, counterbalanced with contrary claims from the critics and sceptics (quite refreshing for a change, as he used to do just puff pieces). To quote a few sentences/paragraphs:

Much has also been made recently of EPO patents that covered conventional bred plants being granted, when under European law, it is illegal to do so.

Aside from the aforementioned findings, the EPO’s product audits show that there is, according to the office, “room for improvement”.

A decrease in compliance rate was measured in the auditing of grants by the office, which states “a number of improvement actions are being taken”.

A year after Campinos came to the EPO he lies so blatantly and routinely. We absolutely lost all hope that he will introduce necessary changes and based on what JUVE and IPPro Magazine have to say, having spoken to stakeholders, we aren’t alone. They too have lost faith in Campinos.

The EFF Responds to IBM’s Liars and Lobbyists for Software Patents Just a Day After Red Hat is Officially Absorbed

Posted in EFF, Europe, IBM, Patents, Red Hat at 9:50 am by Dr. Roy Schestowitz

David Kappos
Source: David Kappos 2013 interview

Kappos PAI

Summary: IBM’s unacceptable stance and abominable actions on the patent front continue to haunt it; IBM must quickly dissociate and reconsider its patent strategy so as to not alienate thousands of workers (the real asset of Red Hat) it has just spent a fortune on

IT hadn’t even been more than a day since IBM took over Red Hat, rendering its patent policy all moot. Already, as of last night, the EFF’s Alex Moss and Joe Mullin responded to lobbyist David Kappos using the European system as a talking point (EPO grants software patents in Europe). Remember that IBM is lobbying for software patents everywhere, even in India and Europe. We wrote about a dozen articles about this behaviour of IBM. It’s probably even worse than Microsoft in that regard.

“If IBM doesn’t get its patent extortion tendencies under control (and its lies for software patents don’t reach an end, i.e. both actions and words), maybe it’s time for a mass Red Hat walkout/resignation.”Kappos was there at the stacked 'debate' about 35 U.S.C. § 101; Kappos is a deplorable lobbyist for patent trolls and patent bullies. He profits from his connections. IBM is still paying him to lobby for software patents (he came from IBM). The new owner of Red Hat is in that regard highly incompatible with Red Hat, as we’ve been arguing for months. If IBM doesn’t get its patent extortion tendencies under control (and its lies for software patents reach an end, i.e. both actions and words), maybe it’s time for a mass Red Hat walkout/resignation. IBM continues to fund a malicious, FOSS-hostile lobby.

From the EFF’s blog post, which names software patents in the headline (in relation to Europe and China, but it’s all connected across IP5):

A Senate subcommittee recently concluded three days of testimony about a proposed patent bill that, we have explained, would be a terrible idea. Proponents of the bill keep saying that Section 101 of U.S. patent law, which bars patents on things like abstract ideas and laws of nature, needs to be changed. One recurring argument is that Section 101 is killing patents that are being granted in Europe and China and that somehow this hurts innovation in the U.S.

The argument is flawed for many reasons. Proponents of this bill have vastly overstated the number of Section 101 rejections. Patent applications are rejected for many different reasons. For instance, an examiner could find that an invention would have been obvious—that might lead to a Section 103 rejection. Or an examiner could find that the application simply isn’t clear at all, leading to a Section 112 rejection.

But proponents of the bill, such as former US Patent Office Director David Kappos, simply claim there’s an epidemic of Section 101 rejections by lumping all these different types of rejections together. When Joshua Landau, a patent attorney who works for a computer industry group, examined a selection of the data set that Kappos was using, he found that only 13 percent of the applications in the group were clearly Section 101 rejections.


In Europe, there is an explicit rule against patenting “mathematical methods” and “programs for computers.” That prohibition isn’t as broad as it sounds—it’s limited by guidelines allowing patents on computer programs that have a “technical character” and on artificial intelligence software that has a “technical purpose.” As a result, Europe has similar rules around patenting software—for better and for worse. The point here is, proponents are wrong that Europe grants lots of software patents that the U.S. rejects.

Second, bill proponents have said that China is granting lots of patents. That is true, but the vast majority of them are extremely low-value. Recent news reports suggest that only 23 percent of Chinese patents even cover “inventions”—the majority are for “utility models” which are often allowed to lapse after a few years. And virtually none of the applications originating in China are “triadic patents” (patents filed jointly in the patent offices of Japan, the United States, and European Union), which are widely considered “the gold standard” for patent protection.

We’ll deal with the EPO in our next post, but the above lies and distortions from Kappos are particularly noteworthy. He and IBM’s patent chief habitually write pieces for Watchtroll, thereby associating themselves with the worst of the worst. Gene Quinn, the Watchtroll in chief, is attacking the courts again this week/yesterday. He’s doing it again in “It May Be Time to Abolish the Federal Circuit” (see our Wiki).

“We should note, at the very least as a side note, the deterioration of patent blogs. Their collapse carries on; they hardly write anything anymore, not even microblogging.”How is this loony blog managing to get the EPO to work with it? Simple. Both hate judges and loathe justice. How does it get IBM to participate? Simple. IBM is a terrible company and a patent bully.

We should note, at the very least as a side note, the deterioration of patent blogs. Their collapse carries on; they hardly write anything anymore, not even microblogging. Watchtroll’s Quinn hardly even writes there anymore and he stepped down as editor after 2 decades. Will IBM continue to support and maybe fund Watchtroll?

Microsoft Putting Patent Traps Inside Linux While Blackmailing Companies Using Patents Associated With These Traps

Posted in Kernel, Microsoft, Novell, Patents, Standard at 8:24 am by Dr. Roy Schestowitz

“I saw that internally inside Microsoft many times when I was told to stay away from supporting Mono in public. They reserve the right to sue”

Robert Scoble, former Microsoft evangelist

Summary: In an effort to make exFAT (a patent trap) the ‘industry standard’, even inside Linux, Microsoft now wants exFAT inside the very heart of Linux and people are pushing back

With food came the appetite and shortly after being allowed into a secretive circulation of flaw information — the kind of information former Microsoft employees use to come up with brands, logos, buzzwords and Web sites to hype up and profit from Linux and FOSS bugs (e.g. "VENOM" and “Heartbleed” [1, 2] — it’s already progressing even further. Suffice to say, corporate media isn’t interested in Microsoft’s bad history (it's just spamming us 24/7 with "Microsoft loves Linux" revisionism).

Michael Larabel has taken note (as recently as yesterday evening) of filesystem guru Ted Ts’o writing: “Personally, if Microsoft is going to be unfriendly about not wanting others to use their file system technology by making patent claims, why should we reward them by making their file system better by improving its interoperability? (My personal opinion only.)” (those last 4 words are an expression of fear of association, like bullying through one's boss/employer)

It was a discussion among some Microsoft people and former Novell people. They’re still up to no good. They’re not serving Linux; they serve Microsoft, which promotes Windows.

“It was a discussion among some Microsoft people and former Novell people. They’re still up to no good. They’re not serving Linux; they serve Microsoft, which promotes Windows.”Ted Ts’o is not a person who trusts Microsoft (never did!) and the same person who tried to portray Torvalds as sexist (back when the person was female, not male) Ted Ts’o was spun as a “rape apologist” based on some very old message — obviously taken out of context to make Ted Ts’o like an an abominable, unemployable person. We recently recalled and highlighted issues related to this [1, 2].

At the moment Microsoft charges patent tax through companies like Tuxera, so the point raised by Ted Ts’o is absolutely legitimate. But if Microsoft’s entryism inside Linux is working as expected/hoped, even senior and prominent developers like Ted Ts’o can be ousted or at least silenced somehow. Microsoft is now officially inserting patent traps into the kernel used on billions on chips. Sometimes it feels like the kernel is being ‘sold’ to Microsoft by Zemlin et al at the Linux Foundation (they became millionaires by doing so). It often feels, now with people like Cox gone, like the Foundation is nothing but the corporate cabal its Board has become (Microsoft, Oracle and so on). First they kicked out community members, then their journalists and editors. So what’s left? Peripheral PR people, 3 developers on the payroll and an operation that ‘sells’ (passes) Linux+FOSS code to surveillance companies. In this particular case they hope to impede ongoing efforts to replace exFAT with non-Microsoft things. What we see here is how Microsoft uses its ‘moles’ inside Linux (the kernel) to make Microsoft ‘the standard’. It’s not hard to achieve when one ‘controls’ both Windows and Linux, where the latter is a lot more widely deployed.

“There are lots of angry comments about this in Phoronix right now (almost 50, tenfold the usual/average).”Microsoft’s participation was all about pushing proprietary things of Microsoft. Just as one would expect…

Larabel brought up OIN, but even after joining OIN Microsoft is not only threatening but also suing using patents, claiming the usual claims. It demands billions of dollars for patents. And yes, it’s about Linux and Android.

EEE moves so, so very fast inside Linux. There are lots of angry comments about this in Phoronix right now (almost 50, tenfold the usual/average).

“He [Bill Gates] is divisive. He is manipulative. He is a user. He has taken much from me and the industry.”

Gary Kildall

Links 11/7/2019: Cockpit 198, Librem Updates

Posted in News Roundup at 7:30 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop

      • Chrome OS launcher function to search for Linux app installs postponed

        A bug for this functionality was opened back in January, with this description: “Add APT search into Chrome OS App Launcher, so that not installed Linux packages and Apps can be searched for and installed via the App launcher.”

        Essentially if you want to search for a Linux app that you didn’t have installed on your Chromebook, you would be able to do that directly in the Chrome OS launcher.

        Clicking on the appropriate result would then download the Linux app package and presumably start the installation process in a best-case scenario. A worst-case option would be to have the package downloaded and then use the Chrome OS Files app to install it, which is the current process.

    • Server

      • IBM

        • Cloud-Native CI/CD with OpenShift Pipelines

          With Red Hat OpenShift 4.1, we are proud to release the developer preview of OpenShift Pipelines to enable creation of cloud-native Kubernetes-style continuous integration and continuous delivery (CI/CD) pipelines based on the Tekton project.


          OpenShift Pipelines allows teams to build, test and deploy their applications using cloud-native pipelines and take control of their application lifecycle.

          Kubernetes style pipelines: Create pipelines using standard Kubernetes CRDs that are portable across Kubernetes distributions.

          Runs serverless: Create and run pipelines, period. No CI/CD server to manage and maintain.

          Deploy to multiple platforms: Your pipelines run on Kubernetes, but you can deploy to many Kubernetes, VMs and serverless platforms from the pipeline.

          Build images with Kubernetes tools: You can use the build tool of your choice for building images. Source-to-Image (S2I), Buildah and Dockerfiles, Jib, Kaniko and more.

          Developer tools: Command-line tool to interact with the pipelines in addition to integrations with OpenShift developer console and IDE plugins.

        • Will rolling into IBM be the end of Red Hat?

          IBM’s acquisition of Red Hat for $34 billion is now a done deal, and statements from the leadership of both companies sound extremely promising. But some in the Linux users have expressed concern.

    • Audiocasts/Shows

    • Kernel Space

      • Linux Kernel 5.2 released, here is what’s new

        Despite the busy schedule of Linus Torvalds, we’re still getting a significant release in Linux Kernel 5.2 instead of just a release candidate.

        In the original news source, the king of the Linux world, Linus Torvalds, has claimed that he was possibly going to drop another release candidate as he was having internet problems for a few days and then got busy with his travels. Luckily, Linus didn’t stick to his plan owing to the lack of pull requests since rc7 and the fact that there seemed to be no real need for another release candidate. Thus, the announcement was made for the release of Linux Kernel 5.2, codenamed Bobtail Squid.


        The key highlights of this release are new drivers, extended hardware support, performance improvements, and security fixes. However, Linux Kernel 5.2 is a mainline version, which is usually not suitable for mass deployments. Accordingly, FOSSLinux suggests its readers wait for Linux Kernel 5.2.1 to drop before upgrading their kernels.

      • Linux’s Perf Subsystem Begins Prepping For Snow Ridge, Other New Intel Hardware Support

        Snow Ridge is the SoC Intel announced last December as a 10nm product intended for 5G products. With the in-development Linux 5.3 kernel is initial “perf” subsystem support for Snow Ridge.

        The perf subsystem support for the Snow Ridge bring-up has uncore support so far. There is also a number of PMU/uncore driver updates for Intel’s Icelake, Kabylake, Amberlake, and Whiskeylake processors.

      • Linux 5.3 Continues Advancing Intel’s Sound Open Firmware

        Linux sound subsystem maintainer Takashi Iwai sent in the big set of audio driver changes for Linux 5.3.

        Linux 5.3 is continuing where Linux 5.2 left off when it added a lot of their Sound Open Firmware kernel code that has been in development for over one year as the Intel-led effort for having open-source audio DSP firmware and SDK. Sound Open Firmware is used by the newest and future Google Chromebooks among other use-cases to come about.

      • Linux 5.3 Picks Up Utilization Clamping – Ensuring GUI Threads Get Maximum Frequency

        The scheduler changes for the Linux 5.3 kernel are as busy as ever.

        One of the most interesting scheduler changes for Linux 5.3 was made by Arm’s Patrick Bellasi. The addition is introducing utilization clamping support as an extension of their work on the Energy Aware Scheduling framework in order to boost some workloads while capping background workloads. Energy Aware Scheduling factors in the CPU topology of modern hardware — particularly Arm big.LITTLE designs — with differing power and performance characteristics in order to better schedule what CPU cores should be used for a given workload.

      • AMD Ryzen 3000 is experiencing problems with some Linux distributions

        Ryzen 3000 seems to have boot problems with the most modern Linux distributions. The problem affects all operating systems using a 2019 Linux distribution with Linux 5.0/5.1/5.2 kernels.

        This problem is now known to be related to the RdRand command. Remember that the previous Ryzen processors were also not friendly when they used the RNG hardware command, which caused problems on the platform. However, now with Zen2, this is even worse supported, and AMD has not yet officially detected the problem.

      • AMD Posts New CPUFreq Driver For CPPC Support With Zen 2 CPUs

        AMD Zen 2 CPUs support ACPI’s Collaborative Processor Performance Control (CPPC) for tuning the system to energy and/or performance requirements. AMD has now published a new CPUfreq driver for handling their CPPC implementation and the new controls found with their new processors.

        The AMD CPPC support with Zen 2 desktop/server/mobile CPUs can be optionally enabled and allows setting min/maximum performance along with desired performance and other knobs for tuning via sysfs.

      • Linux Foundation

        • Linode Puts Powerful Nvidia GPUs In Its Linux Cloud

          Linode today launched new GPU-optimized cloud computing instances tailored specifically for developers and businesses requiring massive parallel computational power. The new instances are built on NVIDIA Quadro RTX 6000 GPU cards with all three major types of processing cores (CUDA, Tensor, and Real-Time Ray Tracing) available to users. Linode is one of the first cloud providers to deploy NVIDIA’s latest GPU architecture.

        • Linode Brings Commercial Grade GPUs to the Masses
        • Linode Brings Commercial Grade GPUs to the Masses

          Linode has launched new GPU-optimized cloud computing instances tailored specifically for developers and businesses requiring massive parallel computational power. These new GPU instances give scientists, artists, and engineers working on artificial intelligence, graphic visualization, and complex modeling a cost-competitive alternative to hyperscale cloud providers.

        • Linux Foundation and LF Networking Announce Keynote Highlights for Open Networking Summit Europe

          The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today announced the initial line-up of keynote speakers and panelists for Open Networking Summit Europe. The event takes place September 23-25 in Antwerp, Belgium.

          Open Networking Summit (ONS) is the industry’s premier open networking event, enabling collaborative development and innovation across enterprises, service providers and cloud providers. The event provides a platform for discussing the future of Open Networking, including how networking and adjacent technologies like 5G, SDN/NFV, VNF/CNF, Cloud Native Networking, Network Automation, Edge, AI, Access and IOT, Access & IoT services. Following 2018’s inaugural event outside of North America, ONS Europe 2019 continues to provide expanded opportunities for more individuals to share, learn and collaborate on these important and emerging technologies.

        • The Linux Foundation Breathes New Life into Osquery

          Anyone who has been tasked with monitoring the security of server instances in a data center or cloud knows how laborious and time-consuming it can be. Osquery, a project started by Facebook, aims to lessen this burden by reframing how developers engage with their infrastructures. DevOps professionals can use Osquery to expose an operating system as a high-performance relational database, making it possible to use SQL commands to access data about a system, just as they would for a database.

          Osquery works on Mac, Linux and Windows systems and is provided as an open source download via GitHub. Although Osquery was developed by Facebook to monitor and safeguard the security of its own platform, the social media giant quickly realized the utility of the platform would extend to other enterprises that depend upon insight into the low-level behavior of operating systems.

    • Applications

      • Syncthing 1.2.0 Released, Adds QUIC Transport Protocol

        Open source continuous file synchronization program syncthing 1.2.0 was released yesterday with new features, various bug-fixes, and enhancements.

      • Cockpit 198

        Cockpit has been restyled to match the PatternFly 4 User Interface design, including the Red Hat Text and Display fonts.

        This style refresh aligns Cockpit with other web user interfaces that use PatternFly, such as OpenShift 4.

        Over time, Cockpit will be ported to actually use PatternFly 4 widgets, but this restyle allows us to change Cockpit gradually.

      • The 10 Top GUI Tools for Linux System Administrators

        A Linux administrators task is to typically install, upgrade, and monitor a company’s software and hardware while maintaining the essential applications and functions which include security tools, emails, LANs, WANs, web servers, etc.

        Read Also: Top 26 Tools for VMware Administrators

        Linux is undoubtedly a force to reckon with in computing technology and most system administrators work on Linux machines. You might think you are damned to using the command-line to complete administrative tasks but that is far from the truth.

        Here are the 10 best GUI tools for Linux System Administrators.

      • Foliate ePub Reader Now Available Outside of Flathub

        I bring a welcome word to the bookworms amongst you wanting to try the Foliate eBook reader on Linux: it’s now available outside of Flathub.

        Foliate is a terrifically well-designed, well-built and well-featured GTK eBook reader for Linux desktop. The app supports the .epub format exclusively, a focus that enables it to deliver some first-rate user experience.

        But short of building it from source, the only way to install Foliate on Ubuntu has been via the Flatpak build on Flathub. While it’s relatively easy to set-up and install Flatpak on Ubuntu, some folks flatly don’t want to.

      • Proprietary

    • Instructionals/Technical

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • New unit tests for the new code

          today I want to present the test system for Cantor’s worksheet.
          The worksheet is the most central, prominent and important part of the application where the most work is done.

          So, it is important to cover this part with enough tests to ensure the quality and stability of this component in future.

          At the moment, this system contains only ten tests and all of them cover the functionality for the import of Jupyter notebooks only that was added recently to Cantor (I have mentioned them in my first post).
          However, this test infrastructure is of generic nature and can easily be used for testing Cantor’s own Cantor files, too.

        • Akademy 2019: Talk Schedule is out!

          On day one (Saturday, September 7), the teams that have been working on the community goals over the last two years will discuss how things worked out and what has been achieved (spoiler: a lot). As many of the procedures and processes developed for the goals have now been worked into the everyday ways the KDE community operates and builds things, it is time to look for new goals. That is precisely what will be happening next, when the panel unveils what the community has decided to work on in the next two years.

          Apart from goals, there will also be time for the bleeding-edge tech KDE is so well-known for. You will find out from Aleix Pol how developers managed to make a complex graphical environment like the Plasma desktop start up faster, and Marco Martin and Bhushan Shah will show us how Plasma can work everywhere, including on embedded devices. Taking things a step further still, Aditya Mehra will demonstrate how the open source Mycroft AI assistant can be the next great thing to assist you while you drive your car.

      • GNOME Desktop/GTK

        • A Merge Proposal to ‘Drop Snap Support’ from GNOME Software Hints at Deeper Divisions

          As you probably know, Ubuntu Software, the default software app Ubuntu ship with, is based on GNOME Software. It’s mostly the same app save for a few Snap-specific tweaks (which we’ve mentioned before) and shipping with the Snap plugin by default.

          In short, the “Snap” support it offers isn’t particularly egregious or wide-reaching.

          But word on the street is that Ubuntu is prepping a brand new app store exclusively tailored to Snap apps for use in a future release (but separate from the Snap’d Snap Store snap)

          This has made some devs who work on GNOME Software a little …twitchy.

          Kalev Lember, the dev behind the merge request to nuke the 4000 or so lines of Snap support in GNOME Software, explains:-

          “Ubuntu is switching to a new snap-store app for installing and removing snaps. This commit drops the snap backend from gnome-software to avoid maintenance overhead.”

          Reasonable. Why should they shoulder the burden of working around Snap-specific code if Ubuntu, the only distro making use of it, don’t plan to use it longterm?

    • Distributions

      • Reviews

        • OpenSUSE Leap 15.1 – A dream come untrue

          OpenSUSE Leap 15.1 is significantly better than the first edition. It fixes tons of the problems that the previous version had. But then, it still retains lots of problems and introduces some new ones. You get decent media and phone support, but it’s not a perfect record. Network support is average, and overall, the hardware compatibility with the 2010 Pavilion machine is meh.

          The installer is no longer as awesome as it used to be, the package management is quite broken, and the system wasn’t stable enough to be fun and enjoyable, before or after my tweaks. The Plasma desktop is sweet, and while SUSE does have tricks most other distros don’t have, like YaST, BTRFS, Snapper and such, it feels raw and jumbled and hastily put together. There were too many rough edges and errors and application crashes for me to consider this for serious work. Alas, my dream of using openSUSE in my production setup was dashed once again. All in all, Leap 15.1 deserves something like 4/10, a far cry from the legend it used to be. Maybe, maybe one day. But hey, at the current rate, 15.2 might be quite all right. We shall see.

      • New Releases

        • Tumbleweed’s July Snapshots Are Trending Strong

          There have been a total of five openSUSE Tumbleweed snapshots since the beginning of July and all the snapshots have a strong, stable rating.

          The rolling release had the most updates arrive in the 20190702 snapshot. The packages update in that snapshot included Mesa 19.1.1 and Mesa-drivers 19.1.1 that had fixes for Intel ANV and AMD RADV driver as well as Nouveau and R300 Gallium3D drivers. The bzip2 file compression application fixed undefined behavior in the macros in version 1.0.7 and fixed a low impact Common Vulnerabilities and Exposures (CVE). The programing language package guilef was updated to version 2.2.5 and provided bootstrap optimization. Portability improvements were made in the library for encryption, decryption, signatures and password hashing with libsodium 1.0.18. A major release of the PulseAudio’s Volume Control package pavucontrol 4.0 was made; the new version dropped support for Gtk+ 2 and added more than a handful of new language translations.

          The most recent snapshot, 20190708, didn’t offer a changelog due to the server that the web app uses to produce the changelogs being upgraded to Leap 15.1. The changelog is expected to be included in the next snapshot that is released.

      • Screenshots/Screencasts

        • Clear Linux with Gnome 3.32

          Today we are looking at a newish distro that is quickly improving and according to many podcasts and blogs it might become one of the major Linux distros soon as it has many interesting features, but it isn’t perfect yet.

          There are many pros to look at, firstly it is Intel’s Linux distro, so it has great financial backing and support. Ikey Doherty, the guy who started Solus OS is part of the developing team of Clear Linux, as we all know he is no longer part of Solus, but he is a great developer for Clear Linux.

          It is an independently based distro, so not build on one of the major distros like Debian or Arch. It uses the Gnome Desktop Environment and it uses Gnome Software Center 3.30 as Software Store. It uses Gnome 3.32 and Linux Kernel 5.1 and uses about 1.1GB of ram when idling.

          The only downside of it is, that the installer is still a work in progress and a person can only install it on real hardware, not in Virtual Machines, that is the desktop version, so I made this video by using the live session, rest assured that my host system is Linux as well, so I would really like to see that they will enable us to install it on VirtualBox as well. The ISO comes in a compressed package which a person needs to extract to use the ISO.

        • Clear Linux OS with Gnome 3.32 Run Throughclear os lms
      • Fedora Family

        • The State Of EPEL-8 For Complementing RHEL8′s Packages

          Under the Fedora umbrella has been the “Extra Packages for Enterprise Linux” to complement the official RHEL packages with extra packages largely based on Fedora packages. While RHEL 8.0 launched in May, there hasn’t been full support for EPEL-8 yet but it’s being worked on.

          Due to the many changes from RHEL7 to RHEL8, the EPEL-8 support has been slow. The EPEL-8 bring-up is being done via a multi-phase roll-out.

        • Fedora Community Action and Impact Coordinator (FCAIC)

          I’ve decided to move on from my role as the Fedora Community Action and Impact Coordinator (FCAIC). This was not an easy decision to make. I am proud of the work I have done in Fedora over the last three years and I think I have helped the community move past many challenges. I could NEVER have done all of this without the support and assistance of the community!

          As some of you know, I have been covering for some other roles in Red Hat for almost the last year. Some of these tasks have led to some opportunities to take my career in a different direction. I am going to remain at Red Hat and on the same team with the same manager, but with a slightly expanded scope of duties. I will no longer be day-to-day on Fedora and will instead be in a consultative role as a Community Architect at Large. This is a fancy way of saying that I will be tackling helping lots of projects with various issues while also working on some specific strategic objectives.

      • Debian Family

        • Debian 10 “Buster” released

          The Debian community has announced the release of Debian 10 “Buster.” Buster will be supported for the next five years. Buster ships with several desktop environments including, Cinnamon 3.8, GNOME 3.30, KDE Plasma 5.14, LXDE 0.99.2, LXQt 0.14, MATE 1.20, and Xfce 4.12. Buster supports a total of ten architectures, including 64-bit PC / Intel EM64T / x86-64 (amd64), 32-bit PC / Intel IA-32 (i386), 64-bit little-endian Motorola/IBM PowerPC (ppc64el), 64-bit IBM S/390 (s390x), ARMel, and more. Buster can be downloaded from the official Debian page.

    • Devices/Embedded

      • Arm-based SBC has PoE, WiFi/BT, and optional Sub-1GHz, 802.15.4, GPS, and LTE

        Gateworks’ headless “Ventana GW5910” SBC runs OpenWrt or Ubuntu on a dual-core i.MX6 and provides GbE with PoE, WiFi/BT, optional GPS, Sub-1GHz, and 2.4GHz radios, and dual mini-PCIe slots for further wireless expansion.

        Freescale’s i.MX6 was ahead of its time when it launched in 2011, and in the NXP era it it has continued to hold on in the embedded Linux market far longer and with greater dominance than any other processor. It’s only a matter of time before i.MX6-focused embedded vendors like Gateworks move on to the i.MX8 or other SoCs, but in the meantime there’s something to be said for working with a consistent SoC and platform/software platform rather than starting from scratch every few years.

      • real-time software Linux embedded computing

        Wind River Systems in Alameda, Calif., is introducing enhancements to the Wind River Linux software to ease adoption of containers in embedded computing systems.

        Enhancements provide resources such as pre-built containers, tools, and documentation, and support for frameworks such as Docker and Kubernetes.

        Embedded devices in industrial, medical equipment, and automotive systems, can require lightweight, reliable software with long life cycles. Existing container technologies like those in enterprise Linux, are often bloated or require updates too frequently to run effectively on these embedded systems.

      • Raspberry Pi 4 B+ – PCI Express

        Without much exaggeration, the new Raspberry Pi is likely the largest single-step improvement on the Pi family since the early changes of the form factor. Although Pi3 introduced 64bit capability, it’s been pretty limited in practice due to lack of memory. Pi4 introduces 4GB RAM, USB 3.0 and Gigabit Ethernet.

        Most importantly for our purposes, the USB 3.0 (and 2.0) chip is attached via the PCI Express interface – that means, if we were to remove it, we can gain access to the underlying bus. So, without further ado, the sacrificial goat.. uhm, chip.

      • Modder Connects External PCIe To Raspberry Pi 4

        Raspberry Pi is a low-cost computer designed for tech enthusiasts, students, and engineers who wish to make extreme use of limited hardware. Just two weeks ago, the Raspberry Pi 4 was unveiled, which caught the attention of technology enthusiasts.

        The latest version of Raspberry Pi is a big improvement over the previous version despite its faulty USB-C port design. It relies on PCI Express for USB chips. However, there isn’t any provision to connect external devices on the Raspberry Pi 4.

      • AAEON Launches BOXER-8150AI Compact Embedded Box PC Features 8 USB 3.0 Ports

        The BOXER-8150AI is able to support up to eight USB connected cameras or devices, each operating independently of one another.

      • Mobile Systems/Mobile Applications

    • Free, Libre, and Open Source Software

      • Events

        • Felipe Borges: Newcomers workshop @ GUADEC 2019

          This year’s GUADEC is approaching and I can already feel people’s excitement while talking about our annual conference. It is important that we benefit from having so many GNOMies together in the same location to help the next generation to get started in our project. For this reason, we are planning a workshop during the first day of the BoFs (check our wiki page for more info).

          The Newcomers Workshop aims at helping newcomers solve their first Gitlab issue. Historically, Carlos Soriano has championed the initiative (thank Carlos when you see him) and I have participated, guiding dozens of people in the universities here in Brno. In the past, other community members were organizing the workshop all over the world. We plan to expand the initiative by having even more GNOME contributors organizing similar events at a local level.

        • Webinar – Multimodal OS: SUSE Linux Enterprise 15 Service Pack 1
        • Customize your Cloud Foundry UI through Stratos extension framework

          At the recent Cloud Foundry Summit in Philadephia, Troy Topnik of SUSE and Bo Yang of IBM discussed how to use the open source Stratos UI’s extension framework to add new features such as autoscaling policies, allowing users to view and query application metrics and scaling events in the Stratos application dashboard with a consistent user experience. This is a great opportunity to learn about how Stratos and how it can be easily customized for Cloud Foundry deployments.

        • Linux Plumbers Conference: Power Management and Thermal Control Microconference Accepted into 2019 Linux Plumbers Conference

          We are pleased to announce that the Power Management and Thermal Control Microconference has been accepted into the 2019 Linux Plumbers Conference! Power management and thermal control are important areas in the Linux ecosystem to help improve the environment of the planet. In recent years, computer systems have been becoming more and more complex and thermally challenged at the same time and the energy efficiency expectations regarding them have been growing. This trend is likely to continue in the foreseeable future and despite the progress made in the power-management and thermal-control problem space since the Linux Plumbers Conference last year. That progress includes, but is not limited to, the merging of the energy-aware scheduling patch series and CPU idle-time management improvements; there will be more work to do in those areas. This gathering will focus on continuing to have Linux meet the power-management and thermal-control challenge.

      • Web Browsers

        • Mozilla

          • AiC: Unbounded queues and lang design

            I have been thinking about how language feature development works in Rust. I wanted to write a post about what I see as one of the key problems: too much concurrency in our design process, without any kind of “back-pressure” to help keep the number of “open efforts” under control. This setup does enable us to get a lot of things done sometimes, but I believe it also leads to a number of problems.

            Although I don’t make any proposals in this post, I am basically advocating for changes to our process that can help us to stay focused on a few active things at a time. Basically, incorporating a notion of capacity such that, if we want to start something new, we either have to finish up with something or else find a way to grow our capacity.

          • Firefox 68 Released, This is What’s New

            Mozilla Firefox 68 has arrived with the usual boatload of bug fixes and betterments in tow.

            The latest update to the super-popular open-source web browser is also available as a new Extended Support Release (ESR) version.

            What’s new? Well, nothing that you’ll be screaming from the hills about (good or bad).

            Fans of Firefox’s Reader Mode feature will likely appreciate the addition “blackout shades”, a feature that (supposedly) turns the Firefox toolbar and Reader sidebar dark when the ‘dark’ contrast option is enabled.

            In my testing I found that while the sidebar does turn dark, the Firefox toolbar remains its usual colour.

          • Mike Hommey: Reproducing the Linux builds of Firefox 68

            Starting with Firefox 68, the Linux builds shipped by Mozilla should be reproducible (it is not currently automatically validated that it definitely is, but 68.0 is). These builds are optimized with Profile Guided Optimization, and the profile data was not kept and published until recently, which is why they weren’t reproducible until now.

            The following instructions require running Docker on a Linux host (this may or may not work on a non-Linux host, I don’t know what e.g. Docker for Mac does, and if the docker support in the mach command works with it). I’ll try to make them generic enough that they may apply to any subsequent release of Firefox.

          • Mozilla Releases Firefox 68 as the Next ESR Series with Cryptomining Protection

            Mozilla officially released today the Firefox 68 web browser for all supported platforms, including Linux, Mac, and Windows, making it an ESR (Extended Support Release) version.
            The popular open-source and cross-platform Firefox web browser from Mozilla has been updated to version 68.0, a major release that expands the dark mode in the reader view to make the controls, toolbars, and sidebars on windows dark too. Additionally, Firefox 68 introduces new cryptomining and fingerprinting protections to strict content blocking settings.

            Firefox 68 also improves add-on security and discovery by introducing a Recommended Extensions program in about:addons to help users easily find high quality and secure add-ons and themes, a new reporting feature in about:addons to let users quickly report security and performance issues with add-ons, and revamp the extensions dashboard in about:addons.

          • Dave Townsend: Please watch your character encodings

            I started writing this as a newsgroup post for one of Mozilla’s mailing lists, but it turned out to be too long and since this part was mainly aimed at folks who either didn’t know about or wanted a quick refresher on character encodings I decided to blog it instead. Please let me know if there are errors in here, I am by no means an expert on this stuff either and I do get caught out sometimes!

            Text is tricky. Unicode supports the notion of 1,114,112 distinct characters, slightly more than a byte of memory can hold. So to store a character we have to use a way of encoding its value into bytes in memory. A straightforward encoding would just use three bytes per character. But (roughly) the larger the character value the less often it is used, and memory is precious, so often variable length encodings are used. These will use fewer bytes in memory for characters earlier in the range at the cost of using a little more memory for the rarer characters. Common encodings include UTF-8 (one byte for ASCII characters, up to four bytes for other characters) and UTF-16 (two bytes for most characters, four bytes for less used ones).

            What does this mean?

          • Grizzly Browser Fuzzing Framework

            At Mozilla, we rely heavily on automation to increase our ability to fuzz Firefox and the components from which it is built. Our fuzzing team is constantly developing tools to help integrate new and existing capabilities into our workflow with a heavy emphasis on scaling. Today we would like to share Grizzly – a browser fuzzing framework that has enabled us to quickly and effectively deploy fuzzers at scale.

            Grizzly was designed to allow fuzzer developers to focus solely on writing fuzzers and not worry about the overhead of creating tools and scripts to run them. It was created as a platform for our team to run internal and external fuzzers in a common way using shared tools. It is cross-platform and supports running multiple instances in parallel.

      • SaaS/Back End

        • Cloudera Bucks an Industry Trend, Doubles Down on Open Source

          Hadoop wrangler Cloudera has bucked a trend to tighten control of open source code by protecting it under ever more restrictive licences, today announcing plans to go all-in on AGPL and Apache 2.0 licences, make closed licence components of its products open source, and double-down on its Apache Software Foundation (ASF) activity.

          The commitment by the US-based enterprise data specialist will extend to its forthcoming Cloudera Data Platform (CDP); the company’s much-awaited joint product with Hortonworks following last year’s $5.2 billion merger (which closed in January this year). Cloudera hopes to emulate Red Hat’s support-based commercial success it said.

      • Education

        • The SUSE Academic Program attracts new partners at the UCISA SSG Conference

          UCISA is the member-led professional body for digital practitioners within higher education in the UK. An open and inclusive network, UCISA uses their collective knowledge and expertise to help transform teaching, learning and research to ensure both operational efficiency and an excellent student experience (https://www.ucisa.ac.uk/about ). Most importantly, UCISA fosters an open community that collaborates and shares thinking, best practices and procedures that everyone in education can learn from.

          Hosted by the Support Services Group, the conference attracted IT support managers, service administrators, support analysts and many others. It was a good place to be for the SUSE Academic Program as the training offered is very interesting to IT staff and students. As a result, the technical training, curriculum and educational materials available through SUSE’ Academic Program were on display and over 20 new institutions enrolled as an academic partner. Our hope, is they will find our program useful in training their IT staff and equip the next generation of professionals with the skills to be highly employable.

      • Pseudo-Open Source (Openwashing)

        • Can You Have Open Source without True Partnership?

          Every company that sells enterprise technology has a long list of alliance partners. It’s the way the industry works. But if you spend time with partner executives and sales teams, as I do, you notice that some talk about partnering while others really and truly put energy into building relationships and joint solutions.

          At SUSE, we work very hard to be one of the latter. We’re committed to our partners and they in turn value our open open source approach to business the same way they value working with an independent organization that is motivated only by the success of its customers and partners. After all, partnering is at the roots of open source. It’s inherent in the word “community” and a part of our DNA at SUSE.

      • Programming/Development

        • Caktus Consulting Group: Book Review: Creating GUI Applications with wxPython

          I enjoyed working through the book Creating GUI Applications with wxPython by Michael Driscoll, learning various techniques for programming GUI applications in Python using wxPython.

          This book is not intended to be a beginners’ tutorial. The first chapter is titled “An Intro to wxPython,” but it’s very basic. I think anyone with a few simple wxPython apps under their belt would have no trouble with this book, but as a complete beginner to wxPython, I struggled a bit. Again, the book is not intended for complete beginners, so that’s my fault.

        • Python/matplotlib : Plotting an arc in 3D plot

          I’m trying to draw an arc that is tangent to Z axis, as shown in the figure below, using matplotlib.

          In this arc one end point O is fixed to the origin of a right-handed Euclidean space, which is tangent to Z axis and other end point P at any location in the space.

          C is the center of the arc in the x-y plane, θ is the angle between O and P on x-y plane, as shown in the next figure.

        • Build a Recommendation Engine With Collaborative Filtering

          Collaborative Filtering is the most common technique used when it comes to building intelligent recommender systems that can learn to give better recommendations as more information about users is collected.

          Most websites like Amazon, YouTube, and Netflix use collaborative filtering as a part of their sophisticated recommendation systems. You can use this technique to build recommenders that give suggestions to a user on the basis of the likes and dislikes of similar users.

        • Python’s Bokeh Library for Interactive Data Visualization
        • Creating custom user model and custom authentication in Django
        • How to create management commands in Django
        • How to send email from Python and Django using Office 365 [Ed: Today in Planet Python: How to make Python a part of Microsoft and its mass surveillance operations
        • Frankenstein JVM with flavour – jlink your own JVM with OpenJDK 11

          While you can find a lot of information regarding the Java “Project Jigsaw”, I could not really find a good example on “assembling” your own JVM. So I took a few minutes to figure that out. My usecase here is that someone would like to use Instana (non free tracing solution) which requires the java.instrument and jdk.attach module to be available. From an operations perspektive we do not want to ship the whole JDK in our production Docker Images, so we’ve to ship a modified JVM. Currently we base our images on the builds provided by AdoptOpenJDK.net, so my examples are based on those builds. You can just download and untar them to any directory to follow along.

        • KDE Craft Packager on macOS

          In Craft, to create a package, we can use craft –package after the compiling and the installing of a library or an application with given blueprint name.

          On macOS, MacDMGPackager is the packager used by Craft. The MacDylibBundleris used in MacDMGPackager to handle the dependencies.

          In this article, I’ll give a brief introduction of the two classes and the improvement which I’ve done for my GSoC project.

        • It is coming alive

          After digging for around a month and a half, I can finally do some selections with the Magnetic Lasso tool, which I wrote with utter laziness as I would say. Though it still demands a lot of work to be done, so it will be just polishing the existing code into perfection for the next one and half month.

        • Humble Book Bundle: Programmable Boards by Make Community

          If you are interested in learning more about programmable boards, such as Arduino, and are looking for a crash course, you can pick up much on the topic by not just reading about the topic but also doing some hands-on learning. You can do just that, along with paying very little to do so when you buy the Humble Book Bundle: Programmable Boards by Make Community. You’ll pay as little as $1 for books that explain getting started with IoT, Arduino projects, mBot, and more. You’ll get instruction and hands-on training in several areas. Buy the bundle and receive only the books you really need to learn more about programmable boards.

        • Building a computer – part 1

          Off-hand I think the most complex projects I’ve built have been complex in terms of software. For example I recently hooked up a 933Mhz radio-receiver to an ESP8266 device, then had to reverse engineer the protocol of the device I wanted to listen for. I recorded a radio-burst using an SDR dongle on my laptop, broke the transmission into 1 and 0 manually, worked out the payload and then ported that code to the ESP8266 device.

          Anyway I’ve decided I should do something more complex, I should build “a computer”. Going old-school I’m going to stick to what I know best the Z80 microprocessor. I started programming as a child with a ZX Spectrum which is built around a Z80.

          Initially I started with BASIC, later I moved on to assembly language mostly because I wanted to hack games for infinite lives. I suspect the reason I don’t play video-games so often these days is because I’m just not very good without cheating ;)

          Anyway the Z80 is a reasonably simple processor, available in a 40PIN DIP format. There are the obvious connectors for power, ground, and a clock-source to make the thing tick. After that there are pins for the address-bus, and pins for the data-bus. Wiring up a standalone Z80 seems to be pretty trivial.

        • Python Machine Learning Tutorial: Predicting Airbnb Prices
        • DevOps for introverted people
        • PSF GSoC students blogs: Week 5
        • PSF GSoC students blogs: Week 6
        • PSF GSoC students blogs: Coding week #6
        • Week 6 Check-In
        • Week 5 Check-In

          At the start of this week, I revisited the box-into-capsule test and re-implemented a different algorithm. Instead of representing the capsule as two hemispheres and a cylinder, my mentor suggested to see it as a line segment defined the by its two endpoints. So, the algorithm finds the closest point on the box to the line segment, and then tests for intersections accordingly.

        • `make -j5 kritaflake`

          At the end of June I finished copy-on-write vector layers. From the very beginning, I have been researching into possibilities to make kritaflake implicitly sharable. In that post I mentioned the way Sean Parent uses for Photoshop, and adapted it for the derived d-pointers in Flake.

        • Working With Dictionaries In Python

          Dictionaries in pythons are a collection of key value pairs. They are very similar to JSON data type in JavaScript. Dictionaries are indexed, they can be modified and they are no ordered. This makes it very flexible and useful. Since dictionary items can be accessed with keys instead of indexes, dictionaries are widely used in external data-driven programs and apps.

        • What is a golden image?

          If you’re in quality assurance, system administration, or (believe it or not) media production, you might have heard some variation of the term gold master, golden image, or master image, and so on. It’s a term that has made its way into the collective consciousness of anyone involved in creating one perfect model and then producing many duplicates from that mold. That’s what a gold master, or golden image, is: The virtual mold from which you cast your distributable models.

          In media production, the theory is that a crew works toward the gold master. This final product is one of a kind. It looks and sounds the best a movie or an album (or whatever it is) can possibly look and sound. Copies of this master image are made, compressed, and sent out to the eager public.

          In software, a similar idea is associated with the term. Once software has been compiled and tested and re-tested, the perfect build is declared gold. No further changes are allowed, and all distributable copies are generated from this master image (this used to actually mean something, back when software was distributed on CDs or DVDs).

    • Leftovers

      • Health/Nutrition

        • Vegan Food Manufacturers Sue State Over Unconstitutional Law Banning Them From Using Meat Words

          The lawsuit [PDF] points out lobbying efforts began prior to the 2019 legislative session, with representatives from the meat industry openly stating they wanted to “protect” cattle farmers “from having to compete” with non-animal products. They pointed to the reduced dairy revenue caused by the introduction of soy and almond milk into the marketplace as an example of the damage they wanted to avoid.

          None of these are good reasons for new laws, especially ones that prevent competitors from labeling their products in a way that makes them understandable and palatable to consumers. The ban extends to almost all commonly-used meat terms, blocking plant-based food creators from using terms like “meatless meatballs” or “vegan bacon.” The end result will be more customer confusion, not less, as those seeking vegan products will have very little information to work with when trying to replace meat products in their diets.

          As the lawsuit notes, the ban is both content- and speaker-based, giving it two Constitutional strikes right off the bat. In addition, it “creates confusion and misleading speech where none previously existed.” It carves a hole in the First Amendment on behalf of a favored industry, which is certainly not a “compelling government interest.” It replaces zero harm with actual harm, which is something legislators should never strive to do.

        • Mississippi Sued for Awful ‘Veggie Burger’ Ban

          Earlier this week the Institute for Justice (I.J.) filed a lawsuit in federal court in Mississippi seeking to overturn that state’s unconstitutional new restrictions on the use of certain common terms to identify a variety of plant-based foods.

          Mississippi’s law dictates that a “plant-based…food product shall not be labeled as meat or a meat food product.” While Mississippi claims the law is intended to clear up consumer confusion, it does nothing of the sort. “It doesn’t matter if the product also states on the label that it’s 100% vegan, plant-based or meatless,” Bloomberg News reports.

      • Security

        • Security updates for Wednesday

          Security updates have been issued by Debian (redis), Fedora (expat), Mageia (dosbox, irssi, microcode, and postgresql11), Red Hat (bind, dbus, openstack-ironic-inspector, openstack-tripleo-common, python-novajoin, and qemu-kvm-rhev), Scientific Linux (kernel), SUSE (kernel-firmware, libdlm, libqb, and libqb), and Ubuntu (apport).

        • Why CVSS does not equal risk: How to think about risk in your environment

          I’m going to come right out and say it: CVSS does NOT equal Risk (CVSS!=Risk). Anyone who thinks otherwise is mistaken and setting themselves up for more work, pain, and stress than they realistically should have to go through. A risk is a potential for loss or damage if a threat exploits a vulnerability (which is a weakness in hardware or software). We’ll talk more about all that momentarily.

          Common Vulnerability Scoring System (CVSS) is a toolset and methodology used by many of us in the industry (hardware/software manufacturers, maintainers, etc.) and security researchers to describe the relative severity of security vulnerabilities in a consistent, quantitative way. This data being represented results in a score ranging from lowest 0, to the highest of 10.

          Recently the FIRST CVSS SIG updated the released version 3.1 of the framework which is the point of reference for this post. I’d strongly encourage anyone that uses the framework, or is impacted by security flaws (typically documented with a Common Vulnerabilities and Exposures (CVE) entry) to read the updated procedures and guidance.

        • DANE OPENPGPKEY for debian.org

          I recently announced the publication of Web Key Directory for @debian.org e-mail addresses. This blog post announces another way to fetch OpenPGP certificates for @debian.org e-mail addresses, this time using only the DNS. These two mechanisms are complementary, not in competition. We want to make sure that whatever certificate lookup scheme your OpenPGP client supports, you will be able to find the appropriate certificate.

          The additional mechanism we’re now supporting (since a few days ago) is DANE OPENPGPKEY, specified in RFC 7929.

        • Voting Machine Makers Claim The Names Of The Entities That Own Them Are Trade Secrets

          This seems like very basic information — information the Board should know and should be able to pass on to the general public. After all, these are the makers of devices used by the public while electing their representatives. They should know who’s running these companies and who their majority stakeholders are. If something goes wrong (and something always does), they should know who’s ultimately responsible for the latest debacle.

          It’s not like the state was asking the manufacturers to cough up code and machine schematics. All it wanted to know is the people behind the company nameplates. But the responses the board received indicate voting system manufacturers believe releasing any info about their companies’ compositions will somehow compromise their market advantage.

          Hart Intercivic said letting the public know that the company is owned by H.I.G. Hart, LLC and Gregg L. Burt is a fact that would devalue the company if it were made public.

        • AMD’s SEV tech that protects cloud VMs from rogue servers may as well stand for… Still Extremely Vulnerable

          Five boffins from four US universities have explored AMD’s Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.

          In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, computer scientists Jan Werner (UNC Chapel Hill), Joshua Mason (University of Illinois), Manos Antonakakis (Georgia Tech), Michalis Polychronakis (Stony Brook University), and Fabian Monrose (UNC Chapel Hill) detail two novel attacks that can undo the privacy of protected processor enclaves.

          The paper, “The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves,” describes techniques that can be exploited by rogue cloud server administrators, or hypervisors hijacked by hackers, to figure out what applications are running within an SEV-protected guest virtual machine, even when its RAM is encrypted, and also extract or even inject data within those VMs.

      • Finance

        • Could Regulatory Backlash Entrench Facebook’s New Cryptocurrency Libra?

          Facebook’s new cryptocurrency Libra has garnered attention from lawmakers and consumer groups since it was announced last month. And it’s no wonder: with a wince-inducing history of data disclosure scandals, the Facebook brand has become synonymous with ineptitude at protecting privacy. They’re bringing that tarnished reputation to cryptocurrency, a field that has already attracted more than its fair share of bad actors that too often overshadow the blockchain innovators working to protect user rights. As Congress gears up to investigate this issue, we’re frankly worried. On top of our many concerns about the implications of Libra, there is a serious possibility that reactive legislation could further harm consumers.

          Poorly-crafted laws today could chill innovation tomorrow.

          We’ve criticized Facebook for years, and we share the concerns of regulators who want to ensure people’s privacy and rights are protected from Facebook’s abuses. But make no mistake: a disproportionate regulatory backlash to Libra could have dire consequences for Internet users. Legislation that tries to ban the publication of open source software, impose onerous licensing obligations on creators developing code, or which attempts to regulate non-custodial blockchain services as if they were banks will have a chilling effect on innovation in the space. The end result would be that the only companies able to navigate the complicated regulatory landscape are those with significant financial and legal resources. In other words, regulatory backlash today could serve to entrench Facebook’s role in the space rather than unseat it.

      • AstroTurf/Lobbying/Politics

        • The Darroch Affair

          I am amused when I hear the resignation of Kim Darroch mooted as an attack on an apolitical civil service. Darroch’s rise to the top of the FCO was in fact a startling example of the politicisation of the civil service – there is no doubt that his enthusiastic support for the Iraq War, and for every neo-con war of aggression since, is what endeared him so strongly to the people who make the decisions on the top posts (and do not believe the fiction that ministers have no influence on them).


          We just don’t know. But what I do know is that the idea that Darroch is an apolitical civil servant is a nonsense. I would remind you also that my objections to torture and extraordinary rendition were entirely in internal highly classified communications at the time the FCO first decided to try to move to sack me. I only leaked afterwards. So the idea that the FCO encourages honest and candid reporting is still more of the hypocritical nonsense being talked around Darroch’s resignation.

      • Privacy/Surveillance

        • Google employees are eavesdropping, even in Flemish living rooms, VRT NWS has discovered

          Google employees are systematically listening to audio files recorded by Google Home smart speakers and the Google Assistant smartphone app. Throughout the world – so also in Belgium and the Netherlands – people at Google listen to these audio files to improve Google’s search engine. VRT NWS was able to listen to more than a thousand recordings. Most of these recordings were made consciously, but Google also listens to conversations that should never have been recorded, some of which contain sensitive information.

        • Beware! Humans At Google Are ‘Listening’ To Your Google Assistant Voice Recordings

          When you use Google Assistant to get answers to your queries and perform daily tasks, not only the device is listening to your commands but Google contractors could also listen to your conversation with the Assistant. A report by Belgian broadcaster VRT News has revealed that recordings of Google Assistant on Home-branded speakers and smartphones are provided to actual humans who can listen to your audio clips.

          VRT News was able to listen to some of the audio recordings of Dutch and Belgian people and even discerned the addresses of some people from the recordings. The scariest part is that some of the conversations were recorded even when people did not trigger the Assistant by saying “Ok Google.”

        • Like Amazon, Google sends voice assistant recordings to contractors for transcription, including recordings made inadvertently

          After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app.

          The contractors who review Google voice assistant recordings say that they often screen audio from people who aren’t even talking to their Google devices: instead, the devices mishear conversations and mistake sound for their “wake-words.”

          The whistleblower told VRT that he transcribes 1,000 recordings per week in Flemish and Dutch, and that once, he transcribed a recording that appeared to capture a domestic violence incident.


          Tim Verheyden, a journalist with Belgian public broadcaster VRT, contacted the couple bearing a mysterious audio file. To their surprise, they clearly heard the voices of their son and baby grandchild—as captured by Google’s virtual assistant on a smartphone.

          Verheyden says he gained access to the file and more than 1,000 others from a Google contractor who is part of a worldwide workforce paid to review some audio captured by the assistant from devices including smart speakers, phones, and security cameras. One recording contained the couple’s address and other information suggesting they are grandparents.

          Most recordings reviewed by VRT, including the one referencing the Waasmunster couple, were intended; users asked for weather information or pornographic videos, for example. WIRED reviewed transcripts of the files shared by VRT, which published a report on its findings Wednesday. In roughly 150 of the recordings, the broadcaster says the assistant appears to have activated incorrectly after mishearing its wake word.

          Some of those captured fragments of phone calls and private conversations. They include announcements that someone needed the bathroom and what appeared to be discussions on personal topics, including a child’s growth rate, how a wound was healing, and someone’s love life.

          Google says it transcribes a fraction of audio from the assistant to improve its automated voice-processing technology. Yet the sensitive data in the recordings and instances of Google’s algorithms listening in unbidden make some people—including the worker who shared audio with VRT and some privacy experts—uncomfortable. Privacy scholars say Google’s practices may breach the European Union privacy rules known as GDPR introduced last year, which provide special protections for sensitive data such as medical information and require transparency about how personal data is collected and processed.

        • California’s Senate Judiciary Committee Blocks Efforts to Weaken California’s Privacy Law

          The California Senate Judiciary Committee heard five bills on Tuesday that EFF and other privacy advocates strongly opposed. These measures, backed by big business and the tech industry, would have eviscerated the California Consumer Privacy Act (CCPA), a landmark privacy law passed last year. We thank the Senate Judiciary Committee, in particular Chair Senator Hannah-Beth Jackson and the committee’s staff, for blocking efforts to weaken the state’s baseline privacy protections.

          Unfortunately, the California legislature failed to add much-needed additional protections to the CCPA this year when it blocked bills from California Senator Hannah-Beth Jackson and Assemblymember Buffy Wicks. These measures would have afforded consumers rights about how companies use their personal data, and increased their ability to exercise and enforce their rights under the CCPA. Worse, lawmakers advanced several bills that each would have weakened the CCPA on their own. Taken together, they would have significantly eroded this law, which is set to go into effect in January 2020.

          Thankfully, Senate Judiciary Committee members voted down A.B. 873, which privacy advocates opposed because it would have weakened the definition of “personal information” and undermined critical privacy protections in the CCPA.

          We are also pleased that Assemblymember Ken Cooley chose not to bring the most problematic of the privacy-eroding bills, A.B. 1416, up for a vote, and that it will not move forward this session. A.B. 1416 would have created an enormous loophole that would have allowed any company that sells or shares information to the government the ability to ignore your privacy rights. It faced strong opposition from privacy advocates and immigrant rights advocates.

        • Thinking Of Privacy As A Property Right Will End Badly

          We’ve talked for a while now about how we’re really bad at regulating privacy because most people don’t really understand privacy. People tend to think of it as “a thing.” But, it’s not. It’s a set of trade-offs that can change depending on who is involved, what the context is, and the terms of the trade-off. The example we’ve used many times is that of leaving your home to buy groceries. Doing so entails giving up some amount of privacy. Someone could see you. They might even see what’s in your shopping cart. But for most people, this trade-off is worth it. The “loss” of privacy here is minimal. The “damage” of someone seeing that you’re buying broccoli is not that big of a deal. But, for some people, the trade-off may be quite different. If you’re a movie star, for example, going into a grocery store may represent a huge burden and an impact on your privacy. Paparazzi may follow you around. Other customers may bug you. What you buy may be analyzed or mocked or worse. Other factors come into play as well, such as what it is that you’re buying. Vegetables might not be that big a deal. Other items may be a lot more revealing.

          That may be a fairly simple view of things, but it applies in lots of cases. Lots of decisions we make involve basic trade-offs regarding privacy. And part of the calculation that we all implicitly make involves a fairly straightforward cost-benefit analysis. Is the value we get from doing x greater than the potential privacy violation? And, of course, this is often made more difficult by the “cost” being one in which somewhat opaque probabilities come into play. Beyond the potential “cost” of such “private” information being revealed, what is the probability that such a revelation will lead to greater costs? For example, someone going into a drug store to buy condoms may represent a slight loss in privacy — but if that person is doing so to have an affair, then the “cost” might be the probability that the person’s partner becomes aware of such a purchase.

      • Freedom of Information/Freedom of the Press

        • Selling Out Julian Assange

          When Julian Assange was arrested at the Ecuadorian embassy in London in April, the country’s former left-wing president Rafael Correa knew who to blame. According to Correa, his successor Lenin Moreno — vice-president during Correa’s own presidency — “had sold Assange to the United States.” He accused the new president of having “displayed a pathological hatred” of the Wikileaks founder, after his website had revealed details of a corruption scandal involving Moreno’s family.

          Correa’s decision to grant Assange asylum in 2012 came at the height of Latin America’s Pink Tide, as progressive governments across the continent challenged US interference in the region. Assange’s arrest six and a half years later comes as the Latin American left is in open retreat, underscoring the rupture between Correa’s presidency and that of his party’s chosen successor. When Moreno secured electoral victory in 2017, the country seemed to be bucking the wider reactionary trend in the region. But upon taking office the new president quickly turned to the Right — implementing a conservative economic agenda that has seen poverty levels rising anew.

          To examine Ecuador’s approach to the Assange case and how its position has evolved over the last seven years, Eoghan Gilmartin and Tommy Greene sat down with Txema Guijarro. Currently an MP for Spain’s radical-left Podemos party, Guijarro previously worked as an advisor to the Ecuadorian Foreign Minister Ricardo Patiño. In 2012, he spent several months in London charged with organizing Assange’s asylum, before being sent to Moscow the following year to facilitate Edward Snowden’s abortive efforts to reach Latin America. As he tells Jacobin, Moreno’s opposition to Assange’s asylum pre-dates his presidency and was already evident as early as 2012.

      • Civil Rights/Policing

        • At ‘Kids In Cages’ Congressional Hearing, Mother And Human Rights Advocates Share Stories Of Cruelty At The Border

          Yazmin Juarez, who fled Guatemala and was held in detention at a facility in Dilley, Texas, where her baby contracted a severe respiratory illness that led to her death, testified before the House Committee on Oversight and Reform.

          The hearing was titled, “Kids In Cages: Inhumane Treatment at the Border,” and Texas Republican Representative Chip Roy objected, indicating he was “frustrated.”

          “It’s setting a tone that doesn’t allow us to come together to address this difficult problem in a way that is befitting of the United States and our welcoming nature as a country,” Roy complained.

          He added, “To this day, I have never seen a kid in a cage the way those words seem to indicate it.”

          On July 8, it was reported migrant children released from custody created drawings of themselves in cages. They were from children at the Catholic Charities Humanitarian Respite Center in McAllen, Texas, and were drawn after they were asked to depict their time in detention.

          The Associated Press reported on June 18, 2018, that children were held in cages in an old warehouse in McAllen, Texas. “Hundreds of children” were in a “series of cages created by metal fencing,” and “one cage had 20 children inside.”

        • Indonesian Court Convicts Woman Of Criminal Defamation For Recording Her Boss Trying To Harass Her Into An Affair With Him

          To be fair, we have to consider the extremely unfair political/human rights atmosphere in Indonesia, where women are expected to put up with sexual harassment and sexual assault if they expect to hold onto their jobs. And this definitely is a case of prosecutorial discretion — a case in which prosecutors decided to press charges against the person who recorded evidence of workplace harassment, rather than the government employee who harassed her.

          This recording was shared with others, who then shared it with other people. Once enough people had heard it, the asshole known only by the name “Muslim” decided to file a complaint. This prosecution for criminal defamation — that is, Muslim claimed he was defamed by a recording of him saying and doing harassing things — has led to a six month jail sentence and a $35,000 fine. If the fine isn’t paid, it’s two more months in jail for the harassment victim.

          But let’s not get carried away with feeling better about living in an open society like ours in the US of A, land of the free and begrudging proponent of civil rights. We hear a lot of talk here about “prosecutorial discretion,” especially when bad laws are being written, passed, or enforced. Our prosecutors tend to believe they’re tough but fair and possessors of hearts of gold, but we looooove to punish victims just as much as more “backwards” societies.

        • Appeals Court Affirms: Trump Can’t Block Followers On Social Media

          A little over a year ago, we wrote about the district court ruling saying that it’s unconstitutional for the President to block followers on social media. The case was pretty interesting, raising questions about what counts as a “designated public forum” online. As we noted at the time, plenty of people were likely to misinterpret this ruling to mean that social media sites themselves were “public forums” and therefore had to abide by the 1st Amendment — though one might hope that the Supreme Court’s pretty clear ruling suggesting that social media sites are not in any way public forums would put a rest to that argument (spoiler alert: it won’t).

          Either way, the Trump administration appealed the lower court ruling and earlier this week, the 2nd Circuit affirmed the lower court ruling and agreed that it was a 1st Amendment violation for Trump to block followers. Once again, the legal specifics here are a bit in the weeds, and as Ken White noted in a tweet, it would have been nice if the ruling was more careful and more clear in dealing with the various complicated concepts at play. On that front, it failed. Overall, though, the ruling is the right decision — it just would have been nice if the judges had been more careful in explaining it.

          The key point, though, is that if (1) a public official is (2) using social media (3) for official purposes (4) to create a space of open dialogue (and all four of those factors are met) then they cannot block people from following them based on the views those users express, as it violates the 1st Amendment. The court is explicit that this ruling has nothing to do with whether or not private companies are bound by the 1st Amendment (because they are not):

      • Internet Policy/Net Neutrality

        • Amazon Jumps Into The Satellite Broadband Game

          We’ve long noted that you wouldn’t see net neutrality or privacy violations in the broadband sector if there was more competition. Historically however, entrenched companies like AT&T, Comcast, and Verizon have spent millions upon millions of dollars preventing that from happening. They quite enjoy the current paradigm of limited competition, and with state and federal regulatory capture they face absolutely no penalty for sky high prices and abysmal service in most markets. And as the late 90s and early aughts made pretty clear, they’re extremely good at crushing smaller companies that try to disrupt the space.


          And it should be pretty clear that companies like AT&T, Verizon, and Comcast will be working tirelessly behind the scenes to throw up hurdles at every opportunity in a bid to ensure these alternatives never threaten their geographical monopolies. So while it’s OK to be somewhat excited about these new efforts, you may want to temper your enthusiasm until you see a viable, working product. And oh, this is all before we get to the problems of space junk and the impact on astronomy.

      • Monopolies

        • Copyrights

          • Prenda’s John Steele Gets 5 Years In Prison; Insists He’s Really, Really, Really Sorry

            The Judge had already order Hansmeier to pay back $1.5 million, and now put that on Steele too, making the two of them “jointly and severally liable” — effectively meaning that the two of them together need to figure out how to come up with that cash to pay back.

            Given how vocal and how adamant (and, frankly, how sleazy and confident he was that he could talk his way out of any mess) Steele was over the years, consider me not totally convinced that he’s really had a change of heart. It would be great if that were true, but it’s going to take more than a single performance in court to convince most of us. Either way, five years in prison is still a significant prison sentence. And, now, it appears we can finally close the books on Prenda.

          • Life-Altering Copyright Lawsuits Could Come to Regular Internet Users Under a New Law Moving in the Senate

            The Senate Judiciary Committee intends to vote on the CASE Act, legislation that would create a brand new quasi-court for copyright infringement claims. We have expressed numerous concerns with the legislation, and serious problems inherent with the bill have not been remedied by Congress before moving it forward. In short, the bill would supercharge a “copyright troll” industry dedicated to filing as many “small claims” on as many Internet users as possible in order to make money through the bill’s statutory damages provisions. Every single person who uses the Internet and regularly interacts with copyrighted works (that’s everyone) should contact their Senators to oppose this bill.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts