Bonum Certa Men Certa

Links 11/7/2019: Cockpit 198, Librem Updates



  • GNU/Linux

    • Desktop

      • Chrome OS launcher function to search for Linux app installs postponed

        A bug for this functionality was opened back in January, with this description: “Add APT search into Chrome OS App Launcher, so that not installed Linux packages and Apps can be searched for and installed via the App launcher.”

        Essentially if you want to search for a Linux app that you didn’t have installed on your Chromebook, you would be able to do that directly in the Chrome OS launcher.

        Clicking on the appropriate result would then download the Linux app package and presumably start the installation process in a best-case scenario. A worst-case option would be to have the package downloaded and then use the Chrome OS Files app to install it, which is the current process.

    • Server

      • IBM

        • Cloud-Native CI/CD with OpenShift Pipelines

          With Red Hat OpenShift 4.1, we are proud to release the developer preview of OpenShift Pipelines to enable creation of cloud-native Kubernetes-style continuous integration and continuous delivery (CI/CD) pipelines based on the Tekton project.

          [...]

          OpenShift Pipelines allows teams to build, test and deploy their applications using cloud-native pipelines and take control of their application lifecycle.

          Kubernetes style pipelines: Create pipelines using standard Kubernetes CRDs that are portable across Kubernetes distributions.

          Runs serverless: Create and run pipelines, period. No CI/CD server to manage and maintain.

          Deploy to multiple platforms: Your pipelines run on Kubernetes, but you can deploy to many Kubernetes, VMs and serverless platforms from the pipeline.

          Build images with Kubernetes tools: You can use the build tool of your choice for building images. Source-to-Image (S2I), Buildah and Dockerfiles, Jib, Kaniko and more.

          Developer tools: Command-line tool to interact with the pipelines in addition to integrations with OpenShift developer console and IDE plugins.

        • Will rolling into IBM be the end of Red Hat?

          IBM's acquisition of Red Hat for $34 billion is now a done deal, and statements from the leadership of both companies sound extremely promising. But some in the Linux users have expressed concern.

    • Audiocasts/Shows

    • Kernel Space

      • Linux Kernel 5.2 released, here is what’s new

        Despite the busy schedule of Linus Torvalds, we’re still getting a significant release in Linux Kernel 5.2 instead of just a release candidate.

        In the original news source, the king of the Linux world, Linus Torvalds, has claimed that he was possibly going to drop another release candidate as he was having internet problems for a few days and then got busy with his travels. Luckily, Linus didn’t stick to his plan owing to the lack of pull requests since rc7 and the fact that there seemed to be no real need for another release candidate. Thus, the announcement was made for the release of Linux Kernel 5.2, codenamed Bobtail Squid.

        [...]

        The key highlights of this release are new drivers, extended hardware support, performance improvements, and security fixes. However, Linux Kernel 5.2 is a mainline version, which is usually not suitable for mass deployments. Accordingly, FOSSLinux suggests its readers wait for Linux Kernel 5.2.1 to drop before upgrading their kernels.

      • Linux's Perf Subsystem Begins Prepping For Snow Ridge, Other New Intel Hardware Support

        Snow Ridge is the SoC Intel announced last December as a 10nm product intended for 5G products. With the in-development Linux 5.3 kernel is initial "perf" subsystem support for Snow Ridge.

        The perf subsystem support for the Snow Ridge bring-up has uncore support so far. There is also a number of PMU/uncore driver updates for Intel's Icelake, Kabylake, Amberlake, and Whiskeylake processors.

      • Linux 5.3 Continues Advancing Intel's Sound Open Firmware

        Linux sound subsystem maintainer Takashi Iwai sent in the big set of audio driver changes for Linux 5.3.

        Linux 5.3 is continuing where Linux 5.2 left off when it added a lot of their Sound Open Firmware kernel code that has been in development for over one year as the Intel-led effort for having open-source audio DSP firmware and SDK. Sound Open Firmware is used by the newest and future Google Chromebooks among other use-cases to come about.

      • Linux 5.3 Picks Up Utilization Clamping - Ensuring GUI Threads Get Maximum Frequency

        The scheduler changes for the Linux 5.3 kernel are as busy as ever.

        One of the most interesting scheduler changes for Linux 5.3 was made by Arm's Patrick Bellasi. The addition is introducing utilization clamping support as an extension of their work on the Energy Aware Scheduling framework in order to boost some workloads while capping background workloads. Energy Aware Scheduling factors in the CPU topology of modern hardware -- particularly Arm big.LITTLE designs -- with differing power and performance characteristics in order to better schedule what CPU cores should be used for a given workload.

      • AMD Ryzen 3000 is experiencing problems with some Linux distributions

        Ryzen 3000 seems to have boot problems with the most modern Linux distributions. The problem affects all operating systems using a 2019 Linux distribution with Linux 5.0/5.1/5.2 kernels.

        This problem is now known to be related to the RdRand command. Remember that the previous Ryzen processors were also not friendly when they used the RNG hardware command, which caused problems on the platform. However, now with Zen2, this is even worse supported, and AMD has not yet officially detected the problem.

      • AMD Posts New CPUFreq Driver For CPPC Support With Zen 2 CPUs

        AMD Zen 2 CPUs support ACPI's Collaborative Processor Performance Control (CPPC) for tuning the system to energy and/or performance requirements. AMD has now published a new CPUfreq driver for handling their CPPC implementation and the new controls found with their new processors.

        The AMD CPPC support with Zen 2 desktop/server/mobile CPUs can be optionally enabled and allows setting min/maximum performance along with desired performance and other knobs for tuning via sysfs.

      • Linux Foundation

        • Linode Puts Powerful Nvidia GPUs In Its Linux Cloud

          Linode today launched new GPU-optimized cloud computing instances tailored specifically for developers and businesses requiring massive parallel computational power. The new instances are built on NVIDIA Quadro RTX 6000 GPU cards with all three major types of processing cores (CUDA, Tensor, and Real-Time Ray Tracing) available to users. Linode is one of the first cloud providers to deploy NVIDIA’s latest GPU architecture.

        • Linode Brings Commercial Grade GPUs to the Masses
        • Linode Brings Commercial Grade GPUs to the Masses

          Linode has launched new GPU-optimized cloud computing instances tailored specifically for developers and businesses requiring massive parallel computational power. These new GPU instances give scientists, artists, and engineers working on artificial intelligence, graphic visualization, and complex modeling a cost-competitive alternative to hyperscale cloud providers.

        • Linux Foundation and LF Networking Announce Keynote Highlights for Open Networking Summit Europe

          The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today announced the initial line-up of keynote speakers and panelists for Open Networking Summit Europe. The event takes place September 23-25 in Antwerp, Belgium.

          Open Networking Summit (ONS) is the industry’s premier open networking event, enabling collaborative development and innovation across enterprises, service providers and cloud providers. The event provides a platform for discussing the future of Open Networking, including how networking and adjacent technologies like 5G, SDN/NFV, VNF/CNF, Cloud Native Networking, Network Automation, Edge, AI, Access and IOT, Access & IoT services. Following 2018’s inaugural event outside of North America, ONS Europe 2019 continues to provide expanded opportunities for more individuals to share, learn and collaborate on these important and emerging technologies.

        • The Linux Foundation Breathes New Life into Osquery

          Anyone who has been tasked with monitoring the security of server instances in a data center or cloud knows how laborious and time-consuming it can be. Osquery, a project started by Facebook, aims to lessen this burden by reframing how developers engage with their infrastructures. DevOps professionals can use Osquery to expose an operating system as a high-performance relational database, making it possible to use SQL commands to access data about a system, just as they would for a database.

          Osquery works on Mac, Linux and Windows systems and is provided as an open source download via GitHub. Although Osquery was developed by Facebook to monitor and safeguard the security of its own platform, the social media giant quickly realized the utility of the platform would extend to other enterprises that depend upon insight into the low-level behavior of operating systems.

    • Applications

      • Syncthing 1.2.0 Released, Adds QUIC Transport Protocol

        Open source continuous file synchronization program syncthing 1.2.0 was released yesterday with new features, various bug-fixes, and enhancements.

      • Cockpit 198

        Cockpit has been restyled to match the PatternFly 4 User Interface design, including the Red Hat Text and Display fonts.

        This style refresh aligns Cockpit with other web user interfaces that use PatternFly, such as OpenShift 4.

        Over time, Cockpit will be ported to actually use PatternFly 4 widgets, but this restyle allows us to change Cockpit gradually.

      • The 10 Top GUI Tools for Linux System Administrators

        A Linux administrators task is to typically install, upgrade, and monitor a company’s software and hardware while maintaining the essential applications and functions which include security tools, emails, LANs, WANs, web servers, etc.

        Read Also: Top 26 Tools for VMware Administrators

        Linux is undoubtedly a force to reckon with in computing technology and most system administrators work on Linux machines. You might think you are damned to using the command-line to complete administrative tasks but that is far from the truth.

        Here are the 10 best GUI tools for Linux System Administrators.

      • Foliate ePub Reader Now Available Outside of Flathub

        I bring a welcome word to the bookworms amongst you wanting to try the Foliate eBook reader on Linux: it’s now available outside of Flathub.

        Foliate is a terrifically well-designed, well-built and well-featured GTK eBook reader for Linux desktop. The app supports the .epub format exclusively, a focus that enables it to deliver some first-rate user experience.

        But short of building it from source, the only way to install Foliate on Ubuntu has been via the Flatpak build on Flathub. While it’s relatively easy to set-up and install Flatpak on Ubuntu, some folks flatly don’t want to.

      • Proprietary

    • Instructionals/Technical

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • New unit tests for the new code

          today I want to present the test system for Cantor's worksheet. The worksheet is the most central, prominent and important part of the application where the most work is done.

          So, it is important to cover this part with enough tests to ensure the quality and stability of this component in future.

          At the moment, this system contains only ten tests and all of them cover the functionality for the import of Jupyter notebooks only that was added recently to Cantor (I have mentioned them in my first post). However, this test infrastructure is of generic nature and can easily be used for testing Cantor's own Cantor files, too.

        • Akademy 2019: Talk Schedule is out!

          On day one (Saturday, September 7), the teams that have been working on the community goals over the last two years will discuss how things worked out and what has been achieved (spoiler: a lot). As many of the procedures and processes developed for the goals have now been worked into the everyday ways the KDE community operates and builds things, it is time to look for new goals. That is precisely what will be happening next, when the panel unveils what the community has decided to work on in the next two years.

          Apart from goals, there will also be time for the bleeding-edge tech KDE is so well-known for. You will find out from Aleix Pol how developers managed to make a complex graphical environment like the Plasma desktop start up faster, and Marco Martin and Bhushan Shah will show us how Plasma can work everywhere, including on embedded devices. Taking things a step further still, Aditya Mehra will demonstrate how the open source Mycroft AI assistant can be the next great thing to assist you while you drive your car.

      • GNOME Desktop/GTK

        • A Merge Proposal to ‘Drop Snap Support’ from GNOME Software Hints at Deeper Divisions

          As you probably know, Ubuntu Software, the default software app Ubuntu ship with, is based on GNOME Software. It’s mostly the same app save for a few Snap-specific tweaks (which we’ve mentioned before) and shipping with the Snap plugin by default.

          In short, the “Snap” support it offers isn’t particularly egregious or wide-reaching.

          But word on the street is that Ubuntu is prepping a brand new app store exclusively tailored to Snap apps for use in a future release (but separate from the Snap’d Snap Store snap)

          This has made some devs who work on GNOME Software a little …twitchy.

          Kalev Lember, the dev behind the merge request to nuke the 4000 or so lines of Snap support in GNOME Software, explains:-

          “Ubuntu is switching to a new snap-store app for installing and removing snaps. This commit drops the snap backend from gnome-software to avoid maintenance overhead.”

          Reasonable. Why should they shoulder the burden of working around Snap-specific code if Ubuntu, the only distro making use of it, don’t plan to use it longterm?

    • Distributions

      • Reviews

        • OpenSUSE Leap 15.1 - A dream come untrue

          OpenSUSE Leap 15.1 is significantly better than the first edition. It fixes tons of the problems that the previous version had. But then, it still retains lots of problems and introduces some new ones. You get decent media and phone support, but it's not a perfect record. Network support is average, and overall, the hardware compatibility with the 2010 Pavilion machine is meh.

          The installer is no longer as awesome as it used to be, the package management is quite broken, and the system wasn't stable enough to be fun and enjoyable, before or after my tweaks. The Plasma desktop is sweet, and while SUSE does have tricks most other distros don't have, like YaST, BTRFS, Snapper and such, it feels raw and jumbled and hastily put together. There were too many rough edges and errors and application crashes for me to consider this for serious work. Alas, my dream of using openSUSE in my production setup was dashed once again. All in all, Leap 15.1 deserves something like 4/10, a far cry from the legend it used to be. Maybe, maybe one day. But hey, at the current rate, 15.2 might be quite all right. We shall see.

      • New Releases

        • Tumbleweed’s July Snapshots Are Trending Strong

          There have been a total of five openSUSE Tumbleweed snapshots since the beginning of July and all the snapshots have a strong, stable rating.

          The rolling release had the most updates arrive in the 20190702 snapshot. The packages update in that snapshot included Mesa 19.1.1 and Mesa-drivers 19.1.1 that had fixes for Intel ANV and AMD RADV driver as well as Nouveau and R300 Gallium3D drivers. The bzip2 file compression application fixed undefined behavior in the macros in version 1.0.7 and fixed a low impact Common Vulnerabilities and Exposures (CVE). The programing language package guilef was updated to version 2.2.5 and provided bootstrap optimization. Portability improvements were made in the library for encryption, decryption, signatures and password hashing with libsodium 1.0.18. A major release of the PulseAudio’s Volume Control package pavucontrol 4.0 was made; the new version dropped support for Gtk+ 2 and added more than a handful of new language translations.

          The most recent snapshot, 20190708, didn’t offer a changelog due to the server that the web app uses to produce the changelogs being upgraded to Leap 15.1. The changelog is expected to be included in the next snapshot that is released.

      • Screenshots/Screencasts

        • Clear Linux with Gnome 3.32

          Today we are looking at a newish distro that is quickly improving and according to many podcasts and blogs it might become one of the major Linux distros soon as it has many interesting features, but it isn't perfect yet.

          There are many pros to look at, firstly it is Intel's Linux distro, so it has great financial backing and support. Ikey Doherty, the guy who started Solus OS is part of the developing team of Clear Linux, as we all know he is no longer part of Solus, but he is a great developer for Clear Linux.

          It is an independently based distro, so not build on one of the major distros like Debian or Arch. It uses the Gnome Desktop Environment and it uses Gnome Software Center 3.30 as Software Store. It uses Gnome 3.32 and Linux Kernel 5.1 and uses about 1.1GB of ram when idling.

          The only downside of it is, that the installer is still a work in progress and a person can only install it on real hardware, not in Virtual Machines, that is the desktop version, so I made this video by using the live session, rest assured that my host system is Linux as well, so I would really like to see that they will enable us to install it on VirtualBox as well. The ISO comes in a compressed package which a person needs to extract to use the ISO.

        • Clear Linux OS with Gnome 3.32 Run Throughclear os lms
      • Fedora Family

        • The State Of EPEL-8 For Complementing RHEL8's Packages

          Under the Fedora umbrella has been the "Extra Packages for Enterprise Linux" to complement the official RHEL packages with extra packages largely based on Fedora packages. While RHEL 8.0 launched in May, there hasn't been full support for EPEL-8 yet but it's being worked on.

          Due to the many changes from RHEL7 to RHEL8, the EPEL-8 support has been slow. The EPEL-8 bring-up is being done via a multi-phase roll-out.

        • Fedora Community Action and Impact Coordinator (FCAIC)

          I’ve decided to move on from my role as the Fedora Community Action and Impact Coordinator (FCAIC). This was not an easy decision to make. I am proud of the work I have done in Fedora over the last three years and I think I have helped the community move past many challenges. I could NEVER have done all of this without the support and assistance of the community!

          As some of you know, I have been covering for some other roles in Red Hat for almost the last year. Some of these tasks have led to some opportunities to take my career in a different direction. I am going to remain at Red Hat and on the same team with the same manager, but with a slightly expanded scope of duties. I will no longer be day-to-day on Fedora and will instead be in a consultative role as a Community Architect at Large. This is a fancy way of saying that I will be tackling helping lots of projects with various issues while also working on some specific strategic objectives.

      • Debian Family

        • Debian 10 "Buster" released

          The Debian community has announced the release of Debian 10 "Buster." Buster will be supported for the next five years. Buster ships with several desktop environments including, Cinnamon 3.8, GNOME 3.30, KDE Plasma 5.14, LXDE 0.99.2, LXQt 0.14, MATE 1.20, and Xfce 4.12. Buster supports a total of ten architectures, including 64-bit PC / Intel EM64T / x86-64 (amd64), 32-bit PC / Intel IA-32 (i386), 64-bit little-endian Motorola/IBM PowerPC (ppc64el), 64-bit IBM S/390 (s390x), ARMel, and more. Buster can be downloaded from the official Debian page.

    • Devices/Embedded

      • Arm-based SBC has PoE, WiFi/BT, and optional Sub-1GHz, 802.15.4, GPS, and LTE

        Gateworks’ headless “Ventana GW5910” SBC runs OpenWrt or Ubuntu on a dual-core i.MX6 and provides GbE with PoE, WiFi/BT, optional GPS, Sub-1GHz, and 2.4GHz radios, and dual mini-PCIe slots for further wireless expansion.

        Freescale’s i.MX6 was ahead of its time when it launched in 2011, and in the NXP era it it has continued to hold on in the embedded Linux market far longer and with greater dominance than any other processor. It’s only a matter of time before i.MX6-focused embedded vendors like Gateworks move on to the i.MX8 or other SoCs, but in the meantime there’s something to be said for working with a consistent SoC and platform/software platform rather than starting from scratch every few years.

      • real-time software Linux embedded computing

        Wind River Systems in Alameda, Calif., is introducing enhancements to the Wind River Linux software to ease adoption of containers in embedded computing systems.

        Enhancements provide resources such as pre-built containers, tools, and documentation, and support for frameworks such as Docker and Kubernetes.

        Embedded devices in industrial, medical equipment, and automotive systems, can require lightweight, reliable software with long life cycles. Existing container technologies like those in enterprise Linux, are often bloated or require updates too frequently to run effectively on these embedded systems.

      • Raspberry Pi 4 B+ - PCI Express

        Without much exaggeration, the new Raspberry Pi is likely the largest single-step improvement on the Pi family since the early changes of the form factor. Although Pi3 introduced 64bit capability, it's been pretty limited in practice due to lack of memory. Pi4 introduces 4GB RAM, USB 3.0 and Gigabit Ethernet.

        Most importantly for our purposes, the USB 3.0 (and 2.0) chip is attached via the PCI Express interface - that means, if we were to remove it, we can gain access to the underlying bus. So, without further ado, the sacrificial goat.. uhm, chip.

      • Modder Connects External PCIe To Raspberry Pi 4

        Raspberry Pi is a low-cost computer designed for tech enthusiasts, students, and engineers who wish to make extreme use of limited hardware. Just two weeks ago, the Raspberry Pi 4 was unveiled, which caught the attention of technology enthusiasts.

        The latest version of Raspberry Pi is a big improvement over the previous version despite its faulty USB-C port design. It relies on PCI Express for USB chips. However, there isn’t any provision to connect external devices on the Raspberry Pi 4.

      • AAEON Launches BOXER-8150AI Compact Embedded Box PC Features 8 USB 3.0 Ports

        The BOXER-8150AI is able to support up to eight USB connected cameras or devices, each operating independently of one another.

      • Mobile Systems/Mobile Applications

    • Free, Libre, and Open Source Software

      • Events

        • Felipe Borges: Newcomers workshop @ GUADEC 2019

          This year’s GUADEC is approaching and I can already feel people’s excitement while talking about our annual conference. It is important that we benefit from having so many GNOMies together in the same location to help the next generation to get started in our project. For this reason, we are planning a workshop during the first day of the BoFs (check our wiki page for more info).

          The Newcomers Workshop aims at helping newcomers solve their first Gitlab issue. Historically, Carlos Soriano has championed the initiative (thank Carlos when you see him) and I have participated, guiding dozens of people in the universities here in Brno. In the past, other community members were organizing the workshop all over the world. We plan to expand the initiative by having even more GNOME contributors organizing similar events at a local level.

        • Webinar – Multimodal OS: SUSE Linux Enterprise 15 Service Pack 1
        • Customize your Cloud Foundry UI through Stratos extension framework

          At the recent Cloud Foundry Summit in Philadephia, Troy Topnik of SUSE and Bo Yang of IBM discussed how to use the open source Stratos UI’s extension framework to add new features such as autoscaling policies, allowing users to view and query application metrics and scaling events in the Stratos application dashboard with a consistent user experience. This is a great opportunity to learn about how Stratos and how it can be easily customized for Cloud Foundry deployments.

        • Linux Plumbers Conference: Power Management and Thermal Control Microconference Accepted into 2019 Linux Plumbers Conference

          We are pleased to announce that the Power Management and Thermal Control Microconference has been accepted into the 2019 Linux Plumbers Conference! Power management and thermal control are important areas in the Linux ecosystem to help improve the environment of the planet. In recent years, computer systems have been becoming more and more complex and thermally challenged at the same time and the energy efficiency expectations regarding them have been growing. This trend is likely to continue in the foreseeable future and despite the progress made in the power-management and thermal-control problem space since the Linux Plumbers Conference last year. That progress includes, but is not limited to, the merging of the energy-aware scheduling patch series and CPU idle-time management improvements; there will be more work to do in those areas. This gathering will focus on continuing to have Linux meet the power-management and thermal-control challenge.

      • Web Browsers

        • Mozilla

          • AiC: Unbounded queues and lang design

            I have been thinking about how language feature development works in Rust. I wanted to write a post about what I see as one of the key problems: too much concurrency in our design process, without any kind of “back-pressure” to help keep the number of “open efforts” under control. This setup does enable us to get a lot of things done sometimes, but I believe it also leads to a number of problems.

            Although I don’t make any proposals in this post, I am basically advocating for changes to our process that can help us to stay focused on a few active things at a time. Basically, incorporating a notion of capacity such that, if we want to start something new, we either have to finish up with something or else find a way to grow our capacity.

          • Firefox 68 Released, This is What’s New

            Mozilla Firefox 68 has arrived with the usual boatload of bug fixes and betterments in tow.

            The latest update to the super-popular open-source web browser is also available as a new Extended Support Release (ESR) version.

            What’s new? Well, nothing that you’ll be screaming from the hills about (good or bad).

            Fans of Firefox’s Reader Mode feature will likely appreciate the addition “blackout shades”, a feature that (supposedly) turns the Firefox toolbar and Reader sidebar dark when the ‘dark’ contrast option is enabled.

            In my testing I found that while the sidebar does turn dark, the Firefox toolbar remains its usual colour.

          • Mike Hommey: Reproducing the Linux builds of Firefox 68

            Starting with Firefox 68, the Linux builds shipped by Mozilla should be reproducible (it is not currently automatically validated that it definitely is, but 68.0 is). These builds are optimized with Profile Guided Optimization, and the profile data was not kept and published until recently, which is why they weren’t reproducible until now.

            The following instructions require running Docker on a Linux host (this may or may not work on a non-Linux host, I don’t know what e.g. Docker for Mac does, and if the docker support in the mach command works with it). I’ll try to make them generic enough that they may apply to any subsequent release of Firefox.

          • Mozilla Releases Firefox 68 as the Next ESR Series with Cryptomining Protection

            Mozilla officially released today the Firefox 68 web browser for all supported platforms, including Linux, Mac, and Windows, making it an ESR (Extended Support Release) version. The popular open-source and cross-platform Firefox web browser from Mozilla has been updated to version 68.0, a major release that expands the dark mode in the reader view to make the controls, toolbars, and sidebars on windows dark too. Additionally, Firefox 68 introduces new cryptomining and fingerprinting protections to strict content blocking settings.

            Firefox 68 also improves add-on security and discovery by introducing a Recommended Extensions program in about:addons to help users easily find high quality and secure add-ons and themes, a new reporting feature in about:addons to let users quickly report security and performance issues with add-ons, and revamp the extensions dashboard in about:addons.

          • Dave Townsend: Please watch your character encodings

            I started writing this as a newsgroup post for one of Mozilla’s mailing lists, but it turned out to be too long and since this part was mainly aimed at folks who either didn’t know about or wanted a quick refresher on character encodings I decided to blog it instead. Please let me know if there are errors in here, I am by no means an expert on this stuff either and I do get caught out sometimes!

            Text is tricky. Unicode supports the notion of 1,114,112 distinct characters, slightly more than a byte of memory can hold. So to store a character we have to use a way of encoding its value into bytes in memory. A straightforward encoding would just use three bytes per character. But (roughly) the larger the character value the less often it is used, and memory is precious, so often variable length encodings are used. These will use fewer bytes in memory for characters earlier in the range at the cost of using a little more memory for the rarer characters. Common encodings include UTF-8 (one byte for ASCII characters, up to four bytes for other characters) and UTF-16 (two bytes for most characters, four bytes for less used ones).

            What does this mean?

          • Grizzly Browser Fuzzing Framework

            At Mozilla, we rely heavily on automation to increase our ability to fuzz Firefox and the components from which it is built. Our fuzzing team is constantly developing tools to help integrate new and existing capabilities into our workflow with a heavy emphasis on scaling. Today we would like to share Grizzly – a browser fuzzing framework that has enabled us to quickly and effectively deploy fuzzers at scale.

            Grizzly was designed to allow fuzzer developers to focus solely on writing fuzzers and not worry about the overhead of creating tools and scripts to run them. It was created as a platform for our team to run internal and external fuzzers in a common way using shared tools. It is cross-platform and supports running multiple instances in parallel.

      • SaaS/Back End

        • Cloudera Bucks an Industry Trend, Doubles Down on Open Source

          Hadoop wrangler Cloudera has bucked a trend to tighten control of open source code by protecting it under ever more restrictive licences, today announcing plans to go all-in on AGPL and Apache 2.0 licences, make closed licence components of its products open source, and double-down on its Apache Software Foundation (ASF) activity.

          The commitment by the US-based enterprise data specialist will extend to its forthcoming Cloudera Data Platform (CDP); the company’s much-awaited joint product with Hortonworks following last year’s $5.2 billion merger (which closed in January this year). Cloudera hopes to emulate Red Hat’s support-based commercial success it said.

      • Education

        • The SUSE Academic Program attracts new partners at the UCISA SSG Conference

          UCISA is the member-led professional body for digital practitioners within higher education in the UK. An open and inclusive network, UCISA uses their collective knowledge and expertise to help transform teaching, learning and research to ensure both operational efficiency and an excellent student experience (https://www.ucisa.ac.uk/about ). Most importantly, UCISA fosters an open community that collaborates and shares thinking, best practices and procedures that everyone in education can learn from.

          Hosted by the Support Services Group, the conference attracted IT support managers, service administrators, support analysts and many others. It was a good place to be for the SUSE Academic Program as the training offered is very interesting to IT staff and students. As a result, the technical training, curriculum and educational materials available through SUSE’ Academic Program were on display and over 20 new institutions enrolled as an academic partner. Our hope, is they will find our program useful in training their IT staff and equip the next generation of professionals with the skills to be highly employable.

      • Pseudo-Open Source (Openwashing)

        • Can You Have Open Source without True Partnership?

          Every company that sells enterprise technology has a long list of alliance partners. It’s the way the industry works. But if you spend time with partner executives and sales teams, as I do, you notice that some talk about partnering while others really and truly put energy into building relationships and joint solutions.

          At SUSE, we work very hard to be one of the latter. We’re committed to our partners and they in turn value our open open source approach to business the same way they value working with an independent organization that is motivated only by the success of its customers and partners. After all, partnering is at the roots of open source. It’s inherent in the word “community” and a part of our DNA at SUSE.

      • Programming/Development

        • Caktus Consulting Group: Book Review: Creating GUI Applications with wxPython

          I enjoyed working through the book Creating GUI Applications with wxPython by Michael Driscoll, learning various techniques for programming GUI applications in Python using wxPython.

          This book is not intended to be a beginners' tutorial. The first chapter is titled "An Intro to wxPython," but it's very basic. I think anyone with a few simple wxPython apps under their belt would have no trouble with this book, but as a complete beginner to wxPython, I struggled a bit. Again, the book is not intended for complete beginners, so that's my fault.

        • Python/matplotlib : Plotting an arc in 3D plot

          I'm trying to draw an arc that is tangent to Z axis, as shown in the figure below, using matplotlib.

          In this arc one end point O is fixed to the origin of a right-handed Euclidean space, which is tangent to Z axis and other end point P at any location in the space.

          C is the center of the arc in the x-y plane, θ is the angle between O and P on x-y plane, as shown in the next figure.

        • Build a Recommendation Engine With Collaborative Filtering

          Collaborative Filtering is the most common technique used when it comes to building intelligent recommender systems that can learn to give better recommendations as more information about users is collected.

          Most websites like Amazon, YouTube, and Netflix use collaborative filtering as a part of their sophisticated recommendation systems. You can use this technique to build recommenders that give suggestions to a user on the basis of the likes and dislikes of similar users.

        • Python's Bokeh Library for Interactive Data Visualization
        • Creating custom user model and custom authentication in Django
        • How to create management commands in Django
        • How to send email from Python and Django using Office 365 [Ed: Today in Planet Python: How to make Python a part of Microsoft and its mass surveillance operations
        • Frankenstein JVM with flavour - jlink your own JVM with OpenJDK 11

          While you can find a lot of information regarding the Java "Project Jigsaw", I could not really find a good example on "assembling" your own JVM. So I took a few minutes to figure that out. My usecase here is that someone would like to use Instana (non free tracing solution) which requires the java.instrument and jdk.attach module to be available. From an operations perspektive we do not want to ship the whole JDK in our production Docker Images, so we've to ship a modified JVM. Currently we base our images on the builds provided by AdoptOpenJDK.net, so my examples are based on those builds. You can just download and untar them to any directory to follow along.

        • KDE Craft Packager on macOS

          In Craft, to create a package, we can use craft --package after the compiling and the installing of a library or an application with given blueprint name.

          On macOS, MacDMGPackager is the packager used by Craft. The MacDylibBundleris used in MacDMGPackager to handle the dependencies.

          In this article, I’ll give a brief introduction of the two classes and the improvement which I’ve done for my GSoC project.

        • It is coming alive

          After digging for around a month and a half, I can finally do some selections with the Magnetic Lasso tool, which I wrote with utter laziness as I would say. Though it still demands a lot of work to be done, so it will be just polishing the existing code into perfection for the next one and half month.

        • Humble Book Bundle: Programmable Boards by Make Community

          If you are interested in learning more about programmable boards, such as Arduino, and are looking for a crash course, you can pick up much on the topic by not just reading about the topic but also doing some hands-on learning. You can do just that, along with paying very little to do so when you buy the Humble Book Bundle: Programmable Boards by Make Community. You’ll pay as little as $1 for books that explain getting started with IoT, Arduino projects, mBot, and more. You’ll get instruction and hands-on training in several areas. Buy the bundle and receive only the books you really need to learn more about programmable boards.

        • Building a computer - part 1

          Off-hand I think the most complex projects I've built have been complex in terms of software. For example I recently hooked up a 933Mhz radio-receiver to an ESP8266 device, then had to reverse engineer the protocol of the device I wanted to listen for. I recorded a radio-burst using an SDR dongle on my laptop, broke the transmission into 1 and 0 manually, worked out the payload and then ported that code to the ESP8266 device.

          Anyway I've decided I should do something more complex, I should build "a computer". Going old-school I'm going to stick to what I know best the Z80 microprocessor. I started programming as a child with a ZX Spectrum which is built around a Z80.

          Initially I started with BASIC, later I moved on to assembly language mostly because I wanted to hack games for infinite lives. I suspect the reason I don't play video-games so often these days is because I'm just not very good without cheating ;)

          Anyway the Z80 is a reasonably simple processor, available in a 40PIN DIP format. There are the obvious connectors for power, ground, and a clock-source to make the thing tick. After that there are pins for the address-bus, and pins for the data-bus. Wiring up a standalone Z80 seems to be pretty trivial.

        • Python Machine Learning Tutorial: Predicting Airbnb Prices
        • DevOps for introverted people
        • PSF GSoC students blogs: Week 5
        • PSF GSoC students blogs: Week 6
        • PSF GSoC students blogs: Coding week #6
        • Week 6 Check-In
        • Week 5 Check-In

          At the start of this week, I revisited the box-into-capsule test and re-implemented a different algorithm. Instead of representing the capsule as two hemispheres and a cylinder, my mentor suggested to see it as a line segment defined the by its two endpoints. So, the algorithm finds the closest point on the box to the line segment, and then tests for intersections accordingly.

        • `make -j5 kritaflake`

          At the end of June I finished copy-on-write vector layers. From the very beginning, I have been researching into possibilities to make kritaflake implicitly sharable. In that post I mentioned the way Sean Parent uses for Photoshop, and adapted it for the derived d-pointers in Flake.

        • Working With Dictionaries In Python

          Dictionaries in pythons are a collection of key value pairs. They are very similar to JSON data type in JavaScript. Dictionaries are indexed, they can be modified and they are no ordered. This makes it very flexible and useful. Since dictionary items can be accessed with keys instead of indexes, dictionaries are widely used in external data-driven programs and apps.

        • What is a golden image?

          If you’re in quality assurance, system administration, or (believe it or not) media production, you might have heard some variation of the term gold master, golden image, or master image, and so on. It’s a term that has made its way into the collective consciousness of anyone involved in creating one perfect model and then producing many duplicates from that mold. That’s what a gold master, or golden image, is: The virtual mold from which you cast your distributable models.

          In media production, the theory is that a crew works toward the gold master. This final product is one of a kind. It looks and sounds the best a movie or an album (or whatever it is) can possibly look and sound. Copies of this master image are made, compressed, and sent out to the eager public.

          In software, a similar idea is associated with the term. Once software has been compiled and tested and re-tested, the perfect build is declared gold. No further changes are allowed, and all distributable copies are generated from this master image (this used to actually mean something, back when software was distributed on CDs or DVDs).

    • Leftovers

      • Health/Nutrition

        • Vegan Food Manufacturers Sue State Over Unconstitutional Law Banning Them From Using Meat Words

          The lawsuit [PDF] points out lobbying efforts began prior to the 2019 legislative session, with representatives from the meat industry openly stating they wanted to "protect" cattle farmers "from having to compete" with non-animal products. They pointed to the reduced dairy revenue caused by the introduction of soy and almond milk into the marketplace as an example of the damage they wanted to avoid.

          None of these are good reasons for new laws, especially ones that prevent competitors from labeling their products in a way that makes them understandable and palatable to consumers. The ban extends to almost all commonly-used meat terms, blocking plant-based food creators from using terms like "meatless meatballs" or "vegan bacon." The end result will be more customer confusion, not less, as those seeking vegan products will have very little information to work with when trying to replace meat products in their diets.

          As the lawsuit notes, the ban is both content- and speaker-based, giving it two Constitutional strikes right off the bat. In addition, it "creates confusion and misleading speech where none previously existed." It carves a hole in the First Amendment on behalf of a favored industry, which is certainly not a "compelling government interest." It replaces zero harm with actual harm, which is something legislators should never strive to do.

        • Mississippi Sued for Awful 'Veggie Burger' Ban

          Earlier this week the Institute for Justice (I.J.) filed a lawsuit in federal court in Mississippi seeking to overturn that state's unconstitutional new restrictions on the use of certain common terms to identify a variety of plant-based foods.

          Mississippi's law dictates that a "plant-based…food product shall not be labeled as meat or a meat food product." While Mississippi claims the law is intended to clear up consumer confusion, it does nothing of the sort. "It doesn't matter if the product also states on the label that it's 100% vegan, plant-based or meatless," Bloomberg News reports.

      • Security

        • Security updates for Wednesday

          Security updates have been issued by Debian (redis), Fedora (expat), Mageia (dosbox, irssi, microcode, and postgresql11), Red Hat (bind, dbus, openstack-ironic-inspector, openstack-tripleo-common, python-novajoin, and qemu-kvm-rhev), Scientific Linux (kernel), SUSE (kernel-firmware, libdlm, libqb, and libqb), and Ubuntu (apport).

        • Why CVSS does not equal risk: How to think about risk in your environment

          I’m going to come right out and say it: CVSS does NOT equal Risk (CVSS!=Risk). Anyone who thinks otherwise is mistaken and setting themselves up for more work, pain, and stress than they realistically should have to go through. A risk is a potential for loss or damage if a threat exploits a vulnerability (which is a weakness in hardware or software). We’ll talk more about all that momentarily.

          Common Vulnerability Scoring System (CVSS) is a toolset and methodology used by many of us in the industry (hardware/software manufacturers, maintainers, etc.) and security researchers to describe the relative severity of security vulnerabilities in a consistent, quantitative way. This data being represented results in a score ranging from lowest 0, to the highest of 10.

          Recently the FIRST CVSS SIG updated the released version 3.1 of the framework which is the point of reference for this post. I'd strongly encourage anyone that uses the framework, or is impacted by security flaws (typically documented with a Common Vulnerabilities and Exposures (CVE) entry) to read the updated procedures and guidance.

        • DANE OPENPGPKEY for debian.org

          I recently announced the publication of Web Key Directory for @debian.org e-mail addresses. This blog post announces another way to fetch OpenPGP certificates for @debian.org e-mail addresses, this time using only the DNS. These two mechanisms are complementary, not in competition. We want to make sure that whatever certificate lookup scheme your OpenPGP client supports, you will be able to find the appropriate certificate.

          The additional mechanism we're now supporting (since a few days ago) is DANE OPENPGPKEY, specified in RFC 7929.

        • Voting Machine Makers Claim The Names Of The Entities That Own Them Are Trade Secrets

          This seems like very basic information -- information the Board should know and should be able to pass on to the general public. After all, these are the makers of devices used by the public while electing their representatives. They should know who's running these companies and who their majority stakeholders are. If something goes wrong (and something always does), they should know who's ultimately responsible for the latest debacle.

          It's not like the state was asking the manufacturers to cough up code and machine schematics. All it wanted to know is the people behind the company nameplates. But the responses the board received indicate voting system manufacturers believe releasing any info about their companies' compositions will somehow compromise their market advantage.

          Hart Intercivic said letting the public know that the company is owned by H.I.G. Hart, LLC and Gregg L. Burt is a fact that would devalue the company if it were made public.

        • AMD's SEV tech that protects cloud VMs from rogue servers may as well stand for... Still Extremely Vulnerable

          Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.

          In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, computer scientists Jan Werner (UNC Chapel Hill), Joshua Mason (University of Illinois), Manos Antonakakis (Georgia Tech), Michalis Polychronakis (Stony Brook University), and Fabian Monrose (UNC Chapel Hill) detail two novel attacks that can undo the privacy of protected processor enclaves.

          The paper, "The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves," describes techniques that can be exploited by rogue cloud server administrators, or hypervisors hijacked by hackers, to figure out what applications are running within an SEV-protected guest virtual machine, even when its RAM is encrypted, and also extract or even inject data within those VMs.

      • Finance

        • Could Regulatory Backlash Entrench Facebook’s New Cryptocurrency Libra?

          Facebook’s new cryptocurrency Libra has garnered attention from lawmakers and consumer groups since it was announced last month. And it’s no wonder: with a wince-inducing history of data disclosure scandals, the Facebook brand has become synonymous with ineptitude at protecting privacy. They’re bringing that tarnished reputation to cryptocurrency, a field that has already attracted more than its fair share of bad actors that too often overshadow the blockchain innovators working to protect user rights. As Congress gears up to investigate this issue, we’re frankly worried. On top of our many concerns about the implications of Libra, there is a serious possibility that reactive legislation could further harm consumers.

          Poorly-crafted laws today could chill innovation tomorrow.

          We’ve criticized Facebook for years, and we share the concerns of regulators who want to ensure people’s privacy and rights are protected from Facebook’s abuses. But make no mistake: a disproportionate regulatory backlash to Libra could have dire consequences for Internet users. Legislation that tries to ban the publication of open source software, impose onerous licensing obligations on creators developing code, or which attempts to regulate non-custodial blockchain services as if they were banks will have a chilling effect on innovation in the space. The end result would be that the only companies able to navigate the complicated regulatory landscape are those with significant financial and legal resources. In other words, regulatory backlash today could serve to entrench Facebook’s role in the space rather than unseat it.

      • AstroTurf/Lobbying/Politics

        • The Darroch Affair

          I am amused when I hear the resignation of Kim Darroch mooted as an attack on an apolitical civil service. Darroch’s rise to the top of the FCO was in fact a startling example of the politicisation of the civil service – there is no doubt that his enthusiastic support for the Iraq War, and for every neo-con war of aggression since, is what endeared him so strongly to the people who make the decisions on the top posts (and do not believe the fiction that ministers have no influence on them).

          [...]

          We just don’t know. But what I do know is that the idea that Darroch is an apolitical civil servant is a nonsense. I would remind you also that my objections to torture and extraordinary rendition were entirely in internal highly classified communications at the time the FCO first decided to try to move to sack me. I only leaked afterwards. So the idea that the FCO encourages honest and candid reporting is still more of the hypocritical nonsense being talked around Darroch’s resignation.

      • Privacy/Surveillance

        • Google employees are eavesdropping, even in Flemish living rooms, VRT NWS has discovered

          Google employees are systematically listening to audio files recorded by Google Home smart speakers and the Google Assistant smartphone app. Throughout the world – so also in Belgium and the Netherlands – people at Google listen to these audio files to improve Google’s search engine. VRT NWS was able to listen to more than a thousand recordings. Most of these recordings were made consciously, but Google also listens to conversations that should never have been recorded, some of which contain sensitive information.

        • Beware! Humans At Google Are ‘Listening’ To Your Google Assistant Voice Recordings

          When you use Google Assistant to get answers to your queries and perform daily tasks, not only the device is listening to your commands but Google contractors could also listen to your conversation with the Assistant. A report by Belgian broadcaster VRT News has revealed that recordings of Google Assistant on Home-branded speakers and smartphones are provided to actual humans who can listen to your audio clips.

          VRT News was able to listen to some of the audio recordings of Dutch and Belgian people and even discerned the addresses of some people from the recordings. The scariest part is that some of the conversations were recorded even when people did not trigger the Assistant by saying “Ok Google.”

        • Like Amazon, Google sends voice assistant recordings to contractors for transcription, including recordings made inadvertently

          After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app.

          The contractors who review Google voice assistant recordings say that they often screen audio from people who aren't even talking to their Google devices: instead, the devices mishear conversations and mistake sound for their "wake-words."

          The whistleblower told VRT that he transcribes 1,000 recordings per week in Flemish and Dutch, and that once, he transcribed a recording that appeared to capture a domestic violence incident.

        • WHO’S LISTENING WHEN YOU TALK TO YOUR GOOGLE ASSISTANT?

          Tim Verheyden, a journalist with Belgian public broadcaster VRT, contacted the couple bearing a mysterious audio file. To their surprise, they clearly heard the voices of their son and baby grandchild—as captured by Google’s virtual assistant on a smartphone.

          Verheyden says he gained access to the file and more than 1,000 others from a Google contractor who is part of a worldwide workforce paid to review some audio captured by the assistant from devices including smart speakers, phones, and security cameras. One recording contained the couple’s address and other information suggesting they are grandparents.

          Most recordings reviewed by VRT, including the one referencing the Waasmunster couple, were intended; users asked for weather information or pornographic videos, for example. WIRED reviewed transcripts of the files shared by VRT, which published a report on its findings Wednesday. In roughly 150 of the recordings, the broadcaster says the assistant appears to have activated incorrectly after mishearing its wake word.

          Some of those captured fragments of phone calls and private conversations. They include announcements that someone needed the bathroom and what appeared to be discussions on personal topics, including a child’s growth rate, how a wound was healing, and someone’s love life.

          Google says it transcribes a fraction of audio from the assistant to improve its automated voice-processing technology. Yet the sensitive data in the recordings and instances of Google’s algorithms listening in unbidden make some people—including the worker who shared audio with VRT and some privacy experts—uncomfortable. Privacy scholars say Google’s practices may breach the European Union privacy rules known as GDPR introduced last year, which provide special protections for sensitive data such as medical information and require transparency about how personal data is collected and processed.

        • California’s Senate Judiciary Committee Blocks Efforts to Weaken California’s Privacy Law

          The California Senate Judiciary Committee heard five bills on Tuesday that EFF and other privacy advocates strongly opposed. These measures, backed by big business and the tech industry, would have eviscerated the California Consumer Privacy Act (CCPA), a landmark privacy law passed last year. We thank the Senate Judiciary Committee, in particular Chair Senator Hannah-Beth Jackson and the committee’s staff, for blocking efforts to weaken the state's baseline privacy protections.

          Unfortunately, the California legislature failed to add much-needed additional protections to the CCPA this year when it blocked bills from California Senator Hannah-Beth Jackson and Assemblymember Buffy Wicks. These measures would have afforded consumers rights about how companies use their personal data, and increased their ability to exercise and enforce their rights under the CCPA. Worse, lawmakers advanced several bills that each would have weakened the CCPA on their own. Taken together, they would have significantly eroded this law, which is set to go into effect in January 2020.

          Thankfully, Senate Judiciary Committee members voted down A.B. 873, which privacy advocates opposed because it would have weakened the definition of “personal information” and undermined critical privacy protections in the CCPA.

          We are also pleased that Assemblymember Ken Cooley chose not to bring the most problematic of the privacy-eroding bills, A.B. 1416, up for a vote, and that it will not move forward this session. A.B. 1416 would have created an enormous loophole that would have allowed any company that sells or shares information to the government the ability to ignore your privacy rights. It faced strong opposition from privacy advocates and immigrant rights advocates.

        • Thinking Of Privacy As A Property Right Will End Badly

          We've talked for a while now about how we're really bad at regulating privacy because most people don't really understand privacy. People tend to think of it as "a thing." But, it's not. It's a set of trade-offs that can change depending on who is involved, what the context is, and the terms of the trade-off. The example we've used many times is that of leaving your home to buy groceries. Doing so entails giving up some amount of privacy. Someone could see you. They might even see what's in your shopping cart. But for most people, this trade-off is worth it. The "loss" of privacy here is minimal. The "damage" of someone seeing that you're buying broccoli is not that big of a deal. But, for some people, the trade-off may be quite different. If you're a movie star, for example, going into a grocery store may represent a huge burden and an impact on your privacy. Paparazzi may follow you around. Other customers may bug you. What you buy may be analyzed or mocked or worse. Other factors come into play as well, such as what it is that you're buying. Vegetables might not be that big a deal. Other items may be a lot more revealing.

          That may be a fairly simple view of things, but it applies in lots of cases. Lots of decisions we make involve basic trade-offs regarding privacy. And part of the calculation that we all implicitly make involves a fairly straightforward cost-benefit analysis. Is the value we get from doing x greater than the potential privacy violation? And, of course, this is often made more difficult by the "cost" being one in which somewhat opaque probabilities come into play. Beyond the potential "cost" of such "private" information being revealed, what is the probability that such a revelation will lead to greater costs? For example, someone going into a drug store to buy condoms may represent a slight loss in privacy -- but if that person is doing so to have an affair, then the "cost" might be the probability that the person's partner becomes aware of such a purchase.

      • Freedom of Information/Freedom of the Press

        • Selling Out Julian Assange

          When Julian Assange was arrested at the Ecuadorian embassy in London in April, the country’s former left-wing president Rafael Correa knew who to blame. According to Correa, his successor Lenin Moreno — vice-president during Correa’s own presidency — “had sold Assange to the United States.” He accused the new president of having “displayed a pathological hatred” of the Wikileaks founder, after his website had revealed details of a corruption scandal involving Moreno’s family.

          Correa’s decision to grant Assange asylum in 2012 came at the height of Latin America’s Pink Tide, as progressive governments across the continent challenged US interference in the region. Assange’s arrest six and a half years later comes as the Latin American left is in open retreat, underscoring the rupture between Correa’s presidency and that of his party’s chosen successor. When Moreno secured electoral victory in 2017, the country seemed to be bucking the wider reactionary trend in the region. But upon taking office the new president quickly turned to the Right — implementing a conservative economic agenda that has seen poverty levels rising anew.

          To examine Ecuador’s approach to the Assange case and how its position has evolved over the last seven years, Eoghan Gilmartin and Tommy Greene sat down with Txema Guijarro. Currently an MP for Spain’s radical-left Podemos party, Guijarro previously worked as an advisor to the Ecuadorian Foreign Minister Ricardo Patiño. In 2012, he spent several months in London charged with organizing Assange’s asylum, before being sent to Moscow the following year to facilitate Edward Snowden’s abortive efforts to reach Latin America. As he tells Jacobin, Moreno’s opposition to Assange’s asylum pre-dates his presidency and was already evident as early as 2012.

      • Civil Rights/Policing

        • At ‘Kids In Cages’ Congressional Hearing, Mother And Human Rights Advocates Share Stories Of Cruelty At The Border

          Yazmin Juarez, who fled Guatemala and was held in detention at a facility in Dilley, Texas, where her baby contracted a severe respiratory illness that led to her death, testified before the House Committee on Oversight and Reform.

          The hearing was titled, “Kids In Cages: Inhumane Treatment at the Border,” and Texas Republican Representative Chip Roy objected, indicating he was “frustrated.”

          “It’s setting a tone that doesn’t allow us to come together to address this difficult problem in a way that is befitting of the United States and our welcoming nature as a country,” Roy complained.

          He added, “To this day, I have never seen a kid in a cage the way those words seem to indicate it.”

          On July 8, it was reported migrant children released from custody created drawings of themselves in cages. They were from children at the Catholic Charities Humanitarian Respite Center in McAllen, Texas, and were drawn after they were asked to depict their time in detention.

          The Associated Press reported on June 18, 2018, that children were held in cages in an old warehouse in McAllen, Texas. “Hundreds of children” were in a “series of cages created by metal fencing,” and “one cage had 20 children inside.”

        • Indonesian Court Convicts Woman Of Criminal Defamation For Recording Her Boss Trying To Harass Her Into An Affair With Him

          To be fair, we have to consider the extremely unfair political/human rights atmosphere in Indonesia, where women are expected to put up with sexual harassment and sexual assault if they expect to hold onto their jobs. And this definitely is a case of prosecutorial discretion -- a case in which prosecutors decided to press charges against the person who recorded evidence of workplace harassment, rather than the government employee who harassed her.

          This recording was shared with others, who then shared it with other people. Once enough people had heard it, the asshole known only by the name "Muslim" decided to file a complaint. This prosecution for criminal defamation -- that is, Muslim claimed he was defamed by a recording of him saying and doing harassing things -- has led to a six month jail sentence and a $35,000 fine. If the fine isn't paid, it's two more months in jail for the harassment victim.

          But let's not get carried away with feeling better about living in an open society like ours in the US of A, land of the free and begrudging proponent of civil rights. We hear a lot of talk here about "prosecutorial discretion," especially when bad laws are being written, passed, or enforced. Our prosecutors tend to believe they're tough but fair and possessors of hearts of gold, but we looooove to punish victims just as much as more "backwards" societies.

        • Appeals Court Affirms: Trump Can't Block Followers On Social Media

          A little over a year ago, we wrote about the district court ruling saying that it's unconstitutional for the President to block followers on social media. The case was pretty interesting, raising questions about what counts as a "designated public forum" online. As we noted at the time, plenty of people were likely to misinterpret this ruling to mean that social media sites themselves were "public forums" and therefore had to abide by the 1st Amendment -- though one might hope that the Supreme Court's pretty clear ruling suggesting that social media sites are not in any way public forums would put a rest to that argument (spoiler alert: it won't).

          Either way, the Trump administration appealed the lower court ruling and earlier this week, the 2nd Circuit affirmed the lower court ruling and agreed that it was a 1st Amendment violation for Trump to block followers. Once again, the legal specifics here are a bit in the weeds, and as Ken White noted in a tweet, it would have been nice if the ruling was more careful and more clear in dealing with the various complicated concepts at play. On that front, it failed. Overall, though, the ruling is the right decision -- it just would have been nice if the judges had been more careful in explaining it.

          The key point, though, is that if (1) a public official is (2) using social media (3) for official purposes (4) to create a space of open dialogue (and all four of those factors are met) then they cannot block people from following them based on the views those users express, as it violates the 1st Amendment. The court is explicit that this ruling has nothing to do with whether or not private companies are bound by the 1st Amendment (because they are not):

      • Internet Policy/Net Neutrality

        • Amazon Jumps Into The Satellite Broadband Game

          We've long noted that you wouldn't see net neutrality or privacy violations in the broadband sector if there was more competition. Historically however, entrenched companies like AT&T, Comcast, and Verizon have spent millions upon millions of dollars preventing that from happening. They quite enjoy the current paradigm of limited competition, and with state and federal regulatory capture they face absolutely no penalty for sky high prices and abysmal service in most markets. And as the late 90s and early aughts made pretty clear, they're extremely good at crushing smaller companies that try to disrupt the space.

          [...]

          And it should be pretty clear that companies like AT&T, Verizon, and Comcast will be working tirelessly behind the scenes to throw up hurdles at every opportunity in a bid to ensure these alternatives never threaten their geographical monopolies. So while it's OK to be somewhat excited about these new efforts, you may want to temper your enthusiasm until you see a viable, working product. And oh, this is all before we get to the problems of space junk and the impact on astronomy.

      • Monopolies

        • Copyrights

          • Prenda's John Steele Gets 5 Years In Prison; Insists He's Really, Really, Really Sorry

            The Judge had already order Hansmeier to pay back $1.5 million, and now put that on Steele too, making the two of them "jointly and severally liable" -- effectively meaning that the two of them together need to figure out how to come up with that cash to pay back.

            Given how vocal and how adamant (and, frankly, how sleazy and confident he was that he could talk his way out of any mess) Steele was over the years, consider me not totally convinced that he's really had a change of heart. It would be great if that were true, but it's going to take more than a single performance in court to convince most of us. Either way, five years in prison is still a significant prison sentence. And, now, it appears we can finally close the books on Prenda.

          • Life-Altering Copyright Lawsuits Could Come to Regular Internet Users Under a New Law Moving in the Senate

            The Senate Judiciary Committee intends to vote on the CASE Act, legislation that would create a brand new quasi-court for copyright infringement claims. We have expressed numerous concerns with the legislation, and serious problems inherent with the bill have not been remedied by Congress before moving it forward. In short, the bill would supercharge a “copyright troll” industry dedicated to filing as many “small claims” on as many Internet users as possible in order to make money through the bill’s statutory damages provisions. Every single person who uses the Internet and regularly interacts with copyrighted works (that’s everyone) should contact their Senators to oppose this bill.

Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day