Bonum Certa Men Certa

Links 11/7/2019: KDE Plasma 5.16.3 and Verifying Gentoo Election Results



  • GNU/Linux

    • Kernel Space

      • Linux 5.2 Release – Main Changes, Arm, MIPS & RISC-V Architectures

        Linus Torvalds announced the release of Linux 5.2 last Sunday: So I was somewhat pre-disposed towards making an rc8, simply because of my travels and.

      • Linux 5.3 Enables "-Wimplicit-fallthrough" Compiler Flag

        The recent work on enabling "-Wimplicit-fallthrough" behavior for the Linux kernel has culminated in Linux 5.3 with actually being able to universally enable this compiler feature.

        The -Wimplicit-fallthrough flag on GCC7 and newer warns of cases where switch case fall-through behavior could lead to potential bugs / unexpected behavior.

      • EXT4 For Linux 5.3 Gets Fixes & Faster Case-Insensitive Lookups

        The EXT4 file-system updates have already landed for the Linux 5.3 kernel merge window that opened this week.

        For Linux 5.3, EXT4 maintainer Ted Ts'o sent in primarily a hearty serving of fixes. There are fixes from coverity warnings being addressed to typos and other items for this mature and widely-used Linux file-system.

      • Providing wider access to bpf()

        The bpf() system call allows user space to load a BPF program into the kernel for execution, manipulate BPF maps, and carry out a number of other BPF-related functions. BPF programs are verified and sandboxed, but they are still running in a privileged context and, depending on the type of program loaded, are capable of creating various types of mayhem. As a result, most BPF operations, including the loading of almost all types of BPF program, are restricted to processes with the CAP_SYS_ADMIN capability — those running as root, as a general rule. BPF programs are useful in many contexts, though, so there has long been interest in making access to bpf() more widely available. One step in that direction has been posted by Song Liu; it works by adding a novel security-policy mechanism to the kernel. This approach is easy enough to describe. A new special device, /dev/bpf is added, with the core idea that any process that has the permission to open this file will be allowed "to access most of sys_bpf() features" — though what comprises "most" is never really spelled out. A non-root process that wants to perform a BPF operation, such as creating a map or loading a program, will start by opening this file. It then must perform an ioctl() call (BPF_DEV_IOCTL_GET_PERM) to actually enable its ability to call bpf(). That ability can be turned off again with the BPF_DEV_IOCTL_PUT_PERM ioctl() command.

        Internally to the kernel, this mechanism works by adding a new field (bpf_flags) to the task_struct structure. When BPF access is enabled, a bit is set in that field. If this patch goes forward, that detail is likely to change since, as Daniel Borkmann pointed out, adding an unsigned long to that structure for a single bit of information is unlikely to be popular; some other location for that bit will be found.

      • The io.weight I/O-bandwidth controller

        Part of the kernel's job is to arbitrate access to the available hardware resources and ensure that every process gets its fair share, with "its fair share" being defined by policies specified by the administrator. One resource that must be managed this way is I/O bandwidth to storage devices; if due care is not taken, an I/O-hungry process can easily saturate a device, starving out others. The kernel has had a few I/O-bandwidth controllers over the years, but the results have never been entirely satisfactory. But there is a new controller on the block that might just get the job done. There are a number of challenges facing an I/O-bandwidth controller. Some processes may need a guarantee that they will get at least a minimum amount of the available bandwidth to a given device. More commonly in recent times, though, the focus has shifted to latency: a process should be able to count on completing an I/O request within a bounded period of time. The controller should be able to provide those guarantees while still driving the underlying device at something close to its maximum rate. And, of course, hardware varies widely, so the controller must be able to adapt its operation to each specific device.

        The earliest I/O-bandwidth controller allows the administrator to set maximum bandwidth limits for each control group. That controller, though, will throttle I/O even if the device is otherwise idle, causing the loss of I/O bandwidth. The more recent io.latency controller is focused on I/O latency, but as Tejun Heo, the author of the new controller, notes in the patch series, this controller really only protects the lowest-latency group, penalizing all others if need be to meet that group's requirements. He set out to create a mechanism that would allow more control over how I/O bandwidth is allocated to groups.

      • TurboSched: the return of small-task packing

        CPU scheduling is a difficult task in the best of times; it is not trivial to pick the next process to run while maintaining fairness, minimizing energy use, and using the available CPUs to their fullest potential. The advent of increasingly complex system architectures is not making things easier; scheduling on asymmetric systems (such as the big.LITTLE architecture) is a case in point. The "turbo" mode provided by some recent processors is another. The TurboSched patch set from Parth Shah is an attempt to improve the scheduler's ability to get the best performance from such processors. Those of us who have been in this field for far too long will, when seeing "turbo mode", think back to the "turbo button" that appeared on personal computers in the 1980s. Pushing it would clock the processor beyond its original breathtaking 4.77MHz rate to something even faster — a rate that certain applications were unprepared for, which is why the "go slower" mode was provided at all. Modern turbo mode is a different thing, though, and it's not just a matter of a missing front-panel button. In short, it allows a processor to be overclocked above its rated maximum frequency for a period of time when the load on the rest of system overall allows it.

        Turbo mode can thus increase the CPU cycles available to a given process, but there is a reason why the CPU's rated maximum frequency is lower than what turbo mode provides. The high-speed mode can only be sustained as long as the CPU temperature does not get too high and, crucially (for the scheduler), the overall power load on the system must not be too high. That, in turn, implies that some CPUs must be powered down; if all CPUs are running, there will not be enough power available for any of those CPUs to go into the turbo mode. This mode, thus, is only usable for certain types of workloads and will not be usable (or beneficial) for many others.

      • Linux Foundation

        • EdgeX Foundry Announces Production Ready Release Providing Open Platform for IoT Edge Computing to a Growing Global Ecosystem

          EdgeX Foundry, a project under the LF Edge umbrella organization within the Linux Foundation that aims to establish an open, interoperable framework for edge IoT computing independent of hardware, silicon, application cloud, or operating system, today announced the availability of its “Edinburgh” release. Created collaboratively by a global ecosystem, EdgeX Foundry’s new release is a key enabler of digital transformation for IoT use cases and is a platform for real-world applications both for developers and end users across many vertical markets. EdgeX community members have created a range of complementary products and services, including commercial support, training and customer pilot programs and plug-in enhancements for device connectivity, applications, data and system management and security.

          Launched in April 2017, and now part of the LF Edge umbrella, EdgeX Foundry is an open source, loosely-coupled microservices framework that provides the choice to plug and play from a growing ecosystem of available third party offerings or to augment proprietary innovations. With a focus on the IoT Edge, EdgeX simplifies the process to design, develop and deploy solutions across industrial, enterprise, and consumer applications.

    • Benchmarks

      • The Performance Impact To AMD Zen 2 Compiler Tuning On GCC 9 + Znver2

        One of the areas that I always have "fun" benchmarking for new CPU launches is looking at the compiler performance. Following the recent Ryzen 3000 series launch I carried out some initial benchmarks looking at the current Zen 2 performance using the newest GCC 9 stable series with its "znver2" optimizations. Here is a look at how the Znver2 optimizations work out when running some benchmarks on the optimized binaries with a Ryzen 9 3900X running Ubuntu 18.04 LTS.

        AMD developers introduced the initial Znver2 support into the GNU Compiler Collection last November and thus is part of the GCC 9 stable release that debuted in May. This was their initial cut support for the updated Zen microarchitecture but sadly hasn't seen any enhancements since that initial commit. The Znver2 target does bring some alterations to the cost tables and enables the CLWB / RDPID / WBNOINVD instructions. But as we found out during the Ryzen 3000 briefings, there are more instructions new to Zen 2 besides those like RDPRU, so unfortunately this support while appreciated isn't yet fully complete and likely missing various optimizations considering there haven't been any updates since November. Sadly any improvements made now to their GCC Znver2 support won't see users until the GCC 10 release in Q2'2020 and thus not making it into the likes of Ubuntu 20.04 LTS and other distributions.

    • Applications

    • Instructionals/Technical

    • Games

      • Test Tube Titans, a game about growing monsters and then sending them off to wreak havoc

        The developer of Test Tube Titans recently put up a Linux version of their in-development title and it's quite amusing.

        Being completely honest, I've not laughed while playing a game as much as I did with Test Tube Titans when I first attempted to go out into the world with my creature. Due to the physics-based controls (which I'm awful at), you need to move your legs using different buttons to actually get anywhere. It's clumsy but also highly entertaining! It's designed with a gamepad in mind, so I checked it out using my Steam Controller hooked up with SC Controller and it works beautifully.

      • Surprise - Supraland for Linux is now available on GOG

        I will admit, I am quite surprised. Supraland from Supra Games recently released on GOG and it was only for Windows. The developer said some odd things about it all and now it seems they changed their mind, thankfully.

        Today, the Linux version of Supraland officially went live on GOG and GOG themselves sent over a copy for me to check out. I've already played through the demo on Steam and apart from some performance issues here and there, it's a delightful game.

      • Ion Maiden has become Ion Fury, release date announced for August 15th

        In development from Voidpoint and 3D Realms, the retro FPS Ion Maiden has now become Ion Fury. They've also announced the final release for August 15th with a new trailer.

        Why the name change? Well, they were in a bit of a legal problem with the band Iron Maiden.

      • The Bard’s Tale IV: Director’s Cut to be launched August 27

        The dungeon crawler by Brian Fargo and inXile is set to finally launch on Linux soon. The new director’s cut will bring more than just a new coat of paint.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.16.3 Desktop Environment Released with More Than 30 Improvements

          KDE Plasma 5.16.3 comes two weeks after the KDE Plasma 5.16.2 update with more than 30 changes across various core components and apps, including Plasma Workspace, Plasma Desktop, Plasma Audio Volume Control, Plasma Networkmanager (plasma-nm), KWin, Plasma Discover, DrKonqi, KWayland-integration, plasma-browser-integration, plasma-integration, and kde-cli-tools.

          "Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.16.3. Plasma 5.16 was released in June with many feature refinements and new modules to complete the desktop experience. This release adds a fortnight's worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important," reads the release announcement.

        • Plasma 5.16.3
      • GNOME Desktop/GTK

        • GNOME Software Moving Forward With Disabling Snap Plugin

          While currently Ubuntu makes use of GNOME Software as their "software center" (or "app store") with Snap integration, as we wrote about recently Canonical has begun writing their own Snap Store. Given this and that they don't plan to use GNOME Software in Ubuntu 20.04 LTS and thus have taken their developers away from working on the upstream support, GNOME developers are planning to disable the Snap plug-in for GNOME Software.

        • Heads up: No more snap plugin in gnome-software

          In Fedora 31 I'll be disabling the snap plugin from GNOME Software. It's never been enabled in RHEL and so this change only affects Fedora. It's also not installed by default and so this change should only affect a few people. It's also not really a FutureFeature, it's a RemovalOfFeature but I'm happy to write something for the process and release notes if required. Recently Canonical decided that they are not going to be installing gnome-software in the next LTS, preferring instead to ship a "Snap Store by Canonical" rather than GNOME Software. The new Snap store will obviously not support Flatpaks (or packages, or even firmware updates for that matter). The developers currently assigned to work on gnome-software have been reassigned to work on Snap Store, and I'm not confident they'll be able to keep both the old and new codebases in the air at the same time.

        • EFF Celebrating 29th Birthday with $20 Membership, Linode Launches New GPU-Optimized Cloud Computing Instances, Syncthing 1.2.0 Released, Kali Linux Now Available for RPi 4 and GNOME Devs to Disable Snap Plugin for GNOME Software

          GNOME developers plan to disable the Snap plugin for GNOME Software, as Canonical has started creating its own Snap Store and won't be using GNOME Software in Ubuntu 20.04 LTS. According to Phoronix, "Canonical's in-development Snap Store will obviously be focused just on their own Snap effort and not supporting the likes of Flatpak. Due to the likelihood that the GNOME Software Snap plug-in will quickly suffer from bit-rot and pose a maintenance burden to GNOME developers with little to no return, it's certainly reasonable that they would at least disable this plug-in."

        • Fedora is ‘Disabling’ the Snap Plugin for GNOME Software

          The Snap plugin for GNOME Software is being ‘disabled’ in Fedora 31, the distro’s next major release.

          Red Hat’s Richard Hughes announced the change on the Fedora developer mailing list, citing various issues with the plugins QA and long-term usefulness.

          Neal Gompa, who maintains the Snap package in Fedora, says the decision has “blindsided” him.

          So why is Fedora doing this?

          Well, code quality and concerns about the impact the plugin has on the overall GNOME Software user experience are cited:

    • Distributions

      • Gentoo Family

        • Verifying Gentoo election results via Votrify

          Gentoo elections are conducted using a custom software called votify. During the voting period, the developers place their votes in their respective home directories on one of the Gentoo servers. Afterwards, the election officials collect the votes, count them, compare their results and finally announce them.

          The simplified description stated above suggests two weak points. Firstly, we rely on honesty of election officials. If they chose to conspire, they could fake the result. Secondly, we rely on honesty of all Infrastructure members, as they could use root access to manipulate the votes (or the collection process).

          To protect against possible fraud, we make the elections transparent (but pseudonymous). This means that all votes cast are public, so everyone can count them and verify the result. Furthermore, developers can verify whether their personal vote has been included. Ideally, all developers would do that and therefore confirm that no votes were manipulated.

          Currently, we are pretty much implicitly relying on developers doing that, and assuming that no protest implies successful verification. However, this is not really reliable, and given the unfriendly nature of our scripts I have reasons to doubt that the majority of developers actually verify the election results. In this post, I would like to shortly explain how Gentoo elections work, how they could be manipulated and introduce Votrify — a tool to explicitly verify election results.

      • Fedora Family

        • Fedora Community Blog: GCI 2018 mentor’s summit @ Google headquarters

          Google Code-in is a contest to introduce students (ages 13-17) to open source software development. Since 2010, 8,108 students from 107 countries have completed over 40,100 open source tasks Because Google Code-in is often the first experience many students have with open source, the contest is designed to make it easy for students to jump right in. I was one of the mentors in this first time for Fedora program. We had 125 students participating in Fedora and the top 3 students completed 26, 25 and 22 tasks each.

          Every year Google invites the Grand-Prize winners and their parents, and a mentor to it’s headquarters in San Francisco, California for a 4 days trip. I was offered the opportunity to go and represent Fedora in the summit and meet these 2 brilliant folks in person. This report covers activities and other things that happened there.

        • Fedora mulls its "python" version

          There is no doubt that the transition from Python 2 to Python 3 has been a difficult one, but Linux distributions have been particularly hard hit. For many people, that transition is largely over; Python 2 will be retired at the end of this year, at least by the core development team. But distributions will have to support Python 2 for quite a while after that. As part of any transition, the version that gets run from the python binary (or symbolic link) is something that needs to be worked out. Fedora is currently discussing what to do about that for Fedora 31.

          Fedora program manager Ben Cotton posted a proposal to make python invoke Python 3 in Fedora 31 to the Fedora devel mailing list. The proposal, titled "Python means Python 3", is also on the Fedora wiki. The idea is that wherever "python" is used it will refer to version 3, including when it is installed by DNF (i.e. dnf install python) or when Python packages are installed, so installing "python-requests" will install the Python 3 version of the Requests library. In addition, a wide array of associated tools (e.g. pip, pylint, idle, and flask) will also use the Python 3 versions.

          The "Requests" link above does point to a potential problem area, however. It shows that Requests for Python 3 III is not fully finished, with an expected release sometime "before PyCon 2020" (mid-April 2020), which is well after the expected October 2019 release of Fedora 31. The distribution already has a python3-requests package, though, so that will be picked up as python-requests in Fedora 31 if this proposal is adopted. There may be other packages out there where Python 3 support is not complete but, at this point, most of the major libraries have converted.

        • NeuroFedora poster at CNS*2019

          With CNS*2019 around the corner, we worked on getting the NeuroFedora poster ready for the poster presentation session. Our poster is P96, on the first poster session on the 14th of July.

          [...]

          Unfortunately, this time, no one from the team is able to attend the conference, but if you are there and want to learn more about NeuroFedora, please get in touch with us using any of our communication channels.

          To everyone that will be in Barcelona for the conference, we hope you have a fruitful one, and of course, we hope you are able to make some time to rest at the beach too.

      • Debian Family

        • Debian Edu 10 Operating System Released as a Complete Linux Solution for Schools

          Debian Edu, also known as Skolelinux, is a Debian-based GNU/Linux distribution designed to provide a complete solution for schools and other educational environments. It comes out-of-the-box with all the tools needed to quickly set up a completely configured school network in minutes, allowing users and machines to be easily added via the GOsa€² web interface. Debian Edu features the Xfce desktop environment by default and it's perfect for older computers.

          "Do you have to administrate a computer lab or a whole school network? Would you like to install servers, workstations and laptops which will then work together? Do you want the stability of Debian with network services already preconfigured? Do you wish to have a web-based tool to manage systems and several hundred or even more user accounts? Then Debian Edu is for you," reads the release announcement.

        • Debian and code names

          Debian typically uses code names to refer to its releases, starting with the Toy Story character names used (mostly) instead of numbers. The "Buster" release is due on July 6 and you will rarely hear it referred to as "Debian 10". There are some other code names used for repository (or suite) names in the Debian infrastructure; "stable", "testing", "unstable", "oldstable", and sometimes even "oldoldstable" are all used as part of the sources for the APT packaging tool. But code names of any sort are hard to keep track of; a discussion on the debian-devel mailing list looks at moving away from, at least, some of the repository code names.

          The issue was raised by Ansgar Burchardt, who wondered if it made sense to move away from the stable, unstable, and testing suite names in the sources.list file used by APT. Those labels, except for unstable, change the release they are pointing at when a new release gets made. Currently stable points to "Jessie Stretch" (Debian 9), while testing points to Buster. Soon, stable will point to Buster, testing will point at "Bullseye", which will become Debian 11.

          He asked about using the release code names directly, instead, so that pointing a system at Stretch would continue to get packages from that release. But he also thought it would be nice to completely route around the code names, which "confuse people".

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • German data protection organization: use of Office 365 in schools is illegal

        The data protection officer of the German federal state of Hessen has warned that the cloud-based Office 365 solution is not a compliant solution for use in schools when student information is being stored on it. This fits with earlier, similar conclusions by the Swedish and Dutch governments – US cloud solutions are not GDPR compliant.

      • A Diatribe Concerning My Experiences With Gopher

        This is an article that will collect my opinions concerning Gopher experiences and practices, primarily those I dislike, with regards to conventions I've encountered and whatnot. I'll update this article as I have more to write of and feel the want.

      • A Look at the Open-Source Tools Behind Today’s State-of-the-Art Visual Effects

        Today, Software Defined Visualization (SDVis) is the ultimate in the world of visualization, allowing the best-of-the-best to emerge. It’s hardly a secret in the world of scientific visualization, digital animation, and computer graphics (CG). Go to any hit movie these days, and the results of SDVis will be present to help make the incredible believable.

      • Events

        • Arturo Borrero González: Netfilter workshop 2019 Malaga summary

          This week we had the annual Netfilter Workshop. This time the venue was in Malaga (Spain). We had the hotel right in the Malaga downtown and the meeting room was in University ETSII Malaga. We had plenty of talks, sessions, discussions and debates, and I will try to summarice in this post what it was about.

          Florian Westphal, Linux kernel hacker, Netfilter coreteam member and engineer from Red Hat, started with a talk related the some works being done in the core of the Netfilter code in the kernel to convert packet processing to lists. He shared an overview of current problems and challenges. Processing in a list rather than per packet seems to have several benefits: code can be smarter and faster, so this seems like a good improvement. On the other hand, Florian thinks some of the pain to refactor all the code may not worth it. Other approaches may be considered to introduce even more fast forwarding paths (apart from the flow table mechanisms for example which is already available).

          Florian also followed up with the next topic: testing. We are starting to have a lot of duplicated code to do testing. Suggestion by Pablo is to introduce some dedicated tools to ease in maintenance and testing itself. Special mentions to nfqueue and tproxy, 2 mechanisms that requires quite a bit of code to be well tested (and could be hard to setup anyway).

          [...]

          After lunch, Pablo followed up with a status update on hardware flow offload capabilities for nftables. He started with an overview of the current status of ethtool_rx and tc offloads, capabilities and limitations. It should be possible for most commodity hardware to support some variable amount of offload capabilities, but apparently the code was not in very good shape. The new flow block API should improve this situation, while also giving support for nftables offload. Related article in LWN: https://lwn.net/Articles/793080/

          Next talk was by Phil, engineer at Red Hat. He commented on user-defined strings in nftables, which presents some challenges. Some debate happened, mostly to get to an agreement on how to proceed.

      • Web Browsers

      • Productivity Software/LibreOffice/Calligra

        • What is the Open Document Format (ODF), and how is it developed?

          Open Document Format is LibreOffice’s native file format. (If you have a file with a .odt, .ods, .odp or .odg extension, then it’s an Open Document Text, Spreadsheet or Presentation file or Graphic respectively.)

          ODF is developed by OASIS, then submitted to ISO (the International Organization for Standardization), and then adopted as a standard. There is also a working group at ISO, which by the way also works on OOXML – which can then ask questions about development, and so on.

          For ODF we are now working on version 1.3. We had a “feature freeze” last summer. We have come so far that everything we wanted to have in it is available in the “editor version”. Now we’re going to fine-tune it, then we’ll be back in summer – so that was a whole year. Then comes the coordination process at OASIS, so it usually takes two years until a new version of the standard is ready.

      • Pseudo-Open Source (Openwashing)

        • This free open-source tool can help game developers make procedural ivy [Ed: Mono is a problem]

          This is a tool specifically for games being made in Unity, an engine which has been used to make plenty of games people don't associate with it—games like Hearthstone, Cities: Skylines, Wasteland 2, Beat Saber, and Cuphead, for instance, were all made in Unity.

      • BSD

        • FreeBSD 11.3-RELEASE Released, Which comes with many Improvements

          The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 11.3-RELEASE on July 09th 2019.

          This is the fourth release of the stable release of FreeBSD 11 branch.

          [...]

          The kernel will now log the jail ID when logging a process exit.

          Several feature additions and updates to userland applications.

          Several network driver firmware updates.

          Warnings for features deprecated in future releases will now be printed on all FreeBSD versions.

          Warnings have been added for IPSec algorithms deprecated in RFC 8221.

          Deprecation warnings have been added for weaker algorithms when creating geli providers.

      • Licensing/Legal

        • Popular licenses in OpenAPI

          Note: Before you start complaining, I realise this is probably a very sub-optimal solution code-wise, but it worked for me. In my defence, I did open up my copy of the Sed & Awk Pocket Reference before my eyes went all glassy and I hacked up the following ugly method. Also note that the shell scripts are in Fish shell and may not work directly in a 100% POSIX shell.

          First, I needed to get a data set to work on. Hat-tip to Mike Ralphson for pointing me to APIs Guru as a good resource. I analysed their APIs-guru/openapi-directory repository1, where in the APIs folder they keep a big collection of public APIs. Most of them following the OpenAPI (previously Swagger) specification.

      • Programming/Development

        • Infinite work is less work
          The first task of last week's Perl Weekly Challenge was to print the
          first ten strong and weak primes. A prime pn is "strong" if it's larger
          than the average of its two neighbouring primes (i.e. pn > (pn-1+pn+1)/2).
          A prime is "weak" if it's smaller than the average of its two neighbours.
          
          

          Of course, this challenge would be trivial if we happened to have a list of all the prime numbers. Then we'd just filter out the first ten that are strong, and the first ten that are weak. In fact, it would be even easier if we happened to have a list of all the strong primes, and a list of all the weak ones. Then we'd just print the first ten of each.

          But there are an infinite number of primes and of weak primes (and possibly of strong primes too, though that's still only conjectured), so building a complete list of the various subspecies of primes is impractical in most programming languages.

  • Leftovers

    • Science

      • Apollo 11: 'The greatest single broadcast in television history'

        "He was born in October 1893, so had grown up knowing roads with horse and buggy, and was absolutely thrilled to see history being made," Mr Sills says. "The acceleration of technology seemed incredible, and [Cronkite] explained how amazing it was."

      • As Visa Difficulties Persist, Scientists Push for Change

        There’s no hard data on how many researchers are affected. After an Iranian labmate at Western University in Canada couldn’t attend the Society for Neuroscience’s (SfN) conference last November in San Diego, Matthew Leavitt created a survey to assess the scale of the issue. He received 25 responses by researchers who were denied visas to attend conferences in the US and Canada. Of these, 21 were from Iranians, 2 from Syrians, and 1 from an Iraqi. “In my experience at scientific conferences pre-travel ban, Iran [was] of one of the most widely represented nationalities after the US, Canada, Germany, The Netherlands, and Japan,” Leavitt writes to The Scientist in an email.

        These figures are probably a gross underestimate: “I also received dozens of emails from people who were denied visas but hesitant to fill out the survey or speak publicly about their experiences for fear of retaliation, as well as academics who were not personally denied visas but shared stories of colleagues who were affected,” Leavitt explains.

    • Security

      • GnuPG 2.2.17 released to mitigate attacks on keyservers

        gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607]

      • Security updates for Thursday

        Security updates have been issued by Debian (dosbox and openjpeg2), Oracle (dbus and kernel), Scientific Linux (dbus), Slackware (mozilla), and SUSE (fence-agents, libqb, postgresql10, and sqlite3).

      • What Is Zero Trust Architecture?

        Zero Trust architecture might be popular now, but that doesn’t necessarily mean it’s for you. If you find your needs are met by your current security, you may not want to switch. That said, keep in mind that waiting until you have a security breach isn’t an ideal way to evaluate your security.

      • OpenPGP certificate flooding

        A problem with the way that OpenPGP public-key certificates are handled by key servers and applications is wreaking some havoc, but not just for those who own the certificates (and keys)—anyone who has those keys on their keyring and does regular updates will be affected. It is effectively a denial of service attack, but one that propagates differently than most others. The mechanism of this "certificate flooding" is one that is normally used to add attestations to the key owner's identity (also known as "signing the key"), but because of the way most key servers work, it can be used to fill a certificate with "spam"—with far-reaching effects.

        The problems have been known for many years, but they were graphically illustrated by attacks on the keys of two well-known members of the OpenPGP community, Daniel Kahn Gillmor ("dkg") and Robert J. Hansen ("rjh"), in late June. Gillmor first reported the attack on his blog. It turned out that someone had added multiple bogus certifications (or attestations) to his public key in the SKS key server pool; an additional 55,000 certifications were added, bloating his key to 17MB in size. Hansen's key got spammed even worse, with nearly 150,000 certifications—the maximum number that the OpenPGP protocol will support.

        The idea behind these certifications is to support the "web of trust". If user Alice believes that a particular key for user Bob is valid (because, for example, they sat down over beers and verified that), Alice can so attest by adding a certification to Bob's key. Now if other users who trust Alice come across Bob's key, they can be reasonably sure that the key is Bob's because Alice (cryptographically) said so. That is the essence of the web of trust, though in practice, it is often not really used to do that kind of verification outside of highly technical communities. In addition, anyone can add a certification, whether they know the identity of the key holder or not.

      • FinSpy Malware ‘Returns’ To Steal Data On Both Android And iOS

        As per the researchers, the spyware was again active in 2018 and the latest activity was spotted in Myanmar in June 2019. These implants are capable of collecting personal information such as SMS, Emails, Calendars, Device Locations, Multimedia and even messages from some popular social media apps.

        If you are an iOS user, then the implant is only observed to work on jailbroken devices. If an iOS device is already jailbroken then this spyware can be remotely installed via different mediums like messaging, email, etc. However, the implants have not been observed on the latest version of iOS.

      • New FinSpy iOS and Android implants revealed ITW

        FinSpy is spyware made by the German company Gamma Group. Through its UK-based subsidiary Gamma International Gamma Group sells FinSpy to government and law enforcement organizations all over the world. FinSpy is used to collect a variety of private user information on various platforms. Its implants for desktop devices were first described in 2011 by Wikileaks and mobile implants were discovered in 2012. Since then Kaspersky has continuously monitored the development of this malware and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in Myanmar in June 2019. Late in 2018, experts at Kaspersky looked at the functionally latest versions of FinSpy implants for iOS and Android, built in mid-2018. Mobile implants for iOS and Android have almost the same functionality. They are capable of collecting personal information such as contacts, SMS/MMS messages, emails, calendars, GPS location, photos, files in memory, phone call recordings and data from the most popular messengers.

    • Environment

      • Warren reintroduces bill mandating climate disclosures by companies

        The Climate Risk Disclosure Act would direct the Securities and Exchange Commission, in consultation with climate experts at other federal agencies, to issue rules within the next year requiring companies to disclose their greenhouse gas emissions, fossil fuel assets and its risk management strategies related to the climate crisis.

      • Wildlife/Nature

        • Round-the-clock 'bear cam 360' goes live in Finland

          The live stream from Eastern Finland - which lasts more than 48 hours - begins Wednesday 10 July, 6pm Finnish time (1500 UTC) and ends at noon on Saturday.

        • Monarch Mishaps: When Trying to Help Actually Hurts

          Monarch butterflies haven’t had it easy lately. Populations of these beloved insects have crashed 80 percent or more in most parts of their range as a result of pesticides, habitat loss, climate change and other environmental threats. As a result, monarchs are now being considered for protection under the Endangered Species Act.

          A lot of people are working hard to protect monarchs, but one all-too-common activity intended to help may actually do more harm than good: mass releases of captive-raised butterflies.

    • Finance

    • AstroTurf/Lobbying/Politics

      • The Evolution of a Russian Troll

        In an interview with Foreign Policy this week, Malkevich confirmed that the men had met with Qaddafi’s son but denied that they had sought to interfere in the country’s factious politics. He said they were only conducting research and described the allegations as a project of the “deep state” in the United States.

      • The American Left Is Failing Hong Kong

        The fears are well-founded. Mainland China has sent operatives to Hong Kong to abduct businessmen and booksellers. The Hong Kong legislative council is already not fully democratic. The public elects only half of its 70 members; the other half is selected by so-called functional constituencies, which give pro-Beijing corporations and tycoons direct influence over policy. The result is a business-friendly legislature that disqualified elected officials who refuse to pledge allegiance to mainland China and essentially criminalized a pro-independence political party.

      • Your Boss Might Be Ripping You Off: How To Protect Yourself From Wage Theft

        Wage theft is a general term for paying workers less than what they’ve rightfully earned. Nobody knows exactly how much is stolen, but some experts estimate wage theft costs U.S. workers $50 billion a year. To put that number in perspective, all robberies, burglaries, and car thefts combined cost victims $14 billion, in 2012, according to FBI statistics.

      • Diplomats Fear Chilling Effect of British Ambassador’s Resignation

        “The leak of cables has a chilling effect on what diplomats are prepared to put in writing and send back,” said Amanda Sloat, a scholar at the Brookings Institution and a former State Department official. “I’m sure that British diplomats in embassies around the world are now going to be having similar concerns about things that they are writing in cables and sending back to London.”

    • Censorship/Free Speech

      • Why China is Hiding the Horrors of Its Past

        What is arguably most sensitive to the Chinese Communist Party are discussions of any historical events in which the CCP appears to be at fault, whether it be violence in Xinjiang or the Tiananmen Square Massacre. In the current political environment, these events call into question the legitimacy of the CCP, and therefore, information about them is increasingly restricted. But it wasn’t always this way. In the 1980s, public discussions and writings (known as “scar literature”) of the horrors of Mao’s rule were largely tolerated by the government. This was also a period when such history appeared to be less relevant, and therefore, less threatening to the Party. At that time, the country was reforming its political institutions, liberalizing its economy, and some high-ranking CCP officials were even considering full democratization.

      • Court Orders Cloudflare to Terminate Accounts of Pirate Sites

        An Italian court has ordered Cloudflare to terminate the accounts of several pirate sites. The ruling comes after a complaint from local broadcaster RTI, which successfully argued that Cloudflare can be held liable if it willingly fails to act in response to copyright infringement notices.



    • Privacy/Surveillance

      • Instagram will ask users to rethink posting something offensive

        Instagram is also due to launch another tool, called Restrict, designed to help users filter abusive comments without needing to block others. The tool will mean that restricted people will not be able to see when a user is active on on Instagram or when direct messages have been read.

      • Apple Watch vulnerability forces Apple to disable Walkie-Talkie

        Walkie-Talkie is an Apple Watch app that offers push-to-talk calls through a tweaked form of FaceTime Audio. It was added to the Apple Watch with last year’s release of watchOS 5. The app itself is still installed on users’ watches, but calls won’t go through.

      • Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping

        Apple was alerted to the bug via its report a vulnerability portal directly and says that there is no current evidence that it was exploited in the wild.

        The company is temporarily disabling the feature entirely until a fix can be made and rolled out to devices. The Walkie Talkie App will remain installed on devices, but will not function until it has been updated with the fix.

      • Facebook's NPE Team will mess around making experimental apps

        "We decided to create this separate developer name to help set the appropriate expectations with people that, unlike Facebook's family of apps, NPE Team apps will change very rapidly and will be shut down if we learn that they're not useful to people," said the social network.

      • Wiretap Report Says Courts Are Seeing Fewer Wiretap Requests, Fewer Convictions Linked To Wiretaps

        I'm not sure if this is supposed to be bad news or good news. Should we feel anything about it? Maybe dismay, because law enforcement just isn't working as well as it used to? Some sort of disappointment that wiretaps aren't turning into convictions as often as they used to in the past? A general malaise about the sheer number of inscrutable stats that government thrusts at us in an attempt to believe it actually cares about transparency?

        Maybe what we should feel is some sort of gratitude the system isn't being abused quite as frequently. This gratitude shouldn't be directed towards the court system, which has been a willing enabler of law enforcement abuse. It shouldn't be directed towards law enforcement, which has repeatedly shown an ability to abuse any system it works with.

        No, if there's anything that's a positive sign in this report, all gratitude for this needs to go to journalists like Brad Heath, who uncovered abuse of wiretap authorities on a massive scale in his investigation for USA Today.

        For years, the DEA ran wiretap warrants through state courts in southern California. A majority of these warrants landed in front of a single judge. The DEA had California courts acting as enablers, allowing agents to bypass restrictions the DOJ places on seeking and deploying wiretaps. Having found an easy source for warrant approval, the DEA went back to the well time and time again, even as other federal law enforcement agencies expressed their concerns about the legality of this tactic.

      • White House Explores Social Media "Bias"

        The White House is today hosting a social media summit to examine allegations of bias and censorship. EPIC objected to an earlier White House survey on this topic, noting that the White House failed to protect the privacy of respondents.

      • Google should auto-delete aging user data by default

        Google have rolled out controls allowing signed-in users to have their collected location history, web searches, and activity data automatically deleted after three or 18 months. Controls to delete data had been available before, but users would have to revisit periodically and manually request the deletion of data.

        Google doesn’t yet prompt users to chose how long they want data to be stored, but they can go in and set their own preferences if they manage to find the auto-delete options.

    • Freedom of Information/Freedom of the Press

      • RSF took an unprecedented mission to Saudi Arabia to free jailed journalists

        At the start of the Global Conference for Media Freedom in London (10-11 July 2019), the international press freedom organisation Reporters Without Borders (RSF) revealed that it took an unprecedented mission to Saudi Arabia in April to advocate for the release of 30 jailed journalists. RSF views this measure as the only way to clear Riyadh’s way to the G20 chairmanship in the aftermath of the assassination of Jamal Khashoggi.

    • Civil Rights/Policing

      • Five-year jail sentence for Somali policeman who murdered a journalist

        [...] The sentence was not made public and RSF has only just learned of its existence.

        The verdict issued by a military court on 1 November 2018, a copy of which has been obtained by RSF, states: “In the court’s view, it has been clearly established that Abdullahi Ahmed Nur, a police sergeant working for the customs and finance department, committed the crime of which he is accused.”

      • [Old] Media seeks Justine Damond death video

        A legal stoush has broken out in the US over whether police video of Australian yoga instructor Justine Ruszczyk Damond naked and "gasping for breath in the last moments of her life" should be shown to the media and members of the public.

        Hennepin County District Judge Kathryn Quaintance ruled last week the police body camera video should only be viewed by the jury, lawyers and herself during Minneapolis police officer Mohamed Noor's murder trial.

        A coalition of media organisations, led by the Minneapolis Star Tribune, challenged the judge's ruling at a hearing on Friday.

      • Simulators teach police and their critics when to shoot [iophk: indoctrination]

        That is just one of the roughly 500 scenarios on the FATS (Firearms Training Simulator), an interactive machine designed, in the words of Detective Raul Hernandez, who puts nearly 1,000 Newark officers through their paces on the FATS twice a year, “to train our officers to survive an encounter with a person with a weapon.” Around 3,800 agencies in America, and hundreds more around the world, including the Canadian and Singaporean armies and the British defence ministry, use these machines.

      • The Gentrification Of A Cup Of Coffee

        Here I am, awakened during a dream in the wee hours. I dreamt my late father came into the kitchen and solemnly informed my mother that a cup of coffee was a multiple of his hourly pay and he would have to skip it… Effectively, that’s happening as wealthy people pay many dollars for cups of coffee without a thought for how the poorer folk get by. Getting by is not a concept when one buys $60K pickups to drive empty in city traffic or pays half a $million for an ordinary home that used to provide for a family of 5 to 20 children and now is occupied by 2.5 people.

      • Saudi Princess stands trial in Paris for alleged assault

        She stands accused of ordering her bodyguard Rani Saidi, who is also charged, to beat up the workman Ashraf Eid after he was seen taking a photo inside her home in September 2016.

        Eid, who worked in the luxury apartment block, had been called in to repair a damaged basin and told investigators he needed the pictures taken with his phone to carry out the work.

      • A former Scientologist says this is how Tom Cruise's kids were turned against Nicole Kidman

        But after the split, she said the children lived in a "boot camp" experience isolated from other children at the center. Domingo says Rathbun ( who's since left Scientology) was in charge of Connor and Isabella's indoctrination into the faith.

    • Internet Policy/Net Neutrality

      • After more than 60 Internet cuts so far this year, India urged to overhaul legislation

        The Indian authorities are currently disconnecting the Internet at a rate of ten times a month, each time depriving an average of several hundred thousand people of all online information. This was the case on 5 July, in the Kashmiri district of Shopian, in India’s far north, where the Internet was disconnected as a “preventive measure” after a gunfight between separatist militants and paramilitaries.

      • [Old] Internet Shutdown Tracker

        We are tracking instances of Internet shutdowns in India to draw attention to the troubling trend of disconnecting access to Internet services.

      • Google Joins Talks In Bid To Salvage T-Mobile Merger

        We recently noted that the DOJ seemed to have shifted its thinking and is now likely to approve T-Mobile's highly problematic $26 billion merger with Sprint. Why? As it stands, not only do such telecom mergers almost always result in significant layoffs (despite what T-Mobile is promising employees), the deal would eliminate one of just four major US wireless competitors, dramatically reducing any incentive to compete on price. So T-Mobile lobbyists have launched a hail Mary pass: they're proposing spinning off a part of the company and potentially selling it to a competitor like Dish Network, creating a new fourth carrier.

        The problem: Wall Street doesn't believe the assets Dish will obtain (like prepaid brand Boost Mobile) will be enough to craft a fully viable fourth character. There's also a lot of doubt that Dish Network, with a long history of hoovering up valuable spectrum and then doing absolutely nothing with it, would actually be competent enough to pull such a plan off.

    • Monopolies

      • Road-tripping with the Amazon nomads

        To stock Amazon’s shelves, merchants travel the backroads of America in search of rare soap and coveted toys

      • Patents and Software Patents

        • STRONGER Patents—Bad Legislation

          There’ve been some minor changes, but the majority of the STRONGER Patents Act is a copy of the 2017 edition.

          That means that the bill still creates a standing requirement for inter partes reviews (IPRs), incentivizing patent owners to sit and wait until products are developed and profitable before filing their lawsuits and preventing product designers from testing the validity of a patent before making that investment.

          The bill still changes the standard of proof in IPRs to clear and convincing evidence–a standard district courts use in deference to the competence of the USPTO. The USPTO has no need to defer to its own competence—in fact, the multiple technically and legally trained judges composing a PTAB panel are significantly more competent than the single examiner spending an average of 19 hours to examine a patent.

          It still defines a real party in interest broadly enough that a stockholder might be a real party in interest and a crowdfunder almost certainly is. The real party in interest requirement was designed to prevent a company from using control or influence with another company to file an IPR that they wouldn’t have been able to file themselves, something the PTAB already actively polices, and the amended definition of real party in interest goes far beyond that point.

          [...]

          But even the improvements are just eliminating harmful changes from the bill—they don’t actively improve the patent system and they don’t offset the harms to innovation that the bill would create. The STRONGER Patents Act of 2019 is not a bill that anyone should support if they care about U.S. innovation—a fire that only destroys your kitchen is better than a fire that burns down your entire house, but neither one is desirable.

          Over the past 7 years, IPR has provided a successful tool to eliminate patents that shouldn’t have been granted, resulting in lower-cost, less-frequent patent litigation, saving billions of dollars that can be spent on actual research and development instead of lawyers. And the reduction in litigation has come almost entirely from non-practicing entities, not the kind of productive operating companies that perform research and development.

          Why would anyone want a bill that tries so hard to eliminate a program that’s eliminated patents that never should have issued, reduced the amount of troll litigation, and even made litigation less expensive in the process?

        • Fastest Patents of 2019

          U.S. Patent No. 10,285,922 (110 days from earliest priority to issuance). The ‘922 Patent claims a “topical exfoliating formulation” that includes papain enzyme. Case was subject to a petition to make special based upon the inventor’s age of 65+. Applicant cited no references and the (primary) examiner only found two.

          U.S. Patent No. 10,343,988 (111 days from earliest priority to issuance). The ‘988 patent is directed to a new compound known as hydroxytyrosol thiodipropionic acid apparently useful for food preservation.

        • What Are We Really Talking About When We Talk About €§ 101?

          After the Senate’s recent €§ 101 hearings, Senators Tillis and Coons seem to have remained steadfast in their belief that patentable subject matter is a real problem for U.S. innovation. (It’s not.) But there’s a particular flaw in their belief. In a recent article penned by the two Senators, published in Law360, they state that because of €§ 101, “investors are reluctant to pursue the innovations that propel our country forward.”

          The reality is that €§ 101 isn’t being used to eliminate those innovations—it’s being used to prevent the kinds of patents on economic transactions that Tillis and Coons claim to want to prevent. Let’s take a look at some real examples.

          [...]

          Outside of China (which is investing tens of billions of dollars in government funding of AI research), the U.S. remains by far the most popular jurisdiction for AI patent applications. And that growth has accelerated in the U.S. after the 2014 Alice decision compared to other jurisdictions. This suggests that Alice has actually led to increased AI investment as companies worry less about being sued for their AI work and can spend more time and money on actual R&D.

          As it turns out, when you look at €§ 101’s actual impacts on high tech, it’s been positive. €§ 101 has been getting rid of patents on processing and graphing data and on remotely authorizing purchases, not harming research into technologies like AI.

          If this is the best evidence of harm from €§ 101, I’d say the only problem is calling it a “problem” in the first place.

      • Trademarks

        • Are Trademarks FUCT? SCOTUS Strikes Down Ban On Registering "Immoral" And "Scandalous" Trademarks

          On June 24, 2019, in Iancu v. Brunetti, the Supreme Court of the United States struck down the Lanham Act's ban on registering "immoral" or "scandalous" trademarks, two years after the Supreme Court struck down a similar ban on registering "disparaging" trademarks. The decision was a victory for skater, artist and entrepreneur Erik Brunetti, whose application to register a controversial trademark, FUCT, was denied on the basis that it was "immoral" or "scandalous."

          Many are hailing the Brunetti decision as a victory for "free speech"—and it is. However, the decision has little to do with whether businesses can (or should) adopt and use profane marks, and everything to do with whether such marks are legally registerable by the U.S. Patent and Trademark Office (USPTO).

          [...]

          Although the majority declined to adopt the narrow interpretation of the three dissenting justices on the basis that they would not "rewrite" the statute before them, they acknowledged that some speech-related restrictions could withstand constitutional scrutiny, signaling to Congress that the relevant provisions of the Lanham Act could be amended and upheld. The majority opinion seemingly acknowledged that language prohibiting registration of "lewd," "sexually explicit" or "profane" marks may not violate the First Amendment, suggesting that Congress could adopt such language in an amended statute. Justice Alito emphasized exactly this point in his separate, concurring opinion, noting specifically that the majority opinion leaves room for Congress to adopt a "more carefully focused statute" prohibiting registration of marks "containing vulgar terms that play no real part in the expression of ideas."

      • Copyrights

        • YouTube ‘Blocks’ Popular MP3 Stream-Ripping Sites

          Several stream-ripping sites have been unable to download and convert files from YouTube starting a few hours ago. It appears that the video streaming platform is actively blocking requests from these sites. While the reason for the sudden blocking efforts is unknown, the music industry would certainly welcome a more aggressive stance from YouTube.

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day