Bonum Certa Men Certa

Links 24/7/2019: Mesa 19.1.3 and Coreboot 4.10



  • GNU/Linux

    • Desktop

      • One Mix 1S Yoga mini laptop Linux test

        took a loaded up a few different GNU/Linux distributions onto USB flash drives, booted into them (by pressing F7 on the One Mix 1S Yoga at the boot splash screen), and checked to see what works out of the box, and what doesn’t.

        Here’s what I found.

        Priced at about $440, the One Mix 1S Yoga is one of the most affordable laptops around with a screen size smaller than 7 inches.

        But it’s also one of the newest models, and I’m not aware of any custom GNU/Linux distributions optimized for this particular computer yet. The folks behind Ubuntu MATE, for example, offer a custom version of that operating system that’s designed for UMPC (Ultra Mobile PC) computers including the GPD Pocket, GPD Pocket 2, GPD MicroPC, and Topjoy Falcon. But it doesn’t yet seem to support the One Mix 1S Yoga (the operating system loads fine, but some of the display tweaks don’t work).

        Still, while the out-of-the-box experience with most Linux-based operating systems I’ve tested so far is imperfect, it’s also promising.

    • Server

      • Introducing Spinnaker for Google Cloud Platform—continuous delivery made easy

        Spinnaker, developed jointly by Google and Netflix, is an open-source multi-cloud continuous delivery platform. Companies such as Box, Cisco, and Samsung use Spinnaker to create fast, safe, repeatable deployments. Today, we are excited to introduce the Spinnaker for Google Cloud Platform solution, which lets you install Spinnaker in Google Cloud Platform (GCP) with a couple of clicks, and start creating pipelines for continuous delivery.

      • Quick Change in CEO's at SUSE Linux

        In two weeks, a new chief executive officer will be taking the reins at SUSE, the Germany-based software company best known for its SUSE Linux Enterprise line...

      • SUSE Appoints First Female CEO

        SUSE has appointed Melissa Di Donato as the next CEO of the company to succeed, Nils Brauckmann, who will be retiring and leaving SUSE.

        “I am incredibly proud of SUSE’s progress and growth over the last eight years, which has culminated in it securing independent status,” Brauckmann said.

        Prior to SUSE, Di Donato was chief operating officer and chief revenue officer at SAP where she was responsible for the worldwide revenue, profit and customer satisfaction of the company’s digital core solutions.

      • Mirantis Kubernetes As A Service Is Better Than Competitors – Boris Rensk
      • Coming to grips with cloud and making choices

        On balance, it takes enterprises about 4-5 years before they report that a majority of workloads (75%) are leveraging some form of cloud environment or providers (451 Research, Voice of the Enterprise survey research). At best it’s a methodical process of reshaping investment, practices and business processes — at worst it’s a morass of failed starts, missed opportunities, poor planning and wasted effort. Enterprises should develop an objective, holistic view of their situation that allows for specific actions to be made with a clear eye as to the cost, the process, and the eventual benefits to finding the right venue for any given workload. There’s no right answer for any given situation, but there are right ways to proceed. It’s okay to have a preference for one provider or vendor, and it’s okay to be as independent and cloud-agnostic as possible. It’s okay to prioritize mass migration, and it’s okay to realize some things are better off in the enterprise datacenter. The important part is to develop ways to go into it with eyes wide open and a core understanding of the options available.

      • Get started with Kubernetes (using Python)

        So, you know you want to run your application in Kubernetes but don’t know where to start. Or maybe you’re getting started but still don’t know what you don’t know. In this blog you’ll walk through how to containerize an application and get it running in Kubernetes.

        This walk-through assumes you are a developer or at least comfortable with the command line (preferably bash shell).

      • Don’t Use Kubernetes Until You’ve Asked This Question

        Kubernetes technology has skyrocketed in popularity for the last few years. More and more organizations are using it to power their infrastructure, and as a result, there’s an influx of individuals learning how to use the technology in order to get a new job, upskill for an existing job, or simply to stay up-to-date with the latest tech.

        But why are organizations using this tech? Well, as more organizations have turned to containers in order to run their applications, they’re facing an issue: how do they manage them? Many are using Kubernetes to solve this problem. But is it the right solution?

      • Learn on Demand Systems Enables Lab Authors to Create Linux Containers
      • IBM

        • Skytap Announces General Availability of IBM i in the Public Cloud

          Skytap, a global, purpose-built cloud service, has announced that its support for the IBM i operating system is now available in US-West, US-Central, and EMEA-UK, broadening its support for IBM Power Systems-based applications that can be developed, tested and run in production.

          According to Skytap, the IBM i market is highly stable and, with cloud migrations, data center consolidation, and digital transformation increasing, organizations can now run IBM i in Skytap and augment their applications with new cloud services. Skytap runs in IBM Cloud, can be programmatically integrated with IBM's cloud-native services, and is complemented by IBM's Power Systems Virtual Servers on IBM Cloud.

        • Building an organization that's always learning: Tips for leaders

          In open organizations, informal learning is critical to success. "Informal learning" accounts for all learning that occurs outside a training program, a classroom, or another formalized instruction setting. Unlike the learning in these formalized learning settings, informal learning is unstructured, personal, and voluntary.

          As a result, systematic study of it is difficult. But due to the prevalence and importance of informal learning in workplaces, several researchers have called for additional research into the subject—and particularly for the design of instruments to actually measure informal learning. Such instruments could likewise be useful in open organizations hoping to measure and foster informal learning practices among employees.

        • 9 people for sysadmins to follow on Twitter

          While Twitter certainly isn't the most open source platform, the open source community on the social network brings a lot of great minds together on a daily basis. The site, as I see it, also democratizes access to these brilliant minds since we're all just one @ away.

          Here are nine people whose Twitter accounts are making my pursuit of sysadmin knowledge, and its continued evolution, better. They fall across the spectrum of technology with the one thing they have in common being their passionate, informative, and thoughtful perspective. They share a wealth of knowledge from explaining Linux commands through comics, to applying a PhD's worth of knowledge to making DevOps make sense.

        • IBM gives cancer-killing drug AI project to the open source community

          IBM has released three artificial intelligence (AI) projects tailored to take on the challenge of curing cancer to the open-source community.

          At the 18th European Conference on Computational Biology (ECCB) and the 27th Conference on Intelligent Systems for Molecular Biology (ISMB), which will be held in Switzerland later this month, the tech giant will dive into how each of the projects can advance our understanding of cancers and their treatment.

        • IBM Open Sources Cancer-Fighting AI Project

          Now, the company has decided to make all three tools open-source, meaning scientists will be able to use them in their research whenever they please, according to ZDNet. The tools are designed to streamline the cancer drug development process and help scientists stay on top of newly-published research — so, if they prove useful, it could mean more cancer treatments coming through the pipeline more rapidly than before.

        • An OpenShift Administrator’s Guide to Onboarding Applications

          Infrastructure teams managing Red Hat OpenShift often ask me how to effectively onboard applications in production. OpenShift embeds many functionalities in a single product and it is fair to imagine an OpenShift administrator struggling to figure out what sort of conversations his team must have with an application team before successfully running an application on OpenShift.

          In this article, I suggest a few topics that administrators could use to actively engage with fellow application teams for the onboarding process. I have had several conversations with customers on these topics and observed that suggested approach has really helped them. By no means are these topics exhaustive, but they are sufficient to kick start the necessary and relevant conversations. Over time, I expect administrators to have larger conversations with application teams in application onboarding.

        • OpenWhisk Gets Its Apache Software Diploma

          The OpenWhisk open source serverless platform hit graduation status as a Top-Level Project at the Apache Software Foundation. The designation comes as the serverless ecosystem continues its rapid evolution in meeting the production needs of organizations.

          The OpenWhisk project itself was initially born out of IBM, which donated its beta-level code into the Apache Incubator project in late 2016. IBM was using that codebase to support functions running on its IBM Cloud.

        • The browser wars and the birth of JavaScript

          Before anything like an Android device or iPhone existed, desktop computers were the battleground for the browser wars. The battle involved billions of dollars invested by a number of companies, all based on the premise that whoever ruled the desktop browser market would own the internet. Today, mobile devices account for nearly half of all website traffic. Back in the 1990s, however, almost all of the action on the web came from desktop machines, and the vast majority of those desktop machines were running some flavor of Microsoft Windows.

          In the browser world, the first-mover advantage belonged to Netscape Communications Corporation. They built the Netscape Navigator browser that made the web accessible to millions for the first time. Netscape had more than 80% of the market, but they also had no shortage of competition. IBM had a browser for OS/2. Oracle had the Powerbrowser, a Netscape-compatible product that included something called the Database Markup Language. The real danger to Netscape, of course, came from the company that owned more than 80% of the world’s desktops: Microsoft.

          Strategically, Netscape realized that the web needed to move past static web pages to reach its full potential. Even if they were created dynamically by something like a CGI script on the web server, pages didn’t change once they arrived in your browser. If you wanted to see even a slightly modified version of a page, you had to send a request back to the server and wait for a response. For all its sophistication, a web browser felt a lot like a dumb terminal attached to a mainframe. What web developers needed was a programming language that would run in the browser, taking advantage of the processing power of the desktop machine to give users a richer experience.

          [...]

          JavaScript’s dominance was cemented by the emergence of Node.js on the server side. At a minimum, it gave web developers the ability to take their JavaScript skills from the client to the server. Combined with the ability to pass functions as objects (callbacks), Node.js’s event loop popularized a whole new programming model. Suddenly, you could write a web server in just a few lines of code.

          Then, the rise of the Node Package Manager (npm) to manage dependencies meant a very small application could leverage other packages to do really sophisticated things. As a self-serving example, the knative-proxy package in the Coderland Compile Driver needs fewer than 40 lines of code to handle the HTTP POST and OPTIONS verbs. And it took yr author maybe 30 minutes to write.

          JavaScript is a simple, unpretentious language that has its fingers in every corner of your life. Turn off JavaScript in your browser and see how much of the web doesn’t work anymore. (Philosophical arguments as to whether that’s a good or bad thing are left to the reader.) No matter how or where you use the internet, Brendan Eich’s 10-day coding spree is the most important sprint in the history of computing. You don’t have to like JavaScript, but if you make a living developing for the web, you have to learn it.

    • Audiocasts/Shows

      • Episode 75 | This Week in Linux

        On this episode of This Week in Linux, we’ve got a lot of Distro News with the first stable release of EndeavourOS, and we’ve also got new releases from Proxmox, deepin and FerenOS. Dropbox has decided to revert their weird decision of blocking various Linux Filesystems so we’ll talk about that. We’ve got some App News with KDE Connect now being available for macOS and a new release for the Foliate, ebook reader. Later in the show, we’ll cover some Linux Security news regarding a recently found piece of malware targeting the Linux Desktop. Then we’ll round out the show with some Linux Gaming news from Epic Games, Valve, Google Stadia and a new Humble Bundle. All that and much more on Your Weekly Source for Linux GNews!

      • JavaScript's surprising rise from the ashes of the browser wars on Command Line Heroes

        The third season of the Command Line Heroes podcast continues its look at the history of the programming languages we depend on every day. Episode 3, released today, investigates the origin of JavaScript. Here's the unlikely story of how it happened.

      • DevNation Live: Introducing Kogito

        DevNation Live tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about Quarkus, Kogito, and GraalVM from Red Hat’s Mario Fusco, Principal Software Engineer, and Burr Sutter, Chief Developer Evangelist.

        These days rule engines are often overlooked, possibly because people think that they are only useful inside heavyweight enterprise software products. However, this is not necessarily true. Simply put, a rule engine is just a piece of software that allows you to separate domain and business-specific constraints from the main application flow. Drools is the rule engine of Red Hat, and our goal is to make it ready to be used in serverless environments.

      • Protecting The Future Of Python By Hunting Black Swans

        The Python language has seen exponential growth in popularity and usage over the past decade. This has been driven by industry trends such as the rise of data science and the continued growth of complex web applications. It is easy to think that there is no threat to the continued health of Python, its ecosystem, and its community, but there are always outside factors that may pose a threat in the long term. In this episode Russell Keith-Magee reprises his keynote from PyCon US in 2019 and shares his thoughts on potential black swan events and what we can do as engineers and as a community to guard against them.

      • mintCast 313.5 – Desktop Environments
    • Kernel Space

      • What Does It Take to Make a Kernel?

        The kernel this. The kernel that. People often refer to one operating system's kernel or another without truly knowing what it does or how it works or what it takes to make one. What does it take to write a custom (and non-Linux) kernel?

        So, what am I going to do here? In June 2018, I wrote a guide to build a complete Linux distribution from source packages, and in January 2019, I expanded on that guide by adding more packages to the original guide. Now it's time to dive deeper into the custom operating system topic. This article describes how to write your very own kernel from scratch and then boot up into it. Sounds pretty straightforward, right? Now, don't get too excited here. This kernel won't do much of anything. It'll print a few messages onto the screen and then halt the CPU. Sure, you can build on top of it and create something more, but that is not the purpose of this article. My main goal is to provide you, the reader, with a deep understanding of how a kernel is written.

        Once upon a time, in an era long ago, embedded Linux was not really a thing. I kno that sounds a bit crazy, but it's true! If you worked with a microcontroller, you were given (from the vendor) a specification, a design sheet, a manual of all its registers and nothing more. Translation: you had to write your own operating system (kernel included) from scratch. Although this guide assumes the standard generic 32-bit x86 architecture, a lot of it reflects what had to be done back in the day.

      • Darling Progress Report Q2 2019

        James Urquhart's pull requests gave us more stubs for many frameworks including DrawSprocket, AGL, Carbon, CoreServices, and ApplicationServices. Wow, what a list, thank you James! James also fixed a very low level bug where system calls with large numbers of arguments wouldn't work properly for 32-bit applications. Finally, he fixed a problem where Darling was using clock_sleep instead of clock_nanosleep and a bug with the stat system call.

      • Darling Picks Up New Contributors For Its macOS Compatibility Layer On Linux

        Darling is the long-standing (albeit for some years idling) effort to allow macOS binaries to run on Linux that is akin to Wine but focused on an Apple macOS layer rather than Windows. This summer it's been moving along and seeing some new developer contributions.

        The Darling project just published their Q2 highlights with having new contributors onboard and making progress at varying levels of the stack. They have begun stubbing out more frameworks including AGL, Carbon, AddressBook, CoreServices, and ApplicationServices.

      • Audio Component Support Being Worked On For The Radeon & Nouveau Drivers

        Linux sound maintainer Takashi Iwai of SUSE has posted a set of patches implementing HD audio component notifier support for the Radeon and Nouveau DRM kernel drivers.

        Audio component notifier support may not seem like much to get excited about but it allows for more reliable audio hotplug notifications and ELD (EDID Like Data) transfer without accessing the HD audio bus. This yields efficiency benefits and can function without waking up the run-time power management hardware.

      • Linux Foundation

        • The Linux Foundation and LF Networking Announce Full Agenda for Open Networking Summit Europe

          The Linux Foundation, the nonprofit organization enabling mass innovation through open source, and LF Networking (LFN), which facilitates collaboration and operational excellence across open networking projects, today announced the session line-up for Open Networking Summit Europe, taking place September 23-25 in Antwerp, Belgium. The event features cross-industry speakers from AT&T, Bell Canada, Cisco, China Mobile, CNCF, Dell Technologies, Deutsche Telekom, doc.ai, Ericsson, ETSI, Huawei, Intel, Loodse, Nexomo, Nokia, Nutanix, Orange, Red Hat, Supergiant, Swisscom, TATA Communications, Telecom Italia, VMware, Vodafone, Vulk Coop, and more.

          “We are pleased to welcome an impressive line-up of speakers from a diverse roster of organizations to the ONS Europe stage this year, said Arpit Joshipura, General Manager, Networking, Edge & IoT, the Linux Foundation. “Open networking now has touch points all across the industry– from cloud native to 5G to AI, edge, IoT, machine learning and more– and is the place to be for the latest in open network innovation and knowledge-sharing.”

      • Graphics Stack

        • Mesa 19.1.3
          Mesa 19.1.3 is now available.
          
          

          In this release we have:

          Mostly in fixes for ANV and RADV drivers, as well as NIR backend fixes.

          Several of those patches fixe actually crashes with the drivers, and a couple of them fix memory leaks.

          Bas Nieuwenhuizen (3): radv: Handle cmask being disallowed by addrlib. anv: Add android dependencies on android. radv: Only save the descriptor set if we have one.

          Caio Marcelo de Oliveira Filho (2): anv: Fix pool allocator when first alloc needs to grow spirv: Fix stride calculation when lowering Workgroup to offsets

          Chia-I Wu (2): anv: fix VkExternalBufferProperties for unsupported handles anv: fix VkExternalBufferProperties for host allocation

          Connor Abbott (1): nir: Add a helper to determine if an intrinsic can be reordered

          Dave Airlie (1): radv: fix crash in shader tracing.

          Eric Anholt (1): freedreno: Fix assertion failures in context setup in shader-db mode.

          Gert Wollny (1): softpipe: Remove unused static function

          Ian Romanick (4): intel/vec4: Reswizzle VF immediates too nir: Add unit tests for nir_opt_comparison_pre nir: Use nir_src_bit_size instead of alu1->dest.dest.ssa.bit_size mesa: Set minimum possible GLSL version

          Jason Ekstrand (13): nir/instr_set: Expose nir_instrs_equal() nir/loop_analyze: Fix phi-of-identical-alu detection nir: Add more helpers for working with const values nir/loop_analyze: Handle bit sizes correctly in calculate_iterations nir/loop_analyze: Bail if we encounter swizzles anv: Set Stateless Data Port Access MOCS nir/opt_if: Clean up single-src phis in opt_if_loop_terminator nir,intel: Add support for lowering 64-bit nir_opt_extract_* anv: Account for dynamic stencil write disables in the PMA fix nir/regs_to_ssa: Handle regs in phi sources properly nir/loop_analyze: Refactor detection of limit vars nir: Add some helpers for chasing SSA values properly nir/loop_analyze: Properly handle swizzles in loop conditions

          Juan A. Suarez Romero (3): docs: add sha256 checksums for 19.1.2 Update version to 19.1.3 docs: add release notes for 19.1.3

          Lepton Wu (1): virgl: Set meta data for textures from handle.

          Lionel Landwerlin (6): vulkan/overlay: fix command buffer stats vulkan/overlay: fix crash on freeing NULL command buffer anv: fix crash in vkCmdClearAttachments with unused attachment vulkan/wsi: update swapchain status on vkQueuePresent anv: report timestampComputeAndGraphics true anv: fix format mapping for depth/stencil formats

          Marek Olšák (1): radeonsi: don't set READ_ONLY for const_uploader to fix bindless texture hangs

          Samuel Iglesias Gonsálvez (1): anv: fix alphaToCoverage when there is no color attachment

          Samuel Pitoiset (1): radv: fix VGT_GS_MODE if VS uses the primitive ID

          Sergii Romantsov (1): meta: memory leak of CopyPixels usage

          Timothy Arceri (1): mesa: save/restore SSO flag when using ARB_get_program_binary

          Vinson Lee (1): meson: Add dep_thread dependency.

          Yevhenii Kolesnikov (1): meta: leaking of BO with DrawPixels

          git tag: mesa-19.1.3
        • Mesa 19.1.3 Led By Fixes For Intel & Radeon Vulkan Drivers

          If you are sticking to stable versions of Mesa, the Mesa 19.1.3 point release is out today as the latest and greatest version of this collection of open-source graphics drivers.

          Changes for Mesa 19.1.3 are led by the Intel "ANV" and Radeon "RADV" Vulkan drivers. Among those Vulkan driver fixes are taking care of Android dependencies for ANV, external buffer properties fixes for Intel, a crash in shader tracing for RADV, and various other fixes.

        • RADV Lands Binning Support For GFX10/Navi For Faster Vulkan Performance

          The latest change for Mesa 19.2 to better the new Radeon RX 5000 "Navi" series support is binning in the RADV driver.

          Following all the prep work, Bas Nieuwenhuizen flipped on the binning functionality within the RADV Vulkan API driver for GFX10 (Navi).

          With testing Talos Principle as a test scenario for primitive binning, Bas found the frame-rates to improve by about 6%. That's not too surprising and most Vulkan games should see frame-rates improve by about a couple of percent if the Vega primitive binning numbers are any indicator from when that support landed in RADV.

        • Radeon Cauldron 1.0 Released As AMD's New SDK Framework

          Radeon Cauldron 1.0 is AMD's new graphics SDK framework for developing Vulkan and Direct3D 12 demos/prototypes/samples.

          The GPUOpen developers describe this new framework as "like having a simplified game engine that you can learn and modify in little time." Radeon Cauldron makes it easy to load up glTF 2.0 models and to display in either Vulkan or D3D12, flexibility to encompass more graphics features over time, is written using vanilla C++, and has already been used by different teams within AMD.

    • Benchmarks

      • GCC vs. Clang Compiler Benchmarks On POWER9 With Raptor's Blackbird

        While for Intel x86_64 with the latest compilers it's a very competitive race between LLVM Clang and GCC, how is that battle playing out on the IBM POWER9 front? Using the interesting Raptor Blackbird with IBM POWER9 4-core / 16-thread CPU, here are some recent benchmarks I did between GCC 9, GCC 10, and LLVM Clang 8.

        Last month using the Raptor Blackbird with quad-core / sixteen thread IBM POWER9 CPU while running Ubuntu 19.10 ppc64le, I ran compiler tests while using GCC 9.1.0 stable, GCC 10.0 snapshot from mid June, and LLVM Clang 8.0.1 as some reference tests for seeing how these compilers are performing for POWER9. All tested compilers were in their release/optimized builds and various POWER-friendly C/C++ benchmarks were carried out for checking on the performance impact of the different generated binaries.

    • Applications

      • Top 20 Best Instant Messaging Programs For Linux in 2019

        Instant messaging programs allow users to make real-time communication between more than one person at a time. Like other popular platforms, Linux also has a lot of high-quality instant messaging clients for its users. There are different kinds of tools that support single or multiple protocols based on their characteristics. But each of the software is quite similar in a way to communicate with your friends, colleagues, and clients.

      • This Open Source App Lets You Share Files Between PC & Smartphones Easily

        here are a ton of software to share files between phone and PC; however, I have never encountered file-sharing software that is as simple as Share to Computer.

        The open-source app developed by XDA Junior Member, Callmejim, allows you to share images, videos and other files swiftly.

      • RSS Guard 3.5.9

        RSS Guard is a basic (yet ground-breaking) channel peruser. It can bring the most realized channel groups, including RSS/RDF and ATOM. It’s free, it’s open-source. RSS Guard right now bolsters Czech, Dutch, English, French, German, Italian. RSS Guard will never rely upon different administrations – this incorporates online news aggregators like Feedly, The Old Reader, and others.

      • Proprietary

        • BricsCAD Shape is a Free SketchUp Alternative for Ubuntu & Linux Mint

          BricsCAD Shape is a free product from CAD software company Bricsys, who offer a range of full-featured (and pricey) CAD software for Windows, macOS and Linux desktops.

        • WPS Office on Linux is a Free Alternative to Microsoft Office

          If you are looking for a free alternative of Microsoft Office on Linux, WPS Office is one of the best choice. It’s free to use and offers compatibility with MS Office document formats.

          WPS Office is a cross-platform office productivity suite. It is light and fully compatible with Microsoft Office, Google Docs/Sheets/Slide and Adobe PDF.

          For many users, WPS Office feels intuitive and capable enough to meet their needs. It has gained popularity because of its closeness to Microsoft Office, both in terms of looks and compatibility.

        • Dropbox restores Linux support in new client beta

          That decision saw the sync ‘n’ share giant decide not to support “uncommon” filesystems, leaving it happy to work with just NTFS for Windows, HFS+ or APFS for Mac and Ext4 for Linux.

          Developers and Linux users were not happy.

          But their frowns can now turn upside-down, as a support note for the forthcoming Dropbox version 77 client update published today says it will “add support for ZFS (on 64-bit systems only), eCryptFS, XFS(on 64-bit systems only), and Btrfs filesystems in Linux.”

          The post doesn’t explain Dropbox’s reasons for the change, but it’s not hard to guess its reasons.

    • Instructionals/Technical

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kate LSP Status – July 22

          After my series of LSP client posts, I got the question: What does this actually do? And why should I like this or help with it?

          For the basic question: What the heck is the Language Server Protocol (LSP), I think my first post can help. Or, for more details, just head over to the official what/why/… page.

          But easier than to describe why it is nice, I can just show the stuff in action. Below is a video that shows the features that at the moment work with our master branch. It is shown using the build directory of Kate itself.

        • KDE ISO Image Writer – GSoC Phase 2

          The original user interface used KAuth to write the ISO image without having to run the entire application with root privileges. KAuth is a framework that allows to perform privilege elevation on restricted portions of code. In order to run an action with administrator privileges without having to run the entire application as an administrator, an additional binary (KAuth helper) which is included alongside the main application binary will perform the actions that require elevated privileges. This approach allows privileges escalation for specific portions of code without granting elevated privileges for code that does not need them. After integrating the existing KAuth helper into the new user interface, it was able to write ISO images by asking for authorisation when required.

        • Karina Passos: Day 58

          Since the last update, I worked on the Khipu interface and created some models to manage the information on the screen.

      • GNOME Desktop/GTK

        • Srestha Srivastava: Google Summer of Code 2019 Update

          I then checked if we were able to get the script and command line for installing these Operating Systems, we can get the script list for an OS, and then choose one using get_nth(), we also needed installation configuration to generate command line from this script, I used default unattended configuration and printed the generated command line on terminal.

          After having a discussion with my mentor, we split the work further into steps and he created issues for every task on my development branch. First, I created a new class Installer from which the already existing class InstallerMedia will inherit and also the new InstallerTree class which we would need for tree based installations.

          I realised how important it is to write clear commit messages at every step, especially when your code might be read by many other people, I once included a lot of things in one commit, hence, had to undo it and do it in smaller and cleaner commits.

          Until now, GNOME Boxes was performing express installations using ISO of the Operating System, so we would extract the kernel and initrd from the downloaded ISO, we had a helper class ISOExtractor, that would help in extracting the kernel and initrd from an ISO file using the ArchiveReader and ArchiveWriter class, but now for tree based installations, we will need to download the kernel and initrd from a https location, so I have created a TreeExtractor class that takes the help of Downloader class, the same class that we use to download ISOs for an Operating System. Hence, now there is an Extractor class from which TreeExtractor and ISOExtractor class inherit.

    • Distributions

      • Screenshots/Screencasts

        • BlueStar Linux 5.2.1

          Today we are looking at BlueStar Linux 5.2.1. This release of BlueStar is an Arch rolling distro and comes with Linux Kernel 5.2.1 and KDE Plasma 5.16.3 and uses about 700MB of ram when idling.

          Bluestar Linux is a beautiful Arch/KDE distro that works great out of the box and is receiving a lot of love from their very active developer.

        • BlueStar Linux 5.2.1 Run Through

          In this video, we look at BlueStar Linux 5.2.1.

      • Fedora Family

        • Fedora 32 System-Wide Change proposal: x86-64 micro-architecture update
          Fedora currently uses the original K8 micro-architecture (without 3DNow! and other AMD-specific parts) as the baseline....
          
        • Fedora Developers Discuss Raising Base Requirement To AVX2 CPU Support

          An early change being talked about for Fedora 32, due out in the spring of next year, is raising the x86_64 CPU requirements for running Fedora Linux. When initially hearing of this plan, the goal is even more ambitious than I was initially thinking: AVX2.

          A feature proposal for Fedora 32 would raise the x86_64 base-line for their compiler builds to needing AVX2. Advanced Vector Extensions 2 is Intel Sandy Bridge and newer or AMD Jaguar/Bulldozer and newer. This came as quite a surprise even to myself that Fedora is planning to jump straight from their existing AMD K8 baseline to now AVX2-supportive CPUs.

        • Stable docker CE for Fedora 30 are available!

          Do you use docker? If you are using Fedora 30 then I have good news for you. They officially relesed stable docker CE for Fedora 30, yay!

          Most of us have been waiting for stable docker since February, OMG! You can check issue #600 how frustrating most of docker users because we don’t have stable release and unable to use testing or nightly release because of missing containerd.io and forced dev to seek alternatives using old repo (F29) or using Podman as workaround.

        • Outreachy FHP week 7: Pytest, UI enhancements, FAS search

          From Outreachy.org: The theme for this week is “Modifying Expectations”. Outreachy mentors and interns start the internship with a specific set of project goals. However, usually those goals need to be modified, and that’s perfectly fine! Delays to projects happen. Maybe your project turned out to be more complicated than you or your mentor anticipated. Maybe you needed to learn some concepts before you could tackle project tasks. Maybe the community documention wasn’t up-to-date or was wrong. These are all perfectly valid reasons for projects to be a bit behind schedule, as long as you’ve been working full-time on the project. In fact, free and open source contributors have to deal with these kinds of issues all the time. Projects often seem simple until you start working on them. Project timelines are ususally a very optimistic view of what could happen if everything goes exactly as planned. It often doesn’t, but people still make optimistic plans. Modifying your project timeline to set more realistic goals is a skill all contributors need to learn.

          [....]

          I was a beginner in Django when I started working on this project. Earlier I worked on JavaScript-based framework, and switching to Python was a big change for me. So, it was always learning and implementing on my part. Since Django was new to me, I had to learn it fast, at least the core concept. I found some good resources but they were so detailed that at the end of the document, I would have lost interest in some of the topics. Then I found this tutorial, which turned out to be the perfect platform to have an overall grasp of the widely used python framework.

          I learned about containers, their importance and concept of virtualization. How Docker can also be used when we want to deploy an application to an environment. Understood the concept behind it, learned the basic commands and how to deal with multiple Docker containers.

          In the second half of my internship, I improved and wrote tests of the project without having any prior knowledge of the concept at the beginning.

        • Fedora 31 To Ship With Golang 1.13, Limiting Scriplet Usage Still Being Debated

          While debating new CPU requirements for Fedora 32 potentially taking it all the way to AVX2 CPUs as a new base requirement, before that Fedora 31 still needs to get finished up and there is some late feature work happening for this current cycle.

          At Monday's Fedora Engineering and Steering Committee (FESCo) meeting, upgraded the Go programming language stack to Golang 1.13 was approved for Fedora 31.

          Meanwhile defaulting to DNF's "best" mode for Fedora 31 was rejected in not being fond of the different behavior by default and contingent upon what tool a user is using for upgrades.

        • Fedora CoreOS Preview Released

          The Fedora community has released a preview of Fedora CoreOS, a Linux-based operating system designed to run containers.

          Red Hat acquired CoreOS, an open-source company last year and has been integrating CoreOS products and services with its own. CoreOS used to have a distribution with the same name, which was later renamed to Container Linux.

      • Debian Family

        • Deepin 15.11 Released, This is What’s New

          A new version of the Deepin Linux distribution is now available to download — and in this post we give you a quick overview of what’s changed.

          Made by a Chinese company of the same name, Deepin is a high-gloss Linux distro for the desktop. It boasts the bespoke ‘Deepin desktop environment’, a bevy of home-grown apps, and ships with a boatload of visual flair.

          While Deepin is primarily targeted at Chinese-speaking users its slick UI has international appeal, as evidenced by the distro’s increasing popularity on sites like Distrowatch.

          And the latest release looks set to cement that appeal.

        • Molly de Blanc: Free software activities (June 2019)

          I know this is almost a month late, but I am sharing it nonetheless. My June was dominated by my professional and personal life, leaving little time for expansive free software activities. I’ll write a little more in my OSI report for June.

        • Debconf 19 photos

          The main feed for my photos from Debconf 19 in Curitiba, Brazil is currently in my GPhoto album. I will later also sync it to Debconf git share.

      • Canonical/Ubuntu Family

        • Community Snapcrafter on MicroK8s, summits and the evolving nature of snaps

          In January 2018, Dan Llewellyn joined his first Snapcraft Summit in Seattle in his role as a community Snapcrafter. At that event, we discussed his views on everything snap related from most requested snaps, new feature requests and popular discussion topics. Since then, snaps has grown across every metric and seen numerous new high profile snaps enter the store including Microsoft Visual Studio Code, a suite from JetBrains, Opera and more. We took the opportunity at the most recent Snapcraft Summit in Montreal to get Dan’s insider perspective 18 months on.

          “Snaps are reaching ubiquity. People using or building snaps no longer think of themselves as early adopters, but more adhering to the status quo,” Dan observes. There has been a “natural progression” in the growth trajectory that snaps have experienced. Dan believes part of this is driven by developers seeing the likes of Microsoft, Amazon and Google publishing software in the Snap Store. Similarly, Dan has noticed an increase in commercial interest in the format compared to individual developers in the earlier days.

          Dan also suggests two additional factors for the increased adoption. Firstly, the availability in the Ubuntu store with desktop users being served snaps first over other formats. Secondly, the crossover with the Docker container story – users like the throwaway nature. They can do their work, delete and start again with the next build.

          Such trends are evident in the nature of the forum conversation as well with less discussion around how to build snaps and far more around the management of existing snaps. He has also seen less around the automatic update feature which he believes is due to the message resonating and it is now a given. “People are comfortable with the feature and expect automatic updates when originally they may have been sceptical if it would work on a desktop or IoT device,” Dan adds. Talking of IoT, Dan has seen an uplift in topics around the internet of things given the benefits snaps can bring to embedded devices.

        • Ubuntu Weekly Newsletter Issue 588
    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Announcing coreboot 4.10

        The 4.10 release covers commit a2faaa9a2 to commit ae317695e3 There is a pgp signed 4.10 tag in the git repository, and a branch will be created as needed.

        In nearly 8 months since 4.9 we had 198 authors commit 2538 changes to master. Of these, 85 authors made their first commit to coreboot: Welcome!

        Between the releases the tree grew by about 11000 lines of code plus 5000 lines of comments.

      • Coreboot 4.10 Released With New Support For Many Chromebooks & Random Motherboards

        Coreboot 4.10 was released today with some 2,500+ commits over the past eight months for this increasingly popular open-source alternative to proprietary BIOS implementations.

        Coreboot 4.10 offers a lot of changes all over the place but as usual is mostly dominated by new motherboard ports. As is also the usual case for Coreboot, many of the new motherboards are for different Google Chromebook devices from their codenamed Bloog to Mistral devices and more.

      • CMS

        • 10 Best WordPress Popup Plugins of 2019

          Do you often come across websites that have annoying pop-ups? What do you generally do? Well, oftentimes, an annoying pop-up makes us not only close the pop-up but even the website! As a website owner, you must consider what kind of pop-up will attract a website visitor and make him/her subscribe to your email list.

          You might have invested a lot on your website but a basic pop-up can turn off your visitor’s interest in your service. On the other hand, even a dull website with an interesting email subscription popup plugins can successfully increase your conversion rate.

          In this article, we will be discussing the top 10 WordPress Popup Plugin in 2019 which can help you grow your email list exponentially!

      • Pseudo-Open Source (Openwashing)

        • Apache Software Foundation cofounder Jim Jagielski on the evolution of open source

          Jagielski attended and spoke at the first Mid-Atlantic Developer Conference last year, and said he was impressed by the diversity of the crowd across both demographics as well as tech interests. He saw a reflection of the values of the open source community, which encourages everyone to get involved and views all contributions as useful.

      • Funding

        • Ubisoft joins Blender Development Fund

          Today Ubisoft announced that they will join the Blender Foundation’s Development Fund as a corporate Gold member. Not only will Ubisoft help funding online support for Blender developers, Ubisoft Animation Studio – a department of Ubisoft Film and Television – will also use Blender for their productions and assign developers to contribute to Blender’s open source projects.

          Pierrot Jacquet, Head of Production at Ubisoft Animation Studio says “Blender was for us an obvious choice: Its strong and engaged community paired up with the vision carried by the Blender Foundation makes it one of the most creative DCC of the market.”

      • BSD

        • Nginx and acme-client on OpenBSD

          I write this blog post as I spent too much time setting up nginx and SSL on OpenBSD with acme-client, due to nginx being chrooted and not stripping path and not doing it easily.

      • FSF/FSFE/GNU/SFLC

        • GNU Parallel 20190722 ('Ryugu') released

          GNU Parallel 20190722 ('Ryugu') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17.

        • GIMP review

          GIMP (the GNU Image Manipulation Program) is our top pick for the best free photo editor, and comes with a huge array of professional-quality functions for fine-tuning snaps and creating your own artwork from scratch.

          It includes layers, highly customizable brushes, filters and automatic image-enhancement tools, and support for a huge number of plugins (some pre-installed, and others available to download separately).

          Its active community of contributors means it’s in constant development, and any bugs are squished in short order. It all adds up to make a truly remarkable free photo editor that’s superior to many commercial programs.

        • The best free photo editor 2019

          A free photo editor can transform your photos from 'OK' to 'amazing', and we've picked out the very best.

          There are so many programs around it can be hard to know which is the best for you. That's why we've spent hours putting a huge range of photo editors to the test, and picked out the best ones for any level of skill and experience. From powerful software packed with features that give Photoshop a run for its money to simple tools that give your pictures a whole new look with a couple of clicks, there's something for everyone.

          Many free photo editors only offer a very limited selection of tools unless you pay for a subscription, or place a watermark on exported images, but none of the tools here carry any such restrictions. Whichever one you choose, you can be sure that there are no hidden tricks to catch you out.

      • Public Services/Government

        • Spanish Air Force fights obsolescence and insecurity through open source

          Keeping the ICT systems and infrastructures of the Spanish Air Force secure is like fighting a many-headed dragon. So Col. Fernando Acero Martin, Director of Cyber Defence at the Spanish Air Force, told his audience at the OpenExpo Europe conference last month in Madrid. The solution lies in using Linux and other open source software.

      • Openness/Sharing/Collaboration

        • Open Data

          • Lyft releases open source data set for autonomous vehicle development

            In an effort to bolster the development of cars capable of driving themselves around without human supervision, Lyft today released an autonomous vehicle data set that the company is calling the largest of its kind. It’s freely available in the existing nuScenes format, which was initially developed by Aptiv.

            “Autonomous vehicles are expected to dramatically redefine the future of transportation. When fully realized, this technology promises to unlock a myriad of societal, environmental, and economic benefits,” said Lyft. “With this, we aim to empower the community, stimulate further development, and share our insights into future opportunities from the perspective of an advanced industrial autonomous vehicles program.”

      • Programming/Development

        • Excellent Free Books to Learn Java

          Java is a general-purpose, concurrent, class-based, object-oriented, high-level programming language and computing platform first released by Sun Microsystems in 1995. It is related in some ways to C and C++, in particular with regard to its syntax, and borrows a few ideas from other languages. Java applications are compiled to bytecode that can run on any Java virtual machine (JVM) regardless of computer architecture.

          Java is designed to be simple enough that many programmers can quickly become proficient in the language. It’s one of the most popular programming languages especially for client-server web applications.

        • GFX-RS Portability 0.7 Released With Vulkan Events, Binding Model Improvements

          The GFX-RS high performance graphics API for the Rust programming language and based on Vulkan while mapping to Metal when on Apple systems is out with a new release.

          GFX-RS continues to be about being a cross-platform API for Rust that is bindless and high performance while retaining the traits of Vulkan but with back-ends as well for Direct3D 11/12, Metal, and even OpenGL 2 / GLES2.

        • Use the Requests module to directly retrieve the market data

          Hello and welcome back to our cryptocurrency project. In the previous article I had mentioned before that I want to use the cryptocompy module to create our new cryptocurrency project, however, after a closer look at the CriptoCompare API I think we have better used the original API to make the rest call instead of using the wrapper module because the original API seems to provide more returned data type than the one offered by the cryptocompy module.

        • Eli Bendersky: Faster XML stream processing in Go

          XML processing was all the rage 15 years ago; while it's less prominent these days, it's still an important task in some application domains. In this post I'm going to compare the speed of stream-processing huge XML files in Go, Python and C and finish up with a new, minimal module that uses C to accelerate this task for Go. All the code shown throughout this post is available in this Github repository the new Go module is here.

        • How to Use Binder and Python for Repoducible Research

          In this post we will learn how to create a binder so that our data analysis, for instance, can be fully reproduced by other researchers. That is, in this post we will learn how to use binder for reproducible research.

          In previous posts, we have learned how to carry out data analysis (e.g., ANOVA) and visualization (e.g., Raincloud plots) using Python. The code we have used have been uploaded in the forms of Jupyter Notebooks.

        • Wingware Blog: Introducing Functions and Methods with Refactoring in Wing Pro

          In this issue of Wing Tips we explain how to quickly create new functions and methods out of existing blocks of Python code, using Wing Pro's Extract Method/Function refactoring operation.

          This is useful whenever you have some existing code that you want to reuse in other places, or in cases where code gets out of hand and needs to be split up to make it more readable, testable, and maintainable.

          Wing supports extracting functions and methods for any selected code, so long as that code does not contain return or yield statements. In that case automatic extraction is not possible, since Wing cannot determine how the extracted function should be called from or interact with the original code.

        • How to Use Binder and Python for Reproducible Research

          In this post we will learn how to create a binder so that our data analysis, for instance, can be fully reproduced by other researchers. That is, in this post we will learn how to use binder for reproducible research.

          In previous posts, we have learned how to carry out data analysis (e.g., ANOVA) and visualization (e.g., Raincloud plots) using Python. The code we have used have been uploaded in the forms of Jupyter Notebooks.

          Although this is great, we also need to make sure that we share our computational environment so our code can be re-run and produce the same output. That is, to have a fully reproducible example, we need a way to capture the different versions of the Python packages we’re using.

        • NumPy arange(): How to Use np.arange()

          NumPy is the fundamental Python library for numerical computing. Its most important type is an array type called ndarray. NumPy offers a lot of array creation routines for different circumstances. arange() is one such function based on numerical ranges. It’s often referred to as np.arange() because np is a widely used abbreviation for NumPy.

          Creating NumPy arrays is important when you’re working with other Python libraries that rely on them, like SciPy, Pandas, Matplotlib, scikit-learn, and more. NumPy is suitable for creating and working with arrays because it offers useful routines, enables performance boosts, and allows you to write concise code.

        • Cogito, Ergo Sumana: Beautiful Soup is on Tidelift

          I've been doing a tiny bit of consulting for Tidelift for a little over a year now, mainly talking about them to open source maintainers in the Python world and vice versa. (See my October 2018 piece "Tidelift Is Paying Maintainers And, Potentially, Fixing the Economics of an Industry".) And lo, in my household, my spouse Leonard Richardson has signed up as a lifter for Beautiful Soup, his library that helps you with screen-scraping projects.

        • Chris Moffitt: Automated Report Generation with Papermill: Part 1

          This guest post that walks through a great example of using python to automate a report generating process. I think PB Python readers will enjoy learning from this real world example using python, jupyter notebooks, papermill and several other tools.

        • Cryptocurrency user interface set up

          As mentioned above, in this article we will start to create the user interface of our latest cryptocurrency project. Along the path we will also use the CryptoCompare API to retrieve data.

        • Python Snippet 2: Quick Sequence Reversal
        • 10x Evilgineers | Coder Radio 367

          Mike rekindles his youthful love affair with Emacs and we debate what makes a "10x engineer".

          Plus the latest Play store revolt and some of your feedback.

        • Stack Abuse: Python for NLP: Word Embeddings for Deep Learning in Keras

          This is the 16th article in my series of articles on Python for NLP. In my previous article I explained how N-Grams technique can be used to develop a simple automatic text filler in Python. N-Gram model is basically a way to convert text data into numeric form so that it can be used by statisitcal algorithms.

          Before N-Grams, I explained the bag of words and TF-IDF approaches, which can also be used to generate numeric feature vectors from text data. Till now we have been using machine learning appraoches to perform different NLP tasks such as text classification, topic modeling, sentimental analysis, text summarization, etc. In this article we will start our discussion about deep learning techniques for NLP.

          Deep learning approaches consist of different types of densely connected neural networks. These approaches have been proven efficient to solve several complex tasks such as self-driving cars, image generation, image segmentation, etc. Deep learning approaches have also been proven quite efficient for NLP tasks.

          In this article, we will study word embeddings for NLP tasks that involve deep learning. We will see how word embeddings can be used to perform simple classification task using deep neural network in Python's Keras Library.

        • Python with JSON Files

          With the growth and evolution of challenges in computer science, Python continues to rise as the primarily sought-after programming skill to solve data science problems.

        • Logging in Python

          Logging is a very useful tool in a programmer’s toolbox. It can help you develop a better understanding of the flow of a program and discover scenarios that you might not even have thought of while developing.

          Logs provide developers with an extra set of eyes that are constantly looking at the flow that an application is going through. They can store information, like which user or IP accessed the application. If an error occurs, then they can provide more insights than a stack trace by telling you what the state of the program was before it arrived at the line of code where the error occurred.

        • Let’s Build A Simple Interpreter. Part 16: Recognizing Procedure Calls

          Today we’re going to extend our interpreter to recognize procedure calls. I hope by now you’ve flexed your coding muscles and are ready to tackle this step. This is a necessary step for us before we can learn how to execute procedure calls, which will be a topic that we will cover in great detail in future articles.

          The goal for today is to make sure that when our interpreter reads a program with a procedure call, the parser constructs an Abstract Syntax Tree (AST) with a new tree node for the procedure call, and the semantic analyzer and the interpreter don’t throw any errors when walking the AST.

        • Playing Tic Tac Toe using Reinforcement Learning

          I have always been fascinated by the amazing work done by OpenAI. The one that stood out to me was a AI bot that could play the massively popular game - Dota 2. Dota 2 used to be the escape from the real world for me and my friends while I was in high school. This inspired me to learn more about the field of RL. I wanted to start small so I started with Tic Tac Toe.

        • Python zip function tutorial (Simple Examples)

          The zip() function in Python programming is a built-in standard function that takes multiple iterables or containers as parameters. An iterable in Python is an object that can be iterated or stepped through like a collection.

          The zip() function is used to map the same indexes of more than one iterable. Mapping these indexes will generate a zip object.

        • GCC 10 Compiler Picks Up New Scheduler Model & Cost Tables For AMD Zen 2 Processors

          While AMD developers published their "Znver2" compiler patches for Zen 2 originally back in November, months ahead of the recent Ryzen 3000 series launch, this compiler support was incomplete as it re-used the existing scheduler model and costs table of Znver1. Now though one of SUSE's compiler experts who often works in cooperation with AMD has published the new Znver2 scheduler model and costs table for Zen 2.

          The updated costs table better reflects the "costs" of moving and loading various registers and different instructions compared to Znver1 so the compiler can make wiser decisions for the most efficient usage. With these updated costs to reflect faster multiplication and 256 vector paths, there is better GNU C Library performance in particular and SUSE developer Jan Hubicka noted that the memory copy performance "wins" even for small blocks.

        • PyCoder’s Weekly: Issue #378 (July 23, 2019)
  • Leftovers

    • Science

      • 'Eureka': Canadian helps restore audio from Apollo 11 mission control

        But both the mission control room itself and recordings of the voices were almost lost, until a NASA legend and a Canadian software engineer intervened.

      • Trump administration's 'scientific oppression' threatens US safety and innovation

        Thankfully, journalists have managed to uncover hard evidence that this abuse of science is happening. Last month, a Politico investigation revealed that the political leadership at the U.S. Department of Agriculture was refusing to publicize dozens of scientific reports on the effects of climate change. Months earlier, news coverage revealed that the same political figures had been demanding that agency scientists tag their credible, peer-reviewed research as “preliminary” until USDA decided to “formally disseminated” it.

        Let’s be clear: Under any administration, scientific integrity is a concern and needs to be protected. Over the past two years, the Trump administration has built a disturbing pattern of scientific oppression that brings a new urgency to this issue. Federal scientists have been prohibited from speaking about climate change in public or at scientific conferences. Climate data has been scrubbed from many U.S. government websites. Policy analysts at the Centers for Disease Control and Prevention were banned from using the words “evidence-based” and “science-based” in budget documents, according to an unidentified analyst quoted by The Washington Post. The Trump administration falsified scientific claims to justify restricting birth control access.

      • India's moon mission blasts off after delay

        India's space agency has launched its second lunar mission, a week after an earlier effort had to be called off. Scientists hope to make a soft landing on the moon's unexplored south pole.

    • Hardware

    • Health/Nutrition

      • Study Shows The Effect Petting Your Dog or Cat Has on Stress Levels

        Touch is one of the most powerful ways to bond with your animal and it doesn't take much scratching or stroking to see the difference. One study found that cortisol levels were significantly decreased after 15 and 30 minutes of an owner stroking, petting and talking with their labrador.

        While another study from 2017 found that a 15-minute pet therapy session almost immediately reduces a student's psychological stress and their blood pressure.

      • Air Pollution Kills

        In recent years I have substantially increased my estimate of the deadly nature of air pollution. It’s not that I had a contrary opinion earlier but the number and range of studies showing surprisingly large effects has raised this issue in relative importance in my mind. I would not have guessed, for example, that the introduction of EZ Pass could reduce pollution near toll booths enough to reduce the number of premature and low birth weight babies. I also find the following result hard to believe yet also hard to dismiss given the the accumulating body of evidence. Diane Alexander and Hannes Schwandt find that Volkswagen’s cheating diesel cars increased the number of low birth weight babies and asthma rates.

      • Millions should stop taking aspirin for heart health

        Millions of people who take aspirin to prevent a heart attack may need to rethink the pill-popping, Harvard researchers reported Monday.

        A daily low-dose aspirin is recommended for people who have already had a heart attack or stroke and for those diagnosed with heart disease.

        But for the otherwise healthy, that advice has been overturned. Guidelines released this year ruled out routine aspirin use for many older adults who don’t already have heart disease — and said it’s only for certain younger people under doctor’s orders.

    • Security (Confidentiality/Integrity/Availability)

      • The Growing Threat of Targeted Ransomware [iophk: Windows TCO]

        The two primary differences between targeted attacks and the early versions of spray-and-pray ransomware attacks is the size of ransom demanded and the technical expertise of the hackers. Symantec has analyzed six stages of a targeted attack: initial (typically involving PowerShell); lateral movement (typically with Mimikatz and/or Putty); stealth and countermeasures (with signed malware and disabled security software); ransomware spreading (typically through batch files and PS Exec); triggering the encryption; and finally the ransom demand.

        In January 2017 there were just two targeted attacks per month. By May 2019 this had risen to more than 50 per month, with the sharpest increasing occurring in 2019. There have already been at least two and probably three new targeted attack groups discovered. The pace of targeted attacks is clearly increasing, and it looks like it will continue to increase. Targeted ransomware attacks have evolved into one of the biggest cyber threats to business today.

      • Quest’s KACE SDA 7.0 automates large-scale system deployment and simplifies migrations

        The newest release of KACE SMA also supports new OS versions such as macOS 10.14, Windows 10 Fall 2018 Update, SUSE 15, and Fedora 28 and OpenSUSE 15 (both agentless only).

      • ESET unveils new version of File Security for Linux

        ESET File Security for Linux provides advanced protection to organisations’ general servers, network file storage and multipurpose servers. The software ensures the servers are stable and conflict-free in order to preserve system resources for vital tasks and avoid disrupting business continuity.

        As the use of Linux servers increases in popularity with organisations, it is vital that all users and their businesses remain protected against the latest threats.

      • Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe' [Ed: Troll site "BleepingComputer" is blaming on "Linux" unpatched applications; that's like blaming Windows for Adobe PhotoShop (with holes in it) because it can run on Windows]

        The newest variant spotted by Intezer Labs' researcher polarply on VirusTotal uses a malicious payload designed to exploit the 12-day old Jira template injection vulnerability tracked as CVE-2019-11581 that leads to remote code execution.

      • Security updates for Tuesday

        Security updates have been issued by Debian (libsdl2-image and libxslt), Oracle (java-1.8.0-openjdk and java-11-openjdk), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), SUSE (bzip2, microcode_ctl, and ucode-intel), and Ubuntu (clamav, evince, linux-hwe, linux-gcp, linux-snapdragon, and squid3).

      • Dodgy vids can hijack PCs via VLC security flaw, US, Germany warn. Software's makers not app-y with that claim

        In a bug-tracking ticket discussing CVE-2019-13615, VideoLAN lead developer Jean-Baptiste Kempf noted that he was unable to recreate the crash using a proof-of-concept .MP4 video, provided by a security researcher four weeks ago, that's supposed to knacker the latest version of VLC, 3.0.7.1. Nor was he able to crash the older 3.0.6 and work-in-progress releases, such as 3.0.8, he reported.

        "This does not crash a normal release of VLC 3.0.7.1," added Kempf. "Sorry, but this bug is not reproducible and does not crash VLC at all."

        VLC developer Francois Cartegnie was more blunt earlier today: "If you land on this ticket through a news article claiming a critical flaw in VLC, I suggest you to read the above comment first and reconsider your (fake) news sources."

      • Remote code execution vulnerability in VLC remains unpatched [Ed: If in order to exploit VLC you need to trick users into playing (rendering) particular rogue videos, then that's almost as "severe" as malware users need to install on a system in order for it to cause damage. The real news in the whole VLC story is that the German Computer Emergency Response Team (CERT-Bund) is inept at classifying security bugs. Has CERT-Bund classified Windows as malware and banned its use (yet)?]

        VLC is rapidly working on a fix. According to the non-profit's bug tracker, the vulnerability has been issued the "highest" priority for a patch and the tracker appears to suggest a fix is 60 percent complete, according to a developer who posted an update two days ago.

      • Our Linux Sister Linuxsecurity.com are Celebrating their 20th Anniversary by Launching a New Website

        LinuxSecurity.com is the community’s central source for information on Linux and open source security. They follow the open source trends as they affect the community. Also they produce content that appeals to administrators, developers, home users, and security professionals.

        Having created a site that satisfies the needs of both IT professionals – including engineers, programmers, designers and system administrators – and those individuals seeking to learn more about security and open source, LinuxSecurity.com has grown to encompass not only their website but also two leading industry email newsletters, Linux Security Newsletter and Security Advisories Weekly.

      • ProFTPD Vulnerability Lets Users Copy Files Without Permission [Ed: Troll site BleepingComputer changed headline from "ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers" to "ProFTPD Vulnerability Lets Users Copy Files Without Permission" (under rare conditions) because that's too much FUD even by its own standards?]

        Under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks after successful exploitation of an arbitrary file copy vulnerability in the mod_copy module.

        ProFTPd is an open-source and cross-platform FTP server with support for most UNIX-like systems and Windows, and one of the most popular ones targeting the UNIX-based platforms along with Pure-FTPd and vsftpd.

    • Defence/Aggression

      • Trump Does an About-Face on Pakistan—and Blunders Into the Kashmir Dispute [iophk: dementia]

        “It’s an embarrassment to have a foreign government have to publicly fact-check the U.S. president within the span of [about] an hour,” said Alyssa Ayres, a former U.S. diplomat and scholar on India and Pakistan at the Council on Foreign Relations. (Rep. Brad Sherman, the California Democrat, wrote on Twitter that he had attempted to clean up the mess made by Trump by apologizing to India’s ambassador to the United States.)

      • Assyrians Call on US Army to Stop Possible Turkish Invasion in Northeast Syria

        The Turkish army recently started to remove a wall between Turkey and northern Syria and amassed forces near Tal Abyad.

        "It clearly aims to invade Northern Syria," the Syriac Military Council said in a statement.

      • 5 Historical Tragedies That Were Even Darker Than You Think
      • Saudi-led alliance launches airstrikes on Yemen's rebel capital

        The conflict has killed tens of thousands of people, many of whom are civilians, aid agencies say. Some 3.3 million people have been forced from their homes.

      • Western Media Losing Enthusiasm for Failing Coup in Venezuela

        When previously unknown Venezuelan opposition politician Juan Guaído stood up in an East Caracas plaza and declared himself “interim president” of the South American country, Western corporate media were ebullient.

        In those heady early days, corporate journalists could scarcely conceal their love affair with the 35-year-old politician, whom they likened to Barack Obama (CNN, 2/7/19) and described as a “freedom fighter” (Fox Business, 1/29/19) and Venezuela’s “only democratically elected figure” (MSNBC, 1/24/19), who had “captured the heart of the nation” (New York Times, 3/4/19).

        Nearly six months later, with Guaído no closer to ousting Venezuela’s elected president, Nicolás Maduro, from Miraflores Presidential Palace, the enthusiasm has dampened. Now that the honeymoon is over, it would appear that corporate journalists have been compelled to reckon with some uncomfortable truths about Guaído, US sanctions and the coup they had been vigorously endorsing.

    • Transparency/Investigative Reporting

      • The Lie Factory—CNN—Is Collapsing. Thank God.

        CNN abandoned journalism and became a propaganda ministry for the Democratic National Committee and the corrupt upper echelons of the CIA and FBI. After three years of telling the most outrageous lies ever associated with an alleged news organization in an alleged democracy, CNN’s viewership collapsed. CNN turned propaganda ministry saw its primetime viewers shrink by 40%. Even insouciant Americans could see that CNN was nothing but a lie factory.

      • Oversight Report: World's Most Powerful Spy Agency Is An Insecure Mess That Can't Keep Tabs On Its Own Employees

        The NSA's Inspector General has released its biannual report on its recent investigations. This report is delivered to its Congressional oversight which, let's face it, is generally uninterested in ensuring the Constitutionality of the agency's surveillance programs. Nevertheless, here it is [PDF].

        Included are things we know… like the agency's inability to collect phone records correctly under the constraints imposed by the USA Freedom Act. The assumption was leaving the phone records in the control of telcos would reduce overcollection. The NSA proved us wrong. It led to more overcollection, rather than less, leading the NSA to conclude it was better off without this program.

        Overcollection had never been considered a problem before, but perhaps the NSA felt there was only so much massive piles of unrelated data could tell it. It decided to can the phone records collection. But, unless Congress decides to codify this voluntary move, it could decide to start overcollecting again.

        What is new is the NSA's inability to surveil itself. It has eyes and ears around the world (five at least!) but it can't seem to keep an eye on its own employees. There's a huge disconnect between the agency's surveillance powers and its ability to keep tabs on the staff. It would seem NSA staff would be about the smallest surveillance subset possible, but here we are.

        We noticed this inadvertent irony several years ago. The NSA has the power to collect email metadata and content in bulk, but when it comes to responding to FOIA requests, it claims it simply doesn't have the skill set to search internal emails efficiently or accurately. The agency's massive budget apparently all goes to outbound searches. Asking it to find stuff its own employees discussed via email results in a shrug and mumbling about "archaic systems."

    • Environment

      • Green Party backs UCU's climate strike call

        The Green Party has expressed its support for the University and College Union (UCU) motion to the Trade Union Congress (TUC) annual conference calling on affiliated unions, student unions at colleges and universities and politicians and community groups, to support the call for a 30-minute workday stoppage in solidarity with the global school student strike on 20 September.(1)

      • Acid oceans may trigger mass extinction

        Catastrophically widespread die-offs of many creatures could be inevitable if human activities continue to lead to more acid oceans, a new study suggests.

        Mass extinction may not be an enduring mystery. Instead, it may be an intrinsic property of the carbon cycle. Once levels of dissolved carbon dioxide in the oceans reach a certain threshold, life undergoes dramatic and catastrophic change.

        If a US mathematician is right – and his argument is based on statistical reasoning and the evidence in the marine sediments – then once the seas become too acidic for marine organisms to form carbonate shells, a cascade of extinction begins.

        And, he warns, the “unusually strong but geologically brief duration” of manmade carbon dioxide increase in the oceans can be matched with slow but devastating extinctions in the past.

      • Halliburton Cuts 8% of North American Jobs in Frack Slowdown

        Industry consultant Rystad Energy estimated in February that Halliburton and its competitors would have a year-end supply of 24.4 million horsepower for fracking, but would face demand of just 14.5 million this year. Shale producers have cut spending as investors pressure the companies to return cash to shareholders after the worse oil-price crash in a generation five years ago.

      • Sea of sludge: toxic algae swamps Brittany’s beaches

        A favourite of summer holidaymakers, the bay of Saint-Brieuc in northwest France has been swamped by tonnes of toxic green algae, dealing a blow to a region that hoped to have put the noxious – and potentially lethal – scourge behind it.

      • More Than 28,000 Species Are Now Officially Threatened, But It's Just The Beginning

        While recent headline-grabbing estimates put as many as 1 million species facing extinction, these were based on approximations, whereas the IUCN uses rigorous criteria to assess each species, creating the world-standard guide to biodiversity extinction risk.

        In this update, 105,732 species were ranked from least concern (little to no risk of extinction), to critically endangered (an extremely high risk of extinction) and extinct (the last individual of a species has expired).

        This Red List update doesn't hold a lot of good news. It takes the total number of threatened species to 28,338 (or 27 percent of those assessed) and logs the extinction of 873 species since the year 1500.

      • Cigarette Butts Are a Huge Trash Issue, And Now We Know They're Harming Plant Growth

        The study led by Anglia Ruskin University in Cambridge, England found that a cigarette butt can cut down the germination, or development, of plants, adding to concerns about discarded cigarette remnants as an under-acknowledged, but widespread, pollutant.

        Cigarette butts cut down the germination success of grass by 10 percent and clover by 27 percent, and the shoot length by 13 percent and 28 percent, respectively, according to the study, which was published in the journal Ecotoxicology and Environmental Safety.

        Though plastic straws have dominated conversations for those looking to cut down on pollutants, cigarette butts are the most pervasive human-made contaminant.

      • Cigarette butts in soil hamper plant growth, study suggests

        An estimated 4.5 trillion butts are littered globally each year making them the planet's most pervasive form of plastic pollution, the study said.

        Most cigarette butts contain a filter made of cellulose acetate fibre, a type of a bioplastic.

        But researchers found filters from un-smoked cigarettes had almost the same effect on plant growth as used filters, indicating that the damage to plants is caused by the filter itself, even without the additional toxins released from the burning of the tobacco.

      • Does Extinction Rebellion Have the Solution to the Climate Crisis?

        The disconcerting thing about such radicalism, at this moment, is that it is the activists—rather than the state or law enforcement—who have the facts on their side. One of Extinction Rebellion’s favored tactics is to quote the first line of the executive summary of the 2018 report of the U.N.’s Intergovernmental Panel on Climate Change: “Limiting global warming to 1.5€°C would require rapid, far-reaching and unprecedented changes in all aspects of society.” On the day I visited, a study commissioned by the Royal Society for the Encouragement of Arts, Manufactures and Commerce, a research organization which dates back to 1754, set a deadline of 2030 to fundamentally redesign British agriculture to withstand the climate crisis and worrying trends in public health. “What we eat, and how we produce it, is damaging people and the planet,” the report said. “This is not some dystopian future; this is happening here and now, on our watch.”

      • Germany's forests on the verge of collapse, experts report

        Germany’s parched forests are nearing ecological collapse, foresters and researchers warn. More than 1 million established trees have died since 2018 as a result of drought, winter storms and bark beetle plagues.

      • EU sets up fleet to combat forest fires [iophk: ineffective, expensive political posturing]

        Several European countries have been hit by forest fires over the past two years, in which more than 300 people have died. The EU is building up a fleet of fire-fighting aircraft which it hopes will prevent more fires.

      • [Old] Water bombers a waste of money for preventing catastrophic bushfires says veteran fire researcher

        But Bushfire Front WA chairman Roger Underwood said water bombers made little difference to bushfires of the scale and intensity that struck the state this summer.

        "The thing that's disturbed me are the calls for the WA Government to start investing in more and bigger water bombers," he said.

        "You may as well take an aeroplane load full of dollars, fly up over the flames, and let them loose.

        "It's money being wasted."

      • Wildlife/Nature

        • Possible Monkey Extinction Highlights the Risk to Africa’s Most Endangered Primate Group

          Does a rare monkey still roam what’s left of the forests of Côte d’Ivoire?

          “We haven’t given up on it,” says Russ Mittermeier, referring to the delightfully named Miss Waldron’s red colobus (Piliocolobus waldronae), a species that hasn’t officially been seen in more than four decades due to pressures from hunting and deforestation. “We’re still carrying out surveys in the hopes of finding it. I mean, it’s down to the last individuals if there are any still left, but we’re not ready to declare it extinct yet.”

          The last time a primatologist saw the Miss Waldron’s was back in 1978. Conservationists did consider the species extinct for a short period, but that changed after a hunter turned up with a recently killed monkey in 2002. After that some colobus calls were reportedly heard in 2008, but the creatures haven’t been seen or heard from since.

          As a result of this lack of sightings, the International Union for Conservation of Nature last week took the rare step of listing the species as “critically endangered (possibly extinct).”

          And unfortunately, other red colobus species could soon join it.

    • Finance

      • Many Shortfalls Of Wage Theft Enforcement For Migrant Workers

        Electricians Claudia Golinelli and her husband Alex, an undocumented couple from El Salvador, worked on the construction of an Aldi supermarket in Roanoke, Texas in 2014.

        Their employer refused to pay them for three months until the work was finished, leaving them with around $11,000 in unpaid wages.

        Shadowproof withheld the identity of the employer to protect the workers from being sued and because they are still waiting to be paid.

        “On February 26, 2014, he called and said he was going to pay my husband and I everything we were owed,” Claudia Golinelli shared. The couple agreed to meet the employer at the supermarket, since they missed three mortgage payments and were at risk of losing their home.

        Instead of meeting, the employer called the police and accused the couple of stealing supplies from the supermarket to avoid paying the wages.

        “They didn’t consider I have two children and an elderly mother to take care of, and he wanted us to go to jail,” Golinelli added.

        Three witnesses at the scene were able to testify to police the couple was not stealing, and neither the couple nor the employer were charged with any crimes. But years later, Golinelli said they are still owed around $10,000 in unpaid wages from the incident and Golinelli claimed the employer has continued to take advantage of undocumented contracted workers.

        The employer “reported to the IRS we were paid the full wages,” according to Golinelli.

    • AstroTurf/Lobbying/Politics

      • 'Very substantial evidence' Trump is 'guilty of high crimes and misdemeanors,' House Judiciary Chair says

        House Judiciary Chairman Jerry Nadler on Sunday said Robert Mueller's report presents "very substantial evidence" that President Donald Trump is "guilty of high crimes and misdemeanors" -- an impeachable offense.

      • When the Lion Wakes: The Global Threat of the Chinese Communist Party

        So what kind of world can we expect to live in, once the CCP is in control? We might get some idea from the social credit system that Jaushieh Joseph Wu mentioned. An increasing number of Chinese citizen—by 2020 it will be all citizens—are subject to a rating system whereby their behaviour dictates their score, somewhat like a malevolent version of the 2016 Black Mirror episode “Nosedive.” The Party monitors individual behaviour through extensive surveillance, both on and offline. All manner of innocuous activity can drive down an individual’s score—even playing video games. When a declining score passes a certain threshold then travel plans and bank loans are blocked. Citizens with low social credit scores were prevented from buying airline tickets 17.5 million times in 2018. Those with the lowest scores simply vanish into the labyrinth of the Communist Party’s internal security system. We might imagine that no similar arrangement could ever be put into place outside China, but unfortunately the evidence suggests that the Party is already quietly setting it up.

        The China-Pakistan Economic Corridor Project has provided the perfect cover for the Chinese authorities to introduce their own video surveillance system to most of Pakistan’s major cities. [...]

      • ‘White Men Have No Electability Advantage’ - CounterSpin interview with Brenda Choresi Carter on the electability myth

        “‘Electability’ Is the Most Important, Least Understood Word in the 2020 Race,” was the headline on a recent NBC News piece. That electability is important in an election sounds tautological. But NBC is, of course, getting at the fact that Democrats, for example, when asked by pollsters who they would like to see in office, will often give a different answer than to the question of who they will vote for—the difference based on some ill-defined calculations about who their neighbors might vote for, or who media are telling them stands a chance.

        But what are those things based on? And, more to the point, if we continue to define who’s electable based on who has been elected—ahem, white men—how will change ever happen?

        The Reflective Democracy Campaign is an effort to illuminate questions of the demographics of political power, and to disrupt them. Their latest report is called The Electability Myth. Brenda Choresi Carter directs the Reflective Democracy Campaign. She joins us now by phone from Washington, DC. Welcome to CounterSpin, Brenda Choresi Carter.

      • Boris Johnson as PM - Green Party co-leader says 'don't despair, do politics'

        “I know many people today will be deeply worried and incredibly frustrated at the failures of our antiquated, undemocratic political system that have led us to this point.

        “They are right to feel all of those things.

        “But if we channel that frustration into a renewed focus on our determination to stop Brexit, our work listening and acting on the concerns of citizens across the country who have been damaged and sidelined by austerity, and our demands for action on the climate emergency, we can renew the UK.

        "Boris Johnson is at the political extreme, a great distance from what the majority of British people want. That position is going to produce a strong reaction, a greatly strengthened demand for political change."

      • Mother Jones Is Failing Its Namesake

        Kevin Drum, a political columnist for Mother Jones, wrote in a blog post (6/26/19) last month that he did not understand why workers do not want their employer to work with the government agencies carrying out President Donald Trump’s brutal immigration policies, particularly Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP). When workers at home goods website Wayfair staged a walkout because their company was supplying bunk beds and mattresses for a child detention camp in Texas, Drum could not fathom their insubordination.

    • Censorship/Free Speech

      • Pakistan ruling party’s tweets spark fresh censorship concerns [iophk: tweets in place of official channels of communication :( ]

        On July 16, the official Twitter handle of the ruling Pakistan Tehreek-e-Insaf (PTI) sparked off a fresh debate on censorship under the present regime when it sent out a dozen tweets on media ethics, using the hashtag #JournalismNotAgenda.

        The content of the tweets confirmed that PTI’s media managers have a murky understanding of state, citizenship, media and the complementary way they function in a democracy, said political analyst Salman Zaidi, speaking to The Hindu. “Whether or not these tweets represent the Prime Minister’s views... the PM is not known to rein in federal Ministers when they behave like trolls,” he said.

        Pointing out that many of the statements tweeted invoked “defence and security”, Mr. Zaidi said that with an increased securitisation of the public sector apparatus, fundamental freedoms were being defined in terms of security.

      • More responsibility to online platforms – but at what cost?

        In the European Commission’s internal note published by Netzpolitik.org on 16 July 2019, the Commission presents current problems around the regulation of digital services and proposes a revision of the current E-Commerce Directive. Such a revision would have a huge impact on fundamental rights and freedoms. This is why it’s crucial for the EU to get it right this time.

        From a fundamental rights perspective, the internal note contains a few good proposals, a number of bad ones, and one pretty ugly.

      • Pakistani broadcaster Geo News blocked amid prime minister's visit to Washington

        Pakistan's most popular news channel, the privately owned Geo News broadcaster, has been forced off the air or had its channel number abruptly changed in many parts of the country, according to reports on social media and the broadcaster's managing director, Azhar Abbas, who spoke to CPJ via messaging app.

        The blockage began yesterday, hours before Prime Minister Imran Khan arrived in Washington, D.C., for an official visit, according to Abbas, who told CPJ that the channel was blocked without any notice or explanation from the country's media regulator, government, or military.

      • For All Of Trump's Complaints About Social Media 'Censorship', The White House Itself Moderates Content Similarly To Social Media Sites

        As you may have heard, a couple weeks ago, President Trump hosted what he called a "social media summit," where he brought in various Trump-supporting social media people, and where they all got to whine about the completely made up concept of anti-conservative censorship on social media sites (and, because I know the same three of you are going to show up in the comments and scream your heads off that I'm being blind to such censorship: you have yet to show any actual evidence to support your claims -- and, no, a few anecdotes of trolls, assholes, revisionists and propagandists being blocked does not actually prove your point). Trump gave a long speech at that event, most of which made literally no sense. However, he seemed pretty damn sure that social media sites are censoring conservatives.

      • Dear AHL: Get Your App Shit Together Because You're Freaking Us Out

        There are many, many ways for big companies' attempts to use social media or smart apps to go horribly wrong. Usually these happenings involve either hacked into accounts repurposed for lulz, rogue employees having a bit too much to drink on beer Friday and then going off, or companies doing something stupid and then blaming either of the previous for it.

        And then there's the American Hockey League's mobile app, which for some reason alerted users that Stewart Zimmel apparently both owes someone $6k and threatens to punch people in the throat.

        [...]

        The AHL has since gotten its app back under control, meaning that it is no longer sending users screenshots of threats of violence... so that's good. On the other hand, it really shouldn't be that hard to keep this kind of stuff from happening. And if you're going to launch an app that can push notifications to the public's phones, it's probably best to have some checks in place to keep this sort of thing from happening.

      • Section 230 Works: Russian Trolls Don't Get To Sue Facebook For Being Kicked Off Facebook

        Sorry Russian trolls (oh, and also all you people insisting that Section 230 doesn't and or shouldn't allow Facebook to kick trolls off its platform), but a court has made it clear that Facebook is clearly protected in kicking trolls off its platform. In this case, the Federal Agency of News (FAN) was kicked off Facebook soon after the 2016 election, when Facebook realized that various Russian trolling outfits had used the platform to push propaganda, often directed by the Russian "Internet Research Agency." Among the pages that Facebook removed was FAN's. For what it's worth, the "General Director" of FAN was one Aleksandra Krylova, who is among those who were indicted by Robert Mueller last year, for trying to influence the US election.

        Somewhat incredibly, FAN decided to sue Facebook over this, claiming a violation of the First Amendment along with some other claims -- which I'll just note in passing seem oddly similar to the claims used by white supremacists and other trolls who have sued social media for being removed. This includes claims of a civil rights violation under both federal law and California's Unruh Civil Rights Act, a breach of contract claim and a breach of "implied covenant of good faith and fair dealing."

    • Privacy/Surveillance

      • Department of Commerce: Address Privacy Before Licensing Satellites to Watch Over Us

        Satellites could soon track our movements from space, allowing for surveillance on a mass scale that most people haven’t ever contemplated. Yet U.S. rules governing commercial satellite licenses require satellite companies to disclose the unenhanced data they collect to governments around the world. This week, EFF filed comments with the Department of Commerce and the National Oceanic and Atmospheric Administration (NOAA) urging the agencies to take privacy into consideration when they issue satellite licenses.

        U.S. companies and research institutions that want to launch private satellites must first obtain a license from the federal government. As satellites have become smaller and less expensive to launch, and as the market has increased for the images and other data collected by satellites, satellite companies have been pushing the government to streamline the licensing process. This spring, the Department of Commerce issued a proposed rule that is designed to do that and then requested comments from interested parties. Noticeably absent from this proposed rule are any new protections to address the clear privacy risks raised by satellite images and recordings and the existing rule’s data sharing requirement. EFF’s comment urges the Department of Commerce to address these concerns.

      • Instead Of Parents Spying On Their Kids Online, Why Not Teach Them How To Be Good Digital Citizens

        Last week, when I wrote about Senator Graham's crazy "But think of the children online!" moral panic hearing, I highlighted comments from a guy named Christopher McKenna, who runs an organization called "Protect Young Eyes," which is one of those organizations that freaks parents out about all the evil things your kids might be up to. Among many of the crazy and misleading comments McKenna made, was one that was actually accurate, but interpreted incorrectly. McKenna whined that it was impossible to "watch over" kids online all the time. His solution was to force companies (and politicians) to censor the internet with filters and other tools. Or, at the very least he seemed to think parents needed better tools to spy on their kids' online activities.

        As we pointed out, another person on the panel suggested that rather than spying on our kids all the time, it would be better for parents to educate kids how to be good digital citizens, how to avoid danger, and how to better interact with the world around them. He was almost entirely ignored for the rest of the panel.

      • New Chilean €¿Quién Defiende Tus Datos? Report Shows Greater ISPs Commitment to User's Privacy

        Derechos Digitales, the leading digital rights organization in Chile, published its third annual Who Defends Your Data report today, in collaboration with EFF. The report assesses whether the country’s top ISPs enforce privacy policies and practices that put their users’ first. Kurt Opsahl, EFF’s Deputy Executive Director and General Counsel, joined the launch in Santiago de Chile, which highlighted the main findings and achievements of the report.

        ISPs have made considerable strides forward in this year's edition. Five of the six ISPs now publish transparency reports; four have released public guidelines on how and when they hand over user's data to government officials. Claro leads the pack in protecting its customers’ data, with WOM close behind. Both have policies that are both public and privacy-protective, publish clear and detailed law enforcement guidelines, and have made significant progress towards notification about authorities’ requests for personal information—a real breakthrough for user’s rights through all Latin America. VTR, Movistar and GTD Manquehue still have a long way to catch up.

      • Oakland, California On Its Way To Becoming The Third US City To Ban Facial Recognition Tech

        For the third time in two months, a US city has banned the use of facial recognition tech by local government agencies.

        San Francisco started this movement (oh god please let it be a movement) back in May, booting the tech out of the city before local agencies had even gotten a chance to fool around with it. Earlier this month, Somerville, Massachusetts took home the silver in the anti-surveillance-state games, enacting a local ban on facial recognition tech.

      • Researchers connect FaceApp with the Kremlin

        FaceApp, developed by Russian software company Wireless Lab, enables users to realistically alter facial features of photos so that can have different expressions and look older or younger. The app has recently raised alarm bells due to privacy concerns.

      • Facebook design flaw let thousands of kids join chats with unauthorized users

        Facebook’s Messenger Kids app is built around a simple premise: children shouldn’t be able to talk to users who haven’t been approved by their parents. But a design flaw allowed users to sidestep that protection through the group chat system, allowing children to enter group chats with unapproved strangers.

      • Behind the Scenes of the House Democrats’ Twitter War

        Then staffers to the feuding parties took the beef to Twitter, which (take it from me) is never a good idea.

      • [Old] THE WHITE PANTHERS' "TOTAL ASSAULT ON THE CULTURE"

        The available evidence strongly suggests that Marnell was a government agent provocateur, who infiltrated the WPP commune for purpose of gathering intelligence on Plamondon's whereabouts and possibly setting the group up for future arrests.

        Infiltration along these lines was a common COINTELPRO tactic during the period. 70 In any event, Marnell was scared off by wary White Panthers before he could complete his assignment. 71

        [...]

        The White Panther saga contains many ironies. None of these is greater than the fact that a group of counterculture "freeks," who, in search of radical certification, created a largely- fictional "White Panther Myth" -- only to end up being portrayed by the Nixon Administration as the epitome of domestic "national security" threat, and embroiled in a landmark constitutional case. It is hard to disagree with Sinclair's reflective assessment: "The Government . . . . should have been paying us for what we were doing!" 83

      • UK Parliamentary Committee Calls For The End Of Facial Recognition Tech By The UK Government

        The UK government already has the cameras -- thousands of them. So, why not add facial recognition to the mix? A number of UK law enforcement agencies already have. UK police forces compiled a legally-questionable database of 18 million face photos and went to work.

        Nobody did well. Failure after failure followed the rollout, with the London Metro police repeatedly claiming the "worst of the worst" title for itself. Despite this resounding lack of success, the Home Office feels the UK needs more failure, not less.

      • Steve Bannon The Latest To Abuse Consumer Location Data

        However bad Facebook's privacy issues are, the telecom sector's have long been as bad, if not worse. That's been most recently exemplified by the industry's headaches surrounding the collection and sale of sensitive customer location data. Scandal after scandal has revealed that for the better part of the last decade, cellular phone companies have been collecting and selling your location data to a long line of often dubious companies and organizations, who then did the bare minimum to secure this data. Everyone from law enforcement to stalkers has been allowed to abuse this data, and your privacy.

        The latest case in point: a new investigation by Think Progress found that Steve Bannon also managed to get a hold of this data and use it for political targeting purposes. A

      • When Will We Get the Full Truth About How and Why the Government Is Using Face Recognition?

        Earlier this month, the House Committee on Homeland Security held a hearing to discuss the role of face recognition and other invasive biometric technologies in use by the Department of Homeland Security (DHS). Despite some pushback from some lawmakers on the committee, John Wagner of the U.S. Customs and Border Protection (CBP), Austin Gould of the Transportation Security Administration (TSA), Joseph DiPietro of the Secret Service, and Charles Romine from the National Institute of Standards and Technology (NIST) argued that face recognition and biometric surveillance is safe, regulated, and essential for the purposes of keeping airports and U.S. borders secure. This hearing made clear: this technology is not well-regulated, it does impact the privacy of travelers, and its effectiveness has yet to be proven.

        Oddly enough, the group most in need of a check on how they use these technologies, Immigration and Customs Enforcement (ICE), was not in attendance at this hearing.

        By far, the most questions from the committee were directed toward CBP, which recently announced that data, including photographs taken of license plates at checkpoints, had been accessed in a hack of the third-party contractor that provided the cameras. Although Wagner, of the CBP, said they were unaware that the camera provider could extract data, he offered little assurance—outside of saying that CBP would review protocol—that cameras feeding traveler photos into face recognition software could avoid similar vulnerabilities. What this exchange makes clear is that the best way to avoid the risk of having photographs of travelers’ faces hacked and leaked to the world is not to put up the cameras in the first place.

        Chairman Thompson also expressed concern over face recognition software’s well-documented tendency to have a higher error rate when analyzing the faces of people of color. On the mind of Chairman Thompson was the recent test of Amazon’s Rekognition software, which falsely matched 28 members of Congress to mugshots in a database. As he stated in the hearing, while not all of the Members of Congress misidentified were people of color, a disproportionate 40% were. Although false positives continue to be a grave concern as face recognition becomes more ubiquitous, improving the software’s accuracy does not negate the more overwhelming dangers posed by face recognition. The use of face recognition and other biometric surveillance threaten to chill free speech and the freedom to travel. This is particularly true for people of color, religious minorities, and other groups who have been stereotyped and whose presence at protests, in airports, or in public, have been met with unfair suspicion and sometimes violence by authorities.

    • Freedom of Information/Freedom of the Press

      • WikiLeaks, Julian Assange and Decoding the National Security Commentariat

        The Fourth Estate has, however, been placed on poor gruel and life support. Gone are the days when Bob Woodward and Carl Bernstein ferreted their way through sources and obtaining the material – leaks from confidential sources, no less – that would make them famous and lay the way for the demise of a US President. Such energy is frowned upon these days; the investigative journalist is being treated more as an irritating remnant, a costly undusted fossil. The way for what Nozomi Hayase calls the “Global Fourth Estate” is being well and truly paved as a result.

        The corporate factor in this process is undeniable. The Australian media tycoon and ageing tyrant Rupert Murdoch has proven to be the kiss of death to much decent journalism, though he is by no means the only contributor. As a man who takes pride in directly intervening in the policies and directions of his newspapers, identifying the credible view from the crafty slant is a hard thing. Political and business interests tend to converge in such an empire. Balanced reporting is for the bleeding hearts.

      • Granting Julian Assange political asylum was “the right thing” to do

        However, this decision is not unrelated to recent events in Ecuador. In 2017 PAIS Alliance candidate Lenin Moreno was elected president of Ecuador. As he took over from Rafael Correa, his predecessor, Moreno’s victory was seen as a continuation of the so-called Citizen Revolution Movement. However — and much to everyone’s surprise — he quickly turned against his former allies, reversing the political process they had begun ten years earlier and even persecuting them.

        As a result, former president Correa himself remains exiled in Brussels and several prominent former cabinet members are either in jail or have fled the country. VilaWeb tracked down former Foreign, Defence and Economy minister Ricardo Patiño for this interview. Patiño was the president of PAIS Alliance during the clash with Lenin Moreno, after the latter was elected president of Ecuador.

      • CNN peddles intelligence agencies’ lies against Assange

        CNN broadcast a scurrilous attack against Julian Assange on Monday. Its sole purpose was to revive the discredited claim that the WikiLeaks founder functioned as an “agent” of the Russian government, in order to undermine growing opposition to the US attempts to prosecute Assange for exposing American war crimes and diplomatic conspiracies.

      • Turkish court sentences documentary filmmakers to 4 and a half years

        Documentary filmmakers Ertuğrul Mavioğlu and Çayan Demirel, directors of the 2015 documentary movie "Bakur" ("North"), about the outlawed Kurdistan Workers' Party (PKK), were sentenced to four years and six months in prison yesterday for "making propaganda for a [terrorist] organization" by a court in the southeastern city of Batman, according to news reports. The court initially sentenced the defendants to three years each but increased the sentences as required by Turkish law because the "propaganda" was made "through press and broadcast," according to the same reports.

      • Directors of 'Bakur' Documentary Given Prison Term for Terrorist Propaganda

        Journalist MavioÄŸlu tweeted on the verdict, saying that they did not even give their final defense statement. "These heavy sentences to people who shoot movies, write, chase the truth, do not mince their words are for others to draw a lesson. Never draw a lesson, never mince matters," he said.

      • Consortium News website taken down by a malware attack after streaming program defending Julian Assange

        The Consortium News report identified the attack on their website with the Twitter censorship because they had conducted Unity4J online vigils over the previous months. Consortium News and other independent news outlets denounced the Unity4J ban along with the rock musician Roger Waters who called Julian Assange a “great hero of freedom of the press” and attacked Twitter as “Big Brother” and “an arm of the Thought Police” and “an arm of the forces of oppression.”

    • Civil Rights/Policing

      • Saudi Arabia: Pop music gains a political conscience

        Maryam Alkhawaja, a Bahraini human rights activists, lashed out against the French DJ on Twitter. She said his performance had been "revolting" and that she was in possession of reports showing that her fellow activists were being jailed and tortured in Saudi Arabia. The current chairman of the Human Rights Foundation (HRF), former world chess champion Garry Kasparov, also commented that it was an outrage for artists to do business with a murderous regime.

      • Islamists Rape, Stone to Death Christian Woman in Syria

        The Syrian Observatory for Human Rights also verified the incident. "Her body was found with marks of torture on it. And according to forensic medicine, the woman had been tortured for about 9 hours before she was stoned to death by unidentified persons," read the report.

      • 5 Times Everyday People Had To Force The Cops To Their Jobs
      • LAPD Infiltrated An Anti-Fascist Protest Group Because The First Amendment Is Apparently Just A Suggestion

        Maybe the LAPD doesn't have the experience its counter-coastal counterpart has in inflicting damage to rights and liberties, but it's trying, dammit! The NYPD's brushes with the Constitution are numerous and perpetual. The LAPD may have spent more time working on the Fourth and Fifth Amendments during its Rampart peak, but now it's rolling up on the First Amendment like a repurposed MRAP on a small town lawn.

      • ‘These Terms Have a History and a Power We Have to Acknowledge’ - CounterSpin interview with Lawrence Glickman on racism & euphemism

        When Iowa Rep. Steve King casually asserted the superiority of white people over others, asking, “White nationalist, white supremacist, Western civilization—how did that language become offensive?” it wasn’t a misstep. King keeps a Confederate flag on his desk, and he’d already made and defended the comment that US culture must be restored, but it can’t be “with somebody else’s babies.” But NBC News ordered reporters to “be careful to avoid characterizing [King’s] remarks as racist,” though “it is OK to attribute to others, as in ‘what many are calling racist’ or something like that.”

    • Internet Policy/Net Neutrality

      • Why I Have a Website and You Should Too

        Having a website and/or blog is not about being a web developer, nor about being a celebrity of sorts, but is about being a citizen of the Web. This may sound a bit grand, but that's the point - the World Wide Web is this amazing thing that was literally built for everyone. We need to make sure that we are all using it to its best, and owning a piece of it to show big companies that it's ours, not theirs!

        Slightly dramatic and political outburst aside, what are some of the other reasons that you would want one? Let's look at a few of the key reasons, any number of which may strike a chord with you.

      • Thank Laws Supported By AT&T and Comcast for California’s Broadband Monopoly Problem

        If you, like a great many Californians, have shopped for high-speed broadband options (in excess of 100 mbps) and found that you always ended up with Comcast, it is because the state’s legislature has failed to promote broadband competition for more than ten years. That reality has resulted in the death of competitive access in many parts of the state with a disproportionate impact on low income residents and rural Californians. With the exception of last year's S.B. 822 (the state’s net neutrality bill) and A.B. 1999 (legislation that made it legal for local governments to build their own ISPs), the big ISPs have gotten exactly what they want out of Sacramento—which is for the state to abandon its residents to broadband monopolies so they can charge monopoly rents.

        Take, for example, the debate this year regarding an AT&T and Comcast bill being moved by Assembly Member Lorena Gonzalez (A.B. 1366). Very few lawmakers in the state’s legislature have willingly opposed this bill, which will hurt consumers. The legislation’s premise is in lockstep with the Trump Administration’s FCC agenda to abandon all means of using the law to promote competition policy. The bill maintains a restraint on state and local authority to promote broadband access competition that was originally instituted in 2012 after heavy lobbying by the major ISPs.

    • Monopolies

      • Facebook Wants Its Own Currency. That Should Scare Us All.

        Facebook’s regulatory compliance strategy came across as underdeveloped at best, and illegal at worst: a dangerous position for a global mega-company seeking to become a major financial player overnight, particularly in the post-crisis era. After two exhaustive days of interrogation, the overriding impression left by Marcus’s testimony was that once the fancy marketing and propagandistic buzzwords are stripped away, Facebook simply believes it is entitled to create its own global currency because, well, it’s Facebook. Everything else is mere details to be filled in later.

      • Patents and Software Patents

        • New USPTO trial practice guidelines overshoot as they seek to restrict parallel PTAB IPR petitions challenging the same patent

          Since taking office, Undersecretary and United States Patent & Trademark Office (USPTO) Director Andrei Iancu, who previously managed a major patent litigation firm, has been on a crusade against inter partes reviews of issued patents by the Patent Trial and Appeal Board (PTAB). It will take more than one blog post to explain and comment on Director Iancu's various anti-IPR initiatives, all of which share a common goal: to keep as many weak patent claims alive as possible, contrary to the political goal of the economically most important part of the America Invents Act (AIA). Giving leverage to patent holders even though the asserted patents were obtained without an actual contribution to the state of the art is a total misallocation of resources and incentivizes legal gamesmanship while discouraging true innovation.

          [...]

          What should the PTAB judges do then? Should they keep statistics of the cases before them and strive for a particular distribution of decisions, based on whatever range of percentages a given judge believes to be consistent with guidelines like "unlikely" and "substantial majority?" So after someone grants two petitions challenging the same patent, they'll have to reject at least the next ten?

          When outsiders like bloggers or financial investors (especially risk arbitrageurs) try to predict an outcome, it's an inherently probabilistic exercise. But applying the law is different from placing bets on one outcome or the other. It should be all about the merits, not a numbers game.

          The section on parallel petitions has many more paragraphs, and some do talk about criteria for whether a petition should be granted, with a particular emphasis on reasons weighing in favor of rejection. But before the reader reaches that point, the new Trial Practice Guide takes the position that two parallel petitions challenging a given patent should be "rare," and three or more should be "unlikely" to be justified--"unlikely" regardless of how many claims a patent has, how complex the relevant technology is, or how many prior art references are presented.

        • Reopening Prosecution – Rather than Allowing Appeal

          This section of the MPEP allows a patent examiner to “reopen prosecution to enter a new ground of rejection” in response to a patentee filing an appellate brief. Hyatt argues that this approach violates the right to appeal under 35 U.S.C. €§ 134 and €§ 6(b). When I previously wrote about the case, I noted a “remarkably parallel” case from 1904 where the Supreme Court authorized mandamus action where the examiner refused to forward cases to the Board. U.S. ex rel. Steinmetz v. Allen, 192 U.S. 543 (1904). The Supreme Court in that case also wryly spells-out the justification for restriction practice — “to obtain more revenue” for the Patent Office.

          In its newly filed responsive brief, the USPTO agrees that after having its claims “twice rejected . . . the applicant is entitled to appeal that rejection. . . [However], contrary to petitioners’ assertion, that procedure does not deprive any patent applicant of his right to review by the Board.”

        • Canada’s new patent rules analysed

          Some of Canada’s changes to its patent law will have a big impact on companies’ strategies, according to lawyers, but it’s “business as usual” for now

          The new rules allow Canada to ratify WIPO’s 2000 Patent Law Treaty (PLT), which the country signed in 2001.

        • Reviving 20 year old web forum software

          What makes you nostalgic? I don’t know about you, but for me, it’s definitely early 2000s web forums. Names like vBulletin, UltimateBB, phpBB, YaBB, IkonBoard, … bring a smile to my face. Thus, I figured it would be time to revisit the oldest vBulletin I could get my hands on. As it turns out, vBulletin used to offer “vBulletin Lite” back in the year 2000, which is a version of vBulletin 1.x stripped down so much, it almost stops being vBulletin.

          Because they hid it behind a form, the web archive didn’t quite catch it, but I managed to find a different copy online, which seems pristine enough at least: vbulletinlite101.zip

        • Open Invention Network Community Welcomes Groupe Renault

          Open Invention Network (OIN), the largest patent non-aggression community in history, announced today that Groupe Renault, has joined as a community member. As one of the largest and most innovative international automobile manufacturers, Groupe Renault is demonstrating its commitment to open source software (OSS) as an enabler of advanced vehicle systems.

          “The automobile is quickly being reshaped, and in turn is changing the automotive industry in a parallel manner to how the mobile phone transformed the communications industry. Almost every system, bumper-to-bumper, is being re-engineered to adapt to digital platforms. The key enabler of these rapid advancements are open, collaborative platforms,” said Keith Bergelt, CEO of Open Invention Network. “We greatly appreciate Renault’s leadership in joining OIN and supporting patent non-aggression in Linux and adjacent open source technologies.”

      • Copyrights

        • Judge Tosses Crazy Copyright Lawsuit Over Gigi Hadid Photo

          Last month, we wrote a fairly long post about some interesting elements (demonstrating the flimsiness of "copyright" existing for many photographs) in a copyright lawsuit filed against model Gigi Hadid for reposting a cropped paparazzi photo on her Instagram. As we noted in that post, despite all of the interesting arguments made regarding copyright and photos, it seemed clear that this case was going to get tossed on purely procedural grounds -- namely that the lawsuit, filed by a photo agency called Xclusive-Lee (who may or may not even hold the rights to the photo), was filed prior to the photo receiving a registration from the Copyright Office. Back in March, the Supreme Court said that copyright law is quite clear that you need to wait until the registration is obtained.

          Here, that was not the case. It was filed before the registration was granted, and thus it's no surprise that (as first pointed out by the Hollywood Reporter) that this case was thrown out for that reason alone.

        • Brit ISPs have stopped sending out polite anti-piracy letters

          Rather than being abandoned for being wholly ineffective, the official line is that they've served their purpose - which is a bit weird, given the government put aside €£2m to fund the project until 2021.

Recent Techrights' Posts

Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 23, 2024
IRC logs for Saturday, November 23, 2024
[Meme] GAFAMfox
Mozilla Firefox in a state of extreme distress
Google Can Kill Mozilla Any Time It Wants
That gives Google far too much power over its rival... There are already many sites that refuse to work with Firefox or explicitly say Firefox isn't supported
Free (as in Freedom) Software Helps Tackle the Software Liability Issue, It Lets Users Exercise Greater Control Over Programs
Microsofters have been trying to ban or exclude Free software
In the US, Patent Laws Are Up for Sale
This problem is a lot bigger than just patents
ESET Finds Rootkits, Does Not Explain How They Get Installed, Media Says It Means "Previously Unknown Linux Backdoors" (Useful Distraction From CALEA and CALEA2)
FUD watch
Techdirt Loses Its Objectivity in Pursuit of Money
The more concerning aspects are coverage of GAFAM and Microsoft in particular
Techrights' Statement on Code of Censorship (CoC) and Kent Overstreet: This Was the Real Purpose of Censorship Agreements All Along
Bombing people is OK (if you sponsor the key organisations), opposing bombings is not (a CoC in a nutshell)
Links 23/11/2024: Press Sold to Vultures, New LLM Blunders
Links for the day
Links 23/11/2024: "Relationship with Oneself" and Yretek.com is Back
Links for the day
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024