Desktop

• Razer’s Linux Laptop Plans Appear To Have Been Mothballed

  Remember back in 2017 when Razer CEO Min-Liang Tan talked about plans for better Linux support for their high-end gaming laptops on Linux? More than two years later, they have yet to ship a Linux laptop nor make any other measurable improvements to their Linux support.

• It’s about time…..

  The percentage of Reglue kids going on to graduate school is, per capita; 8% higher than the national average. That’s possible in no small part to your participation in Reglue over the years. We couldn’t have done anything near close to this without the support of The Linux and Open Source Community.

  I have prostate cancer. At first, my Uro-guy wasn’t too worried about it because it was in the early stages of growth and he told me that my type of prostate cancer was known as the 25 year killer. Meaning that it would take that cancer 25 years to begin to threaten me. Unfortunately, within the past 6 months, that cancer has accelerated and I must begin a radiation and chemo regimen. Now don’t panic…I’m not. I have sufficient insurance and a great Urologist. This isn’t really a big deal. I simply mention it so that those who have supported our efforts are kept in the loop. I’ve beat this crap once and I’ll beat it again.

Server

• 24 sysadmin job interview questions you should know

  As a geek who always played with computers, a career after my masters in IT was a natural choice. So, I decided the sysadmin path was the right one. In the process of my career, I have grown quite familiar with the job interview process. Here is a look at what to expect, the general career path, and a set of common questions and my answers to them.

• How to transition into a career as a DevOps engineer

  DevOps engineering is a hot career with many rewards. Whether you’re looking for your first job after graduating or seeking an opportunity to reskill while leveraging your prior industry experience, this guide should help you take the right steps to become a DevOps engineer.

  [...]

  If you have prior experience working in technology, such as a software developer, systems engineer, systems administrator, network operations engineer, or database administrator, you already have broad insights and useful experience for your future role as a DevOps engineer. If you’re just starting your career after finishing your degree in computer science or any other STEM field, you have some of the basic stepping-stones you’ll need in this transition.

• Getting Started with Knative on Ubuntu

  Serverless computing is a style of computing that simplifies software development by separating code development from code packaging and deployment. You can think of serverless computing as synonymous with function as a service (FaaS).

  Serverless has at least three parts, and consequently can mean something different depending on your persona and which part you look at – the infrastructure used to run your code, the framework and tools (middleware) that hide the infrastructure, and your code which might be coupled with the middleware. In practice, serverless computing can provide a quicker, easier path to building microservices. It will handle the complex scaling, monitoring, and availability aspects of cloud native computing.

• The 10 new rules of open source infrastructure

  Recently, I gave a keynote at the Cloud Native / OpenStack Days in Tokyo titled “the ten new rules of open source infrastructure”. It was well received and folks pointed out on Twitter that they would like to see more detail around those ten rules. Others seemed to benefit from clarifying commentary. I’ve attempted to summarize the points I’ve made during the talk here, and happy to have a conversation or add more rules based on your observations in this space over the last ten years. I strongly believe there are some lasting concepts and axioms that are true in infrastructure IT, and documenting some of them is important to guide decisions that go into the next generation thinking as we evolve in this space.

• Cockpit Project: Cockpit 199

  Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 199.

• IBM

  • Controlling Red Hat OpenShift from an OpenShift pod

    This article explains how to configure a Python application running within an OpenShift pod to communicate with the Red Hat OpenShift cluster via openshift-restclient-python, the OpenShift Python client.

  • Controlling Red Hat OpenShift from an OpenShift pod

    This article explains how to configure a Python application running within an OpenShift pod to communicate with the Red Hat OpenShift cluster via openshift-restclient-python, the OpenShift Python client.

Audiocasts/Shows

• Ubuntu Podcast: S12E16 – Glider Rider

  This week we’ve been learning about the crazy world of flat earthers. In a change to our scheduled programming we discuss Alan’s new lean podcasting experiment, bring you some command line love and go over all your feedback.

  It’s Season 12 Episode 16 of the Ubuntu Podcast! Alan Pope, Mark Johnson, Martin Wimpress and Stuart Langridge are connected and speaking to your brain.

• Mumbling with OpenBSD | BSD Now 308

  Replacing a (silently) failing disk in a ZFS pool, OPNsense 19.7 RC1 released, implementing DRM ioctl support for NetBSD, High quality/low latency VOIP server with umurmur/Mumble on OpenBSD, the PDP-7 where Unix began, LLDB watchpoints, and more.

• Endeavour OS + Pisi Linux | Choose Linux 14

  We take a look at the continuation of Antergos called Endeavour OS and are pretty impressed, and Distrohoppers delivers an interesting distro that’s obsessed with cats.

  Plus the only way to watch YouTube videos on Android.

• The Linux Link Tech Show Episode 818

Kernel Space

• Bcachefs gets closer

  When it comes to new filesystems for Linux, patience is certainly a virtue. Btrfs took years to mature and, according to some, still isn’t ready yet. Tux3 has kept users waiting since at least 2008; as of 2018 its developer still said that it was progressing. By these measures, bcachefs is a relative youngster, having been first announced a mere four years ago. Development of this next-generation filesystem continues, and bcachefs developer Kent Overstreet recently proclaimed his desire to “get this sucker merged”, but there are some obstacles to overcome still.
  Bcachefs has its origins in the bcache caching layer, though it is a separate project at this point. Like most of the newer filesystems out there, it uses a copy-on-write approach — data is copied to a new location when changed rather than overwritten. That enables the implementation of a number of interesting features; those intended for bcachefs include data checksumming, compression, multiple-device and RAID support, hierarchical storage management, snapshots, and, naturally, good performance. Work on bcachefs has apparently been slowed by the fact that there is relatively little interest in supporting this work; Over

• 5.3 Merge window, part 1

  As of this writing, exactly 6,666 non-merge changesets have been pulled into the mainline repository for the 5.3 development cycle. The merge window has thus just begun, there is still quite a bit in the way of interesting changes to look at. Read on for a list of what has been merged so far.

• Reworking CFS load balancing

  The Linux scheduler is made of the main types of scheduling which are the Completely Fair Scheduler (CFS), the realtime (RT), and the more recent deadline scheduler. The CFS class is the default and most commonly used one, which aims at sharing the running time of CPUs between tasks according to their priority. It was introduced in 2007 and has seen several major changes since. One of these major changes was the introduction of per-entity load tracking (PELT), which gives more details about the utilization of CPUs by tasks.

  The load-balancing algorithm of the scheduler has the key responsibility of placing tasks on CPUs to optimize the overall throughput of the system. It periodically monitors the system and decides when tasks have to migrate to ensure a fair distribution of compute capacity and an optimal use of resources. But that hasn’t really changed to take full advantage of these new metrics and it is still only using the load as the unit to migrate tasks, even when the root cause of an imbalance is not linked to load but to the available compute capacity of CPUs, for example.

• Frequency scale-invariance on x86_64

  The utilization and load signals computed with the PELT algorithm are affected by the processor’s clock frequency: loosely speaking, a task looks bigger if the machine is running slower. The remedy to this problem is called “frequency scale-invariance” and consists in normalizing all interesting quantities via the scaling factor current_frequency / max_frequency. At the time of this writing only the Arm architecture implements it; a session at the third OSPM summit in Pisa discussed a possible way forward for x86_64 systems.

  The reader may recall that, in PELT, time is partitioned in segments and, for each of those, the on-CPU time of a task is recorded (in the case of utilization; for load, the quantity of interest is on-run-queue time). This implies that a given task would score a higher utilization and load if the CPU is running at a lower frequency: generally speaking, a slower running CPU makes tasks run for longer; a longer running time produces larger values of the PELT signals. This effect of the PELT formula is undesired, because utilization and load of tasks and run queues cannot be compared across CPUs or across time, since the operating frequency might be different.

  The PELT framework offers a mechanism to rescale quantities and make them invariant to changes of frequency: some architecture-specific code has to implement the function arch_scale_freq_capacity() to return an appropriate scaling factor which, ideally, is going to be the ratio current_frequency / max_frequency — PELT will then use this factor where appropriate. As of today, only the Arm architecture implements arch_scale_freq_capacity(), thus it’s the only architecture that can claim to have frequency scale-invariant load and utilization.

• How can we make schedutil even more effective?

  Mobile platforms can feature some operating power points (OPPs) that are more energy-efficient than others at lower frequencies. The inefficient low-frequency OPPs can therefore be avoided in normal conditions, leading to better latency at no cost. The power cost of OPPs does not increase linearly with frequency, which gives some opportunities for smarter decisions: if the frequency can be increased when it would be beneficial for a low power bill, why not do it?

• Scheduler soft affinity

  As systems are getting bigger with more and more CPU cores, multiple instances of workloads are being consolidated on a single system. For example, multiple virtual machines (VMs) or containers on the same host is a common use case. Currently the Linux scheduler provides a few ways to partition multiple workload instances: hard partitioning using the sched_setaffinity() system call or the cpuset.cpus control group interface that binds the thread to a specific set of CPUs, or by using control group CPU shares (cpu.shares) that divide the CPU cycles of the system among multiple instances using fair sharing.

  But there is a need to have a way of dynamically partitioning workload instances so that one instance can use the available CPUs of another instance if they are idle, but only use the CPUs of its own partition when other partitions are busy. For example, the Oracle database has a multi-tenancy feature that can enable the root-level database instance to house multiple lightweight Pluggable Database (PDB) instances, each of which can be partitioned to use a NUMA node in a multi-socket system. Hard partitioning is not an option here, as one PDB instance needs to be able to burst out of its partition and use other available idle CPUs when other PDBs are idle. Hence CPU shares are used in this case. But this has the disadvantage of cache-coherence overhead (i.e. each instance running on all sockets will incur the cross-socket cache-coherence penalty due to data sharing).

• SCHED_DEADLINE on heterogeneous multicores

  As already mentioned in other talks, the SCHED_DEADLINE policy currently does not consider the capacities or the running frequencies of the various CPU cores. This mainly impacts two different aspects: admission control and task placement.

  The SCHED_DEADLINE admission control is designed with two goals: avoiding overload (that is, avoid starving non-deadline tasks) and providing performance guarantees to deadline tasks. Unfortunately, the current code assumes that all of the CPU cores have the same maximum capacity (which is assumed to be equal to the maximum capacity of the fastest core), and this assumption breaks the admission-control mechanism. A simple experiment (creating SCHED_DEADLINE tasks until the admission control fails) shows that on a big.LITTLE CPU, it is currently possible to starve non-deadline tasks. A first patch that has been submitted to the Linux kernel mailing list fixes this issue by considering the maximum capacity of each CPU core when performing the admission control. Repeating the experiment shows that the patch is effective (until thermal throttling slows down the CPU, but this is a different issue).

• TurboSched

  Parth Shah discussed the problem of sustaining “turbo” frequencies on SMP systems. Modern multicore systems have support for turbo frequencies, which are frequencies above the range of the rated frequencies that can be sustained by a small number of CPUs in the chip under certain power and thermal constraints. However, due to these very power and thermal constraints, it is harder to sustain these turbo frequencies for longer durations. Shah said that IBM POWER9 systems have a margin of around 18% for turbo range and sustaining these frequencies can provide better single-threaded performance.

• New approaches to thermal management

  Volker Eckert presented results from his experiments to use the CFS bandwidth controller for thermal management. The fundamental idea is to use less CPU bandwidth while running low-priority (background) tasks and thus keep the power budget available for more important tasks. This led to two interesting discussions: how to solve the per-entity load tracking (PELT) utilization issues for throttled tasks, and the idea, pushed by Morten Rasmussen, that thermal management should be applied to tasks rather than CPUs. Following this overall design approach, which was also backed by Paul Turner, the CFS bandwidth controller could play an essential role in a thermal-management architecture for future mobile systems.

• Proxy execution

  At the risk of playing defense, Juri Lelli started his talk by saying that he was going to be quick, as he didn’t actually have any updates from what he presented last year at the Linux Plumbers Conference and from the first RFC posted on the Linux kernel mailing list. The main goal of his session was to understand if there is still interest in this line of work.

  Proxy execution can be simply thought of as a “better” priority-inheritance mechanism, which a mutex owner can potentially run using (inheriting) the scheduling context (properties) of other tasks blocked on the same mutex (avoiding priority inversions). For the SCHED_DEADLINE scheduling policy, this translates to the possibility for a mutex owner to run “inside” donors’ (mutex waiters) bandwidth, fixing a longstanding issue of policy: priority-boosted tasks are currently allowed to run outside of runtime enforcement, as they only inherit donors’ deadline.

Applications

• Handy productivity software for your home and office

  Discovery is an integral part of any store experience. Sometimes, you know what you want and need, and the experience can be short and transactional. On other occasions, you want to explore, and search for new things. This applies equally to shopping malls as it does to software.

  In this article, we would like to give you an overview of several rather interesting entries from the Productivity section in the Snap Store, to help you get started on your discovery journey. While Linux users are familiar with the tried-and-tested set of a small number of popular, long-time players, there are many colorful, unique applications out there, waiting to be found and used. Let’s browse around.

• Ren’Py, One of the Best Visual Novel Engines!

  For almost 2 weeks I didn’t update the article on this blog, it’s because I’m also making a visual novel with a short story. If you like writing novels, maybe you can make it Visual Novel so that it is more interactive. Visual novel games have their own fans. We can also make a visual novel using the Game Engine. One software that you can use to create visual novels is Ren’Py.

Instructionals/Technical

• How To Screenshot Right Click Context Menu On Linux

• How to Add Swap Space on Ubuntu

• How to Install Linux Kernel 5.2.2 in Ubuntu / Linux Mint

• How To Install InfluxDB 1.7 and 2.0 on Linux in 2019

• How to Disable SELinux Temporarily or Permanently

• How to Install PostgreSQL 11 on Debian 10 (Buster)

• How to Run Docker on a Raspberry Pi

• How to enable minimize and maximize buttons in Pop!_OS 18.04

• How to test if your Bluetooth devices support BLE Privacy

• Install Squid Proxy on CentOS 7

• How to grant (Tom Marble) Debian Maintainer access

Games

• Blood Opera Crescendo, a 2D investigative adventure game will support Linux

  Another new indie game in need of funding on Kickstarter, the 2D investigative adventure game Blood Opera Crescendo and it’s planning Linux support.

  Inspired by the Ace Attorney and Persona series, Blood Opera Crescendo from Italian developer Kibou Entertainment has been in development since the start of last year in RPG Maker MV. They said the project has reached an advanced enough stage now to really take it further.

• Space-colony sim “Oxygen Not Included” to leave Early Access on July 30th

  Oxygen Not Included, the space-colony simulation game from Klei Entertainment now has a release date set, with it leaving Early Access on July 30th.

  It was originally due to release quite a bit sooner, but back in May Klei decided to delay it to ensure it had as much testing and polish as possible. With the full release, there will be an update coming with some new toys to play with including new asteroids, three new biomes with plants and critters, new buildings, colony goals and the usual balance and polish you can expect from a release.

• Take control of the Adeptus Mechanicus again, Warhammer 40,000: Mechanicus – Heretek is out

  Warhammer 40,000: Mechanicus – Heretek, the first DLC for the turn-based strategy game is now available.

  If you’re a Warhammer fan, Mechanicus is a game not to be missed. Focusing on the Adeptus Mechanicus, which doesn’t usually get a lot of screen-time in games. No messing around with Space Marines, no hiding behind cover. A pretty streamlined game, but very atmospheric and fun to play through. Even if you don’t usually appreciate Warhammer, it’s still a good strategy game.

• The excellent shoot ‘em up “Risk System” updated, now with better Linux support

  Risk System doesn’t seem to have gained much attention, a shame really since as far as shoot ‘em ups go it’s fantastic and at least tries to be a little different. A shooter where instead of dodging enemy bullets, you need to get up close and personal to charge your ship up. Honestly, it’s good.

  At release, the Linux version did suffer from one major issue. Due to a bug in GameMaker, unless you used an external tool to cap the FPS, everything was too fast. They’ve now solved this, with an update released this week.

• Warfork, a fast-paced arena FPS based on Warsow is heading to Steam

  Love fast-paced arena shooting? Warfork, a game based on Warsow is heading to Steam with an Early Access release due soon.

  Why did they fork it and go their own way? Well, according to the Warfork team, the owner of Warsow is opposed to a Steam release, which they feel is “hurtful to the growth of the community”.

• Blending 2D and 3D gameplay, Anodyne 2: Return to Dust is launching next month

  With graphics and gameplay inspired by classics across the PS1, PS2 and N64 for the 3D design as well as the 2D art of the GBA and SNES, Anodyne 2: Return to Dust certainly looks and sounds good.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Welcome to KDE: Nuremberg Megasprint Part 1

    Now that it has been over half a year since I started this blog, it is time to address one of the topics that I promised to address at the beginning: How I got started with KDE. I will do this in the context of the “Nuremberg Megasprint” which combined a KDE Connect sprint, a KDE Welcome / Onboarding sprint, and a KWin sprint.

    At the Onboarding sprint, we were talking mostly about ways to make it easier for developers new to KDE to work on our software. Currently the path to getting that working is quite convoluted and pretty much requires that a developer read the documentation (which often doesn’t happen). We agreed that we would like the new developer experience to be easier. I don’t have a lot to say about that, but keep an eye on the Planet for an idea of what was actually worked on! Instead, since I am a relatively new KDE contributor, I will tell the story of how I got started.

    I started using Plasma as a desktop environment around 2012, shortly after Ubuntu switched from Gnome 2, which I liked, to Unity, which I disliked. I tried playing with Mate and Cinnamon for Ubuntu, but I didn’t find either one was what I wanted. I had heard that KDE existed, but I didn’t know anything about it, so I gave it a try as well.

• GNOME Desktop/GTK

  • Gnome Shell Dash To Panel v20 Brings Major Window Previews Improvements

    The Gnome Shell Dash to Panel (not to be confused with Dash to Dock, from which the Ubuntu Dock is forked) extension combines the Dash with the top Gnome panel. The result is a single panel that provides an icon taskbar, the tray, system menu, and date / time indicator. This is similar to the KDE Plasma and Windows 7 (and newer) taskbar. The extension supports Gnome Shell 3.18 and newer.

    The latest Dash to Panel v20 includes major improvements to its window previews. With this version, the window previews have been re-written using custom components so they no longer steal input.

    Along with this, there are also quite a few new window preview features, like new styling options such as size, padding, close button location, header visibility and font style. And that’s not all – the live window previews size is now dynamic for each thumbnail, which makes a lot of sense since windows have different geometries, so previously you’d get huge borders around the previews.

Distributions

• Zorin OS Is The Linux Distro We Wanted 10 Years Ago [Giveaway Inside]

  Zorin OS is a different offering in a large pool of competition. Zorin isn’t groundbreaking but does manage to provide some features that are fairly unique. Zorin is intended to be a friendlier distribution and aims to please newcomers to Linux. While it has much to offer, it does stray from the typical Linux modus operandi.

  Zorin OS is very much the same as other distributions, in particular, it is based on Ubuntu, so there’s a very cookie-cutter start. But beyond that, it becomes much different.

• The New Version Of Deepin Linux Has A Killer Feature That Every Distribution Needs

  Basically, Deepin Cloud Sync lets you sync all kinds of system settings to the cloud automatically. This covers network settings (such as VPN and WiFi), sound settings, mouse settings, update settings, power settings, corner settings, theme, wallpaper, launcher, and dock. You know, that stuff you’re always investing time into tweaking and configuring with pretty much any new installation.

  There are other solutions of course. You can throw all your config and relevant files onto a Git repository, sync them up with NextCloud or back them up onto another drive. There’s no shortage of alternate approaches.

  But this is one of those features that’s appealing to both newcomers and more casual users. An elegant solution that just makes using Linux easier, and that’s something I’m always eager to highlight.

• New Releases

  • GNOME Packages, More Updated in Tumbleweed This Week

    Two openSUSE Tumbleweed snapshots have been released since our last Tumbleweed update on Saturday.

    The most recent snapshot, 20190723, updated Mozilla Firefox to version 68.0.1. The browser fixed the missing Full-Screen button when watching videos in full screen mode on HBO GO. The new 68 version enhanced the Dark Mode reader view to include darkening the controls, sidebars and toolbars. It also addressed several Common Vulnerabilities and Exposures (CVE). The snapshot provided an update to GNOME 3.32.4, which fixed an issue that led to some packages with multiple appdata files not correctly showing up on the updates page. The Guile programming language package update to 2.2.6 fixed regression introduced in the previous version that broke HTTP servers locale encoding. Hardware library hwinfo 21.67 fixed Direct Access Storage Devices (DASD) detection. A major 7.0 version of hylafax+ arrived in the snapshot. The Linux Kernel brought several new features with the 5.2.1 kernel and enhanced security for a hardware vulnerability affecting Intel processors. The open-source painting program Krita 4.2.3 version offered a variety of fixes including a copy and paste fix of the animation frames. A few libraries like libgphoto2, libuv and libva received update. There were also several Perl and Rubygem packages that were updated in the snapshot. The file manager for the Xfce Desktop Environment, thunar 1.8.8, fixed XML declaration in uca.xml and the 2.15 transactional-update package enable network during updates and allow updates of the bootloader on EFI systems. The snapshot is currently trending at a 93 rating, according to the Tumbleweed snapshot reviewer.

• Canonical/Ubuntu Family

  • BT bets on Ubuntu OpenStack to deliver 5G pledge – Cloud Pro

    BT has announced a partnership with Canonical to develop and deploy its next-generation 5G core network.

    The deal will see Canonical offer up its open-source virtual infrastructure manager (VIM) platform so that BT can run network applications as code and transition away from a hardware-based network to one that’s virtualised.

    This open-sourced cloud-based approach will help BT to quickly deploy new services and allow it to stay ahead of the demand for 5G and Fibre to the Premises (FTTP), the company said.

  • BT chooses Linux operating system Ubuntu for 5G cloud core

    Ubuntu is a Linux operating system, which has with both community and professional support. Canonical, the company behind Ubuntu, will provide the open source virtual infrastructure manager (VIM) as part of BT’s network functions virtualisation (NFV) programme and its transition to a cloud-based core network.

    This intention is that the open source, cloud-based approach will allow BT to quickly deploy new services, and increase capacity to meet customers’ demand, driven by 5G and fibre to the premises (FTTP).

Devices/Embedded

• Releasing HypriotOS 1.11.0: Docker 19.03.0 CE from Raspberry Pi Zero to 4 B

  We think that security should be shipped out-of-the-box. We make HypriotOS more secure without you even noticing it. For instance, there is no built-in “root” user. Also, the default user “pirate” (password “hypriot”) is can be customized or removed before the first boot. Just look at the file /boot/user-data. You can add your public SSH key, disable password logins and specify a different user account before you even boot your Raspberry Pi. WiFi can be customized and enabled to have Docker up and running through the air without attaching a keyboard and monitor.

• July Update: All about the Pinebook Pro

  As I’ve mentioned in last month’s update post, the PinePhone prototypes are currently being manufactured (due in August) and the PineTab dev kits are rolling off the factory line to be shipped out to developers. With both the PinePhone and PineTab currently in-transition to their respective next development stages, I’ll devote this month’s update solely to the Pinebook Pro pre-order announcement, the last unannounced feature of the laptop as well as a hardware and software status update.

• PineBook Pro Arm Linux Laptop now up for pre-order for $199.99

  Pine64 unveiled a Pinebook Pro laptop prototype at FOSDEM 2019 as an update to the original Allwinner A64 powered Pinebook laptop, but instead of just being a toy to play with, Pinebook Pro aimed to be used as a daily driver thanks to a relatively powerful Rockchip RK3399 processor combined with 4GB RAM, and 64/128GB storage, and equipped with a 14″ Full HD display all for a target price of $200.

  Last May, we noticed some good progress on the software development side with a demo showcasing Ubuntu & Debian with MATE desktop, 4K video playback, 3D graphics acceleration, and USB-C video output. The good news is that Pinebook Pro has just launched and can be pre-ordered for $199.99 on Pine64 store. [Update: If you are an existing forum member, you may want to redeem your coupon here]

• N-Fuse Launches Raspberry Pi 3B+ LoRaWAN Gateway with PoE Support

  The PoE enabled Raspberry Pi 3B+ based LoRaWAN Gateway as called by n-fuse is a LoRaWAN gateway based on the Raspberry Pi 3B+, the LRWCCx-MPCIE Concentrator, and the SBCPoE RPI Hat. It supports both the Europe 868Mhz and America 915Mhz frequency (you have to purchase the exact frequency you want though)

• Mobile Systems/Mobile Applications

  • OnePlus Gallery from Android Q DP3 lets you hide photos [Download link]

  • Asus ZenFone 6 Android Q Beta Programme Announced, Recruitments Now Open

  • Nokia 8.2 to arrive with 32MP pop-up camera and Android Q

  • JBL’s Android TV-powered soundbar finally goes on sale at $399

  • New Nvidia Shield TV w/ Android TV passes through FCC with an updated chipset

  • 5 smart questions that’ll smother most Android security scares

  • Best Android Smartphones to Buy in India Under Rs 30,000

  • Lenovo K11 appears in Android Enterprise Directory and store listing

  • Android Malware ‘Triada’ Most Active on Telco Networks

  • Verizon brings Android Pie to the Galaxy J3 (2018) and Galaxy J3V (2018)

  • Moto E6 goes official for $149 w/ Android Pie, available today at Verizon

  • Sailfish OS Seitseminen is now available

    Sailfish OS Seitseminen is now available for download. We are very excited to bring you this Sailfish OS 3.1 update, which was named after the beautiful Seitseminen National Park. Seitseminen is located in the Pirkanmaa region, 50 kilometers away from our headquarters in Tampere.

  • Snapchat user growth accelerates after Android fix

  • Android update drives Snap user growth in Q2

  • Snap Surges Past One-Year High as Lenses, Android Rebuild Drive Q2 Earnings Beat

  • Android phone’s accelerometer can eavesdrop on any audio via its speakerphone

  • How to boost Google Maps performance on Android smartphones

  • Verizon’s 2018 Galaxy J3 and Galaxy J3V finally get Android 9 Pie

  • Be Careful About Sideloading Popular Android Apps, Unless You Like Malware

  • Google confirms Search results are broken for ‘some’ Android users

  • Google Assistant tests ‘instant messages send’ from the Android lock screen

  • Twitter’s all-black ‘Lights Out’ mode may be coming to Android in September

  • Nokia 7.1, a Decent Mid-Ranger Running Stock Android Can Be Grabbed for up to $150 in Savings

  • “Specially Crafted” Videos Could Hijack Your Android Device

  • Android Enterprise listings reveal specifications of Galaxy A10s, Moto E6 and LG X2

Web Browsers

• Mozilla

  • Empowering voters to combat election manipulation

    For the last year, Mozilla has been looking for ways to empower voters in light of the shifts in election dynamics caused by the internet and online advertising. This work included our participation in the EU’s Code of Practice on Disinformation to push for change in the industry which led to the launch of the Firefox EU Elections toolkit that provided people information on the voting process, how tracking and opaque online advertising influence their voting behavior and how they can easily protect themselves.

    We also had hoped to lend our technical expertise to create an analysis dashboard that would help researchers and journalists monitor the elections. The dashboard would gather data on the political ads running on various platforms and provide a concise “behind the scenes” look at how these ads were shared and targeted.

    But to achieve this we needed the platforms to follow through on their own commitment to make the data available through their Ad Archive APIs.

    Here’s what happened.

BSD

• Need a Secure Operating System? Take a Look at OpenBSD

  The Unix-like OS offers support for a wide range of hardware platforms, third-party tools and an active, supportive community.

• DragonFlyBSD Replacing Their 48-Core Opteron Infrastructure With Ryzen 9 3900X CPUs

  DragonFlyBSD is replacing their 48-core Opteron server named “Monster” with two of the new AMD Ryzen 9 3900X “Zen 2″ processors as well as a spare Xeon server. DragonFlyBSD lead developer Matthew Dillon continues to be mighty impressed by AMD’s latest processor offerings.

  Last year Matthew Dillon professed his love for the performance of AMD Ryzen Threadripper CPUs while in recent weeks he’s been quick to get Ryzen 3000 CPUs working on DragonFlyBSD and has been impressed by their performance.

FSF/FSFE/GNU/SFLC

• Introduction to GNU Autotools

  Have you ever downloaded the source code for a popular software project that required you to type the almost ritualistic ./configure; make && make install command sequence to build and install it? If so, you’ve used GNU Autotools. If you’ve ever looked into some of the files accompanying such a project, you’ve likely also been terrified at the apparent complexity of such a build system.

  Good news! GNU Autotools is a lot simpler to set up than you think, and it’s GNU Autotools itself that generates those 1,000-line configuration files for you. Yes, you can write 20 or 30 lines of installation code and get the other 4,000 for free.

Programming/Development

• PHP 7.4.0beta1 released!

  The PHP team is glad to announce the first beta release of PHP 7.4: PHP 7.4.0beta1. This continues the PHP 7.4 release cycle, the rough outline of which is specified in the PHP Wiki.

• PHP 7.4 Reaches Feature Freeze, Beta 1 Released

  After already having gone through three alpha releases, PHP 7.4 has reached its feature freeze and branching. As a result, the first PHP 7.4 beta is now available that will follow by multiple betas and release candidates while hopefully being released by the end of November.

  PHP 7.4 brings SQLite3 Online Backup API support, support for TGA files within the GD library, the PHP FFI extension is now present for accessing C functions/variables/structures from PHP, preload functionality, performance improvements, hardening to the systemd PHP FPM service, PHP Hash is now integrated into PHP core, TLS 1.3 support for OpenSSL streams, and many fixes.

• PHP 7.4.0beta1 Released, HypriotOS 1.11.0 Now Available, ALA Asks LinkedIn Learning to Change Terms of Service that Jeopardize Privacy Rights, Red Hat Announces RHEL 8.1 Beta and The Forbidden Arts Coming to Linux

  PHP 7.4.0beta1 has been released, marking the first beta of PHP 7.4. Go here to see the list of changes, and go here to download. Note that this is an early test version and not intended for use in production. The next release, Beta 2, is scheduled for August 8th.

• What’s coming in Python 3.8

  The Python 3.8 beta cycle is already underway, with Python 3.8.0b1 released on June 4, followed by the second beta on July 4. That means that Python 3.8 is feature complete at this point, which makes it a good time to see what will be part of it when the final release is made. That is currently scheduled for October, so users don’t have that long to wait to start using those new features.

  The walrus operator

  The headline feature for Python 3.8 is also its most contentious. The process for deciding on PEP 572 (“Assignment Expressions”) was a rather bumpy ride that eventually resulted in a new governance model for the language. That model meant that a new steering council would replace longtime benevolent dictator for life (BDFL) Guido van Rossum for decision-making, after Van Rossum stepped down in part due to the “PEP 572 mess”.

• Who’s afraid of a big bad optimizing compiler?

  This article was contributed by Jade Alglave, Will Deacon, Boqun Feng, David Howells, Daniel Lustig, Luc Maranget, Paul E. McKenney, Andrea Parri, Nicholas Piggin, Alan Stern, Akira Yokosawa, and Peter Zijlstra.
  When compiling Linux-kernel code that does a plain C-language load or store, as in “a=b”, the C standard grants the compiler the right to assume that the affected variables are neither accessed nor modified by any other thread at the time of that load or store. The compiler is therefore permitted to carry out a large number of transformations, a couple of which were discussed in this ACCESS_ONCE() LWN article, and another of which is described in Dmitry Vyukov’s KTSAN wiki page. However, our increasingly aggressive modern compilers produce increasingly surprising code optimizations. Some of these optimizations might be especially surprising to developers who assume that each plain C-language load or store will always result in an assembly-language load or store. Although this article is written for Linux kernel developers, many of these scenarios also apply to other concurrent code bases, keeping in mind that “concurrent code bases” also includes single-threaded code bases that use interrupts or signals.

• Excellent Free Books to Learn C

  C is a general-purpose, procedural, portable, high-level programming language that is one of the most popular and influential languages. It was designed to be compiled using a straightforward compiler, to provide low-level access to memory, to provide language constructs that map efficiently to machine instructions, and to require minimal run-time support. Many programming languages owe a considerable debt to C. It has become something of the lingua franca in the programming world.

  C is fairly simple to understand. It allows the programmer to organize programs in a clear, easy, logical way. It is a very flexible, practical and compact language combined with an easy to read syntax. Code written in C runs quickly, with easy access to the low level facilities in the computer. Compiler directives make it possible to produce a single version of a program compiled for different architectures.

  C is about freedom. It therefore makes sense to learn C with books that also embody freedom. Take a look at my open source picks and see if any of them grab your fancy.

• Get the market data of cryptocurrency-currency pair

  Hello and welcome back, in this chapter we will continue to develop our cryptocurrency project with the above new features.

  Before we start we will create a new loader class which will load the currency’s market data as well as the cryptocurrency data into the combo box at the beginning of the main program to further tidy up the main program file.

Science

• ‘It smells like gunpowder’: Astronauts tell of their time on the moon (audio)

  Monitor science reporter Eva Botkin-Kowacki had a chance to ask two of those national heroes directly about what that experience has meant to them. Charlie Duke was in mission control when Apollo 11 landed on July 20, 1969. He got the chance to go himself three years later. Harrison “Jack” Schmitt was one of the last two men to walk on the surface of the moon.

Security (Confidentiality/Integrity/Availability)

• VLC Developer Debunks Reports of ‘Critical Security Issue’ In Open Source Media Player

  Widespread reports of a “critical security issue” that supposedly impacted users of VLC media player have been debunked as “completely bogus” by developers. Earlier this week, German computer emergency response team CERT-Bund — part of the Federal Office for Information Security (BSI) — pushed out an advisory warning network administrators and other users of a high-impact vulnerability in VLC. It seems that this advisory can be traced back to a ticket that was opened on VLC owner VideoLAN’s public bug tracker more than four weeks ago. The alleged heap-based buffer overflow flaw was disclosed by a user named “topsec(zhangwy),” who stated that a malicious .mp4 file could be leveraged by an attacker to take control of VLC media player users’ devices. The issue was flagged as high-risk on the CERT-Bund site, and the vulnerability was assigned a CVE entry (CVE-2019-13615).

• VLC developer debunks reports of ‘critical security issue’ in open source media player

  In fact, the earliest version of VLC that is potentially vulnerable to this exploit is 3.0.2, which was superseded in April 2018, leading to suspicions that the bug reporter was working on a computer running an outdated version of Ubuntu.

  ?If you report a security issue, at least update your Linux distribution,? Kempf said.

  Moreover, says Kempf, it would be very difficult to develop a reliable exploit that worked on older systems, and out of the question to develop a hack against an up-to-date version of the software.

  ?The issue was there two years ago, but it?s absolutely not possible to take control [of someone?s device now],? he said.

  ?You need to send a file. The person needs to open it on a vulnerable version of VLC and then you need to disable the security of your machine [in particular, address space layout randomization] to exploit the heap buffer overflow.

  ?That was patched more than a year ago, in April 2018.?

• After Blackouts, Johannesburg’s Power Company Hit by Ransomware

  The attack didn’t affect the grid but denied access to City Power’s website and online power purchases Thursday.

• IRS missing basic IT security measures

  Eight of the 14 security shortfalls identified by the GAO relate to access management, while an additional four weaknesses pertain to configuration management. The final two shortfalls pertained to segregation of duties and a contingency plan deficiency.

• VPN flaw enables [attackers] to easily infiltrate corporate network

  Researchers at Devcore claim to have discovered security flaws in three popular corporate VPNs that could enable attackers to steal confidential information from a company’s network.

  The vulns affect three corporate virtual private networks (VPN) providers, namely, Palo Alto Networks, Fortinet, and Pulse Secure.

• 1 Million+ ProFTPD Servers Vulnerable To Remote Code Execution Attacks [Ed: Nope. FOSSBytes now manages to make more misleading and dramatic headlines than even Bleeping Computer (which initially spread this misleading headline and then deleted it.)]

• VideoLAN says VLC security flaw is fixed

  Update 7/24: VideoLAN took to Twitter earlier this morning to clarify that the security issue discovered by CERT-Bund is not as severe as reported.

• You need to uninstall VLC player ASAP! (Updated) [Ed: They posted an update, but the headline has not been corrected. Deliberate FUD.]

  We’re not recommending uninstalling action just yet, because there’s a bit more to the story. The bug report for the issue has been open for four weeks, but VideoLAN president and lead VLC developer Jean-Baptiste Kempf left a series of comments today indicating that the alleged bug isn’t as big a deal as everyone is making it out to be. In three separate comments, he wrote: VideoLAN also took to Twitter to talk about the bug—or rather, the non-bug.

• Alleged critical VLC flaw is nothing to worry about — and is nothing to do with VLC [Ed: Some people did correct their articles or issued a standalone correction.]

  There has been a degree of confusion over the last few days after news spread of a supposed vulnerability in the media player VLC. Despite being labelled by security experts as “critical”, VLC’s developers, VideoLAN, denied there was a problem at all.

Defence/Aggression

• Why thousands of drivers in Sweden might have to hand over their cars to the army

  It’s primarily trucks and cars that would be needed, but the rules would also apply to motorcycles and snowmobiles, Sveriges Radio reported. If this took place, the vehicle owners would receive compensation from the state.

  As for specific models, the army is most keen to have vehicles manufactured by Swedish companies including Volvo and Scania.

Transparency/Investigative Reporting

• Bi-Partisan FOIA Reform Bill Would Correct Recent Supreme Court Decision

  Senators Chuck Grassley (R-IA), Patrick Leahy (D-VT), John Cornyn (R-TX), and Dianne Feinstein (D-CA) have introduced the Open and Responsive Government Act (S. 2220) to reverse the recent Supreme Court decision in Food Marketing Institute v. Argus Leader Media which overturned over 40 years of Freedom of Information Act precedent. The bill codifies the National Parks test, requiring that information may only be withheld from the public if disclosure would cause “substantial competitive harm” to the oompany that provided that information to the government. The bill also makes clear that agencies may only redact information under the FOIA’s nine exemptions and cannot redact information as “non-responsive.”

Environment

• 9 Teen Climate Activists Fighting for the Future of the Planet

  As politicians begin to discuss life-changing legislation like the Green New Deal, another group of environmental activists have begun the fight for immediate change. Taking cues from their predecessors, Generation Z has taken on the enormous task of saving the planet from future destruction — and ensuring they have a future to look forward to.

• Recent warming over the past 100 years is not part of a natural process, studies find

  In one of three new studies published in the journals Nature and Nature Geoscience, researchers found that previous periods of climate change such as the Little Ice Age and the Medieval Warming Period were regional and not a global phenomenon.

  In contrast, the warming that has occurred over the past century has been far-reaching and global in nature.

• No Climate Event in 2,000 Years Compares to What’s Happening Now

  Tambora was the largest volcanic eruption since the end of the last Ice Age, one of a series of eruptions that pumped huge amounts of sunlight-reflecting gas into the atmosphere. This gas darkened and chilled summers in Europe. It weakened the monsoons in India and West Africa. It allowed glaciers to advance in the Alps.

  In other words, these eruptions brought about a kind of natural climate change. But it was felt differently in different places. And new research confirms that it pales in comparison to the climate change we now face.

• Doc who exposed water crisis in Flint came to N.J. because she’s worried about kids’ safety

  Dr. Hanna-Attisha spoke at a community forum organized by the Newark Water Coalition and the Natural Resources Defense Council about the effects of lead and what to do about it. About 100 people — including children — gathered inside St. Stephan’s Church in the Ironbound as she explained that lead poisoning is asymptomatic and its effects sometimes don’t show up for years.

  “Once it’s in your blood stream it’s an irreversible neurotoxin,” she said. Though not everyone exposed to lead will have problems, toxic stressors like poverty, poor nutrition and split families can influence lead’s impact on cognition and behavior.

• Watergen partners with Flint, Michigan where water quality is ‘third-world’

  Israeli company Watergen just launched a new partnership with the community of Flint, Michigan, providing what could be the first large scale solution for drinking water by placing a 350 unit in the community church. If successful, it could be a model for similar towns.

  As opposed to bringing in plastics that are associated with trucking in water bottles, Watergen uses a dehumidification apparatus to create water out of thin air.

• At least 2% of US public water systems are like Flint’s – Americans just don’t hear about them

  No amount of lead in water is safe, but the lower level in Flint represents a substantial improvement over the 27 ppb reported by the Virgina Tech Water Study at the peak of the crisis in April 2015.

  However, even Flint’s highest levels were not atypical for water systems that have problems. Most reports of elevated lead levels cluster in the range between 15 and 20 ppb.

• Flint’s Problems Didn’t Start with Water

  As part of the 2019 WDET Book Club, WDET is exploring the Flint Water Crisis through Dr. Mona Hanna Attisha’s book on the subject, “What The Eyes Don’t See.” To look a bit deeper into the various factors that played into Flint’s current state, Detroit Today host Stephen Henderson is joined by Thomas Sugrue, Professor of Social and Cultural Analysis and History at NYU. Sugrue is a specialist in twentieth-century American politics, urban history, civil rights, and race.

• The views we’ll lose with climate change

  Staff at a British company became so frustrated by the many adults still denying the scientific evidence of global warming that they are using graphic images of the effects on several famous tourist sites to show people the views we’ll lose.

  The prediction from scientists that the city of Venice and London’s world-famous Big Ben are among the treasures that will be overwhelmed by flooding from heavy rains and sea level rise has led those who work at The Solar Centre to produce current and future pictures of these tourist magnets to ram home their point.

  They have also created similar before-and-after images of the English Lake District, which will begin to dry up because of climate change, and the Great Barrier Reef in Australia, where corals are already being wiped out and will vanish entirely under the worst-case scenario.

  In the past tabloid newspapers have got into trouble for mocking up photographs of what will happen under rising temperatures, but the campaigners at The Solar Centre insist that their images recreate the scientific evidence.

• A Climate-resilient Los Angeles Must First Address Its Polluted Past

  Can a big city be truly sustainable in the age of climate change? Los Angeles is trying to find out.

  The United States’ second-largest city has big green plans. In April Mayor Eric Garcetti announced a goal to get 80 percent of the city’s electricity from renewable sources by 2036 and make sure 80 percent of the vehicles on the road then are carbon-emissions free.

  This is part of L.A.’s version of a Green New Deal, the grand plan for decarbonization being kicked around Washington, D.C. and other localities.

  But the city’s aspirations don’t stop at clean energy. For L.A. to truly boost its climate resilience it also needs to address its water — 86 percent of which comes from three sources located hundreds of miles away. Climate change, earthquakes and other environmental pressures threaten to disrupt that supply and increase prices. With those threats in mind, the city plans to source 70 percent of its water locally by 2035 to reduce greenhouse gas emissions and build its water resilience.

• Energy

  • Freedom to Drive Coalition Brings the Koch Disinformation Playbook to Colorado

    In recent years, the majority of Coloradans have been struggling to breathe clean air, and tailpipe emissions carry much of the blame. Lawmakers have started to take on this threat with a number of clean car standards and incentives coming out of the Governor’s office and the state legislature. However, a newly formed coalition of car dealers, the oil and gas industry, and free market advocates are working to put the brakes on clean air policies in Colorado, and they’re using a disinformation playbook often used by organizations in the Koch network.

    Launched in March, the Freedom to Drive Coalition has fought against Colorado’s adoption of low emission vehicle standards (which the state’s Air Quality Control Commission approved in a unanimous 9-0 vote) and is now battling a complementary effort to adopt zero emission vehicle (ZEV, or electric car) standards that would greatly reduce tailpipe emissions.

• Wildlife/Nature

  • Paris eyes vegetation to beat the urban heat

    Paris authorities have been implementing a strategy to use increased vegetation to beat the urban heat effect caused by overcrowding and land surfaces covered by asphalt.

  • NOAA Responds to Ongoing Outbreak of Coral Disease in Florida

    The ongoing outbreak of stony coral tissue loss disease in the Florida Reef Tract began in 2014 and continues to spread. It is highly active off Key West, Florida and appears to be expanding to the Caribbean region. The Lower Florida Keys are in the epidemic zone with the highest concentration of active disease.

    While disease outbreaks are not uncommon, this event is unique due to its large geographic range, extended duration, rapid progression, high rates of mortality, and the number of species affected. Stony coral tissue loss disease affects at least 22 species of reef-building corals. Once infected, coral colonies typically die within weeks to months.

    The disease is thought to be caused by bacteria and can be transmitted to other corals through direct contact and water circulation. Researchers are working to identify potential pathogens and relationships with environmental factors, developing strategies to treat diseased colonies, and identifying genotypes of corals that are resistant to the disease.

Finance

• DOJ Prepares To Sign Off On An Elaborate T-Mobile Merger Plan That Isn’t Likely To Work

  While the Pai FCC is chomping at the bit to approve T-Mobile and Sprint’s competition and job killing mega-union, rumors have long been that many DOJ staffers remain highly skeptical about the purported benefits of the deal. After all, history routinely shows that when you reduce the number of overall competitors in the telecom space from four to three, the reduction in competition results in higher prices and worse service (go ask the Canadians or the Irish). Such mergers also pretty routinely are massive job killers, given there’s a laundry list of support and middle management personnel who wind up being redundant.

AstroTurf/Lobbying/Politics

• Mueller Has Provided Congress With Everything It Needs to Impeach Trump

  For the purposes of a congressional inquiry that might lead to the impeachment of the president, the questioning with regard to attempts by Trump and his associates to obstruct an inquiry into allegations of political wrongdoing was vital. It got to the heart of the matter of whether the president must be held to account for abuses of power that have historically been understood as impeachable. And, in this regard, Mueller’s testimony was powerful and important. The question is whether the Judiciary Committee and the Congress will treat it as such.

  So far, it has not. And that frustrates accountability activists.

  “Robert Mueller did his job—and it’s far past time for lawmakers in Congress to do theirs [...] ”

• Attorney General William Barr on Encryption Policy

  I think this is a major change in government position. Previously, the FBI, the Justice Department and so on had claimed that backdoors for law enforcement could be added without any loss of security. They maintained that technologists just need to figure out how—an approach we have derisively named “nerd harder.”

  With this change, we can finally have a sensible policy conversation. Yes, adding a backdoor increases our collective security because it allows law enforcement to eavesdrop on the bad guys. But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone. This is exactly the policy debate we should be having—not the fake one about whether or not we can have both security and surveillance.

• An army of China’s [Internet] [Astroturfers] has a message for Hong Kong protesters

  Di Ba, an online Chinese patriotic group, is venturing outside the country’s walled [Internet] garden to aid China’s efforts to shape the narrative around Hong Kong’s unflagging protests.

• United Nations refuses to accept West Papua independence petition, says it will not ‘do anything against Indonesia’

  International body’s decolonisation committee said it will only deal with 17 states identified non-self-governing territories

• Johnson’s Westminster Cabinet is Far to the Right of Thatcher

  I can only imagine that the media people who are saying this is the most right wing cabinet since the 1980’s were not sentient in the 80’s. Thatcher never had a Home Secretary remotely as illiberal as Pritti Patel, never had a Foreign Secretary remotely as xenophobic as Dominic Raab, never even had a Chancellor as anti-State intervention as Savid Javid (though came closer there) and never had a Defence Secretary as bellicose as Ben Wallace.

  Even Thatcher’s final and most right wing Cabinet contained figures like Ken Clarke, Chris Patten, John Major, Virginia Bottomley, Douglas Hurd and William Waldegarve. All Tories with whom I have fundamental disagreements, but every single one of them is far, far to the left of virtually all of Johnson’s appalling cronies.

  Thatcher deliberately and cruelly wrecked the social democratic society in which I grew up, with the aim of destroying any ability for working people to be protected against the whims of the wealthy. But Thatcher never introduced privatisation into the NHS or state schools – that was her acolyte Blair. She maintained free university education in England and Wales. That was destroyed by Blair too. We should be more rigorous than to accept Thatcher as the definitive most right wing government possible. It is not only lazy, it obscures the fact we now have the most right wing British government since 1832.

Censorship/Free Speech

• Philippines: Drop Sedition Cases Against Duterte Critics

  The Duterte administration has previously targeted political opposition figures and critics of the “drug war,” Human Rights Watch said. In February 2017, it accused Senator de Lima of involvement in the drug trade. The accusation was based entirely on the testimony of convicted drug dealers that Human Rights Watch believes are baseless but later served as the grounds for her arrest and continued police detention. The government has likewise filed sedition charges against a former senator and Duterte critic, Antonio Trillanes IV, one of those named in the recent complaint.

• Lebanese KTV presenter acquitted of ‘blasphemy’

  The Court of Appeals presided over by Judge Nasr Al-Hayad overruled the verdict issued by the Criminal Court which sentenced a Lebanese presenter working for Kuwait TV to one-year imprisonment with hard labor on charges of committing blasphemy during a TV program.

• Why Was a Saudi Attacked by Palestinians?

  The unfortunate Saudi’s crime — in the eyes of the Palestinians — was that he was part of a delegation of Arab journalists invited to visit Israel. Such visits are often condemned by Palestinians as actions that lead to promoting normalization between Arabs and Israel. The Palestinians are strongly opposed to any form of normalization with Israel and consider it tantamount to treason. They are afraid that if the Arabs normalize their relations with Israel, they will stop caring about the Palestinians. The Palestinian position is that there can be no normalization between Israel and the Arabs before the Israeli-Palestinian conflict is resolved.

Court Tosses Lawsuit Claiming Muting A Runescape Character Violates The First Amendment

Here’s a bit of a weird one: a First Amendment lawsuit over the “muting” of a player’s character. (h/t Volokh Conspiracy)

Amro Elansari — in a handwritten complaint [PDF] — contends Jagex Inc., the company behind Runescape, violated loads of rights and other things when it apparently muted his character back in March of this year. The allegations include discrimination, violations of his free speech rights along with his due process rights, and other “adverse action.”

He claims he was muted for no reason and without notification — this despite being a “streamer + 2000 hours + invested.” He also claims this happened while he was streaming and that viewers witnessed this egregious violation of multiple rights as it happened. Elansari’s lawsuit asks for the court to order the “mute” removed and whatever else a jury might find proper to award him.

Obviously, there’s nothing the judicial system can do for him.

Facebook will have to monitor its own privacy rules — and that’s likely not enough

Notably, the FTC was split on the issue and only passed the order with a 3–2 decision. While the three Republican commissioners at the agency approved the move, the two Democrats on the commission dissented, saying that the order will do little to change the company’s behavior.

Rohit Chopra, one of the Democrats, said in a statement that Facebook’s business model relies on “surveillance and manipulation” and that the order will fail to prevent privacy lapses in the future, saying the privacy provisions “are less than meets the eye.”

Lawmakers deride FTC settlement as weak on Facebook

Almost as soon as the FTC announced its $5 billion settlement with Facebook on Wednesday morning, lawmakers in both chambers emerged with scathing criticism, calling the agreement a slap on the wrist for a company that recorded almost $56 billion in revenue last year.

Facebook Investors Shrug Off $5 Billion Fine, New Investigations as Q2 Earnings Beat Expectations

Facebook still generates the vast majority of its revenue with advertising, with mobile advertising making 94% of all of the company’s ad revenue. However, the company is also growing its non-ad revenue to $262 million for the quarter, up from $193 million in Q2 of 2018.

Estimating the success of re-identifications in incomplete datasets using generative models

Our results suggest that even heavily sampled anonymized datasets are unlikely to satisfy the modern standards for anonymization set forth by GDPR and seriously challenge the technical and legal adequacy of the de-identification release-and-forget model.

Barr Says Police Need Encryption Backdoors, Doesn’t Mention [Cracking] Tools They Use All the Time

Somehow in his 4,172 word speech, Barr failed to mention that law enforcement has another option, one which they don’t have to wait around for, but use all the time: [cracking].

When Will We Get the Full Truth About How and Why the Government Is Using Face Recognition?

Earlier this month, the House Committee on Homeland Security held a hearing to discuss the role of face recognition and other invasive biometric technologies in use by the Department of Homeland Security (DHS). Despite some pushback from some lawmakers on the committee, John Wagner of the U.S. Customs and Border Protection (CBP), Austin Gould of the Transportation Security Administration (TSA), Joseph DiPietro of the Secret Service, and Charles Romine from the National Institute of Standards and Technology (NIST) argued that face recognition and biometric surveillance is safe, regulated, and essential for the purposes of keeping airports and U.S. borders secure. This hearing made clear: this technology is not well-regulated, it does impact the privacy of travelers, and its effectiveness has yet to be proven.

Thank Q, Next

The newest release of Android, dubbed “Q,” is currently in late-stage beta testing and slated for a full release this summer. After a year defined by new privacy protections around the world and major privacy failures by Big Tech, this year, Google is trying to convince users that it is serious about “protecting their information.” The word “privacy” was mentioned 22 times during the 2019 Google I/O keynote. Keeping up that trend, Google has made—and marketed—a number of privacy-positive changes to Android for version Q.

Many of the changes in Q are significant improvements for user privacy, from giving users more granular control over location data to randomizing MAC addresses when connecting to WiFi networks by default. However, in at least one area, Q’s improvements are undermined by Android’s continued support of a feature that allows third-party advertisers, including Google itself, to track users across apps. Furthermore, Android still doesn’t let users control their apps’ access to the Internet, a basic permission that would address a wide range of privacy concerns.

[...]

You can view your advertising ID on Android by heading to Settings > Google > Ads, and you can reset it by tapping Reset advertising ID. This will cause your phone to generate a new, unique ad ID that is unrelated to the old one. While it’s nice that Google gives you some control over your ad ID, neither a preference flag nor a simple “reset” will actually prevent anyone from tracking you. Apps on your device can access more than enough information to allow them to link your old ID to your new one if they so choose. Once again, Google politely instructs trackers “respect the user’s intention in resetting the advertising ID,” but does not indicate how this is enforced.

Apple’s iOS has a nearly identical “Identifier for Advertisers (IDFA),” which is also available to developers without any special permissions. Like Google, Apple’s decision to make allow this kind of tracking by default conflicts with its privacy-focused marketing campaign. Unlike Google, Apple does give users the ability to turn off tracking completely by setting the IDFA to a string of zeros.

On Android, there is no way for the user to control which apps can access the ID, and no way to turn it off. While we support Google taking steps to protect other hardware identifiers from unnecessary access, its continued support of the advertising ID—a “feature” designed solely to support tracking—undercuts the company’s public commitment to privacy.

FTC’s Privacy Settlement With Facebook Gets Pretty Much Everything Backwards; Probably Helps Facebook

Frankly, all of those are much more serious breaches than what happened with Cambridge Analytica.
Separately, as I discussed two weeks ago, if you’re mad at the size of the fine, you’re missing the point. This is, by far, the largest fine the FTC has ever issued, and goes way beyond anything that it’s done before. The real problem is that this is basically all that the FTC can do. That’s the only weapon it has and it’s never going to be enough because the FTC isn’t really set up to handle modern privacy questions like this — and that would require a new mandate from Congress. This is in Congress’s court.

That said, my bigger concern, as always, is that everyone’s obsession over “protecting privacy” is going to mean significantly less competition. I raised this issue last year, soon after everyone freaked out about Cambridge Analytica, noting that I feared what would happen is that Facebook would be driven to lock down everyone’s data rather than making it more accessible to third party and competing services.

There are significant and important trade-offs here. For years now I’ve been talking about the real way to create more competition on the internet, and much of it involves pressuring the big internet companies into opening up. Have them create APIs that allow others to build services on top of their data so that we’re not so locked into the giant platforms. Enable more competition at the service level, rather than the data collection level.

Freedom of the press in Indonesian-occupied West Papua

UN officials have found themselves barred from accessing West Papua. Former UN high commissioner for human rights, Zeid Ra’ad Al Hussein, issued a statement of concern over Indonesia’s persistent foot-dragging in response to his desire to visit the territory. The current high commissioner, Michelle Bachelet, has similarly found her outstanding request for access unfulfilled. West Papuan journalists working locally face even more severe threats. This decade, several have been killed, arrested, beaten or tortured, allegedly for their reporting on Indonesian security service activities.

Espionage trial to begin for former Radio Free Asia reporters in Cambodia

“Cambodia should immediately drop the spurious charges against former Radio Free Asia reporters Uon Chhin and Yeang Sothearin,” said Shawn Crispin, CPJ’s senior Southeast Asia representative. “As long as Cambodia treats journalists like criminals, its reputation as a failed democracy will remain.”

White cops are no likelier to shoot dead African-Americans than black ones are

New research suggests that increasing racial diversity in police departments will not cut the number of non-white Americans shot dead by police

Egypt: New NGO Law Renews Draconian Restrictions

The government seems to have finalized the draft law in early April but did not make the draft public, even after sending it to the parliament on June 26, a few days ahead of a scheduled parliamentary recess. Ali Abdel Aal, the Parliament speaker, extended the parliament’s session several times, saying he was personally “under pressure.” He said the law had to be in effect before Egypt’s upcoming Universal Periodic Review at the UN Human Rights Council, scheduled for November.

The new law prohibits a wide range of activities, such as to “conduct opinion polls and publish or make their results available or conduct field researches or disclose their results” without government approval. The law states that the government must “ensure the integrity and neutrality of the polls and their relevance to the activity of the Association.” The law completely prohibits other activities under vaguely worded terms such as any “political” work or any work that undermines “national security.”

Class nine student beaten by senior students for protesting ‘Allah Hu Akbar’ during National Anthem singing in school

Arup vehemently protested the vilification of National Anthem by the Muslim students, and tried to inform the teaches about the same. But the unruly students got infuriated at this, and they thrashed him badly. Due to the serious nature of the injuries, he was admitted at the Canning Hospital by the teachers of the school.

Aligarh: Man beaten up for ‘reciting Bhagavad Gita’ at home, two held

The Aligarh police arrested two persons Friday for allegedly beating up a 42-year-old man, their neighbour, for “reciting Bhagavad Gita” at his residence in Delhi Gate police station area.

Police said Dilsher Khan was reciting from the holy book Thursday morning when Mohammad Sameer (20) and Zakir (21) entered his house and assaulted him.

At least 139 dead in Papuan displacement camps – aid group

But a report by the aid group, Solidarity Team for Nduga, puts the number of displaced people at 5,000.

The figure is in line with estimates from other rights groups.

Thursday’s report also said 139 people from Nduga had died in a displacement camp in Wamena town, mostly from disease and malnutrition.

District Attorneys Have Figured Out How To Turn Criminal Justice Reform Efforts Into Revenue Streams

Reform efforts targeting cash bail, plea deals, and life-altering criminal charges have occasionally hit on the idea of pre-trial diversion. In exchange for payment and possible an educational class or two, people now have the possibility of satisfying their obligation to the government while keeping their criminal record clean.

It sounds like a good idea. But there’s a huge gap between the theory and the practice. In some cases, corporations like Walmart have inserted themselves into the criminal justice system, freeing shoplifters of criminal charges provided suspects pay the store a few hundred dollars and attend mandatory “don’t be a criminal” classes. Unlike the government version, there’s no chance you’ll be found innocent by a jury of your peers. If Walmart accuses you, you pay the fines, do the classroom time, or get hit with criminal charges anyway.

Elsewhere, government agencies are moving forward with pre-trial diversion programs. It makes a limited amount of sense. People don’t want to go to jail. And prosecutors don’t necessarily want to put in the prosecution work for every rinky-dink case cops toss their way. Yes, there’s not a lot of due process in it, but there really isn’t much in the system anyway, not when most criminal accusations result in plea deals, rather than jury trials.

These programs could result in positive outcomes for accused citizens, who are able to keep their criminal/driving records spotless despite being cited or arrested for violations. Unfortunately, the programs are being warped to serve prosecutors, rather than the public, as Jessica Pishko reports for Politico.

Trump keeps losing tech policy fights

We’re two and a half years into Donald Trump’s presidency, and one thing is clear: his administration keeps getting absolutely railroaded in tech policy fights.

Unlike Barack Obama, whose administration’s oversight of the tech industry was marked by general coziness and a revolving door of industry players, Trump has been far more aggressive with the tech industry, weighing in on everything from Twitter’s algorithm to cryptocurrency regulation. But almost every time, his efforts have resulted in weak enforcement changes, whipsaw policy confusion among free-market conservatives, and / or outright losses. Take the three biggest policy fights so far: [...]

Copyrights

• Court Determines That This Duck Doesn’t Look Enough Like Another Duck To Be Infringing

  It’s that whole idea/expression dichotomy. In the form of an inflatable duck.

  And thus, the copyright claim fails even though the trial produced significant evidence that Kangaroo was deliberately “copying” the idea of the floating duck. As the court notes at one point: “the fact that Kangaroo copied the Derby Duck does not establish liability.”

  [...]

  Finally, the court rejects the unfair competition claim, in large part because literally no one seems to have the necessary evidence. At issue: Kangaroo posted its duck to Amazon, but quickly took it down after Great American Duck Races complained, and no one seems to still have a copy of what the Amazon product page looked like — which is necessary for the unfair competition claim.

  It does seem notable that even after Amazon agreed to pull the product, Great American Duck Races still sued Kangaroo. And it seems like that may have backfired, since now Kangaroo may be able to go back to Amazon and point to this ruling as evidence that it can sell its product there. The case has been dismissed without prejudice, so it is still possible that Great American could file an amended complaint, but it’s difficult to see what will change this ruling.

• Stream-Ripping Sites And YouTube Now Engaged In Whac-A-Mole

  As we’ve been talking about for a bit now, there is a new favorite target of the music industry when it comes to anti-piracy efforts: stream-ripping websites. It’s important to continue to point out that, despite the plain fact that these sites are quite often used to generate audio-rips of copyrighted music video material, that is most certainly not their only use. Other uses for these sites are non-infringing. But this is the music industry we’re talking about, with it’s storied history of carpet-bombing technology tools rather than precision bombing actual infringement.

  [...]

  Stupid, perhaps, but not in the way that last quote suggests, I don’t think. Instead, it would be better for YouTube, which obviously isn’t taking this too seriously, to refuse the music industry’s requests to inhibit technology tools that aren’t in themselves infringing. YouTube can enforce its own ToS or not, but it shouldn’t bother even pretending to want to do battle with site operators on behalf of the music industry.

• Demonoid Staffers Launch New Site to Keep the Legacy Alive

  A group of former Demonoid staffers have launched a new torrent site to keep the legacy of founder Deimos alive. While the original Demonoid is not coming back, the new site has the same look and feel and aims to offer a new home to those who miss the defunct torrent tracker.

Server

• cloud-init 19.2 Released

  Version 19.1 is already available in Ubuntu Eoan. A stable release updates (SRU) to Ubuntu 18.04 LTS (Bionic) and Ubuntu 16.04 LTS (Xenial) will start in the next week.

• IBM

  • Considering Cloud Repatriation? Don’t Forget Your Data!

    Organizations should consider complementing their object storage initiatives with an abstraction layer that combines storage from multiple clouds into a single virtual storage unit. Enterprises shouldn’t migrate data unless absolutely necessary. An abstraction layer can make it easier to manage data wherever it resides.

    The end result of all of this is an IT strategy that eliminates or reduces discontinuity between different cloud platforms. Enterprises can choose to use the public cloud based on their unique business needs, not their technical bandwidth. Or, they can opt to use a combination of public and private clouds. Either way, with the appropriate storage infrastructure, they can get rid of the remorse and rest assured that their data will always be available.

  • Accelerate your OpenShift Network Performance on OpenStack with Kuryr

    Overall, Kuryr provides a significant boost in pod-to-pod network performance. As an example we went from getting 0.5Gbps pod-to-pod to 5 Gbps on a 25 Gigabit link for the common case of 1024B TCP packets when worker nodes nodes were spread across separate OpenStack hypervisors. With Kuryr, we are able to achieve a higher throughput, satisfying application needs for better bandwidth while at the same time achieving better utilization on our high bandwidth NICs.

Audiocasts/Shows

• FLOSS Weekly 539: OpenLogic

Kernel Space

• Linux Kernel 5.2 Series Is Now Ready for Mass Deployments, Upgrade Now

  Released earlier this month, the Linux 5.2 kernel series is now ready for mass deployments as the first point releases are out, marking the branch as stable on the kernel.org website.
  Linux kernel 5.2 is a major release adding several exciting new features and improvements, including an open-source firmware to support DSP audio devices, new open-source GPU drivers for ARM Mali devices, a new file system mount API, support for case-insensitive names in the EXT4 file system, as well as better resource monitoring for Android.

  It also brings performance improvements to the BFQ I/O scheduler, a new device mapper “dust” target designed to simulate devices with failing sectors and read failures, a freezer controller for cgroups v2 for freeing up resources, and a CLONE_PIDFD flag to clone(2) for fetching PIDs when creating processes usable by pidfd_send_signal(2).

• Linus Torvalds Kicks Off Development of Linux Kernel 5.3 as First RC Is Out Now

  Linus Torvalds has kicked off the development of the Linux 5.3 kernel series, which will be the next major Linux kernel branch to be released this fall in early September.

  The two-week merge window from the Linux 5.2 kernel series, which is now ready for mass deployments, is now closed, so the development cycle of Linux kernel 5.3 has kicked off over the weekend with the first RC (Release Candidate) ready for download and testing. According to Linus Torvalds, Linux kernel 5.3 RC1 is a pretty big release, but not the biggest ever.

• Graphics Stack

  • MoltenVK 1.0.36 Released With Many Fixes & Improvements For Vulkan On MacOS

    The open-source MoltenVK continues advancing for supporting a healthy subset of the Vulkan API on Apple’s macOS and iOS platforms. MoltenVK 1.0.36 was released today with support for more Vulkan extensions, many bug fixes, and a variety of other improvements.

    Among the new extensions supported by MoltenVK 1.0.36 are KHR_device_group_creation, EXT_metal_surface, EXT_post_depth_coverage, EXT_scalar_block_layout, EXT_swapchain_colorspace, KHR_uniform_buffer_standard_layout, and various other extensions.

Applications

• VirtualBox 6.0.10 Adds UEFI Secure Boot Driver Signing Support on Ubuntu, Debian

  Oracle released VirtualBox 6.0.10 as the fifth maintenance release in the latest VirtualBox 6.0 series, fixing various issues and adding some exciting enhancements for Linux users.

  VirtualBox 6.0.10 comes more than two months after the previous maintenance release with some notable changes for Linux-based operating systems, especially Ubuntu and Debian GNU/Linux hosts, which received support for UEFI Secure Boot driver signing. Additionally, Linux hosts got better support for various kernels on Debian GNU/Linux and Fedora systems.

  It also fixes focus grabbing issues reported by users when building VirtualBox from sources using recent versions of the Qt application framework. The Linux guests support was improved as well in this release with fixes for udev rules for guest kernel modules, which now take effect in time, and the ability to remember the guest screen size after a guest reboot.

• at daemon 3.2.0

  There is a new version of at daemon, 3.2.0. It was implemented some new features, so the bump on the minor version.

• Proprietary

  • Dropbox walks back its own decision; brings back support for ZFS, XFS, Btrfs, and eCryptFS on Linux

    Today, Dropbox notified users that it has brought back support for ZFS and XFS on 64-bit Linux systems, and Btrfs and eCryptFS on all Linux systems in its Beta Build 77.3.127.

    The support note in the Dropbox forum reads “Add support for zfs (on 64-bit systems only), eCryptFS, xfs (on 64-bit systems only), and btrfs filesystems in Linux.”

  • Dropbox restores Linux support in new client beta

    Dropbox has walked back its November 2018 decision to stop working with filesystems popular among Linux users.

Instructionals/Technical

• How to Check the MySQL Version

• The day the virtual machine manager died

• How to perform security audits on Ubuntu server with OpenSCAP

• Managing AWS EC2 Programmatically with Node.js

• Beginners Guide To PySpark: How To Set Up Apache Spark On AWS

• Install & Run Xampp on Ubuntu 19.04 using Terminal

Games

• Good news for VR fans in the US, the full Valve Index bundle is back in stock

  Valve emailed a press release today, to mention that the full bundle of the Valve Index kit is back in stock for those in the US looking to pick it up.

• The WWI FPS “Tannenberg” has a free Latvia expansion and a 50% off sale

  M2H and Blackmill Games continue pushing out big free updates to both Tannenberg and Verdun, with Tannenberg today seeing a free expansion focused on Latvia.

  It’s a large update which includes the Latvian Riflemen, a new support squad. A new map named “The Baltic”, which features plenty of sand dunes, marshes, and swamps which you can see in action in my shot below, right before I met an unfortunate end:

• Company of Heroes 2 for macOS and Linux: Commanders update out now

  Feral Interactive today announced that Company of Heroes 2, the ever-popular WWII strategy game, has been updated with five new Commanders.

Desktop Environments/WMs

• Meet Jade, a Desktop Environment for Linux Built Using Web Tech

  Heard of the Jade desktop environment? I’ll admit that, until this week, I hadn’t — but I like what I see!

  The Jade desktop (the ‘Jade’ standing for ‘Just Another Desktop Environment’) is a Linux desktop shell based (primarily) on web technologies (eek!).

  Currently the shell is only readily available on Manjaro Linux. But since its built using a mix of Webkit2, GTK, HTML, CSS, Javascript, and Python, it is (theoretically at least) easily transferable to other Linux distros, including Ubuntu.

• K Desktop Environment/KDE SC/Qt

  • KDE Onboarding Sprint Report

    The KDE Onboarding Sprint happened in Nuremberg, 22 and 23 July. The goal of the sprint was to come closer to making getting started working on existing projects in the KDE community easier: more specifically, this sprint was held to work on the technical side of the developer story. Of course, onboarding in the wider sense also means having excellent documentation (that is easy to find), a place for newcomers to ask questions (that is easy to find).

    Ideally, an interested newcomer would be able to start work without having to bother building (many) dependencies, without needing the terminal at first, would be able to start improving libraries like KDE frameworks as a next step, and be able to create a working and installable release of his work, to use or to share.

• GNOME Desktop/GTK

  • [Older] West Coast Docs Hackfest – 2019

    This past week I joined several other members of the GNOME docs team (as well as the Engagement and GTK teams) to work as part of the West Coast Hackfest in Portland, Oregon. From the GNOME Docs side, our efforts were split between resolving documentation issue reports, improving our CI, and making some initial steps towards better help on the web.

    On the issues side, we resolved over 20 doc issues, many of which involved multiple components and discussions to arrive at the best way to fix the problem. For myself, I revamped the instructions on how to search from within the GNOME Files / Nautilus application, which mainly involved updating the current help and adding information on how you can customize which directories are included (or not included) in the search results. As part of this, I also filed a bug to improve a UI component of the search customization. I was able to give a bit of love to gedit docs, as well, though there is still more to do to bring those docs fully up-to-date.

  • Arc Menu GNOME Shell Extension Update Adds New Options, Better Performance

    Fans of the Arc Menu extension for GNOME Shell desktops have plenty of reason to upgrade to the latest release.

    Version 30 of Arc Menu features “many changes and updates to the ArcMenu code base” that, developers say, “substantially” improve the app launcher’s look, form, and function.

    Arc Menu’s ‘search’ functionality has been retooled to better match the main GNOME Shell Applications screen.

    Accordingly, the applet now pays attention to the “search” sources that are enabled in GNOME Control Centre > Search. This means you’ll see matching files, system settings, new software (in GNOME Software) returned in the panel, all cleanly delineated by header labels.

Distributions

• PCLinuxOS/Mageia/Mandriva Family

  • Mageia Linux 7.1 Adds Support for AMD Ryzen 3000-Series CPUs, Download Now

    The Mageia project has released an emergency update to the latest Mageia 7 Linux operating system to address installation issues reported by users with computers powered by AMD Ryzen 3000-series CPUs.

    Mageia 7.1 is now available for download featuring all the necessary patches needed to allow the installation on computers using AMD Ryzen 3000-series processors. The Mageia 7 release, which arrived earlier this month, did not worked well on the new AMD Ryzen 3000-series systems, which failed to start up and blocked the installation of Mageia Linux.

• Fedora Family

  • Fedora 31 Officially Dropping of the i686 kernel Support and i386/i686 Repositories

    Fedora has officially announced on June 22, 2019 that they are dropping of the i686 kernel Support and i386/i686 Repositories starting from Fedora 31.

    It was announced by Kevin Fenzi, he is working in Red Hat as the Fedora Infrastructure Lead.

    So, it’s no longer possible to install Fedora 31 or later on i686 hardware, which will be released on October.

    However, you can able to upgrade older releases as long as they are supporting a 32-bit repository. But the kernel version is still remain old possibly vulnerable kernel installed.

• Debian Family

  • Giving people credit for their work

    The same principle holds whether it is for source code or other contributions, like investigating a bug, mentoring or doing administrative work.

    Many people have been puzzled by the email from former Debian Project Leader (DPL) Chris Lamb where he fails to acknowledge the work I contributed as admin and mentor in GSoC over many years. Furthermore, reading emails like that, you might come to the conclusion that other people, including Molly de Blanc, who it is alleged Lamb was secretly dating, did the work in GSoC 2018. Yet people who participated in the program didn’t feel that is accurate. Why has Lamb failed to recognize or thank me for my own contributions?

    At first, the problems in Debian’s GSoC team were puzzling for many of us. The allegation that Molly de Blanc was Lamb’s girlfriend shines a new light on Lamb’s email. Neither of them declared their relationship to other members of the GSoC team, it was a complete shock for me when I heard about it.

• Canonical/Ubuntu Family

  • BT Taps Canonical’s OpenStack on Ubuntu to Enable Next Generation 5G Cloud Core

    BT announced it has selected Canonical’s Charmed OpenStack on Ubuntu as a key component of its next generation 5G Core.

  • BT picks Canonical Ubuntu to build 5G core

    BT has selected Canonical’s Charmed OpenStack on Ubuntu to sit at the heart of its next-generation, cloud-native 5G core network. This will help it to increase capacity to keep ahead of user demands as EE’s 5G network rolls out, and bring new services to the network quickly and cheaply.

    Canonical will provide an open source virtual infrastructure manager (VIM) as part of BT’s ongoing network functions virtualisation (NFV) programme and to aid its transition to a cloud-based core.

  • BT will use Ubuntu and OpenStack to power 5G transformation

    Specifically, BT announces it would use Canonical’s Charmed OpenStack on Ubuntu as a key component of its next-generation 5G Core. In addition, Canonical will provide the open-source virtual infrastructure manager (VIM) as part of BT’s Network Function Virtualisation (NFV) program. With this open-source cloud approach, BT can delivery the capacity it needs to meet 5G’s demand for fast, ever-changing network connections.

    VIM is being deployed using Canonical’s Juju, and Charms DevOps tools Metal-as-a-Service (MaaS) will be used as the cloud provisioning tool. BT’s 5G Core will be backed by Ubuntu Advantage for Infrastructure for the ongoing management and support of operations. The full 5G Core will first be used for 5G, but eventually, it will be used to transform all of BT’s networking offerings –fixed, mobile and Wi-Fi–into a single, seamless customer experience.

  • BT adopts Ubuntu OpenStack as core brains for its 5G, fibre-to-the-premises rollout

    British Telecom has chosen Ubuntu OpenStack, developed by open-source specialist Canonical, as the cloud platform that will help support the introduction of 5G and fibre-to-the-premises connectivity in the UK.

    As part of the deal, Canonical will provide the open-source virtual infrastructure manager (VIM) that will enable BT – and by extension, its mobile network EE – to run network functions as code, reducing the need for specialized telco hardware.

    Major telecommunications providers are currently busy transitioning from proprietary, hardware-based networks – which are expensive to build and run – to virtualized cloud-based networks, backed by commodity servers. They are not doing this because it’s fun, but because it’s the only way to cost-effectively deliver the amounts of data that their customers will require in the next few years.

  • BT launches key 5G Cloud Core strategy with Canonical

    The company behind popular open source operating system, Ubuntu, Canonical will provide the open source virtual infrastructure manager (also known as a VIM) to BT in a bid to provide faster and more reliable services. It’s all part of BT’s Network Function Virtualisation (NFV) program as the firm transitions to a cloud-based Core network.

    Such changes mean that BT can quickly deploy new services, as well as increase capacity effectively while it stays ahead of customer demand that’s being driven by 5G and FTTP.

  • BT chooses Ubuntu for core 5G network virtualisation

    BT selected Charmed OpenStack cloud-based software on the Ubuntu open-source operating system as a key component for its core 5G network. Under the agreement, Canonical, the commercial arm of Ubuntu, will provide the virtual infrastructure manager as part of BT’s Network Function Virtualisation program and the operator’s transition to a cloud-based core network.

    BT said the open-source, cloud-based approach will allow it to deploy new services quickly as well as increasing capacity to meet anticipated customer demand driven by 5G and FTTP.

  • Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS

    Canonical released new Linux kernel security updates for Ubuntu 19.04 (Disco Dingo) and Ubuntu 18.04 LTS (Bionic Beaver) operating system series to address various security vulnerabilities.
    The new security updates are here to address a race condition (CVE-2019-11599) in Linux kernel when performing core dumps, and an integer overflow (CVE-2019-11487) when referencing counting pages. Both issues affect only Ubuntu 19.04 systems and could allow a local attacker to crash the system by causing a denial of service (DoS attack) or possibly execute arbitrary code.

Devices/Embedded

• Runs on the Librem 5 Smartphone – Round 4

  We’re back for another glorious round of looking at software running on the upcoming Librem 5 Smartphone!

  If you’ve missed any of the previous videos, check out parts One, Two, and Three to get all caught up — then enjoy the 8 videos below (ranging from a music player to running the Apache Web Server right on the Librem 5). And you better believe we’ve got more on the way. A lot more.

• Jetson TX2 based AI edge computer also available as baseboard

  WiBase’s extended temperature “WB-N211 Stingray AI Inference Accelerator” AI edge computer runs Linux on an Nvidia Jetson TX2. The Stingray, which is also available as a “WB-N211-B” baseboard, joins several other TX2-based WiBase AI systems.

  WiBase, a Taiwanese AI and vision analytics subsidiary of Wistron, announced that its WB-N211 Stingray AI Inference Accelerator will support Nx Witness VMS software from Networkoptix for vision analytics and surveillance. The WB-N211 Stingray, which is based on a separately available WB-N211-B baseboard that runs Linux on an Nvidia Jetson TX2, appears to be fairly new.

• Historical high-resolution graphics on Raspberry Pi

  Raspberry Pi Trading engineer James Hughes recently pointed out a project to us that he’d found on the Raspberry Pi forum. Using a Raspberry Pi, forum member Rene Richarz has written a Tektronix 4010, 4013, 4014, 4015, and ARDS terminal emulator. The project sounded cool, but Helen and I didn’t 100% get it, so we asked James to write an introduction for us. You can find that below, followed by the project itself. James’s intro is amazing, because, despite this heat messing with my concentration, I understand the project now! That James – what a treasure. And here he is:

• Drone On Drone Warfare, With Jammers

  One of the LimeSDRs runs a GNU radio flowgraph with a specially designed block for detecting the rogue drone’s frequency modulation signature with what seems to be a machine learning classification script. The other LimeSDR runs another *secret* flowgraph and a custom script running on the SBC combines the two flowgraphs together.

• One Mix 1S Yoga mini laptop running Linux

  Even though the One Mix 1S Yoga mini laptop comes preloaded with Microsoft’s latest Windows 10 operating system it also supports a number of different Linux distributions some of which Brad Linder has put through their paces over on the Liliputing website.

Free, Libre, and Open Source Software

• Web Browsers

  • Mozilla

    • EFF Extensions Recommended by Firefox

      Earlier this month, Mozilla announced the release of Firefox 68, which includes a curated “list of recommended extensions that have been thoroughly reviewed for security, usability and usefulness.” We are pleased to announce that both of our popular browser extensions, HTTPS Everywhere and Privacy Badger, have been included as part of the program. Now, when you navigate to the built-in Firefox add-ons page (URL: about:addons), you’ll see a new tab: “Recommendations,” which includes HTTPS Everywhere and Privacy Badger among a list of other recommended extensions. In addition, they will be highlighted in Add-ons for Firefox and in add-on searches.

      What does this mean for users who already have our extensions installed? If you initially installed them from addons.mozilla.org or the recommendation list, it means that there will be a slight delay after we update the extensions while Mozilla reviews the new versions for security, utility, and user experience. If you installed the self-hosted extensions directly from eff.org without going through Mozilla, you’ll get the updates right away after a routine automated check. Either way, you can rest assured that EFF has audited every piece of software we release for security and performance problems.

• Productivity Software/LibreOffice/Calligra

  • The First LibreOffice Latin America Conference is a success and achieved important community milestones.

    The Conference opened to public on Friday 19 in a ceremony that gathered the Minister of the Secretariat of Linguistic Policies (SPL), Ladislaa Alcaraz de Silvero, Prof. Limpia Ferreira Ortiz, FP-UNA Vice-Dean, members of the Guaraní Culture Atheneum, Prof. Mag. Alcides Torres Gutt, Coordinator of the Translation Team together with Italo Vignoli and Gustavo Pacheco representing The Document Foundation and the LibreOffice Community.

    “The LibreOffice Latin American Conference is an event not only of technology, it is also a space for the study of new forms of productive organization. It will deal with technical topics such as development and quality control, but also with successful cases of migration and, with special attention, the translation into Guaraní, native of the American continent and official in Paraguay,” said the Vice-dean in her inaugural speech.

    The conference initiative was declared of “Scientific and Technological Interest” by the Honorable Chamber of Deputies of Paraguay.

• Education

  • Linkedin to libraries: drop dead

    For years, libraries across America have paid to subscribe to lynda.com for online learning content; four years ago, lynda.com became a division of Linkedin, and this year, the company has informed libraries that they’re migrating all lynda.com users to Linkedin Learning, which would be fine, except Linkedin only allows you to access Linkedin Learning if you create and connect a Linkedin profile to the system.

    If libraries accept this change, it will mean that any patron who uses this publicly funded service will also have to have a publicly searchable Linkedin profile. Linkedin’s explanation of why this is OK is purest tech-bro PR bullshit, condescending and dismissive.

  • ALA urges LinkedIn Learning to reconsider changes to terms of service that impair library users’ privacy rights

    Under LinkedIn Learning’s new terms of service, a library cardholder will need to create a LinkedIn profile in order to access LinkedIn Learning. In addition to providing their library card number and PIN, users will have to disclose their full name and email address to create a new LinkedIn profile or connect to their existing profile. New users will have their LinkedIn profile set to public by default, allowing their full name to be searched on Google and LinkedIn.

    ALA has long affirmed that the protection of library users’ privacy and confidentiality rights are necessary for intellectual freedom and are fundamental to the ethical practice of librarianship. ALA’s Library Bill of Rights and its interpretations maintain that all library users have the right to access library resources without disclosing their personally identifiable information (PII) to third parties, and to be free from unreasonable intrusion into, or surveillance of, their lawful library use.

    “The requirement for users of LinkedIn Learning to disclose personally identifiable information is completely contrary to ALA policies addressing library users’ privacy, and it may violate some states’ library confidentiality laws,” said ALA President Wanda Kay Brown. “It also violates the librarian’s ethical obligation to keep a person’s use of library resources confidential. We are deeply concerned about these changes to the terms of service and urge LinkedIn and its owner, Microsoft, to reconsider their position on this.”

• Pseudo-Open Source (Openwashing)

  • Uber releases Ludwig 0.2 with audio and speech improvements, plus Comet.ml and BERT integration

    Roughly five months following the debut of Ludwig, Uber’s open source and no-code deep learning toolkit, the ride-hailing company today detailed improvements with the latest version: Ludwig 0.2. Among them are new tools and over 50 bug fixes, plus Comet.ml integration, the addition of Google’s BERT natural language model, and support for new feature types including audio, speech, geospatial, time, and date.

    “The simplicity and the declarative nature of Ludwig’s model definition files allows machine learning beginners to be productive very quickly, while its flexibility and extensibility enables even machine learning experts to use it for new tasks with custom models,” wrote Uber engineers Piero Molino, Yaroslav Dudin, and Sai Sumanth Miryala. “Members of the broader open source community contributed many of new features to enhance Ludwig’s capabilities.”

• FSF/FSFE/GNU/SFLC

  • gNewSense/Sam Geeraerts Stepping down

    After much consideration, I've decided to step down as the maintainer of
    gNewSense. It was the distro I fell in love with and it would hurt me to
    see it disappear. Yet I must be honest with myself and the community and
    face the facts. I feel like I can't give it the attention it needs to
    keep it in a state worthy of a distro recommended by the FSF. I'm sorry
    to disappoint current users and those anticipating a new release.
    
    I would like to thank everyone who I've worked with and who contributed
    to gNewSense since it sparked from Paul O'Malley's brain over a decade
    ago. It's been fun and educational.
    
    If someone wants to take over I will be quite happy to get that person
    going. I then might still help out, but I'm not going to take the lead
    anymore. Please get in touch or forward to anyone who might be interested.
    
    I will keep the repositories and other infrastructure running for now.
    
    Regards,
    samgee
    

  • FSF-Approved gNewSense Maintainer Parts Way With Project

    The gNewSense that is based on Debian GNU/Linux but comprised entirely of free software without any non-free software support is now without a maintainer.

    The gNewSense operating system is one of the few Linux distributions approved by the Free Software Foundation due to its exclusion of proprietary software. The gNewSense project has been running since 2006 and at times has struggled to be maintained while now it’s lost current maintainer Sam Geeraerts.

• Programming/Development

  • Announcing composable multi-threaded parallelism in Julia

    Software performance depends more and more on exploiting multiple processor cores. The free lunch from Moore’s Law is still over. Well, we here in the Julia developer community have something of a reputation for caring about performance. In pursuit of it, we have already built a lot of functionality for multi-process, distributed programming and GPUs, but we’ve known for years that we would also need a good story for composable multi-threading. Today we are happy to announce a major new chapter in that story. We are releasing a preview of an entirely new threading interface for Julia programs: general task parallelism, inspired by parallel programming systems like Cilk, Intel Threading Building Blocks (TBB) and Go. Task parallelism is now available in the v1.3.0-alpha release, an early preview of Julia version 1.3.0 likely to be released in a couple months. You can find binaries with this feature on the downloads page, or build the master branch from source.

  • Julia announces the preview of multi-threaded task parallelism in alpha release v1.3.0

    Yesterday, Julia team announced the alpha release of v1.3.0, which is an early preview of Julia version 1.3.0, expected to be out in a couple of months. The alpha release includes a preview of a new threading interface for Julia programs called multi-threaded task parallelism.

    The task parallelism model allows many programs to be marked in parallel for execution, where a ‘task’ will run all the codes simultaneously on the available thread. This functionality works similar to a GC model (garbage collection) as users can freely release millions of tasks and not worry about how the libraries are implemented. This portable model has been included over all the Julia packages.

  • Python Circle: Preventing cross-site scripting attack on your Django website

    Cross-site scripting (XSS) is a security exploit which allows an attacker to inject into a website malicious client-side code. The attacker can do some undesirable things like adding false content or spy on visitors to steal their personal information.

  • Real Python: Digging Deeper Into Migrations

    In the previous article in this series, you learned about the purpose of Django migrations. You have become familiar with fundamental usage patterns like creating and applying migrations. Now it’s time to dig deeper into the migration system and take a peek at some of its underlying mechanics.

  • PyCharm 2019.2 Out Now

    PyCharm 2019.2 is out now: improved Jupyter Notebook experience, syntax highlighting for many more languages out of the box, initial Python 3.8 support, and much more. Download now

  • Why and How I use generators in python

    As a developer, more than often I have to deal with sequential data. That could mean processing every item in the sequence either to prepare it for the next process or storing into some sort of database.

    One of the most common data structure in python is list. And I use it a lot in my code. But it’s not a good choice if number of items in sequence is unpredictable. For example, the length of list could be 5, 100, 10,000 or 5,00,0000 or even more.

  • Federico Mena-Quintero: Constructors

    This article, Perils of Constructors, explains all of these problems very well. It is not centered on GObject, but rather on constructors in object-oriented languages in general.

Science

• While We Celebrated The Moon Landing, We Hit a More Critical Science Anniversary

  Despite the high regard in which the authors of the Charney Report were held by their scientific peers at the time, the report certainly didn’t lead to immediate changes in behaviour, by the public or politicians.

  But over time, as the world has continued to warm as they predicted, the report has become accepted as a major milestone in our understanding of the consequences our actions have for the climate. The current crop of climate scientists revere Charney and his co-authors for their insight and clarity.

Health/Nutrition

• DR Congo health minister resigns in Ebola row

  In his letter to Félix Tshisekedi, he criticised the decision to remove him as head of the Ebola response team, and replace him by a committee “under your direct supervision”.

  He said members of that committee had interfered with his work in recent months.

  He also condemned “strong pressure exercised in recent months” to use a new Ebola vaccine advocated by some aid agencies and donors.

  He said the current vaccine was the only one with clinically proven effectiveness.

• Congo’s Health Minister Resigns Over Ebola Approach

  The second vaccine has yet to be used in the Congolese outbreak because of Dr. Ilunga’s objections. It is designed to complement a Merck treatment that has been given to 170,000 people and proved effective.

  Dr. Ilunga has said the Johnson & Johnson vaccine has not been proved effective and that deploying a second one would confuse people in the afflicted region of eastern Congo, where health workers are struggling to overcome widespread misinformation about the Ebola as well as sporadic hostility.

Security (Confidentiality/Integrity/Availability)

• Equifax to pay up to $700M in U.S. to settle data breach, but Canada is not included

  Credit monitoring firm Equifax has agreed to pay up to $700 US million in fines and penalties to settle with various U.S. regulatory bodies over the massive data breach that saw the personal information of almost 150 million people stolen in 2017.

  Canadian victims aren’t covered by that figure.

• German security Agency Found Serious Security Flaw in VLC Media Player

  But Jean Baptiste Kempf, President of VideoLAN and lead VLC developer brushed aside that as not a big deal in three separate comments.

• No, VLC Media Player won’t put you or your data at risk (with official statement)

  Popular open-source software, VLC Media Player has been diagnosed with a critical vulnerability. The vulnerability CVE-2019-13615 was identified by German security agency CERT-Bund.

  The vulnerability would allow hackers to gain access to the host computer and install/run programs or even modify files without knowledge of the user. CERT-Bund has given it a score of 9.8 out of 10. The vulnerability affects Windows, Linux and Unix platforms. macOS, on the other hand, is unaffected by the vulnerability. The VideoLAN team, on the other hand, has denied the existence of the vulnerability.

• Critical flaw in VLC media player leaves PCs exposed, VideoLAN says otherwise

  Reportedly, the bug doesn’t affect macOS users so they can continue using the software without any problems. Those on either Windows, Linux or Unix are advised to practice caution as things proceed because it’s rather tricky to pick a side between the German Computer Emergency Response Team (CERT-Bund) who first brought the issue to light or VideoLAN, the non-profit organization behind the open-source media player.

• VLC Media Player Hit by Critical Security Flaw That Allows Remote Code Execution, VideoLAN Currently Working on a Patch

• Critical vulnerability found in VLC Media Player

  Germany’s national Computer Emergency Response Team issued a security alert for a critical vulnerability in VLC Media Player

• Here’s Why You Need To Uninstall VLC Media Player Right Now! [Ed: The most ludicrous article on this subject]

  The flaw in VLC was discovered by German security agency CERT which they classified as “critical” with a vulnerability score of 9.8. The bug lets attackers remotely execute code (RCE) which potentially allows them to install, modify and run software without authorization or approval, and could even be used to access files on your system. Basically, VLC’s bug could allow hackers to hijack your system.

• VLC Media Player Has A Massive Security Flaw And Here’s How You Can Stay Safe

• VLC Media Player Has a Critical Security Flaw Right Now

• VLC Vulnerability Allows Hackers To Hijack Your PC; Developers Unable To Reproduce Issue

  VLC is a very popular multi-platform media player.

• You Don’t Need to Uninstall VLC from Your Computer [Updated] [Ed: Shame on Lifehacker. Spreading propaganda and FUD. It published the headline "You Might Want To Uninstall VLC. Right Now. Immediately." It has since then been removed.]

  News broke today that the VLC Media Player—immensely popular and Lifehacker-recommended—allegedly has a pretty severe bug that could allow allow a “booby-trapped” video, as The Register put it, to either crash the player or execute remote code. The former? An annoyance. The latter? A huge security issue, one that’d we recommend uninstalling VLC to address until its creator, VideoLAN, comes out with a patch.

• You Might Want to Uninstall VLC. Immediately. [Ed: Gizmodo did not fact-check. Like a true tabloid.]

  Because of its free and open-source nature, VLC is one of, if not the most popular cross-platform media player in the world. Unfortunately, a newfound and potentially very serious security flaw discovered in VLC means you might want to uninstall it until the folks at the VideoLAN Project can patch the flaw.

• ‘Critical’ vulnerability discovered in VLC on Linux and Windows — but VideoLAN says it is not reproducible

  Reports have emerged of a security bug in the Windows and Linux versions of VLC, making it vulnerable to remote-code execution via malicious videos.

• Confusion about a recently disclosed vulnerability in VLC Media Player

  Update: VideoLAN confirmed that the issue was not a security issue in VLC Media Player. The engineers detected that the issue was caused by an older version of the third-party library called libebml that was included in older versions of Ubuntu. The researcher used that older version of Ubuntu apparently. End

  Gizmodo’s Sam Rutherford suggested that users uninstall VLC immediately and the tenor of other tech magazines and sites was identical for the most part. Sensationalist headlines and stories generate lots of pageviews and clicks, and that is likely the main reason why sites like to make use of those instead of focusing on headlines and articles that are not as sensationalist.

• VLC Player hit by buffer overflow vulnerability in third-party library

  First released in February 2001 and developed under the Lesser GPL V2.1+ licence, VideoLAN Player – most commonly referred to as VLC – is one of the most popular cross-platform media playback and streaming utilities around. Sadly, that very popularity makes it a ripe target for ne’er-do-wells – making a serious flaw discovered in the latest release all the more critical.

  According to the bug’s entry on the Common Vulnerabilities and Exposures (CVE) project, the flaw allows malicious or otherwise badly-written code to over-read past the end of a heap-based buffer in the software’s MKV demuxing function. The US National Vulnerability Database, meanwhile, rates it as a CVSS 3.0 severity of 9.8 – giving it a top Critical mark, given that it can be used to crash the system, read private data, or even access private files.

• Keep Calm, Carry On. VLC Not Affected by Critical Vulnerability

  A recent security alert caused a panic where people thought the VLC Media Player was affected by a critical vulnerability that had no patch. The problem is that the vulnerability was not in VLC, but rather a module that was replaced over 16 months ago.

  According to a series of tweets posted by VLC developer Jean-Baptiste Kempf, it all started when Mitre created a CVE for a reported bug in VLC Media Player without first contacting VideoLan.

Environment

• Iraq: Water Crisis in Basra

  The 128-page report, “Basra is Thirsty: Iraq’s Failure to Manage the Water Crisis,” found that the crisis is a result of complex factors that if left unaddressed will most likely result in future water-borne disease outbreaks and continued economic hardship. The authorities at the local and federal level have done little to address the underlying conditions causing the situation.

• Charney Report: Scientists Predicted Man-made Climate Change 40 Years Ago This Week

  Forty years ago, a group of climate scientists sat down at in Massachusetts for the first meeting of the “Ad Hoc Group on Carbon Dioxide and Climate.” It led to the preparation of what became known as the Charney Report—the first comprehensive assessment of global climate change due to carbon dioxide.

• Under Trump, 26% of Climate Change References Have Vanished From .Gov Sites

  A report published by the Environmental Data & Governance Initiative (EDGI) on Monday found that language related to climate change has disappeared at an alarming pace since Trump took office in 2016. Across 5,301 pages—ranging from websites belonging to the Environmental Protection Agency (EPA) to the US Geological Survey (USGS)—the use of the terms “climate change,” “clean energy,” and “adaptation” plummeted by 26 percent between 2016 and 2018. Of the pages where “climate change” was stricken, more than half belong to the EPA.

  The EPA homepage was the 1,750th most-visited website in the US in early 2019, according to the report, giving it more reach than Whitehouse.gov. But “unlike the much-discussed White House effort to question climate change findings, website changes go unannounced and are often beyond immediate public recognition,” the report argues. “They insidiously undermine publicly-funded infrastructure for knowledge dissemination.”

  According to the report, clear scientific terminology on government websites was often replaced with politicized language such as “energy independence,” a buzzword ripped directly from Trump’s “America First Energy Plan” which demands an increase in fossil fuel production.

• Nuclear Baltic: An open and shut case

  The arguments just won’t go away. And while they persist, a nuclear Baltic looks likely to continue in Europe.

  Its backers say nuclear power is vital in order to meet the world’s growing energy requirements; they also say it’s a clean fuel, able to meet the challenge of climate change and an ideal substitute for fossil fuels.

  Others disagree; critics say that despite various technological improvements over the years, nuclear power is still unsafe. The issue of disposing of mountains of nuclear waste – which can remain active and dangerous for thousands of years – has not been resolved.

  The 2.8 million people of the small Baltic republic of Lithuania are keenly aware of these different points of view. In former times, when Lithuania was part of the Soviet Union, what was one of the most powerful nuclear plants in the world was built at Ignalina, in the east of the country.

  As part of a 2004 agreement to join the European Union (EU), Lithuania agreed to close Ignalina. Brussels said the facility was unsafe: its construction and design is similar to that of the ill-fated nuclear plant at Chernobyl in Ukraine, with no proper containment shell to capture any escape of radioactivity.

• France to ratify CETA next year, seeks ‘green veto’

  On Wednesday (25 October), the French government tabled an action plan on CETA’s health and environmental issues. But the French proposal can only be applied with the agreement of the EU and Canada. EURACTIV France reports.

  The Comprehensive Economic and Trade Agreement (CETA) is the first major trade deal the European Union has signed up to since it began implementing its South Korea agreement in 2011.

  Seven years in the making, CETA will abolish some 98% of customs duties, open up public tenders to companies and allow the EU to export more cheese and wine and Canada more pork and beef in quotas that expand over the next six years.

• Energy

  • Challenging EPA’s New FOIA Rule, Suit Seeks to Stop Trump’s ‘Shameful Attempt to Keep Americans in the Dark’

    A new lawsuit seeks to kill a recent Trump administration rule that critics say deals a blow to transparency by giving the Environmental Protection Agency broad authority to shoot down public information requests.

    The new rule—put in place without public input—was published on the Federal Register June 26 and goes into effect July 26.

    “This rule is a shameful attempt to keep Americans in the dark about the Trump administration’s sickening failures to protect our air, water, and wildlife,” said Meg Townsend, open government attorney with the Center for Biological Diversity. “We have a right to know what EPA is trying to hide and which Trump appointee is trying to hide it.”

    In their suit filed Wednesday in the U.S. District Court for the District Columbia, the Center for Biological Diversity and the Environmental Integrity Project argue that the new regulation violates the Freedom of Information Act by allowing for information requests to be denied on the basis of “responsiveness,” and violates the Administrative Procedure Act (APA) by allowing for responses to be delayed. The administration also violated the APA by not allowing for public comment on the rule change, the suit says.

• Wildlife/Nature

  • Many Animals Can’t Adapt Fast Enough to Climate Change

    For the moment, though, scientists have little idea how these adaptations may be playing out. A new paper in Nature Communications, coauthored by more than 60 researchers, aims to bring a measure of clarity. By sifting through 10,000 previous studies, the researchers found that the climatic chaos we’ve sowed may just be too intense. Some species seem to be adapting, yes, but they aren’t doing so fast enough. That spells, in a word, doom.

AstroTurf/Lobbying/Politics

• Senators Break Ranks Over Saudi Arabia

  Risch put forward a bill, backed by Republican Sen. Marco Rubio and Democratic Sens. Jeanne Shaheen and Chris Coons, that would force the secretary of state to conduct a review of the U.S.-Saudi relationship and deny or revoke visas to some members of the Saudi royal family as reprisal for the kingdom’s human rights violations. Republican Senate aides told Foreign Policy that Risch consulted with the White House and State Department on the bill.

• Congress Already Has Evidence Trump Lied Under Oath to Robert Mueller

• Study: Twitter bots tried but failed to notably influence election debate in Finland

  Aalto University announced earlier this month that bots made up 5.5 per cent of accounts tweeting Finnish-language content on topics related to the parliamentary elections and 2.8 per cent of accounts tweeting content related to the elections to the European Parliament.

  The bots accounted for 2.5 per cent and 1.8 per cent, respectively, of all Finnish-language tweets related to the two elections.

  The automatised activity, however, was neither significant nor particularly effective, according to the research team.

• What Do Black Voters Want? NYT’s Edsall Says It’s What ‘Conservative’ Democrats Want

  Well, based on data from a CBS poll of “battleground states,” there are “three roughly equal groups”: Democrats who call themselves “very liberal,” Democrats who call themselves “somewhat liberal,” and Democrats who call themselves “moderate” or “conservative.”

  That’s it—those are the “three parties” that the Democratic Party actually is. Such are the striking insights that come with your New York Times subscription. (I would link to the polling data that Edsall is citing, but 12 hours after it was posted, the piece was still pointing to a broken url.)

  Now, self-identification as “liberal” or “conservative” doesn’t mean a whole lot. When the Pew Research Center (7/28/15) compared the labels that people picked for themselves with the answers to policy questions with clear right/left options, it found that 56 percent of self-identified “moderates” picked mostly liberal policies, as did 30 percent of “conservatives” and 21 percent of those who said they were “very conservative.”

  Notably, Pew found that self-identification is particularly unhelpful in gauging the policy preferences of African Americans; for example, 32 percent of black “liberals” say that “government is almost always wasteful and inefficient,” as do 40 percent of black “moderates” and 37 percent of black “conservatives.” (The corresponding numbers for whites are 37, 57 and 79 percent.) Thirty-two percent of African Americans say that they are “conservative” or “very conservative”; by policy preferences, 3 percent of them are.

• Media Can’t Quit ‘Trump Supporters Support Trump’ Stories

  As we hurtle into coverage of a presidential election that is still over a year away, media have returned to their timeworn tradition of going to rural, white communities to take the pulse of the nation (FAIR.org, 5/20/19).

  Under the web headline “These Michigan Voters Show How Trump’s ‘Go Back’ Attack May Help Him,” the New York Times (7/22/19) ventured to a Trump stronghold in Michigan to bring readers the front-page news that people who supported Trump in 2016 despite his racist attacks still support him despite his racist attacks.

Censorship/Free Speech

• Big Tent-ism [iophk: admirable but ineffective against the usual Gish Gallop used these days]

  This reminds me of Daniel Dennett’s four rules for how to argue a point effectively: [...]

Privacy/Surveillance

• Libra crypto scams are already popping up on, er, Facebook

  While cryptocurrency scams are a dime a dozen on various parts of the web, Facebook’s seeming lack of foresight to get ahead of early Libra scams isn’t great when it’s trying to present Libra as something various regulators and government officials shouldn’t be worried about.

• New York City could ban the unauthorized sale of phone location data

  The bill, believed to be the first of its kind, would require wireless carriers and apps to get explicit permission before giving third parties geolocation data collected within the city. Under the plan, the city’s Department of Information Technology and Telecommunications would be tasked with enforcing the bill, and could levy steep penalties on offenders. A violator could be fined $1,000 for each violation, or $10,000 for each person’s data shared, if multiple violations happened on the same day.

• Facebook’s alleged growth is largely coming from countries where Facebook says it has a fake account problem

  Facebook claims to have 2.3 billion users, but it also has made a series of contradictory and confusing disclosures about that number that make it hard to credit: they told the SEC that 5% of their accounts were fake and 11% were duplicates (up from 1% and 6% in mid 2017), but no one knows what that number means because in 2018 the company stopped releasing quarterly numbers and switched to annual reporting. And in any event, Facebook won’t reveal its methodology for determining fake and dupe accounts, saying that they use a “limited sample of accounts” and then apply “significant judgment” when interpreting their findings.

• Facebook: Mark Zuckerberg’s Fake Accounts Ponzi Scheme

  Wehner didn’t mention the fine print on page 18 of the slide deck, which highlights the Philippines, Indonesia and Vietnam as countries where there are “meaningfully higher” percentages of, and “episodic spikes” in, fake accounts. In other words, Facebook is growing the fastest in the locations worldwide where one finds the most fraud. In other other words, Facebook isn’t growing anymore at all—it’s shrinking. Even India, Indonesia and the Philippines don’t register as many searches for Facebook as they used to. Many of the “new” users on Instagram are actually old users from the core platform looking to escape the deluge of fakery.

• The FTC-Facebook Settlement Does Too Little to Protect Your Privacy

  EFF is disappointed by the terms of the settlement agreement announced today between the Federal Trade Commission (FTC) and Facebook. It is grossly inadequate to the task of protecting the privacy of technology users from Facebook’s surveillance-based system of social networking and targeted advertising.

  This settlement arises from the FTC’s 2012 settlement order against Facebook, concerning the company’s deceptive statements about user privacy. Facebook violated the 2012 FTC order through its role in the Cambridge Analytica scandal, which violated the privacy rights of millions of Facebook users.

  Today’s FTC-Facebook settlement does not sufficiently protect user privacy.

• FTC Issues Facebook Fine, EPIC – “Too little, too late.”

  The Federal Trade Commission announced today the first fine against Facebook since EPIC and a coalition of privacy organizations filed a complaint with the Commission about the company’s businesses practices back in 2009. In a 2011 consent order the FTC said it would bar Facebook “from making any further deceptive privacy claims.” But in the years that followed, the FTC failed to act even as complaints emerged about marketing to children, privacy settings, tracking users, gathering health data, and facial recognition.

• Chinese Fugitive Caught By Police Using Facial Recognition

  With a bunch of reports detailing the ills of facial recognition systems that have dominated the conversation around the unregulated technology, a breath of fresh air comes after a fugitive has been caught by a facial recognition system in China earlier this week.

  Chinese police officers arrested an unnamed fugitive at a Cantopop star’s concert in Zhanjiang city at the southwestern end of Guangdong province. The arrest was highly attributed to the facial recognition system used by Chinese law enforcement in concerts and crowded gatherings to spot fugitives and wanted criminals. The said system has already been in used since late 2017.

• Google Finally Settles Lawsuit Over Decade-Old WiFi Snooping Accusations

  So if you’ve been around these parts for a while, you might remember a big stink back in 2006 or so when Google’s Street View vehicles were found to have been hoovering up data collected via WiFi. The collection came while the company was collecting Street View data via its army of specially-configured vehicles, and included pretty much any and all unencrypted data traveling over those networks, including telephone numbers, URLs, passwords, e-mail, or video streams. The goal was purportedly to ensure better geographical positioning data, but the data collected went well beyond what was needed for that goal.

Civil Rights/Policing

• A Dallas-born citizen picked up by the Border Patrol has been detained for three weeks, his lawyer says

  Galan said she met with CBP officers last week and presented them with Galicia’s birth certificate and some other documents but was unsuccessful in getting him released. She plans on presenting the same documents to ICE officers later this week.

• Internal Documents Show Why the NYPD Tries to Be ‘Funny’ Online

  But of course, NYPD officers also use more covert methods to supplement their policing. The NYPD has used Palantir, a powerful, secretive data aggregation tool that enables law enforcement to learn nearly everything about a person from a simple search query. The NYPD has also tested controversial predictive policing technology, which claims to be able to “forecast” crime by sending police to places where crime has already occurred. It has abused facial recognition technology by submitting celebrity look-alikes of subjects on camera in order to search for positive matches. It has fleets of drones, which have been deployed at events like the NYC Pride Parade, despite the fact that LGBTQ activists have resisted heavy police presence at Pride events.

• Islamic headscarf: Iran’s promotional video divides opinion

  In Iran, the law requires women to wear modest “Islamic” clothing. In practice, this means women must wear a chador, a full-body cloak, or a headscarf and a manteau (overcoat) that covers their arms.

  In 2018, there were posters in cities and towns comparing unveiled women to unwrapped candy and lollipops attracting unwanted attention from flies.

• From Nazism to Islamism in Europe

  However, since today any hint of Nazism in Europe is harshly criticized by governments and civil societies, and it is also highly costly with regard to both credit and finance, Nazi views tend to emerge in other ways that are seemingly unrelated to Nazism and, consequently, are less dangerous for their holders. In my opinion, today “Islamism” is the true descendant of Nazism in Europe. Both the Shi’ite Islamism of the Ruhollah Khomeini-dominated Iran and the Islam of Abu Bakr Baghdadi’s Islamic State are “religious supremacist” ideologies, and both would commit any crime to prove their supremacy.

• Police Union Responds To Outing Of Officers’ Bigoted Social Media Posts By Offering To Erase Officers’ Online Presences

  An investigation called the “Plain View Project” has uncovered a truly disturbing amount of bigoted, violent social media posts by police officers located all over the United States. The entire database of posts is located here. Anyone wanting to see what their public servants truly think about the people they serve can click through and be horrified.

  It would be horrifying enough if officers just kept their thoughts to themselves and let those thoughts guide their actions. But these are public posts able to be viewed by anyone and these officers apparently had no qualms about displaying the content of their character.

• Judge Unseals, Tosses Warrant Used By The San Francisco PD To Obtain A Journalist’s Phone Records

  Back in May, the San Francisco Police Department raided the home of a local “stringer,” hoping to discover who had leaked a sensitive police report to the journalists. This raid violated the state’s journalist shield law and the First Amendment. Since it was obvious the source of leaked document was an SFPD officer or employee, the raid was also incredibly stupid… unless the real point of the show of force was to discourage journalists from publishing leaked documents.

  It took a few days before the SFPD police chief was willing to condemn the raid. According to the chief, the still-unseen affidavit glossed over the target’s occupation — an omission that likely would have seen the warrant application tossed if it had been included.

• Appeals Court Says No Rights Were Violated When A Cop Shot At A ‘Non-Threatening’ Dog But Hit A Kid Instead

  The Eleventh Circuit Court of Appeals has reached a conclusion that defies easy summation. But here’s an attempt: it is not well-established that cops shouldn’t shoot children they’ve ordered to lie prone on the ground while trying to shoot a dog that posed no threat to officers.

  In reversing the lower court’s denial of qualified immunity to Officer Michael Vickers, the Appeals Court has opened the door to preventing the stupidest, most-inept cops from being held responsible for their careless blunders.

  In this case, Vickers and other officers were pursuing a suspect through a neighborhood. This pursuit inserted them into the backyard of Amy Corbitt, where Corbitt’s 10-year-old child (known only as SDC in the opinion) and five other children (two of them under the age of three) were playing. The officers entered the yard and demanded everyone present to get down on the ground, including the children. They handcuffed the only adult in the backyard (Damion Stewart) and kept the children on the ground. The officers had the scene secured as they outnumbered the prone children who were still laying on the ground with guns pointing at them.

Internet Policy/Net Neutrality

• Early 5G Plans Show Cell Carriers Haven’t Learned Much About Misleading ‘Unlimited’ Plans

  A little more than 12 years ago, Verizon was forced to strike an agreement with the New York State Attorney General for marketing data plans as “unlimited” when the plans had very clear limits. Carriers have received numerous subsequent wrist slaps for the practice in the decade since, but none of these lessons appear to have gotten through.

  Case in point: Verizon recently launched its first ever 5G hotspot for use on the company’s barely available 5G network. To use it, you’ll need to pony up $650, which is three to four times higher than the cost most pay for a comparable 4G hotspot. From there, you’ll need to pay Verizon $85 per month for an “unlimited” 5G data plan, which is roughly $10 more per month than a comparable 4G plan.

Monopolies

• Microsoft to Pay Fine for Bribing Officials From Hungary

  Microsoft Corp on Monday agreed to pay a $25.3 million fine to settle charges that it bribed officials in countries like Hungary and Saudi Arabia, among others.

  The Department of Justice announced that Microsoft Hungary, a subsidiary of Microsoft, “admits, accepts and acknowledges” wrongdoing and will pay $8.75 million in criminal fines.

• Patents and Software Patents

  • Troll U: When Tech Transfer Stops Being About The Transfer

    In Sept. 2018, STC.UNM filed an amicus brief asking the Federal Circuit to maintain its special protection from inter partes review, stating that in order to “achieve its goals, STC.UNM seeks patent protection for the technologies developed at The University.” (emphasis added.)

    Six months after filing that brief, STC filed its first lawsuit using ITRI patents.

    University technology transfer offices often cite the research work their universities perform when they discuss the patent system. And that university research work is often valuable, leading to serious technological advances. The Association of University Technology Managers, the trade association for tech transfer officers, cites a number of non-financial benefits, including promoting a culture of innovation at the university, providing a research experience for students, increasing university prestige and faculty retention, and helping obtain additional opportunities for federal grant funding.

    But much of that argument is predicated on one underlying fact—the university is commercializing the research performed by its professors and students. When the research is acquired from outside of the university, none of those benefits accrue. And when a university acquires patents from someone else and then asserts them without any tie to the university or attempt to transfer technology via startup creation, how can you tell the difference between a university and a patent troll?

  • In response to Qualcomm’s motion to stay FTC’s antitrust remedies, industry body says DOJ antitrust chief has “aspirational policy positions”

    Not only is Mr. Delrahim at loggerheads with the case law but most industry players disagree with him. ACT says in its filing that “[t]he companies and associations that have joined [ACT | The App Association] in efforts to curtail SEP abuses represent over $100B annually in R&D spending across a range of industries, own hundreds of thousands of patents (including SEPs), employ 50 million+ Americans, and contribute trillions of dollars to annual U.S. GDP.” (emphasis in original)

    As to Mr. Delrahim allegedly “expressly desir[ing] to change Supreme Court precedent,” I’ve looked up the speech ACT is referring to. What he said is a bit more nuanced. He argued that the Supreme Court “has not yet commented on [a particular] issue,” though he did concede that “[i]n a handful of cases, the U.S. Supreme Court has recognized that there can be antitrust liability for collusive activity that manipulates the standard-setting process to gain an advantage over rivals,” and “recognizes that concerted action among implementers or innovators at the same level of the supply chain could constitute an antitrust violation.” But, in general, ACT is right that Mr. Delrahim’s approach to SEP-related legal questions is that he’d rather make new law than just live with the existing one.

    Not only in this context but generally speaking, the ACT’s filing complement and reinforces the FTC’s opposition brief to Qualcomm’s motion, lodged with the Ninth Circuit after an endeavor to the same end failed in Judge Koh’s court, for an enforcement stay. Where the FTC stays true to its low-key tone, the ACT is far more combative and directly points the appeals courts to some striking contradiction and inconsistencies between what Qualcomm and its amicis are saying now and what Qualcomm has said and done before, including that “[Qualcomm] even sued a rival chipmaker for breach of FRAND based on the rival’s refusal to license [Qualcomm].” (emphasis in original) The ACT brief also notes that Qualcomm’s current president, Cristiano Amon, said the following more than a decade ago (he was a Qualcomm vice president at the time): “Saying [Qualcomm] refuse[s] to license competitors is like saying McDonald’s refuses to sell hamburgers [...] It’s nuts. It’s crazy.”

  • Proving Written Description with Experimental Data

    The defense raised a written description issue – arguing that the original patent filings did not support the “therapeutically effective” limitation. The district court sided with the patentee, but the Federal Circuit reversed on appeal and held the claims invalid. In particular, the Federal Circuit found that PHOSITA could not tell from the patent document that the compound was “therapeutically effective” as claimed.

    Obviousness – Written Description Interplay: The amount of written description needed varies from patent to patent depending upon a number of factors — including the level of skill in the art. An invention that far-exceeds the state-of-the-art will need more description in order to show possession of the invention.

    In this case, the patentee won its obviousness argument by showing PHOSITA would not have reasonably expected the combination to work. As such, that means that the claim elements must be fully described in the specification.

    The Court also explained that the written description requirement does not always require proof that a claimed drug treatment is effective. The difficulty for the patentee here, is that the treatment’s effectiveness is particularly claimed.

  • Cert Petition: Respecting a Jury Verdict

    This case implicates fundamental questions about the proper roles of the jury and the court. After a six-day trial, a jury found that Respondent Samsung willfully infringed Petitioner Imperium’s patent rights. In reaching that verdict, the jury found that Samsung had failed to carry its burden of proving by clear and convincing evidence that the relevant patent claims were invalid. Following post-trial proceedings, including an award of treble damages plus attorney’s fees in light of Samsung’s willful infringement and litigation misconduct, the district court entered judgment for over $22 million on the patent claims at issue.

    The Federal Circuit reversed, however, holding that Samsung was entitled to judgment as a matter of law on invalidity because the jury was required to accept the purportedly credible, “unrebutted,” and “uncontradicted” testimony of Samsung’s paid expert. The court of appeals reached that holding only after performing its own assessment of Samsung’s expert’s credibility and ignoring numerous other facts that could have led a reasonable jury to discount the value of this witness’s testimony.

  • Roche successfully shields its bevacizumab patents from Pfizer’s Arrow – Pfizer v Roche [2019] EWHC 1520 (Pat)

    The case at hand concerned an application by Pfizer for Arrow-declarations in relation to its proposed launch of its bevacizumab product (it will be branded “Zirabev”) for the treatment of various cancers in combination with other drugs.

    [...]

    Pfizer had no problem waiting for launch until expiry of the basic patent SPC in June 2020. However, Pfizer was concerned about Roche’s “thicket of second-line patents and patent applications” relating to combinations of bevacizumab with other known drugs essentially hindering its intended product launch due to the alleged uncertainty caused. For this reason, Pfizer requested declaratory relief that its intended product lacked novelty and/or inventive step at the earliest priority date of Roche’s patents and applications.

    However, at the time of trial, Roche had no relevant UK patent and it was undisputed that Roche had “abandoned any prospect of obtaining such a UK patent in future”. Nevertheless, it is important to note that Pfizer planned to supply the UK market from Belgium. In this regard, Pfizer argued that the supply of the patent-free UK market could be hindered by Roche through legal actions in Belgium. Hence, it was Pfizer’s goal to use the UK judgment to influence potentially arising Belgian court actions.

    [...]

    Even though the case was dismissed, the threshold for granting Arrow-declarations seems to be rather low. If Roche’s conduct was lawful and it was “entitled to try (…) to get a valid patent”, it is not comprehensible as to why there should be room for Arrow-declarations in such circumstances at all. It seems at least questionable whether a mere assumption by the court (even if based only on evidence by the claimant) that the defendant is trying to shield its patent from scrutiny by English courts can be sufficient. There are certainly various reasons for de-designating the UK from one’s patents or applications.

    Nevertheless, clear and unambiguous de-designations of the UK from all relevant EP applications very likely impede claims for Arrow-declarations even though Birss J concluded that other factors might also justify such declarations, e.g. as assistance in settlement talks. However, these other factors are rather difficult to substantiate.

• Trademarks

  • Filipina Girl From New Zealand Takes Her Slime Show International After Fending Off Nickelodeon Lawsuit

    You may not recall the name Katharina Weischede, but we wrote about this Filipina teenager from New Zealand back in 2018, when Viacom decided to oppose the 13 year old on trademark grounds because she dared to make and sell “slime” as a business. More specifically, Katharina has earned the nickname in New Zealand of “Slime Princess”, which is what she applied for in her trademark application. Viacom opposed the application, citing that its Nickelodeon division has trademark rights for “slime” in the country already.

  • The trademark question that never stops giving: when is there a material difference between the registered form and the form of actual use?

    S 22(1)(a) and (b) are the relevant provisions as follows:

    (a) Under S 22(1)(a), a trade mark registration may be revoked if, “within the period of 5 years following the date of completion of the registration procedure, it has not been put to genuine use in the course of trade in Singapore, by the proprietor or with his consent, in relation to the goods or services for which it is registered, and there are no proper reasons for non-use”;

    (b) Under S 22(1)(b), a trade mark registration may be revoked if “such use [as stated in S22(1)(a) TMA] has been suspended for an uninterrupted period of 5 years, and there are no proper reasons for non-use”.

    S 22(2) further states that the use of a registered mark (for defending against revocation) includes use “in a form differing in elements which do not alter the distinctive character of the mark in the form in which it was registered”.

    Accordingly, the registered proprietor may successfully defend a revocation action even if he had not used the mark in the exact form in which it was registered, so long as his use of the registered mark was accordance with the requirements of S22 (2).

• Copyrights

  • Police Dismantle Pirate IPTV Provider, Seize Cash, Crypto, Gold Bars

    Cybercrime police in Italy say they have dismantled a high-level provider of ‘pirate’ IPTV channels. The raid, which netted 57 Sky decoders, 186,900 euros in cash, cryptocurrency, and gold bars, was actioned in the far south of the country. A 35-year-old man was detained as part of the investigation.