Elementary, my dear: How to revive an old PC with elementary OS

One of the easiest ways to get more out of an old or underpowered system is to free it from Windows and install Linux software instead. An excellent alternative OS for business, Linux lets the computer run at full speed and, depending on the variant you choose, it can cost nothing.

From Aurora to Zorin OS, there are dozens of Linux distributions to choose from. My current favorite is elementary OS. It’s a software shell that sits on top of the Ubuntu distribution. Looking a bit like macOS, elementary is meticulously designed and easy to use. You can pay whatever you want for it (including nothing), and it takes no more than 10 minutes to install.

Elementary OS 5 Juno is the current release. It comes with the basics (email, web browsing, calendar, and more), and an online AppCenter lets you add programs for everything from to-do lists to presentations to file encryption. The underlying Ubuntu software lets you use a system’s Trusted Platform Module (TPM) if it has one.

In this story I’ll demonstrate how to convert a budget laptop to elementary OS using a $250 Asus VivoBook W202N. With its 1.1GHz Celeron processor, 4GB of RAM and 32GB of storage, the machine felt underpowered running Windows 10S, but I found it had more than enough juice for Juno.

Linux survival guide: These 21 applications let you move easily between Linux and Windows

In this article, we’re spotlighting 20 applications that are functionally identical (or at least pretty similar) between Windows and Linux.

While there aren’t absolute brand-for-brand equivalents for about 30 percent of the applications, there are workable substitute solutions.

In the following slides, I’ll show you the applications that are either exact matches across platforms, or which work as solid substitute solutions when jumping between platforms and still needing to get the job done.

Q&A: CircleCI CTO Explains Why DevOps Is a Growing Enterprise

The CTO of DevOps platform vendor CircleCI shares insights on how the market has changed as his company raises new funds to power ahead.

Have you thanked a sysadmin today?

Sysadmins are the heartbeat of many open source projects around the world. What would we do without them?

So, once a year—or more if you’re working on a team with a great outlook on life and positive culture—we take time out of our busy lives to say thank you.

Happy SysAdmin Day!

The Purism team enjoys celebrating across all time zones. So far this year we’ve posted in celebration of Women’s Day, Pi Day and Towel Day–and today we’re celebrating System Administrator Appreciation Day!

Because behind every network, big or small, system administrators are working hard to make sure that servers are secure, updates are painless and metaphorical fires are quickly put out. They frequently go beyond their job description to provide additional support to individual users on the network.

One big, well-kept secret is that most of the Internet runs on free software. The other big secret is that all of the Internet runs on SysAdmins.

So today we’d like to thank our SysOps team for their tireless work, juggling the demands of company resources, our shop and various websites, as well as our Librem One services. Your laptop, services –and soon your phone–will make their way to you in large part thanks to the infrastructure they maintain.

Sysadmins need to know – how DO you pronounce “sudo”?

Most of the year, sysadmins have to worry about things that are bugging YOU.

They have to worry about the things that YOU need fixed right now, that YOU have decided are more important than everyone else’s problems put together, and that YOU shouldn’t have to put up with if only the world were fair, etc.

No matter that the problem YOU are having is caused by a problem that YOU created.

If your sysadmins were any good they’d have set things up so that YOU couldn’t have got it wrong in the first place.

No matter that they did, indeed, set it up just like that but YOU complained about feeling stifled…

…and YOU turned off the safety feature all by yourself, with the help of your neighbour’s friend’s cousin’s 9-year-old child, who’s just happens to be a computer whizzkid.

IBM

• 5 principles for deploying your API from a CI/CD pipeline

  With companies generating more and more revenue through their APIs, these APIs also have become even more critical. Quality and reliability are key goals sought by companies looking for large scale use of their APIs, and those goals are usually supported through well-crafted DevOps processes. Figures from the tech giants make us dizzy: Amazon is deploying code to production every 11.7 seconds, Netflix deploys thousands of time per day, and Fidelity saved $2.3 million per year with their new release framework. So, if you have APIs, you might want to deploy your API from a CI/CD pipeline.

  Deploying your API from a CI/CD pipeline is a key activity of the “Full API Lifecycle Management.” Sitting between the “Implement” and “Secure” phases, the “Deploy” activity encompasses every process needed to bring the API from source code to the production environment. To be more specific, it covers Continuous Integration and Continuous Delivery.

• DevNation Live: Subatomic reactive systems with Quarkus

  DevNation Live tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, Clement Escoffier, Principal Software Engineer at Red Hat, will dive into the reactive side of Quarkus.

  Quarkus provides a supersonic development experience and a subatomic execution environment thanks to its integration with GraalVM. But, that’s not all. Quarkus also unifies the imperative and reactive paradigm.

  This discussion is about the reactive side of Quarkus and how you can use it to implement reactive and data streaming applications. From WebSockets to Kafka integration and reactive streams, you will learn how to build a reactive system with Quarkus.

• What does it mean to be a sysadmin hero?

  Sysadmins spend a lot of time preventing and fixing problems. There are certainly times when a sysadmin becomes a hero, whether to their team, department, company, or the general public, though the people they “saved” from trouble may never even know.

  Enjoy these two stories from the community on sysadmin heroics. What does it mean to you?

• What’s The Future Of Red Hat At IBM

  IBM has a long history of working with the open source community. Way back in 1999, IBM announced a $1billion investment in Linux. IBM is also credited for creating one of the most innovative advertisements about Linux. But IBM’s acquisition of Red Hat raised some serious and genuine questions around IBM’s commitment to Open Source and the future of Red Hat at the big blue.

  Red Hat CTO, Chris Wright, took it upon himself to address some of these concerns and answer people’s questions in an AMA (Ask Me Anything) on Reddit. Wright has evolved from being a Linux kernel developer to becoming the CTO of the world’s largest open source company. He has his pulse on both the business and community sides of the open source world.

• Financial industry leaders talk open source and modernization at Red Hat Summit 2019

  IT leaders at traditional financial institutions seem poised to become the disruptors rather than the disrupted in what has become a dynamic industry. And they’re taking advantage of enterprise open source technology to do it, building applications in exciting and innovative ways, and even adopting the principles and culture of startup technology companies themselves.

Linux 5.2.3

I’m announcing the release of the 5.2.3 kernel.

All users of the 5.2 kernel series must upgrade.

The updated 5.2.y git tree can be found at:

git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.2.y

and can be browsed at the normal kernel.org git web browser:

https://git.kernel.org/?p=linux/kernel/git/stable/linux-s…

Linux 5.1.20

Linux 4.19.61

New ADM 3.4. with Cersion 3.4 Comes with Fully Installed Linux Kernel 4.14

ASUSTOR Inc. is thrilled to have released ADM 3.4. With version 3.4, ADM now comes with Linux Kernel 4.14 fully installed, which updates drivers, provides stability improvements and improves file system implementations. Btrfs in ADM 3.4 received a performance and stability improvement as well as increased speed, benefiting from kernel version 4.14. ADM 3.4 also brings efficiency and stability improvements on top of kernel updates. ADM 3.4 now allows the maximum number of snapshots to be modified to any number under 256 and includes searchlights, which enables searching for EZ Sync keywords and more languages are now supported in EZ Sync.

Apollo’s ARC | TechSNAP 408

We take a look at the amazing abilities of the Apollo Guidance Computer and Jim breaks down everything you need to know about the ZFS ARC.

Plus an update on ZoL SIMD acceleration, your feedback, and an interesting new neuromorphic system from Intel.

Graphics Stack

• Binomial’s Basis Universal To Super-Compress glTF Assets, WebGL Gets New Extensions

  With SIGGRAPH 2019 happening next week in LA, The Khronos Group has already kicked off the news cycle by making several announcements from forming a 3D Commerce Initiative Working Group to releasing new WebGL extensions to making use of Binomical’s Basis Universal tech for better compression.

  On the WebGL front, they are adding parallel shader compilation support (KHR_parallel_shader_compile), multi-draw and instanced multi-draw extensions, RGTC and BPTC compressed texture support, WEBGL_video_texture support, and other new additions in offering more advanced graphics capabilities for the web.

• Collabora Still Investing In “Zink” For OpenGL Over Vulkan, But Back To GL 2.1

  Zink is the year-old project implementing OpenGL over Vulkan using Mesa/Gallium3D infrastructure. While Zink had been making some good progress by developer Erik Faye-Lund of Collabora, he went back to rewriting some core pieces of Zink to address some design defects. In the process of this rewrite, Zink is currently back to OpenGL 2.1 era support over Vulkan.

• NVIDIA Posts New OpenGL Extensions For Multi-GPU Rendering

  OpenGL is still evolving and days ahead of SIGGRAPH 2019, NVIDIA has published a set of new GL extensions for improving multi-GPU rendering.

  Three new extensions were posted this morning by NVIDIA engineers that are pending acceptance into the OpenGL registry: GL_NVX_gpu_multicast2, GL_NVX_progress_fence, and WGL_NV_multigpu_context. The latter is a Windows focused extension while the other two are tailored to multi-GPU rendering and not WGL-specific.

Intel Mini PCs Linux Performance Comparison

We’ve compared some Intel Gemini Lake & Broadwell mini PCs Linux performance with phoronix, sbc-bench.sh, and other benchmarks.

Windows 10 vs. Ubuntu 18.04 LTS Performance On AMD Ryzen 9 3900X

For those wondering how the performance compares of AMD’s new Zen 2 processors between Windows 10 and Linux, here are our initial benchmarks across dozens of benchmarks for the AMD Ryzen 9 3900X on Windows 10 Pro 1903 against Ubuntu 18.04.2 LTS.

This is the first of surely several Windows vs. Linux performance comparisons to come of these new AMD Zen 2 processors. In this article is just Windows 10 against Ubuntu 18.04 LTS since the ASUS has yet to ship the new BIOS for the ROG CROSSHAIR VIII HERO WiFi to allow newer (non-patched) Linux distributions to boot without problems due to the systemd/RdRand issue. Once that BIOS update is available for this system to address that Linux boot issue, other Linux distributions will be added to the comparison.

Excellent Utilities: McFly – navigate through your shell history

This is a new series highlighting best-of-breed utilities. We’re covering a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides.

I spend an inordinate amount of time tapping away at the command line. My default shell is bash. Like other shells, bash keeps a history of all the commands I’ve typed. For bash, this history is stored in the ~/.bash_history file. While the up arrow traverses through your history, it’s often not an efficient way of locating commands. Step forward ctrl-r. Anything that reduces the number of keystrokes improves my efficiency.

Press ctrl-r. The shell prompt changes to (reverse-i-search). Now start typing the command or a part of the command. In the example below, I’ve typed ss. There’s no need to remember long complicated commands.

Icinga 2.11 Release Candidate

For months we have been working on one of the biggest and most important releases since the creation of Icinga 2. Icinga 2 version 2.11 includes improvements for performance, stability and scalability. After many changes of lines of code, additions and deletions we believe we’re finally there. But we want to have you on board, so we decided to go with a Release Candidate first. Today we’re happy to announce the general availability of this release!

As you may know, Icinga’s core and network stack is written from scratch in C++, specifically the REST API and network event handling. They caused problems, and the attempts the past releases couldn’t reliably make them go away. We’ve therefore decided to do something unusual and resource intensive: Rewrite the whole network stack by using modern programming techniques and throw away the old implementation. This is a huge step forward and some may say, this would be Icinga 3.

Coming late to the party, fixes for reload handling and unwanted notifications also turned into a long-awaited feature: Run Icinga 2 in foreground and let the new umbrella process handle restarts and reloads. Additionally to the issues we’re aiming to fix, this comes in very handy for (Docker) containers as well!

Mgmt Configuration Language: Class and Include

Balancing Left-Right Speaker Volume on Debian Buster GNOME Edition

How to create an app install script for Debian Linux

How to check disk space on Unix servers

How to Install XAMPP on Manjaro 18

How to install Debian apps offline

How to Install MySQL on Debian 10 Linux

How to Install Apache CouchDB on Debian 9

How to Encrypt Cloud Storage with EncFS on Ubuntu

How to install snapd on Fedora Linux system using dnf command

How to set up OpenVPN on Ubuntu

How to Install Docker on Debian 10 (Buster)

How to Install Angular CLI on Linux

How To Verify ISO Images In Linux

How to install Cyberfox Browser on Ubuntu 18.04

bash test check validate if variable is number

shell bash iterate number range with for loop

Install Nginx with Google PageSpeed on Ubuntu 18.04 – Google Cloud

How to Use the rev Command on Linux

Simplifying Function Tracing for the Modern GCC

Extinction Protocol is a very stylish looking minimalist strategy game coming to Linux

As a huge fan of strategy games, Extinction Protocol has caught my eye. Using a stylish and minimalist visual style, it gives off a very alluring atmosphere.

Pixel art survival horror “Lamentum” has been fully funded and it’s heading to Linux

Lamentum is another crowdfunding success story, as the very freaky looking pixel art survival horror has hit the funding goal on Kickstarter. Linux support is fully confirmed for Lamentum, as stated on both the Kickstarter and Steam store pages.

Against their goal of €15,000 they managed to only just scrape by with €60 over the target. I can’t imagine what a huge relief that would be for the developer, Obscure Tales, as it must have been quite dicey towards the end of the campaign.

SDL 2.0.10 released, testing a more regular release cycle

If you’re a game developer, you’ve likely heard of SDL 2 [Official Site] and plenty of you are probably already using it. In fact, SDL 2 helps power a huge amount of Linux games and a new release is out now.

Released yesterday, SDL 2.0.10 encompasses bug fixes and improvements from around nine months worth of development. Quite a while for those who were waiting in fixes and they’re aware of this. Speaking about it on Patreon, Ryan “Icculus” Gordon mentioned how they’re now going to attempt releases every three months. This is not set in stone though, they’re just seeing how it goes with trying out this new release cycle.

Sdl 2.0.10 released!

Thanks to all the people who contributed code and feedback, SDL 2.0.10 is now available!

Stone Story, an RPG animated entirely in ASCII symbols is releasing in Early Access next month

Stone Story is a name I’ve not heard for a while, after posting about it myself way back in 2017 it’s one I completely lost track of. This rather different RPG is animated entirely using ASCII symbols!

The streamlined fighting game “Fantasy Strike” has now officially released

Featuring Linux support, Fantasy Strike is a fighting game that’s quite streamlined giving more people an opportunity to enjoy it while still being difficult to master.

Developed by Sirlin Games, this includes David Sirlin who previously work on games such as Super Street Fighter II Turbo HD Remix so they know their stuff. It shows too, Fantasy Strike is a fighting game that not only looks good, it feels pretty darn good too.

Zink, the OpenGL implementation on top of Vulkan is still progressing

After not hearing much about it, Faye-Lund has posted a Summer Update on the Collabora blog about all the work that’s gone into it. However, it’s had a bit of a setback as it’s been through a “pretty significant rewrite”. Some design mistakes were made, so they went back and attempted to improve it. For now, it’s only getting OpenGL 2.1 support with cleaning everything up and getting the code up-streamed taking precedence over OpenGL 3.0 support.

179 Color Schemes For Your Gtk-Based Linux Terminal (Gnome Terminal, Tilix, Xfce Terminal, More)

Gogh is a set of Bash scripts that makes it easy to change the terminal color scheme on Linux and macOS. It currently offers 179 terminal color schemes (even though its website only lists 168 with previews), and it supports Gtk-based terminals like Gnome Terminal, Xfce Terminal, Mate Terminal, Pantheon Terminal, Tilix and Guake on Linux, and iTerm2 on Mac.

You can view most of the color schemes on the Gogh website.

This article will show you how to install and apply new terminal color schemes using Gogh, with the particularities this involves for each terminal application supported by Gogh (including workarounds, which are required in some cases).

K Desktop Environment/KDE SC/Qt

• 3D – Interactions with Qt, KUESA and Qt Design Studio, Part 2

  In my last post, I went through a method of creating a simulated reflection with a simple scene. This time I’d like to take the technique and apply it to something a bit more realistic. I have a model of a car that I’d like to show off in KUESA™, and as we know, KUESA doesn’t render reflections.

• Nürnberg Sprint and KDE Itinerary Browser Integration

  Getting everyone interested/involved in a specific area into a room for a few days with no distraction is a very effective way to get things done, that’s why we do sprints in KDE since many years. Another possible outcome however can be that we end up with some completely unexpected results as well. Here is one such example.

• KDE First Contributions and first sprint

  I have been a KDE User for more than 10 years. I really love KDE community, Plasma and its apps. I have been reading eagerly Nate Graham’s blog He gave me the inspiration to start contributing.

  It has been a opportunity to learn some C++, Qt and some Qml.

Which Linux distro is best for privacy?

Linux Operating systems are better for privacy and security than their Mac and Windows counterparts. They are also open source, which means they are much less likely to be hiding backdoors for their developers, the NSA, or anybody else.

It is for this reason that Linux distros are the Operating System of choice for security professionals and privacy advocates as well as for the majority of computer servers around the globe.

There are plenty of Linux distros to choose from. And this can make it confusing for anybody wanting to move away from Windows in favor of something more secure. Even existing Linux users may be slightly unsure as to which Linux distro they ought to be using if they value privacy and security.

In this article, we will walk you through two of the best Linux distros for protecting your data and staying clear of hackers. All Linux distros have specific peculiarities and advantages, meaning that they all do slightly different things. However, there are two Linux distros that stand out where privacy is concerned…

Reviews

• Emmabuntüs Is a Hidden Linux Gem

  Emmabuntüs is a great find if you are looking for an all-around Linux operating system that keeps legacy computers out of the trash heap and is easy to use with no setup or regular Internet access required.

  This distro is not one whose name is readily recognizable. Hidden from popular view, it’s seldom spotted by product reviewers. Yet it has fulfilled a range of user needs for years.

  Its obscurity keeps it from reaching the potential it has to attract the attention of distro hoppers looking for a better OS. No doubt, most distro rummagers wrongfully assume that its odd name reflects an unworthy performance.

  Unless you take the time to browse its unassuming website descriptions, you miss its value. Emmabuntüs Linux is a worthy computing rose lying in wait among the weeds.

  Emmabuntüs is a desktop Linux distribution featuring the Xfce desktop. Initial versions of this distro were based on Ubuntu Linux, but developers switched to Debian along the way.

  In a crowded computing world with lots of Xfce-based distros, this one is particularly well done with a wide range of uses.

New Releases

• LibreELEC 9.2 ALPHA Kodi-focused Linux distro now available for PC, Raspberry Pi 4, and more!

  If you are someone that uses LibreELEC to consume media, I have some really good news — 9.2 ALPHA is here! Yes, the Kodi-focused Linux distribution has a new pre-release version for PC (x86_x64) and ARM-based systems such as the all-new Raspberry Pi 4.

  Unfortunately, the Raspberry Pi 4 experience is still deficient, lagging behind other platforms. This is to be expected, as the hardware is so new — it should be perfected for the final release. With that said, it is usable on Pi 4 with some caveats.

PCLinuxOS/Mageia/Mandriva Family

• Mageia 7.1 Released to fix AMD Ryzen 3000 Series CPUs Issue

  Mageia 7 stable version was released on 01-July-2019, which came with lots of new Features, Exciting Updates and Support Latest Hardware’s.

  But due to some reason, the AMD Ryzen 3000 Series CPUs didn’t play well and prevented any type of installation when the system starting up.

  To fix this issue, they had released the emergency patch release of Mageia 7.1 to fix this issues on AMD Ryzen 3000 Series CPUs, except for a net install.

  It doesn’t harm any system, which is running on Mageia 6. Also, you can upgrade from Mageia 6 to Mageia 7 without any issues.

Fedora Family

• FPgM report: 2019-30

  Here’s your report of what has happened in Fedora Program Management this week. The mass rebuild is underway.

  I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

Debian Family

• Debian buster: changes in coreutils #newinbuster

• Debian buster: changes in util-linux #newinbuster

• Vote craziness

  Of all the things I’ve seen in Debian, spamming DDs with a vote that’s not a vote (“which of these terrible things the DPL did are the worst causes of everything that’s wrong in the world”) has to be among the craziest. (I won’t link to it here.)

Canonical/Ubuntu Family

• BT turns to Canonical Ubuntu to enable next generation 5G Cloud Core

  On Friday BT announced they have selected Canonical’s Charmed OpenStack on Ubuntu as a key component of its next generation 5G Core. Canonical, the company behind Ubuntu, will provide the open source virtual infrastructure manager (VIM) as part of BT’s Network Function Virtualisation (NFV) program, and the transition to a cloud-based Core network.

  This open source cloud-based approach will ensure that BT can quickly deploy new services, and increase capacity to stay ahead of customer demand driven by 5G and FTTP. Canonical’s OpenStack architecture will also facilitate the delivery of BT’s full 5G Core network.

• BT bets on Ubuntu OpenStack to deliver 5G pledge

  BT has announced a partnership with Canonical to develop and deploy its next-generation 5G core network.

  [...]

  Canonical operates its own distribution of OpenStack, a bundle of separate open source projects connected through APIs. When applied to BT’s own infrastructure, this will enable the separation of network hardware and software, turning core components into software applications so they can be updated faster and continuously integrated.

• Ubuntu 19.10 Development Continues With Latest GNOME Updates, ZFS, Optimizations

  Two months from today marks the beta and kernel freezes for the Ubuntu 19.10 release while in less than one month is already the feature freeze. Canonical developers and others within the Ubuntu community remain quite busy this summer working on this “Eoan Ermine” release and is of particular importance with next cycle being the Ubuntu 20.04 LTS swing.

Pinebook Pro Linux laptop goes up for pre-order for $200

What you get for that price is a 2.8 pound laptop with a 14.1 inch full HD display, an Rockchip RK3399 processor, 4GB of RAM, and 64GB of eMMC storage (although members of the Pine64 forum who registered early can get a free 128GB upgrade).

New Raspberry Pi laptop rival: $200 Linux-based Pinebook Pro available to pre-order

Pine64, the makers of a popular Raspberry Pi rival, have kicked off pre-orders for a $200 Linux laptop, the Pinebook Pro.

In an age when smartphone owners are balking at $1,000 price tags on super-powered smartphones, the single-board computer world, championed by the Raspberry Pi, is producing capable machines at the other end of the price spectrum using Arm-based hardware.

There are Intel-based Windows 10 laptops from the likes of Chuwi that are available for around $200, and plenty of choices when it comes to DIY Raspberry Pi-based laptops.

But the Pinebook Pro Laptop, which uses the popular Rockchip RK3399, is for fans of different section of the developer board market, those who favor higher-performing devices based on ARM64.

With the Pinebook Pro, Pine64 has doubled down on the first-generation $99 Pinebook, which featured a quad-core Allwinner A64 system-on-a-chip (SoC), 2GB of RAM, and 16GB of eMMC storage.

Mobile Systems/Mobile Applications

• Tizen Studio 3.3 Released – Performance and Bug-fixes a plenty

  Tizen Studio 3.3 has been released. This is Samsung’s all-in-one solution for Tizen app development. The last update, version 3.2, was released 4 months ago. Looking through the changelog and release notes, Tizen Studio IDE and its tools will benefit from the performance and bug-fix Improvements. There has been no Introduction of any new major features.

  You can use the Integrated Development Environment (IDE) to create apps for wearables like the Galaxy Watch, Galaxy Watch Active, Gear Sport, and Gear S3. You can also target the Internet of Things (IoT) and Smart TVs. Support for Smartphones has been dropped a while ago. It bundles the SDK (software development kit), emulator, sample code, documentation, and all other necessary tools in it. You can develop, build, debug, profile, and emulate Tizen native and Web applications. There are about 200 online sample applications available, and the library continues to grow.

• This Android malware can take photos and videos and spy on your app history

• Google ADT-3 Android TV developer hardware tipped for late 2019 release

• Google needs to offer browser, search options on Android: ACCC

• Nintendo Switch expected to get unofficial Android ROM within the next few days

• Nokia 8.2 may feature a 32MP pop-up camera and Android Q

• DarioHealth USB Type C Connector for the European Android Market Is CE Marked

• AirTV Mini Android Streamer Has Arrived

• EFF has privacy concerns about Android Q

• Android Q: Top 5 Features To Look Forward To

• Honor 8x & Honor 10 Android Q updates confirmed by Honor India

• Best Android Smartphones Under Rs 30,000: Redmi K20 Pro, OnePlus 6T, Samsung Galaxy A70 and More

• Android market in Iran, a promising future

• AT&T releases Razer Phone 2 Android Pie 9.0 update, Digital Wellbeing & host of other features included

• [Update: Verizon rollout begins] Android Pie OTA now rolling out to Moto Z3, Z2 Force and Moto G6

• AT&T delivers long overdue Android Pie update for its variant of the Razer Phone 2

• Android Permissions: What do apps have access to on your device?

• Installing Android On Your Nintendo Switch, Because Why Not?

• PUBG Lite launched for Android phones with up to 2GB RAM: Know what is new

• Playing a Malicious Video Could Be Enough to Compromise Your Android Device

• How Do I Block Android from Installing System Updates?

• Icinga 2 Version 2.11 Release Candidate Announced, Pinebook Pro Available for Pre-Order, Sailfish OS 3.1 Seitseminen Released, VirtualBox 6.0.10 Is Out, and It’s National Sysadmin Day

  Sailfish OS Seitseminen is now available. Sailfish OS 3.1 is the biggest update since the launch of Sailfish 3 a year ago, and it’s named after Seitseminen National Park. This version “brings redesigns to core apps such as People, Phone, Messages and Clock. Other areas that have been improved include; Document viewers, Email, Calendar, Dual SIM Card viewer information and Gallery gestures which have been improved.” Security improvements include filesystem encryption support, “fingerprint authentication support for XA2 devices, updates to VPN to increase the security of your traffic from the first moment you use your phone and added protection to many system APIs and functionalities.”

Seven Concerns Open Source Should Worry About: Part 2

Free and open source software (FOSS) development has for many years enjoyed an increasingly positive public image. Particularly in the last several years, it’s become recognized as the foundation upon which most of the modern computing world rests. FOSS proponents include many governments, too, including many in Europe and the European Commission itself.

That’s all good and quite appropriate, but it’s worth keeping in mind that FOSS involves the conscious agreement of head to head competitors to work towards a common result – something that would otherwise normally be a red flag to antitrust regulators in the US, competition authorities in Europe, and to many of their peers throughout the world. To date, those regulators do not seem to have expressed any concerns over FOSS development generally. But that can change.

German state of Thuringia to prefer open source

When procuring new IT solutions, the German Free State of Thuringia will now prefer open source software where that is technically possible and economic. The change in Thuringia’s procurement rules was accepted in a vote by the state parliament earlier this month and will be officially available some time in August.

Tech convergence set to drive automotive open source acceptance

The convergence of technologies in autonomous vehicles is set to spur more acceptance of open source use across the automotive industry and drive car companies to adopt better freedom-to-operate processes, according to car manufacturers and their suppliers.

Senior IP counsel at Volvo Cars, Lotus, u-Blox and elsewhere say car companies have traditionally stipulated in supplier agreements that components should be free from open source technologies, for fear that any third-party rights attached to those technologies could taint their products – among other things.

They explain that it is a common and inaccurate assumption that open source software is always free to use. In reality, these technologies are governed by a spectrum of licences: from copyleft ones that require inventors to put modifications back into the open source pool, to permissive licences such as Apache 2.0 that allow modifications to be commercialised.

[...]

With the loosening of restrictions surrounding open source use to take advantage of the open source space, however, comes the need for new processes to mitigate the risk of unknowingly incorporating technologies that have been ‘borrowed’ or have restrictive licences attached.

Not only do car companies need to check for third-party rights, they also need to ensure that any of the code used does not have a ‘back door’ built into it that would allow someone to hack into a product.

Gisler at Volvo Cars points out that car companies should assess risk anyway to ensure that components do not taint end products, given the increasing popularity of open source technology, even if they are not yet relaxing their supplier contracts.

CMS

• Best Joomla Extensions to Improve Your Site

  Joomla extensions are great for taking your new website to the next level. They offer solutions for almost everything, starting from content management to security issues. A lot of Joomla extensions are currently available and new ones are added almost every day!

  So how is one supposed to know which of the extensions are worth their time? Honestly, we all search for it on the web, so that we can benefit from the work of others. In fact, we were also struggling to find the best ones but couldn’t get through! But here’s a piece of good news for you! We have compiled all our efforts to find the best Joomla extension in this article!

  They are the ones tried and tested by us for you! So, now you do not have to go from one website to another! Just sit back and read on!

FSF/FSFE/GNU/SFLC

• GNU Spotlight with Mike Gerwitz: 16 new GNU releases in July!

  denemo-2.3.0
  direvent-5.2
  gama-2.06
  gnunet-0.11.6
  gnupg-2.2.17
  grub-2.04
  guile-2.2.6
  libmicrohttpd-0.9.65
  libtasn1-4.14
  linux-libre-5.2
  nettle-3.5
  parallel-20190722
  pies-1.4
  rush-2.1
  stow-2.3.0
  tramp-2.4.2

Legal

• The Key to Safety Online Is User Empowerment, Not Censorship

  The Senate Judiciary Committee recently held a hearing on “Protecting Digital Innocence.” The hearing covered a range of problems facing young people on the Internet today, with a focus on harmful content and privacy-invasive data practices by tech companies. While children do face problems online, some committee members seemed bent on using those problems as an excuse to censor the Internet and undermine the legal protections for free expression that we all rely on, including kids.

Openness/Sharing/Collaboration

• Open Hardware/Modding

  • Alibaba Is Open-Sourcing Its Powerful New RISC-V Processor for 5G and AI

    Alibaba says the Xuantie 910 IP design will be fully open-sourced so global developers can freely download its FPGA code. Alibaba has also created a chip platform for domain specific SoC, providing hardware and software resources including CPU IP, SoC platform and algorithms, and various chip services for enterprises and developers for different AIoT scenarios.

Programming/Development

• Episode #222: Interactive graphs with Bokeh and Python

  Do you have data you want to visualize and share? It’s easy enough to make a static graph of it. But what if you want to zoom in and highlight different sections? What if you need to rerun your ML model on selected data? Then you might want to consider working with Bokeh. It does this and much more. Join me on this episode where you’ll meet Bryan Van de Ven who heads up the Bokeh project.

• Creating Python GUI Applications with wxPython

  In this tutorial, we’re going to learn how to use wxPython library for developing Graphical User Interfaces (GUI) for desktop applications in Python. GUI is the part of your application which allows the user to interact with your application without having to type in commands, they can do pretty much everything with a click of the mouse.

  Some of the popular Python alternatives for developing a GUI include Tkinter, and pyqt. However, in this tutorial, we will learn about wxPython.

  Before we move further, there are a few prerequisites for this tutorial. You should have a basic understanding of Python’s syntax, and/or have done at least beginner level programming in some other language. Although you can follow it even if you do not meet these criterias, but you might find some parts to be a bit complex. If you do, feel free to ask for clarifications in the comments.

• Faster XML stream processing in Python

  It’s been a while since I last wrote something about processing XML, specifically about finding something in XML. Recently, I read a blog post by Eli Bendersky about faster XML processing in Go, and he was comparing it to iterparse() in Python’s ElementTree and lxml. Basically, all he said about lxml is that it performs more or less like ElementTree, so he concentrated on the latter (and on C and Go). That’s not wrong to say, but it also doesn’t help much. lxml has much more fine-grained tools for processing XML, so here’s a reply.

  I didn’t have the exact same XML input file that Eli used, but I used the same (deterministic, IIUC) tool for generating one, running xmlgen -f2 -o bench.xml. That resulted in a 223MiB XML file of the same structure that Eli used, thus probably almost the same as his.

• Intel releases RL Coach 1.0.0 with new algorithms and support for off-policy evaluation
  

  Back in 2017, Intel launched RL Coach, an open source framework for training and evaluating reinforcement learning agents.

  [...]

  RL Coach 1.0.0 adds a total of 27 reinforcement learning models, specifically — models driven by reward feedback loops that coax them toward specified goals — and APIs that support the use of Coach as a Python library. Also in tow is improved documentation and unspecified bug fixes, along with general performance enhancements.

• Intel’s LLVM-Based SYCL Compiler Continues Taking Shape

  While a bit quiet over the summer months and their Data Parallel C++ announcement was recently made, Intel’s LLVM-based SYCL compiler continues maturing and picking up new features as the beta roll-out of oneAPI is expected in Q4.

  Intel’s code pushes to their currently-forked LLVM repository this month has yielded new attributes being worked on for the Intel FPGA device support, a new plug-in interface to help with porting SYCL to non-OpenCL APIs, new address space handling rules, a basic version of a hierarchical parallelism API, new built-in functions, the removal of their old scheduler, and other enhancements.

• made some early design

  Python provides many built-in functions that are predefined and can be used by the end-user by just calling them. These functions not just ease the work of programmers but also create a standard coding environment. In this article, you will be learning about three such impressive functions namely map(), filter and reduce() in Python.

Chandrayaan-2: GSLV Mark III-M1 vehicle reduces number of orbit-raising exercises, saves fuel

In its maiden operational flight, the Geosynchronous Satellite Launch Vehicle – Mark III-M1 (GSLV Mark III-M1) vehicle used for launching Chandrayaan-2 had successfully placed the satellite in the Earth Parking Orbit (EPO) with perigee (closest distance from the earth) of 170 km and an apogee (farthest distance from the earth) of 45,475 km. The apogee of the earth parking orbit is about 6,000 km more than originally envisaged.

[...]

In the first of the orbit-raising exercise that was carried out on July 24, the perigee was increased from 170 km to about 230 km, while the apogee was reduced from 45,475 km to 45,162 km. Explaining why the orbit raising was done mainly to increase the perigee and not the apogee, Mr. Sivan said to The Hindu: “At 169.7 km altitude at perigee, the satellite is still in the earth’s atmosphere and so is exposed to heat stress while travelling at very high velocity. So we had to raise the perigee.”

The second orbit raising manoeuvre will be undertaken tonight (July 25) when the focus will be to increase the apogee in large measure, while there will be only a small increase in the perigee distance.

“Totally there will be six earth-bound, orbit-raising manoeuvres before the trans-lunar insertion, including the one on July 24. If the satellite had not gained nearly 6,000 km while being placed in the earth parking orbit, then there would have totally been seven orbit-raising manoeuvres,” Mr. Sivan said.

Currently, the ISRO website mentions only five orbit-raising manoeuvres and the perigee distance mentioned is 241.5 km after the first orbit raising exercise. “This will be soon revised,” he said.

Apple will reportedly begin getting rid of the MacBook’s butterfly keyboard this year

Rumors regarding the shift away from the butterfly keyboard have been circulating recently: Kuo reported earlier this month that the MacBook Air would get the new keyboard, followed by the 16-inch MacBook Pro next year. This latest report swaps those details, saying that the new MacBook Pro is now getting the scissor keyboard this year, and the other models will follow in 2020.

Juul Targeted Children at Schools and Online, U.S. House Panel Says

Internal emails from Juul show employees discussing how these programs resembled tactics used by cigarette makers in the past. In one email, a Juul employee called them “eerily similar,” according to the report.

Drug Pricing and Patents – Part I

My law school Dean, Lyrissa Lidsky recently published a new op-ed entitled Patent reform is needed to protect patients’ access to lifesaving drugs. Dean Lidsky is in the midst of breast cancer treatment that includes $150,000 for the biologic drug Herceptin. Genentech (Roche) has aggressively protected this multi-billion-dollar marketplace by asserting its patent rights against potential competitors.

[...]

The Bill would also limit the “retail list price” of U.S. drugs to “the lowest retail list price for the drug among Canada, France, the United Kingdom, Japan, or Germany.” Sen. Hawley explains in his press release: “There is no reason why U.S. pharmaceutical companies sell drugs to people in foreign countries far cheaper than what they charge Americans.” As it stands, the Bill this provision could be easily skirted by manufacturers and retailers. Notably, the Bill does not (1) define “retail list price;” (2) offer any enforcement mechanism; or (3) indicate if any agency would have authority to enforce the pricing provision. Unless those elements are tightened-up, the provision will be mere lip service.

Patent reform is needed to protect patients’ access to lifesaving drugs

I want every woman with Her2-positive breast cancer to be as fortunate as I have been. But the high cost of biologic drugs like Herceptin, which is made by Genentech (a unit of Roche), is a significant hurdle for many. Herceptin costs about $9,600 per vial, and patients like me take it every three weeks for a year — that’s more than $150,000. And that doesn’t even count the costs of the other drugs or treatments we require.

Is VLC media player Vulnerable to hackers? [Ed: The answer is "no", so why are such FUD pieces still being composed?]

VLC Media Player,has been detected with a critical vulnerability that allows hackers to hijack your computers and see your files.

My take on OpenPGP best practices

After having seen a few talks at DebConf on GnuPG and related things, I would like to document here how I currently manage my OpenPGP keys, in the hope they can be useful for other people or for discussion. This is not a tutorial, meaning that I do not give you the commands to do what I am saying, otherwise it would become way too long. If there is the need to better document how to implement these best practices, I will try to write another post.

I actually do have two OpenPGP certificates, D9AB457E and E535FA6D. The first one is RSA 4096 and the second one is Curve25519. The reason for having two certificates is algorithm diversity: I don’t know which one between RSA and Curve25519 will be the first to be considered less secure or insecure, therefore I would like to be ready for both scenarios. Having two certificates already allows me to do signature hunting on both, in such a way that it is easy to transition from one to the other as soon as there is the need.

The key I currently use is the RSA one, which is also the one available in the Debian keyring.

(If you search on the keyservers you will find many other keys with my name; they are obsolete, meant for my internal usage or otherwise not in use; just ignore them!)

Even if the two primary keys are different, their subkeys are the same (apart from some older cruft now revoked), meaning that they have the same key material. This is useful, because I can use the same hardware token for both keys (most hardware token only have three key slot, one for each subkey capability, so to have two primary keys ready for use you need two tokens, unless the two keys share their subkeys). I have one subkey for each subkey capability (sign, encrypt and authentication), wich are Curve25519 keys and are stored in a Nitrokey Start token. I also have, but tend to not use, one RSA subkey for each capability, which are stored on a OpenPGP card. Thanks to some date tweaking, both certificates are configured in such a way that Curve25519 subkeys are always preferred over RSA subkeys, but I also want to retain the RSA keys for corner cases where Curve25519 is not available.

Should you uninstall VLC or not? Here’s what you must really do

VLC, the popular multimedia player, was pushed into a controversy after a report submitted by WinFuture stated that the player had security issues. WinFuture in its reports classified the app to be a High Risk (Level 4), hence recommending users to uninstall it from the PCs.

As per the report, WinFuture claims that the vulnerability would allow hackers to alter the codes and breach the user data in the PC. The security agency described the issue to be ‘a remote’ that would allow hackers to use the flaw to execute arbitrary codes, create a denial of service state, disclose user information or even manipulate PC files. The vulnerability can also allow the scavengers to install, modify or run software applications without administrative authorisations.

The report has further stated that the PCs running Windows, Linux, and UNIX operating systems are most vulnerable to the flaw. The security agency cleared that there were no reported cases of data theft through the flaw but considering the potential of the flaw, the users have to be very careful.

With ransomware on the rise, RCMP urging victims to ‘be patient with police’ [iophk: gross negligence in allowing use of Windows]

But to get a real sense of the problem, Flynn said, you can multiply most online extortion stats by 20.

“Numbers are hard to give because we also have a serious lack of reporting,” he said.

“There is a significant underreporting of cybercrime. Some of that comes from embarrassment, fear of reputational harm.”

Flynn said that major corporations don’t want to lose customers and risk the public backlash.

Security updates for Friday

Security updates have been issued by Debian (libssh2 and patch), Fedora (kernel and kernel-headers), Mageia (vlc), Red Hat (rh-redis32-redis), SUSE (libgcrypt, libsolv, libzypp, zypper, and rmt-server), and Ubuntu (exim4, firefox, libebml, linux, linux-aws, linux-kvm, linux-raspi2, and vlc).

Why you can’t backdoor cryptography

Once again the topic of backdooring cryptography is in the news. The same people will fight the same fight. Again. So far sanity has prevailed every time we do this, but that doesn’t mean anyone should sit this one out. Make sure you tell everyone to pay attention and care. Trustworthy cryptography is too important.

Given the language used it sounds a lot like what’s really being discussed is having the ability to view chat apps, view emails, and unlock phones. All things with a consumer focus. They’ve lost this fight more times than we can count now, no doubt this direction change is an attempt to spread confusion.

I also want to look at this from a slightly different angle this time. Generally we talk about how the technology behind a backdoor doesn’t work. That’s still true, but let’s pretend the technology could work. Maybe some grad student is finishing up a paper and next month we’ll hear about a new form of cryptography that can be backdoored without any technical problems. It actually can’t because people are the problem. This is like insisting we build a rocketship out of cardboard to go to the moon. Just no. But in this post, we’re going to pretend we have a technical solution. Put on your cardboard space helmet, it’s time to get real.

Manage your passwords with Bitwarden and Podman

You might have encountered a few advertisements the past year trying to sell you a password manager. Some examples are LastPass, 1Password, or Dashlane. A password manager removes the burden of remembering the passwords for all your websites. No longer do you need to re-use passwords or use easy-to-remember passwords. Instead, you only need to remember one single password that can unlock all your other passwords for you.

This can make you more secure by having one strong password instead of many weak passwords. You can also sync your passwords across devices if you have a cloud-based password manager like LastPass, 1Password, or Dashlane. Unfortunately, none of these products are open source. Luckily there are open source alternatives available.

Trump vetoes restrictions on weapons sales to Saudi Arabia

US President Donald Trump vetoed three Congress bills that would have blocked billions of dollars in US arms sales to Saudi Arabia.

The Congressional effort, which also included representatives of the Republican party, comes as a response to the Trump administration’s decision to sideline the US lawmakers. When the $8.1 billion (€7.3 billion) sale was announced last month, Secretary of State Mike Pompeo said they would bypass the usual congressional review by declaring a national security emergency. Pompeo justified the emergency by pointing to the alleged threat of Iran. Saudi Arabia and the United Arab Emirates (UAE) are Iran’s main opponents in the Middle East.

‘Patient zero’ in cyberattack on UN aviation agency was senior official’s son, email reveals

Almost five months after CBC News reported an attempt by four members of ICAO’s information technology team to cover up its mishandling of the cyberattack, Vincent Smith — ICAO’s director of the bureau of administration and services — is going public with accusations of misconduct against ICAO Secretary General Fang Liu and the agency’s council president, Olumuyiwa Benard Aliu.

Smith has told CBC News he’s been warned he’s committing career suicide by coming forward, but he sees it as a duty.

Iraqi reporter’s home searched after he exposes corruption

Reporters Without Borders (RSF) is appalled to learn that a judge in Basra, in southern Iraq, ordered I News investigative reporter Hassan Sabah’s arrest this week on spurious grounds after he exposed a case of alleged corruption involving another Basra judge.

Mueller on Trump’s WikiLeaks embrace: ‘Problematic is an understatement’

Trump mentioned WikiLeaks 145 times in the final month of the campaign alone, according to NBC News.

In April of this year, however, Trump sought to distance himself from Wikileaks founder Julian Assange following his arrest.

Greenhouse-gas emissions are increasing the frequency of heatwaves

If your hunch is that this kind of extreme weather is more common today than it was once-upon-a-time, you are correct. When, in 2003, tens of thousands of people in Europe died prematurely as a result of a two-week heatwave, it was deemed to be a once-in-1,000-years event. Twelve years later, a study led by Nikolaos Christidis of the Hadley Centre, the climate-research division of Britain’s Met Office, found that heatwaves of this severity had become once-in-100-years events, and would be commonplace by the 2040s.

The Crisis Lurking in Californians’ Taps: How 1,000 Water Systems May Be at Risk

As many as 1,000 community water systems in California may be at high risk of failing to deliver potable water — one out of every three — according to a previously undisclosed estimate by senior officials at the California State Water Resources Control Board, which regulates drinking water. These troubled districts, which include Sativa, often operate in mostly poor areas on thin budgets. With little oversight, they face problems ranging from bankruptcy to sudden interruptions in water capacity, to harmful toxins being delivered through taps.

The Latest: Fan Fit for a Queen Gets Noticed in Heat Wave

A Dutch government health institute is warning of high levels of smog due to ozone in the air in parts of the country as a heat wave bakes Europe.

The National Institute for Public Health and the Environment issued a “smog alarm” Thursday for regions including the densely populated cities of Amsterdam, Rotterdam and The Hague.

The institute says air quality in the some regions will be “extremely bad” because light winds mean that pollution is not being blown away and sunlight transforms it into ozone.

PNG roadbuilding spree threatens environment, communities and economy

A huge roadbuilding scheme in Papua New Guinea could imperil some of the largest, biologically richest and culturally most diverse forests on the planet, says an international research team led by James Cook University in Australia.

“This plan has big red flags all over it,” said JCU’s Professor Bill Laurance, the team leader.

The PNG government plans to dramatically increase its national road network, from 8700 to 15,000 kilometres in length, over the next three years. New road segments will crisscross much of the country.

“PNG isn’t even maintaining its current roads, and now the government wants to double its road network, often in wet, steep and remote terrain? The new roads will be tremendously expensive to build and maintain,” said Dr Laurance.

“Many will cut through critical habitats of endangered wildlife, including that of rare tree-kangaroos and birds of paradise,” said Dr Mohammed Alamgir, lead author of the study. “Altogether, 54 critical biodiversity areas will be threatened and there will be a great deal of forest fragmentation.”

“The new roads will create many deforestation hotspots for rainforests and carbon-rich peatlands, sharply increasing greenhouse-gas emissions,” said Dr Alamgir.

The research team, from Australia, Papua New Guinea and Germany, published their findings this week in the PLOS ONE journal.

Papua New Guinea’s Road Expansion Plan Would Escalate Deforestation

Papua New Guinea hopes to nearly double the length of its road network by 2022, posing grave threats to more than 50 parks and biodiversity-rich areas…

First Heat Wave of the Summer to Hit Nevada County This Weekend

July 26, 2019 – Our relatively mild summer is heating up this weekend, with temperatures projected to hit 100 degrees in parts of Western Nevada County. During this heat wave, the Nevada County Public Health Department would like to remind everyone that higher temperatures can be dangerous for all persons but especially the very young, senior citizens, and those with chronic medical conditions.

Energy

• 4 Automakers Strike Emissions Deal With California, Steering Clear From Trump’s Pro-Pollution Agenda

  Four automakers from three different continents have struck a deal with California and agreed to adhere to the state’s stricter emissions standards, undercutting one of the Trump administration’s environmental regulatory rollbacks, according to The New York Times.

  The agreement between the California Air Resources Board and Ford, Honda, Volkswagen and BMW of North America followed weeks of secret negotiations. The four automakers agreed to a fleet average of 51 mpg for light-duty vehicles by the 2026 model year. That’s slightly lower and longer than the fuel economy standards of 54.5 miles per gallon by 2025 set by the Obama administration in 2012.

  The four major automakers’ agreement to legitimize California’s authority to set emissions standards runs counter to a White House plan to take that right from the states, as Reuters reported.

  Under the Trump administration’s plans to roll back the Obama-era regulations, emissions standards would top out at 37 miles per gallon. California and 13 other states stood in defiance and vowed to enforce the stricter standards, setting up an uncomfortable situation for automakers where the market would be split in two, according to The New York Times.

  The agreement is a win for the automakers. They will have slightly more time to deliver vehicles that will have to meet standards nearly as ambitious as the Obama administration set forth. And, it will put an end to conflicting state and federal standards.

Wildlife/Nature

• Crop diversity keeps bees buzzing happily

  Tomorrow’s world could be a hungrier world. That is because as large-scale agribusiness gets busier crop diversity diminishes, and the pool of potential pollinators will become increasingly at risk.

  Those crops that rely on pollination by the animal world can only deliver the reward of nourishment to bees and other insects for a very short time. As developing nations switch increasingly to massive plantations of soy, canola and palm oil, the creatures farmers rely on to set seed and begin the process of setting fruit will have a problem finding a food supply for the rest of the year.

  [...]

  The researchers looked at data from the UN’s Food and Agricultural Organization on the cultivation of field crops between 1961 and 2016. They found that more and more land is being colonised for agriculture, and the area cultivated for crops that rely on pollinators has increased by 137%. But crop diversity has increased only by 20%. And 16 of the 20 fastest-growing crops require pollination by insects or other animals.

McConnell blocks two election security bills

“Mueller’s testimony was a clarion call for election security. Mueller’s testimony should be a wake-up call to every American, Democrat, Republican, liberal, conservative, that the integrity of our elections is at stake. … This is all about the future of this country,” he added.

Hong Kong police made no arrests after mob assaulted commuters, protesters, journalists in Yuen Long

Police have said that no arrests were made and no weapons were found when they checked a group of people in white accused of beating up residents, journalists and a lawmaker in Yuen Long. The incident took place on Sunday night, hours after an anti-extradition march ended on Hong Kong Island.

Twenty organisations call on the new President of the European Commission to make press freedom a priority

In a joint-letter, Reporters Without Borders (RSF) and 19 other organisations urge incoming president of the Commission Ursula von der Leyen to ensure that media freedom, the protection of journalists, and EU citizens’ access to information are top political priorities during her term.

MSNBC’s Anti-Sanders Bias Makes It Forget How to Do Math

The hostility is so entrenched, in fact, it seems to have corrupted MSNBC’s mathematical reasoning and created a new system of arithmetic. The cable news network has repeatedly made on-air and online mistakes about Sanders’ polling and other numbers—always to his detriment, and never with any official correction.

Here are some new rules MSNBC seems to follow when it comes to math and Bernie Sanders.

Presidential Candidate Tulsi Gabbard Sues Google, Using All The Same Debunked Legal Theories Others Have Tried

Well, here’s an odd one: the Presidential campaign for Tulsi Gabbard is now suing Google claiming, among other things, that the company has “violated her First Amendment rights” by temporarily shutting down her advertising account and also funneling some of her campaign emails to spam in Gmail. This lawsuit is a complete non-starter, and makes use of the same debunked legal theories that others have used against social media companies. First, it argues that closing her Google advertising account was obviously because people at Google didn’t want her message getting out after the first Democratic Presidential debates.

City Of Orlando Kicks Amazon’s Facial Recognition Tech To The Curb

For a few years now, the company behind online streaming and speedy, cheap shipping has been seeking to expand its offerings. Amazon Web Services pays the bills, providing data storage for multiple companies/governments. “We can remember it for you wholesale!” Amazon promises. But that’s the old thing.

The next tech bet Amazon is willing to use as a loss leader to gain market share is facial recognition. Amazon has been handing this stuff out like bank teller lollipops to any law enforcement agency with money to spend and a desire to expand its surveillance net.

Naturally, Amazon is high on its own supply. Everyone else, not so much. Congress demanded answers after a test drive of Amazon’s facial recognition tech (called “Rekognition” because misspellings mean the future is now) said 28 of its members were criminals.

At that point, it was no longer an existential threat to people’s freedom. It was now a pile of computational garbage incapable of telling a Congressperson from a criminal. That those two groups sometimes have a significant overlap was lost on everyone involved. But the upshot was the US federal government had its eyes pinned on Rekognition, for better or worse.

The Newest Growth Market For License Plate Readers Is Those Assholes Running The Local Homeowners Association

Everyone loves surveillance creep. Well, by everyone, I mean the government and the vendors that sell to them. Automatic license plate readers have made their way from police cruisers to malls, as has facial recognition tech that very often fails to actually recognize people.

The “everyone” may now include the near-fascist organizations turning neighborhoods into glittering shrines of conformity. I’m talking about homeowners’ associations — the anal-retentive busybodies who want to make sure your grass is cut to the correct length and that no one’s offending passersby with creative mailboxes.

The Denver Post reports the newest customers for surveillance tech is HOAs and gated communities.

Bill Proposes Requirement Of Russian Software On Tech Devices

Russian lawmakers are proposing legislation that would require all smartphones, computers and smart TVs sold in Russia to come pre-installed with certain Russian software.

Reuters reported that the draft bill aims to support domestic software producers, allowing authorities to create a list of mandatory, local software. If passed, it would go into effect in July 2020. Companies that do not comply would be fined anywhere from 50,000 to 200,000 rubles ($790-3,170) starting in January 2021.

The proposal needs to be backed by the lower house of parliament and then by the upper house and President Vladimir Putin in order to become a law.

Russian lawmakers propose making local software mandatory on smartphones

Russian lawmakers want to make it a legal requirement for all smartphones, computers and smart TV sets sold in Russia to come pre-installed with certain Russian software in a bid to support domestic software producers, according to a draft bill.

The bill, tabled at the lower house of parliament on Thursday, would allow authorities to draw up a list of mandatory, locally-made software. If passed, it would come into force in July 2020.

Why Corporations Want You to Shut Up and Meditate

In the wrong hands, he argues, mindfulness can become an instrument for corporate compliance. Rather than organize to change the need for self-care and breathing exercises in the first place, he writes, corporate mindfulness, or McMindfulness, becomes a pacifier that teaches workers to be comfortable with insecurity. Emotions like stress and anger are purely subjective, arising not from precarious labor conditions but from within—all in your head.

Who Should the Police Answer To?

But there were ambiguities: The first officer to arrive after the shooting didn’t see a handgun on the scene—Lippert said he’d put it in his pocket to secure the area—and a subsequent lab analysis of the weapon found no identifiable prints or DNA linked to Clemmons.

DNA put him behind bars for a 1997 rape. Then his old girlfriend saw a photo that set him free

The case took 20 years to go to trial because after the 1997 attack, the teen’s untested rape kit languished at a police property storage facility, part of a group of 11,000 discovered in 2009. Eventually, it was tested.

In some northern Indian villages, girls are never born

Over the past three months, not a single girl was born in 132 villages in the northern Indian state of Uttrakhand, according to local authorities. An investigation was launched over the weekend after official data revealed that of the 216 children born in 132 villages in the Uttarkashi district, not one was female, according to Asian News International (ANI). In 16 of the 132 villages, now marked as a “red zone”, no female births were recorded over the past six months.

Eric Garner’s Killer Got a Raise—and de Blasio Did Nothing

Here are 11 times the de Blasio administration failed to act: [...]

The ‘Total Anarchy’ of Wet Cops

The family of Eric Garner, the Staten Island father infamously choked to death by a New York City cop in 2014 (Extra!, 1–2/15), was told last week by the Justice Department that charges would not be brought against that officer. Family members and activists responded with fury, mostly aimed at Mayor Bill de Blasio, whose refusal to fire the officer, Daniel Pantaleo, allows his abusive run at the NYPD to continue.

This week, however, an event deemed more outrageous and reprehensible by the press took the spotlight away from the Garner saga: Police officers were doused with water during a record heatwave.

No one was hurt in the two separate water-throwing incidents, which involved squirt guns as well as buckets of water, but unlike copaganda coverage of NYPD officers engaging in a snowball fight with kids—framed as “heartwarming” by local media—this time a moral panic ensued, as media and police brass proclaimed that “disrespect” cannot be tolerated. In the barrage of hand-wringing and finger-wagging stories that ensued, we are given insight into the deep, ideological concern for cops that some media outlets harbor as they amplify voices that distort reality and shift victimhood onto the police force.

Our journey begins in the pages of the New York Post (7/22/19), which broke the story of the watery carnage on Monday. The original headline, since changed, alluded to a total breakdown of civilized society: “‘Total Anarchy’: NYPD Cops Get Drenched by Buckets of Water.” The “total anarchy” remark was attributed to anonymous police sources, which are often the most-cited voices in the pages of the local tabloids; they added that “there’s lawlessness around here now.”

Ed Morales on Puerto Rico Protests

This week on CounterSpin: Someone was asleep in the Tone Deafness Department at the New York Times, and allowed the paper to describe Puerto Rico as a place where “people enjoy the benefits of American citizenship but cling to their own Spanish-speaking culture.” Besides whatever the paper means by “clinging” to a culture, it’s weird to say Puerto Ricans do so despite the benefits of US citizenship they rather famously do not enjoy—like real representation in Congress. That tossed-off sentence is one hint that elite outlets are not the first place to look for a serious understanding of fast-moving but deeply rooted events in Puerto Rico, where massive popular protests have just led to the resignation of Gov. Ricardo Rossello.

We’ll talk about Puerto Rico with Ed Morales, he teaches at Columbia University’s Center for the Study of Ethnicity and Race; he co-directed the documentary, Whose Barrio?, and he’s author of the forthcoming, Fantasy Island: Colonialism, Exploitation and the Betrayal of Puerto Rico.

Small Towns In Alaska Are Staffing Their Police Departments With Convicted Criminals

Hiring cops is hard work. That’s probably why we’re not exactly blessed with the best of the best. Over the past few years, police officer morale has been in a nosedive. As the public’s awareness of police misconduct has increased (along with third-party footage of said misconduct), cops have discovered the job is no longer quite as fun as it used to be. Lots of power and zero accountability is a hell of a drug, but even that wears off eventually.

But cop shops still need cops, so hiring continues. Law enforcement agencies endlessly recycle fired officers, giving them unearned shots at redemption. Other agencies have just given up, hiring whoever walks through the door expressing interest in the position.

When the openings exceed the hiring pool, you get the mess being inflicted on the residents of Stebbins, Alaska. This horrifying report by Kyle Hopkins for ProPublica demonstrates just how low the bar can be set for new hires if your agency is desperate enough.

AT&T Loses 1 Million Video Users After Spending Billions On Mergers To Dominate Video

This wasn’t how it was supposed to go for AT&T. In AT&T executives heads, the 2015, $67 billion acquisition of DirecTV and the 2018 $86 billion acquisition of Time Warner were supposed to be the cornerstones of the company’s efforts to dominate video and online video advertising. Instead, the megadeals made AT&T possibly one of the most heavily indebted companies in the world. To recoup that debt, AT&T has ramped up its efforts to nickel-and-dime users at every opportunity, from bogus new wireless fees to price hikes on both its streaming and traditional video services.

Not too surprisingly, these price hikes are now driving subscribers to the exits.

This Summer, Take Some Time to Stand Up for Net Neutrality

As we head into the August, Congress will be on recess and most of your senators and representatives will be heading back to their home states. That means it’ll be easier for you to reach out and talk to them or their staff and ask them to act on important legislation. Earlier this year, the Save the Internet Act—a bill which would restore the net neutrality protections of the 2015 Open Internet Order and make them the law of the land—passed the House of Representatives. The Senate needs to be pressured into following suit.

To help you do that, we’re updating and relaunching our Net Neutrality Defense Guide. Last year, the Defense Guide was focused on using a vehicle called the Congressional Review Act (the CRA) to overturn the FCC’s repeal. Since the Senate voted for the CRA with a bipartisan majority vote, last year’s guide focused on getting the House of Representatives to vote.

This year, we have the opposite situation. Since the House has voted for the Save the Internet Act and the Senate has not, and our guide has been updated to reflect the new bill, the new target, and the new arguments we’ve heard for and against the Save the Internet Act.

Facebook is facing another FTC antitrust probe

Confirmation of the investigation came as part of its second-quarter financial results release, which showed Zuck’s company made a healthy $2.6bn in profit, even after it recorded $2bn in expenses relating to the FTC settlement. So Facebook still makes enormous profits despite being down some 48 per cent on the same quarter in 2018.

Businesses in Asia reveal trade secrets struggles

In-house counsel face challenges in deciding between protecting inventions with patents or keeping them secret as regulations are still developing

Patents and Software Patents

• Qualcomm’s Petard: Apple Acquires Modem Business From Intel

  Yesterday, Apple officially announced its acquisition of Intel’s smartphone modem unit. Apple will receive a variety of assets from Intel, including patents, as well as a significant portion of Intel’s employees dedicated to wireless modem technology. Intel retains the ability to develop 5G systems for non-smartphone applications like PCs, Internet of Things devices, and autonomous vehicles. The acquisition gives Apple a functional smartphone modem product—one they already use in their own products—and enhances Apple’s ability to further develop such products, an ability it had already been seeking out.

  But for Qualcomm, the deal represents a serious threat to its long-term prospects. The biggest issue looming in the background is the ongoing FTC v. Qualcomm case. Judge Koh’s order requires Qualcomm to renegotiate its licenses without the threat of chip supply disruption and to license its chipset competitors. If the FTC prevails on appeal, then Apple will be in a position to renegotiate its licenses with Qualcomm—and Qualcomm would be required to license Apple’s baseband chips, rather than their phones as a whole. What’s more, the license would need to be at a FRAND rate, rather than the supra-FRAND rates Qualcomm currently receives.

• Macabre Qualcomm-internal presentation used tombstones to illustrate competitors’ exits from mobile chipset market

  In a medical context, “to exit” means “to die.” That particular meaning of the word appears to have served as inspiration for somebody at Qualcomm who made the macabre design choice to depict the exits of key competitors from the mobile chipset market (Freescale in 2008, ST Ericsson in 2010, Texas Instruments in 2011, Broadcom in 2012, and Nvidia in 2014) as a graveyard at the bottom of a chart with tombstones to the left and right (click on the image to enlarge; this post continues below the image):

  [...]

  A MediaTek executive was also a key witness earlier this year in the FTC v. Qualcomm antitrust trial in the Northern District of California. MediaTek, which competes with Qualcomm mostly in the lower-priced market segment, “sells more than 1.5 billion semiconductor chips per year powering cell phones, tablets, voice assistant devices, smart TVs, and media players.” Qualcomm’s lawyers and expert witnesses sometimes point to the fact that MediaTek succeeded in a certain part of the market in an effort to blame other companies’ problems just on their own decisions and execution.

  MediaTek’s brief focuses on Qualcomm’s obligation to extend an exhaustive SEP license on FRAND terms to rival chipset makers. MediaTek argues (and I agree) that it’s in the public interest for Qualcomm to begin meeting that obligation sooner rather than later.

  The law firm representing MediaTek here is Boies Schiller & Flexner, which also represented Apple against Qualcomm. Boise Schiller’s William Isaacson, the American Lawyer Litigator of the Year 2016, was spotted at the FTC v. Qualcomm trial in San Jose in January every single day.

• Section 101 uncertainty not stopping patent filing: financial companies [Ed: Companies still pursue fake patents court would reject; as they hope to use these illegal patents outside the court, extrajudicially. Several blogs that existed purely to promote software patents and workarounds for those have died completely. This is very good news.]

  Section 101 uncertainty is not stopping financial services companies from filing patents at the USPTO, according to in-house counsel at yesterday’s Protecting Innovations in the Financial Services Industry conference in New York.

  Giving their personal views, patent lawyers at Wells Fargo, Capital One and the Clearing House Payments Company spoke about how the most important filing consideration is whether there is a clear business case for patent protection, despite the difficulties of getting patents for ‘abstract ideas’ under the post-Alice eligibility framework.

  Patent eligibility considerations, they added, have a bigger impact on the decision on how their businesses will go about filing a patent rather than whether they will apply for protection.

  “Uncertainty around 101 has changed our filing strategies, but we conduct patentability investigations and much of the time you can build a case on 101 grounds,” said David Easwaran, senior IP counsel at Wells Fargo in New York. “When making the determination on whether to file, we look at whether the business is interested in the technology and whether there is a clear space in the prior art to develop it.”

  He adds: “Section 101 influences what we are going to do with a patent application rather than if we are going to file for one.”

  [...]

  Sean Reilly, associate general counsel at the Clearing House Payments Company, a payment system infrastructure, said he has similarly found that putting more meat on the bones of a disclosure is important for fighting off 101 rejections. That need also puts more pressure on outside counsel to draft applications correctly, he added.

  Bludau at Capital One said he was becoming more concerned with the cost of prosecution because of the need for financial services companies to put more into their applications.

• The Proper Role of the Federal Circuit [Ed: Kevin E. Noonan one among several loudmouthed patent maximalists who have lately been blasting courts that aren't stuffed/stacked with patent maximalists like themselves]]

  There has been much commentary, some of it incendiary, regarding whether the Court of Appeals for the Federal Circuit is fulfilling its responsibilities under its enabling statute or failing to provide the proper pro-patent perspective in its response and implantation of the Supreme Court’s jurisprudence regarding subject matter eligibility under 35 U.S.C. § 101. The problem is illustrated by the comments provided by two members of the Court, Judges Lourie and O’Malley, in their concurrence and dissent, respectively, with the Court’s per curiam denial of en banc review in Athena Diagnostics Inc. v. Mayo Collaborative Services, LLC.

• Indivior Inc. v. Dr. Reddy’s Laboratories, S.A. (Fed. Cir. 2019)

  Last month, the Federal Circuit affirmed decisions from four separate trials in the District of Delaware involving seven different defendants regarding validity and infringement of patents directed to an opioid addiction treatment in Indivior Inc. v. Dr. Reddy’s Laboratories, S.A.

  [...]

  In four bench trials the District Court found the ’514, ’497, and ’150 patents were not invalid for obviousness and the ’514 patent was not invalid for indefiniteness.

  [...]

  Finally the Federal Circuit affirmed the District Court’s determination that Watson had not established by clear and convincing evidence that the claims of the ’150 patent were obvious. This determination rested on whether the ’150 patent was entitled to the priority date of the earlier-filed U.S. Provisional Patent Application No. 60/473,902, i.e., whether that application satisfied the disclosure requirements of 35 U.S.C. § 112 for the ’150 patent claims.

  [...]

  The Federal Circuit found no clear error in this determination by the District Court because “the application discloses that a polymer component with 60% L-PEO has desirable properties and that the remainder of the component may include H-PEO and HCP,” consistent with ’150 patent claims.

• Exhaustion of rights? When is a purchaser’s implied licence not a licence?

  The case involved Seiko Epson Corporation’s (Seiko) “EPSON” branded printer cartridges that embodied the invention in two Australian Patents (Seiko Patents).

  After original consumers had purchased, used and discarded the original Epson cartridges, third parties including Ninestar Image (Malaysia) (Ninestar) would obtain the cartridges and modify them so that they could be refilled with ink and resold.

  [...]

  The parties appear to have agreed that the implied licence does not extend across the breadth of the patentee’s right to exploit the patented invention. It is difficult to reconcile this position with Justice Stephen’s statement that the licence attaches to the monopoly granted under the Patents Act and derives from that monopoly.

  As foreshadowed by the parties, perhaps it is time for the High Court to decide whether the exhaustion of rights doctrine is alive and kicking in Australia.

Trademarks

• Vallenato and Raicilla, take me south

  Brazil- Once again, Crocs has obtained a favorable ruling in Latin America. The commercial success of these products in Latin America has attracted copycats (pun intended), which seek to reap where they have not sowed (the Kat already covered a similar action, in Colombia here). This time, Rio de Janeiro’s Second Instance Court decided against the trading shoes under the trademark “Coqui”, here, ruling that it is confusingly similar to “Crocs”. The trademark was applied for in 2010 by BLUE FLASH – COMÉRCIO DE IMPORTAÇÃO E EXPORTAÇÃO LTDA (here), but was denied in June 2015 under art. 124.XIX of the Lei 9.279/1996.

Copyrights

• Copyright Troll Richard Liebowitz May Have Cost His Client A Ton Of Money, And Set An Expensive Precedent For Copyright Trolls

  In the last couple of years, lawyer Richard Liebowitz has really made a name for himself in copyright trolling circles. He’s quite aggressive, and even got a huge profile written about him at Slate, in which it notes that, unlike many trolls who focus purely on shakedown settlement letters, Liebowitz runs straight to court to leverage the power of an expensive court case to push for insane settlements. “Sue first and negotiate later.” The Hollywood Reporter has done its own profile on Liebowitz as well.

• Why A ‘Clever Hack’ Against Nazis Shows How Upload Filters Have Made Copyright Law Even More Broken

  As Techdirt has pointed out many times, one of the biggest problems with the EU Copyright Directive’s upload filters is that they will necessarily be automated, which means they will inevitably be flawed. After all, it can take the EU’s top judges weeks to decide complex questions about whether something is copyright infringement or not. And yet Article 13/17 expects software to do the same in microseconds. This kind of collateral damage from clueless algorithms is already happening, albeit on a small scale. Boing Boing has an interesting new twist on this problem. Cory Doctorow writes about an idea that RJ Jones mentioned on Twitter:

IBM

• Red Hat Enterprise Linux 8.1 Operating System Enters Beta with Enhanced Security

  Red Hat Enterprise Linux 8.1 is the first major update to the Red Hat Enterprise Linux 8 operating system series delivering new security enhancements, improved manageability, updated drivers for better hardware support, greater developer productivity, as well as another layer of performance improvements for better reliability and stability.

  Security is very important these days, and Red Hat Enterprise Linux 8.1 Beta introduces container-centric SELinux profiles, which lets administrators create security policies that are more tailored to their needs for better control over container access of a host system’s resources, such as compute, network, and storage.

• Red Hat CTO Chris Wright talks about Red Hat’s future with IBM

  and Linux kernel developer Chris Wright reassured everyone that Red Hat would be staying its open-source and product course.

  Question number one was what are the plans for Red Hat’s Kubernetes offering OpenShift. Kubernetes is vital for the modern-day hybrid cloud. Indeed, one of the big reasons why IBM bought Red Hat was for its hybrid-cloud expertise. That said, IBM has its own native Kubernetes offering, IBM Cloud Kubernetes Service for use on its private cloud offerings.

2×56: Solvitur Ambulando

Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which there might be toilet paper conferences, you don’t know, and:

[00:01:15] What makes a good conference? We’re digging into this in some depth; what makes a conference fun, or useful, or beneficial, or all of the above, and what stops it from being those things? What’s the point of conferences anyway? A wide-ranging discussion trying to work out what people are doing well, and not so well.

Destination Linux 131 – Endeavour OS, Deepin, OnlyOffice, Silverblue, Pinebook Pro, Ubuntu Mate, GPD

Endeavour OS, Deepin 15.11, OnlyOffice 5.3, Ubuntu Mate 19.10 Alpha GPD MicroPC, Pinebook Pro Pre-orders, Silverblue, Gnome Extension With Malware, Google Stadia, Steam Sale Apollo 11

Collabora Adds Big Performance Improvements for Linux Gamers in Linux Kernel 5.2

kernel series, a total of 11 kernel engineers authored no less than 61 patches, signed-off on a total of 131 changes, tested 47 fixes, acknowledged another 9 patches, and suggested 4 changes implemented by other kernel developers.

However, the most important contribution made by Collabora to Linux kernel 5.2 is the implementation of case-insensitive functionality for the EXT4 file system, which is used by default by almost all GNU/Linux distributions. This change will provide major performance improvements for various emulated programs, such as games running in Wine.

XCP-ng 8.0

The big release is here. After about a month of QA on the Release Candidate, XCP-ng 8.0 is now available and can be safely used in production environments.

Most of the new features available in this new version have already been presented in our previous blogpost concerning the RC (some highlights, UEFI support, ZFS support and a new XOA quick deploy). However, some additional features and changes are notable.

XCP-ng 8.0 Hypervisor Released – Based On Xen 4.11, Embeds ZFS On Linux, Adds UEFI

XCP-ng, the enterprise-focused hypervisor based on Xen Server that offers a web UI for management, scalability optimizations, live migration support, and other community features, is up to version 8.0.

XCP-ng 8.0 was just released today and it is based on Xen 4.11. This XCP-ng 8.0 release adds in ZFS On Linux 0.8.1, UEFI support, MDS/Zombieload fixes, a variety of new packages, and other features.

Graphics Stack

• xf86-video-s3 0.7.0

  This is a maintenance release of S3 DDX for X.Org X Server.
  The DDX compiles cleanly without compilation warnings on X Server 1.19.6.
  
  Kevin Brace
  Brace Computer Laboratory blog
  
  https://bracecomputerlab.com
  
  --
  Alan Coopersmith (7):
        When checking malloc for success, it helps to use == NULL, instead of =
        s3_bios.c: Simplify code for choosing between 16000 & 16000 for RefClock
        Remove unused BIOS size & address macros
        configure: Drop AM_MAINTAINER_MODE
        autogen.sh: Honor NOCONFIGURE=1
        Update README for gitlab migration
        Update configure.ac bug URL for gitlab migration
  
  Emil Velikov (1):
        autogen.sh: use quoted string variables
  
  Eric S. Raymond (1):
        Fix malformed list syntax.
  
  Gaetan Nadon (1):
        Remove mibstore.h
  
  Kevin Brace (5):
        Discontinue the use of xf86PciInfo.h
        Use const char for xf86GetOptValString return type
        Eliminate set but not used variable compilation warnings
        Eliminate unused variable compilation warning
        Version bumped to 0.7.0
  
  Mihail Konev (1):
        autogen: add default patch prefix
  
  Peter Hutterer (1):
        autogen.sh: use exec instead of waiting for configure to finish
  
  git tag: xf86-video-s3-0.7.0
  

• X.Org’s S3 Graphics Driver Sees First Release In Seven Years – Still Pre-1.0

  S3 Graphics drivers are still alive and well on Linux, well, sort of. On Thursday was the first new open-source xf86-video-s3 driver update in seven years.

  Kevin Brace, the open-source contributor known for working on the VIA OpenChrome driver and other vintage open-source graphics drivers, took to releasing xf86-video-s3 0.7.0. While it’s been seven years since the previous release (v0.6.5), there isn’t all that much in 0.7.0.

• Zink: Summer Update and SIGGRAPH 2019

  In addition to this, there’s been a pretty significant rewrite, changing the overall design of Zink. The reason for this, was that I made some early design-mistakes, and after having piled a bit too many features on top of this, I decided that it would be better to get the fundamentals right first.

  Sadly, not all features have been brought forward since the rewrite, so we’re currently back to OpenGL 2.1 support. Fixing this is on my list of things I want to do, but I suspect that cleaning things up and upstreaming will take presedence over OpenGL 3.0 support.

Mini PCs Linux Performance Comparison

Each benchmark was run when the average load was less than 0.1. For each of the sbc-bench runs the full results uploaded to http://ix.io were checked for throttling and noted in the table. Slight throttling occurred on the X45 and NUC7PJYH whereas the X55 CPU got the hottest and suffered the most throttling as a consequence. The I/O read speeds for the Beelink X45 and X55 devices were nearly half that of the other devices which was also highlighted by the Phoronix IOzone test. The memory benchmark results were lower for the X45 as a result of only having 4GB of RAM and the consequence of this can be seen reflected in other test results.

Quick List Of Top Linux Virtualization Software

Let’s have a look into the list of some of the best and top Linux virtualization software for everyone.

Phoronix Test Suite 9.0 Milestone 1 Delivers New Result Viewer, Other Features

Two months have already passed since the release of Phoronix Test Suite 8.8 while today marks the first development snapshot/milestone of the next quarterly feature update, Phoronix Test Suite 9.0-Asker.

Rcpp 1.0.2: Small Polish

The second maintenance release of Rcpp, following up on the 10th anniversary and the 1.0.0. release, was prepared last Saturday and released to both the Rcpp drat repo and CRAN. Following all the manual inspection (including a false positive result from reverse dependencies), it has finally arrived on CRAN earlier today. The corresponding Debian package was also uploaded, and binaries have since been built.

Just like for Rcpp 1.0.1, we have a four month gap between releases which seems appropriate given both the changes still being made (see below) and the relative stability of Rcpp. It still takes work to release this as we run multiple extensive sets of reverse dependency checks so maybe one day we will switch to six month cycle.

desktop-file-utils 0.24 released

One thing one can do in this amazing summer heat, is cut the 0.24 release of desktop-file-utils. It’s rather a small thing, but since the last few releases have been happening at roughly three-year intervals I felt it merited a quick post.

Build Kubernetes Operators from Helm Charts in 5 steps

Job Control: the Bash Feature You Only Think You Don’t Need

Locate Command in Linux

Line Separator That is Width of Terminal

Nagios configuration and installation step by step

OpenShift Pipelines Tutorial using Tekton

Renumber a list after inserting a line

Tweet Directly from Ubuntu Terminal through Rainbow Stream

Using Docker Volumes

What To Do After Installing Debian 10 GNOME Edition

Using iptables-nft: a hybrid Linux firewall

How to install Ubuntu apps offline

How to install Fedora apps offline

How to install Deepin 15.11

How to Install Netflix in Kodi on Ubuntu and Debian

How to Install Kanboard Project Management Software on Debian 10

Getting started with ls

Getting started with AI

Jupiter Hell has a new crazy trailer ahead of the Early Access release on August 1st

ChaosForge have managed to craft something quite special here with Jupiter Hell. Saying it’s a turn-based roguelike DOOM would be a reasonably fitting description, but you need to play it to appreciate it.

The release date of August 1st for Early Access was announced previously and they’re sticking to it, with a new trailer going up today. Feast your eyes on this, just make sure to turn the volume up a notch:

SDL 2.0.10 Released With New APIs, Drops Mir In Favor Of Wayland

As the first Simple DirectMedia Layer release of 2019, SDL 2.0.10 has debuted today for this library that’s widely used by cross-platform games including as part of the Steam run-time.

SDL 2.0.10 brings a number of new APIs (including some SIMD APIs around memory allocation and separately new floating point precision rendering APIs), batched rendering is now used by SDL’s rendering API by default, and improved handling of WAV and BMP files to fix potential security problems.

The unique dice-rolling, deck-building roguelike “Dicey Dungeons” is releasing on August 13th

Dicey Dungeons from Terry Cavanagh (Super Hexagon and VVVVVV), chipzel, and Marlowe Dobbe now has a confirmed release date of August 13th.

This unique roguelike is truly nothing like the others. Think you’re a master at Slay the Spire? Well, Dicey Dungeons is a different kind of beast. You have cards for abilities, sure, but you actually have to roll your dice to the correct numbers to activate them and it’s all kinds of awesome.

GNOME Desktop/GTK

• GNOME 3.34 Desktop Environment Gets Fourth Snapshot, Beta Is Coming Early August

  GNOME 3.33.4, the fourth development release in the GNOME 3.34 series, has been released by Javier Jardón on July 24th instead of July 18th as initially planned because of some problems with module dependencies and other unexpected things like summer vacations and travelling.

  It comes with various updated core components and apps for the community to test and send feedback before the GNOME 3.34 desktop environment enters beta testing in early August, along with the “Feature Freeze” and “UI Freeze” development stages, currently scheduled for the 5th of August.

• Dash to Panel Just Got a Major Update

  A brand new version of the Dash to Panel GNOME Shell extension is now available — and it features some great changes.

  For those unaware, Dash to Panel is a popular Dash to Dock alternative that marries the GNOME Shell Dash and the GNOME Top Bar into a single, unified panel (think the Windows or Plasma 5 desktops).

  Dash to Panel v20 is the first major update to the extension since last December.

  The update introduces, among some smaller changes, a slate of window preview enhancements, such as a revised version of the slick preview morphing animation we previewed back in June.

  Users also get more control over the appearance of window previews, with settings to adjust the size, padding, opacity, button location, header visible and font style (!) all debuting in this release.

• Documentation at the West Coast Hackfest

  Thursday, the first day, we had a brainstorming session. We triaged and then started attacking the GitLab issues for gnome-user-docs. Over the hackfest, we reduced 28 outstanding issues to 12.5. This entailed 33 commits and 105+ user help pages modified (in addition to a few pages in the Sys Admin Guide, and the wiki).

Clear Linux Moving Ahead With Their Third-Party Packaging Support

In recent months we’ve heard of Intel engineers working on better supporting third-party packages on Clear Linux that would be akin to Arch’s AUR, Ubuntu’s PPA, or Fedora’s Copr systems for allowing unofficial/third-party packages to be more easily made available particularly in cases of closed-source software. It looks like that internally that system is now in beta as they work towards having more software available on Clear Linux.

In response to a mailing list question over whether Clear Linux has any ambitions for a commercial edition and to use the likes of Intel’s commercial software offerings on Clear Linux, Intel’s Arjan van de Ven commented on those prospects.

New Releases

• LibreELEC (Leia) 9.1.002 ALPHA

  LibreELEC 9.1.002 (Leia) has arrived based upon Kodi v18.3, the 9.1.002 release contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support.

Fedora Family

• Now available: The user preview release of Fedora CoreOS

  Red Hat, along with the Fedora Community, are excited to announce that the first user preview release of Fedora CoreOS is now available! First announced at Red Hat Summit 2018, Fedora CoreOS is an operating system aimed at providing a fully automated experience for cloud-native and container workloads. It brings together the latest Linux innovations from the Fedora community and key CoreOS components like Ignition, with the latest Open Container Initiative (OCI) technology for running containers.

  Much like its predecessor, Container Linux, Fedora CoreOS shares many of the same design goals around automatic and transactional updates, multiple release streams for canary nodes and a declarative provisioning configuration that is platform agnostic. The Fedora CoreOS team also intends to expand its functionality to support for OKD, full SELinux support and other innovations.

• Fedora’s ARM SIG Is Looking At Making An AArch64 Xfce Desktop Spin

  Another late change proposal being talked about for this autumn’s Fedora 31 release is introducing a 64-bit ARM (AArch64) Xfce desktop spin.

  Fedora’s ARM special interest group already maintains an AArch64 minimal spin, a server spin, and Fedora Workstation complete with the GNOME Shell desktop. This proposed Xfce desktop image for 64-bit Arm SoCs would be catering towards lighter-weight SBCs/systems not capable or interested in running a full workstation desktop.

Debian Family

• Collabora & Debian 10 (Buster)

  The latest and greatest version of Debian, 10.0, also known as “Buster”, was released earlier this month. Along with it came a number of significant improvements and updates, notably UEFI Secure Boot now being available, as well as a GNOME Shell defaulting to Wayland. You can read more these new features in the release notes.

  With DebConf19, the annual conference for Debian contributors and users, in full swing this week in Curitiba, Brazil, what better time to look at the contributions made by Collaborans to this latest Debian release!

• SparkyLinux 5.8 Is Out as First Release Based on Debian GNU/Linux 10 “Buster”

  SparkyLinux 5.8 continues the SparkyLinux 5.x “Nibiru” series, a rolling release version of this Debian-based operating system that lets users install once and receive updates forever. However, SparkyLinux 5.8 being based on Debian GNU/Linux 10 “Buster,” it is recommended for fresh installations too.

  Powered by the Linux 4.19.37-5 kernel on 32-bit (i686) and 64-bit (amd64), as well as Linux kernel 4.19.57-v7+ on ARMhf, the SparkyLinux 5.8 “Nibiru” release is synced with the Debian GNU/Linux 10 “Buster” stable software repositories as of July 14th, 2019. It ships with Xfce, LXQt, Openbox, and CLI editions.

Canonical/Ubuntu Family

• BT Taps Canonical to Boost NFV on 5G Core

  BT, the United Kingdom-based telecom provider, is starting to put the pieces together for a 5G core that it plans to introduce in 2022. The company tapped Canonical to provide the open source virtual infrastructure manager that will be part of BT’s NFV program.

  Canonical develops and manages Ubuntu, the open source operating system, and has extended the capabilities of that platform on its Charmed OpenStack architecture, which facilitates private clouds running on Ubuntu. The announcement dovetails a similar contract BT landed in June with Juniper Networks to support its move to a cloud-based, unified, and virtualized network infrastructure.

  “BT’s 5G core will be built on Canonical’s Charmed OpenStack and utilize Canonical’s open source tools to automate the deployment and operations of its infrastructure,” Neil McRae, BT Group’s chief architect, wrote in response to questions. BT will also use Ubuntu Advantage, Canonical’s service package for Ubuntu, for ongoing management and support of its 5G core, McRae explained.

• Canonical’s Ubuntu OpenStack Architecture to Empower BT’s Next-Gen 5G Cloud Core

  BT’s next-generation 5G Core network will be built on Canonical’s Charmed OpenStack architecture on Ubuntu Linux. The company will also use all the open-source tools provided by Canonical, such as Charms, Juju, and MAAS, to automate the deployment and operations of their infrastructure, as well as for virtual network functions (VNFs) apps.

  “BT has recognised the efficiency, flexibility and innovation afforded by an open architecture, and realises the value of such an approach in enabling its delivery of new 5G services. We’re delighted to be working with them to deliver the foundation to this approach, which will underpin BT’s 5G strategy,” said Mark Shuttleworth, CEO of Canonical.

• British Telecom Embraces Open Source And Canonical’s OpenStack To Power Its 5G Network
  

  The future of telecommunications network is software-defined. Everything has been virtualized – compute, storage and network. And Open Source technologies like OpenStack and Linux are powering the software-defined networks.

  British Telecom (BT), one of the biggest telecom providers of the UK is Open Source technologies to power its next-generation 5G network.

Pinebook Pro Lap goes on pre-order for $199 with new twist: privacy switches

Pine64 has opened $199 pre-orders on its open-spec, 14-inch Pinebook Pro laptop, which runs Linux on a Rockchip RK3399 and features 3x privacy switches. The Rock64 Rev 3, PineTab tablet, PinePhone should follow shortly.

As promised in a July 5 blog announcement, Pine64 has opened pre-orders for $199 on its 14-inch Pinebook Pro laptop, the follow-on to the original 11.6-inch Pinebook. No ship date was listed, and although Pine64 billed the Pinebook Pro as a commercial product compared to the small batch, developer-focused Pinebook, the company warns that the first batch is likely to have some rough edges.

$200 Linux Laptop Pinebook Pro is Available for Pre-order

Pinebook Pro is an inexpensive Linux laptop with modest configuration and a price tag of just $200. Pre-order for this device is open now.

Pine64 is a popular name among the single board computer enthusiasts. It gained its fame with its $15 PINE A 64 Raspberry Pi alternative device. Since then it has formed a substantial open source community around its products.

A couple of years ago, Pine64 launched a low-end Linux laptop called Pinebook. It was basically a single board computer inside a plastic laptop body. The experimental device cost just $89.

Pine64 has now improved the specification of this inexpensive Linux laptop with the launch of Pinebook Pro.

Consent Matters: When Tech Takes Remote Control Without Your Permission

In my previous post I talked about why consent matters when it comes to privacy; and yet, privacy is only one of the areas where tech companies take advantage of users without their consent. Recently, tech companies have come to a troubling consensus: that they can change your computer, remotely (and often silently) without your knowledge or permission.

[...]

Anyone who has ever worked for a large company in the computer age has experienced first-hand the authoritarian, controlling, and restrictive policies that IT employs to manage company computers. Starting with centralized systems like Active Directory, IT teams were able to create policies that controlled what sorts of passwords employees could use and whether employees could install applications, access printers, and even, in some cases, insert USB drives.

These centralized tools have evolved over the years: they can now add and remove files, install new software and software updates, remotely control machines over the network in order to view what’s on their screens and access local files. This controls extends into Active Management Technology features embedded into the Intel Management Engine, that lets administrators remotely control computers even if they are turned off. Now that smartphones are critical tools in many organizations, MDM (Mobile Device Management) tools are also often employed at enterprises to bring those devices under a similar level of control–with the added benefit of using GPS to track employee phones even outside the office.

The most common justification for these policies is convenience. If you are an IT department and have thousands of employees–each with at least one computer and one smartphone that you need to support–one of the ways to make sure that the appropriate software is on the systems, and updates get applied, is to push them from a central location. Companies often have custom in-house software their employees rely on to do their jobs, and throughout the life of the company more tools are added to their toolbox. You can’t expect the IT team to go desk-by-desk installing software by hand when you have thousands of employees working at offices all over the world: when an employee’s computer breaks, these same tools make it easy for IT to replace the computer so the employee can get back to work quickly.

The main justification for the strictest–and most controlling–IT policies isn’t convenience, though: it’s security. IT pushes software updates for protection against security bugs. They push anti-virus, anti-malware and remote monitoring tools, to protect both employee and company from dangerous email attachments, from software they might download from their web browser. IT removes local administrative privileges from employees in the name of protecting them from installing malware (and, practically speaking, from installing games and other time-wasting apps). They disable USB storage devices so employees can’t insert disks containing malware or copy off sensitive company documents. Each of these practices have valid reasons behind them for companies facing certain threats.

i.MX8M Mini module offers a choice of two carrier boards

Emtrion’s “emCON-MX8MM” SODIMM module runs Linux on an up to quad -A53 i.MX8M Mini SoC with 4GB LPDDR4 and 16GB eMMC. The module is available with Avari and Bvari carrier boards.

Emtrion, which recently launched a emSTAMP-Argon module and emSBC argon SBC with an STM32MP157 SoC, has now posted a product page for a SODIMM-style emCON-MX8MM module that features NXP’s i.MX8M Mini. The up to quad-core, Cortex-A53 SoC, which features a 400MHz Cortex-M4 chip and 3D GPU with HD video support has appeared on a number of compute modules, including the recent Keith & Koep Trizeps VIII Mini.

Rugged Apollo Lake mini-PCIe packs a lot into a small package

Advantech’s fanless, Linux-friendly “EPC-U2117” mini-PC has an Apollo Lake SoC, 2x GbE, 4x USB 3.0, and 2x serial, plus SATA, HDMI, DP, CAN, mini-PCIe, M.2, and extended temp support.

It’s amazing what you can fit into a compact embedded computer these days. Advantech’s “preliminary,” Intel Apollo Lake based EPC-U2117 mini-PC, for example, hits pretty much all the I/O food groups while maintaining a slim 170 x 117 x 52.6mm footprints. The device is aimed at smart kiosk, smart vending machine, and digital signage, but with its wide-range, 12-24V power input, optional -20 to 60°C support, and shock and vibration resistance, it could find its way into more hard-core industrial applications.

Mobile Systems/Mobile Applications

• Sailfish OS 3.1 Released As Jolla’s Biggest Update In A Year

Allied Vision announces partnership with Antmicro to develop open-source based edge computing systems

Allied Vision, a global provider of industrial camera solutions and Antmicro, a software-driven embedded technology company developing open-source based edge computing systems, have announced a strategic partnership to drive their common goals in building complex and portable vision systems.

The announcement is made to underline the ongoing collaboration between the companies that started with the joint demonstration of a successful technology integration between Allied Vision’s revolutionary Alvium camera series and Antmicro’s real-time deep learning object detection system based on the NVIDIA Jetson Xavier edge computing platform. The collaboration between Antmicro and Allied Vision in the embedded software domain was since extended to cover the entire NVIDIA Jetson series including the Jetson Nano board, as well as multiple platforms from NXP.

Events

• Ubucon Europe 2019: 2nd Call For Volunteers

  We are just less than 3 months from the big event UbuconEU2019 and it’s time to reinforce the dissemination of the event and call for the participation of volunteers.

  Yes, we need your support now, during and after the event. Check out Trello to see where you can help and mark your support on the day of the event by signing up here.

Web Browsers

• Mozilla

  • Mozilla debuts implementation of WebThings Gateway open source router firmware

    For the better part of two years, the folks at Mozilla have been diligently chipping away at Mozilla WebThings, an open implementation of the World Wide Web Consortium’s (W3C) Web of Things standard for monitoring and controlling connected devices. In April, it gained a number of powerful logging, alarm, and networking features, and today, a revamped component of WebThings — WebThings Gateway, a privacy- and security-focused software distribution for smart home gateways — formally debuted.

    Experimental builds of WebThings Gateway 0.9 are available on GitHub for the Turris Omnia router, with expanded support for routers and developer boards to come down the line. (Separately, there’s a new build compatible with the recently announced Raspberry Pi 4.) Mozilla notes that it currently only offers “extremely basic” router configuration and cautions against replacing existing firmware, but the company says that it’s a noteworthy milestone in its path to creating a full software distribution for wireless routers.

Openness/Sharing/Collaboration

• Open Data

  • Top 20 Best Machine Learning Datasets for Practicing Applied ML

    We all know that to build up a machine learning project, we need a dataset. Generally, these machine learning datasets are used for research purpose. A dataset is the collection of homogeneous data. Dataset is used to train and evaluate the machine learning model. It plays a vital role to build up an efficient and reliable system. If your dataset is noise-free and standard, then your system will give better accuracy. However, at present, we are enriched with numerous datasets. It can be business-related data, or it can be medical data and many more. However, the actual problem is to find out the relevant ones according to the system requirements.

  • Here’s what you need to know about IBM’s new open-source Data Asset Exchange for AI

    IBM’s Center for Open-Source Data and AI Technologies (CODAIT) recently unveiled a pair of carefully curated databases designed to provide machine learning developers models and datasets for AI projects.

    MAX, or Model Assets Exchange, is an online open-source repository for trainable/deployable AI models. You don’t necessarily have to be an AI expert to use the database – there’s even a tutorial that’ll walk you through developing an AI that can write captions – but some of the models available will probably only appeal to enterprise developers.

• Open Hardware/Modding

  • Alibaba Chip Subsidiary Launches First Product Using Open-Source Architecture

    Alibaba’s chip-making subsidiary Pingtouge launched its first product on Thursday: chip processor XuanTie 910, which uses open-source architecture.

    The processor will be used in applications including 5G telecommunications, artificial intelligence, and autonomous driving, and can lower the costs of related chip production by more than 50%, Alibaba said. Alibaba told Caixin the processor from Pingtouge, which is also known as T-Head, will soon be available for commercial sale, without providing a timetable or price range.

    Notably, the processor uses the RISC-V instruction set architecture (ISA)—key programming infrastructure that decides how a device functions. Developers are allowed to build their own products using the Berkeley-based open-source ISA, with few intellectual property restrictions.

Programming/Development

• Wing Python IDE 7.1 – July 25, 2019

  Wing 7.1 adds support for Python 3.8, warns about unused symbols, improves code warnings configuration, adds new auto-completer, project, and source browser icons, supports Dark Mode on OS X, and makes other improvements.

• PyPy Development: PyPy JIT for Aarch64

  y for AArch64. This port brings PyPy’s high-performance just-in-time compiler to the AArch64 platform, also known as 64-bit ARM. With the addition of AArch64, PyPy now supports a total of 6 architectures: x86 (32 & 64bit), ARM (32 & 64bit), PPC64, and s390x. The AArch64 work was funded by ARM Holdings Ltd. and Crossbar.io.

  PyPy has a good record of boosting the performance of Python programs on the existing platforms. To show how well the new PyPy port performs, we compare the performance of PyPy against CPython on a set of benchmarks. As a point of comparison, we include the results of PyPy on x86_64.

• Swift is 2 to 4 times faster than any competitor

  Interesting. It should be noted that performance of Swift is a great match for some workloads, but not for others. In particluar, Swift is weak on small-file workloads, such as Gnocchi, which writes a ton of 16-byte objects again and again. The overhead is a killer there, and not just on the wire: Swift has to update its accounting databases each and every time a write is done, so that “swift stat” shows things like quotas. Swift is also not particularly good at HPC-style workloads, which benefit from a great bisectional bandwidth, because we transfer all user data through so-called “proxy” servers. Unlike e.g. Ceph, Swift keeps the cluster topology hidden from the client, while a Ceph client actually tracks the ring changes, placement groups and their leaders, etc.. But as we can see, once the object sizes start climbing and the number of clients increases, Swift rapidly approaches the wire speed.

‘Critical’ vulnerability in VLC Media Player downgraded after VideoLAN claims the flaw was fixed 16 months ago

A ‘critical’ security flaw in VLC Media Player has been downgraded after the organisation behind the popular app claimed that the issue had already been fixed.

The NIST National Vulnerability Database has slashed its rating for CVE-2019-13615 from 9.8 to 5.5 and “is awaiting re-analysis which may result in further changes to the information provided” after VideoLAN, the not-for-profit open-source organisation behind VLC Media Player, complained that the advisories and associated CVEs were wrong.

Taking to Twitter, VideoLAN blamed a reporter for running VLC on an old version of Ubuntu with out-of-date libraries, and security firm MITRE for issuing a CVE before the reporter’s claims could be examined by VideoLAN.

VLC media player affected by a major vulnerability in a 3rd library, libebml; updating to the latest version may help

A few days ago, a German security agency CERT-Bund revealed it had found a Remote Code Execution (RCE) flaw in the popular open-source, VLC Media Player allowing hackers to install, modify, or run any software on a victim’s device without their authority and could also be used to disclose files on the host system.

The vulnerability (listed as CVE-2019-13615) was first announced by WinFuture and received a vulnerability score of 9.8 making it a “critical” problem.

According to a release by CERT-Bund, “A remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files.”

VLC media player has a critical security vulnerability [Ed: False headline at a time they should know better]

VLC Player Major Security Vulnerability Quickly Fixed By The Devs

VLC Vulnerability Enables Hackers To Hijack Your PC; Issue Has Now Been Fixed

EvilGnome – Linux malware aimed at your laptop, not your servers [Ed: A threat that you need to actually install]

Some of our readers asked us this week, “What do you guys think of EvilGnome?”

#ICYMI, EvilGnome is a recent malware sample that’s made a few headlines, and although we haven’t seen any examples of it actually popping up in the wild, we thought we’d answer the question anyway.

Because Linux!

As you probably know, Linux malware and hacked Linux systems are very common, for the simple reason that most of the servers that power today’s internet run Linux in some form.

If you’re a cybercrook who wants to spread your Windows malware widely – keyloggers, for example, or banking Trojans, or other network nasties that thieve people’s digital stuff so it can be sold on to the next crook on the cyberunderground…

Original Cult of the Dead Cow Members Keep it “Wacky, Weird, and Wild” to Celebrate Joseph Menn’s Newest Book

On June 18, the Internet Archive hosted a reading and panel discussion in celebration of Joseph Menn’s new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World.

As the evening’s event began, an archived video of Cult of the Dead Cow (cDc) interviews from 1996 played silently on a wall-mounted TV, featuring some of the very same original members who would be a part of that evening’s panel. In addition to the strong turnout at the Internet Archive itself, those unable to attend in person were able to watch the event livestreamed on the Internet Archive’s Youtube channel. Guests enjoyed light refreshments and mingled before moving into the main auditorium to be welcomed by Internet Archive founder Brewster Kahle. After sharing a brief history of the Internet Archive’s mission, Executive Director of the Electronic Frontier Foundation Cindy Cohn took the stage as MC for the evening.

Cohn expressed the importance of remembering the “wacky, weird, and wild” history of Internet security, and acknowledged the cDc’s contributions to improving the community before introducing Joseph Menn to the stage. Menn recounted the beginning of cDc and cybersecurity by highlighting notable hackers and their contributions throughout the years, including crediting the cDc with coining the term “hacktivism” by “using it at every interview they could at DEFCON to get it into the English language.” Looking forward, he went on to express how “the rank-and-file in Silicon Valley now are the most important heirs of the cDc’s tradition of critical moral thinking.”

Security updates for Thursday

Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), Debian (exim4), Fedora (java-latest-openjdk), openSUSE (libsass, tomcat, and ucode-intel), Oracle (java-1.7.0-openjdk and thunderbird), SUSE (OpenEXR, spamassassin, and thunderbird), and Ubuntu (ansible and patch).

UTSA Launches Open Source Software To Protect Users On AWS

The University of Texas at San Antonio (UTSA) has launched an open source user computer environment for Amazon Cloud called Galahad. UTSA is also working to expand its capabilities to support OpenStack software.

Energy

• North Dakota, Montana Launch New Fight Over Moving Volatile Bakken Oil by Rail

  The oil industry in North Dakota and Montana — home to the prolific Bakken Shale Formation — faces an “impossible choice.” That’s according to a new petition to federal regulators from the attorneys general of North Dakota and Montana, in response to a Washington state law that aims to prevent trains hauling oil through the state from derailing and exploding.

  That choice is to either remove the volatile components, such as butane, from Bakken crude oil before being loaded into rail tank cars, or send the volatile oil to other, harder-to-reach markets because — as the petition argues — removing the butane would cut into oil producers’ profits, and almost 60 percent of the crude leaving North Dakota by rail goes to Washington refineries.

• As Risky Finances Alienate Investors, Fracking Companies Look to Retirement Funds for Cash

  A year ago, Chesapeake Energy, at one time the nation’s largest natural gas producer, announced it was selling off its Ohio Utica shale drilling rights in a $2 billion deal with a little-known private company based in Houston, Texas, Encino Acquisition Partners.

  For Chesapeake, the deal offered a way to pay off some of its debts, incurred as its former CEO, “Shale King” Aubrey McClendon, led Chesapeake on a disastrous shale drilling spree. Shares of Chesapeake Energy, which in the early days of the fracking boom traded in the $20 to $30 a share range, are now valued at a little more than $1.50.

  Encino has marketed itself as a stable source of long-term returns (something the industry overall has struggled so far to create), attracting the managers of one of the world’s largest pension funds to drill and frack the land that Chesapeake sold off to repay its enormous debts from fracking nationwide.

The NYT’s Six Percent Solution for Student Debt

That’s the message of a piece in The Upshot (7/24/19)—the New York Times‘ project aimed at “examining politics, policy and everyday life in new ways”—written by Kevin Carey, who directs education policy at the New America foundation. (New America’s higher education program is largely funded by Bill and Melinda Gates.)

William Barr Turns Up The Heat On The DOJ’s Anti-Encryption Rhetoric

The DOJ has now spent more than a year dodging an obligation it created itself. For years, FBI directors and DOJ officials have told anyone who’d listen — conference attendees, Congressional reps, law enforcement officials — the world was going dark. Device encryption was making it far more difficult for the FBI to collect evidence from seized devices and the problem was escalating exponentially.

It wasn’t. Every new “going dark” speech contained a larger number of impenetrable devices the FBI was sure contained all sorts of juicy evidence. When the FBI was asked about these devices by members of Congress, it finally decided to take a look at its numbers. The numbers were wrong. The FBI said there were around 8,000 locked devices in its possession. In reality, the number is probably less than 2,500.

The problem is we don’t actually know what the correct number is. The DOJ has been promising an update since May 2018, but it has yet to release this number. Instead, it has released the mouth of its top man — William Barr, a longtime fan of domestic surveillance.

US attorney general William Barr says Americans should accept security risks of encryption backdoors

Adblocking: How About Nah?

For more than a decade, consumer rights groups (including EFF) worked with technologists and companies to try to standardize Do Not Track, a flag that browsers could send to online companies signaling that their users did not want their browsing activity tracked. Despite long hours and backing from the FTC, foot-dragging from the browser vendors and outright hostility from the big online media companies mean that setting Do Not Track in your browser does virtually nothing to protect your privacy.

Do Not Track grew out of widespread public concern over invasive “behavioral advertising” that relied on tracking to target ads; despite a generation of promises from the ad industry that consumers would welcome more relevant advertising, the consistent result has been that users are freaked out by “relevant” ads because they understand that relevancy is synonymous with privacy invasion. Nothing is so creepy as ads for a product you looked into earlier following you from site to site, then from app to app, as you are tracked and retargeted by a desperate vendor’s algorithm.

Internet users didn’t take this situation lying down. They wanted to use the Web, but not be tracked, and so they started to install ad-blockers. A lot of ad-blockers, and more every year.

Ad-blockers don’t just stop users from seeing ads and being tracked (and indeed, some ad-blockers actually track users!). They can also stop the publishers and marketers who rely on tracking and ad-clicks from earning money. Predictably, industry responded with ad-blocker-blockers, which prevented users from seeing their sites unless they turned off their ad-blocker.

You’ll never guess what happened next.

Fixed? The FTC Orders Facebook to Stop Using Your 2FA Number for Ads

Since academics and investigative journalists first reported last year that Facebook was using people’s two-factor authentication numbers and “shadow” contact information for targeted advertising, Facebook has shown little public interest in fixing this critical problem. Subsequent demands that Facebook stop all non-essential uses of these phone numbers, and public revelations that Facebook’s phone number abuse was even worse than initially reported, failed to move the company to action.

Yesterday, rather than face a lawsuit from FTC, Facebook agreed to stop the most egregious of these practices.

FTC Opens Antitrust Investigation of Facebook

Facebook has disclosed that the Federal Trade Commission opened an antitrust investigation into the company. In a recent statement for a Senate Judiciary committee hearing on antitrust, EPIC wrote that “companies that protect user privacy are being absorbed by companies that do not protect privacy.” EPIC pointed to the Facebook-WhatsApp deal and the failure of the FTC to protect the personal data of WhatsApp users after the merger.

Cop Claims His Shooting Of An Unarmed Man Gave Him PTSD, Walks Off With A Medical Pension

Very few law enforcement agencies take accountability seriously. Even when officers are held responsible for wrongdoing, their employers find ways to soften the blow. Powerful police unions make the situation worse. The gap between officers and accountability hasn’t really shrunk, no matter how many recording devices we’ve attached to them or boards we’ve appointed to oversee them.

Nothing is going to improve if things like this keep happening. The backstory is this: Officer Philip Brailsford responded to call about a man in a hotel room with a gun. That man happened to be Daniel Shaver. Shaver killed pests so he owned pellet guns — one of which he had in the hotel room with him.

Within minutes of Officer Brailsford’s arrival, Daniel Shaver was dead — shot five times by Brailsford whose AR-15 was decorated with the phrase “You’re Fucked.”

Shaver was, indeed, fucked. He never had a chance to make it out of this confrontation alive. The video of his shooting shows Shaver never posed a threat. It shows Brailsford was the aggressor in this situation — laying down a steady stream of conflicting commands with the promise of death for any failure to comply.

Fitness Trackers and Smartwatches Don’t Correctly Track Heart Rate of People with Darker Skin

Microsoft recently came under fire for racial bias in their facial recognition technology. This wasn’t something they aimed to do but was the result of their training methods of the software. They worked on fixing the problem after it was recognized.

Unsealed Warrant Shows SFPD Officer Misled Court About Journalist’s Occupation

One of the search warrants used by the San Francisco police department to go after a journalist for documents a PD employee leaked has been released. This is only one of the five warrants targeting “stringer” Bryan Carmody, whose house was raided by the SFPD back in May.

This search warrant targeted Carmody’s phone records. It was granted on March 1st, allowing the SFPD to obtain records from Verizon. This was done supposedly to track down which cop called Carmody over a two-day period prior to the release of the leaked document to California news agencies.

Copyrights

• Popular Stream-Ripping Site Declines To Play Whac-A-Mole With YouTube

  We have been talking these past few weeks about a strange game of whac-a-mole currently being played between YouTube and a whole bunch of stream-ripping websites. While stream-ripping sites have been targeted by the music industry specifically for some time now, despite a wide range of non-infringing uses of such technology, it was only recently that YouTube decided to participate in all of this by blocking access to its platform for many of these sites. Built around claims of ToS violations, it’s fairly clear that YouTube’s actual goal in all of this is to appear to be attempting to bow to the music industry’s wishes. Despite the blocks, many of these sites have managed to route around the blockade, thus the game of whac-a-mole.

• The Death Of Ownership: Educational Publishing Giant Pearson To Do Away With Print Textbooks (That Can Be Resold)

  It sometimes is difficult to get people to understand just how >utterly insane the college textbook market is. You have a captive audience who has no choice but to purchase what the professor requires (which is why it’s doubly lame when professors require their own books). But even people who went to college a few decades ago may not be aware of just how much textbook prices have kept rising. A study from 2015 showed that college textbook prices had risen over 1000% since 1977. 1,000%.