Bonum Certa Men Certa

Links 1/8/2019: Xfce 4.14 Coming Soon, Flock Reports



  • GNU/Linux

    • Server

      • No More Sleepless Nights and Long Weekends Doing Maintenance

        Datacenter maintenance – you dread it, right? Staying up all night to make sure everything runs smoothly and nothing crashes, or possibly losing an entire weekend to maintenance if something goes wrong. Managing your datacenter can be a real drag. But it doesn’t have to be that way.

        At SUSECON 2019, Raine and Stephen discussed how SUSE can help ease your pain with SUSE Manager, a little Salt and a few best practices for datacenter management and automation.

      • IBM

        • The Secret to a Secure Multicloud Enterprise Is Open Source

          As a lifelong engineer, my career has been dramatically impacted by the open source movement, along with those of my fellow engineers. Growing up in a business environment where closed platforms once dominated, many of us had to recalibrate our thinking as the open source revolution in the 90’s unfolded.

          While it is often considered a development concept, I’ve witnessed firsthand how it has extended out of its technical roots to shape the culture of business.

          Innovation is one of the better-known benefits of crowd-contributed code — or open source — but what about security? Can open source improve or enhance your security posture?

        • Fedora Has Formed A Minimization Team To Work On Shrinking Packaged Software

          The newest initiative within the Fedora camp is a "Minimization Team" seeking to reduce the size of packaged applications, run-times, and other software available on Fedora Linux.

          The hope of the Fedora Minimization Team is that they can lead to smaller containers, eliminating package dependencies where not necessary, and reducing the patching foot-print.

        • DevNation Live: Easily secure your cloud-native microservices with Keycloak

          DevNation Live tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about Keycloak from Sébastien Blanc, Principal Software Engineer at Red Hat.

          This tutorial will demonstrate how Keycloak can help you secure your microservices. Regardless of whether it’s a Node.js REST Endpoint, a PHP app, or a Quarkus service, Keycloak is completely agnostic of the technology being used by your services. Learn how to obtain a JWT token and how to propagate this token between your different secured services. We will also explain how to add fine-grained authorizations to these services.

    • Audiocasts/Shows

    • Kernel Space

      • Intel's Linux Graphics Driver Begins Preparing For Multi-GPU Support

        Up until now the Intel Linux graphics driver hasn't had to worry about supporting multiple devices concurrently since, well, it hasn't been a possibility. But with the first Intel Xe discrete GPU hardware expected to arrive next year, the "i915" kernel driver has begun seeing restructuring work to support multi-GPU setups, or what most commonly will be Intel integrated graphics paired with a discrete Xe GPU.

        For at least the first generation or two of Xe Graphics, the long-standing Intel "i915" Direct Rendering Manager driver will be used. This i915 DRM driver has been seeing changes over the past year to work towards the Xe support from introducing the concept of device local memory to other bits in prepping it for discrete GPU support. The latest in our close monitoring of Intel's patch activity is work on supporting multiple adapters with the driver concurrently.

      • Kernel analysis with bpftrace

        At the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) I gave a keynote on BPF observability that included a kernel issue I had debugged on Netflix production servers using bpftrace. In this article I'll provide a crash course on bpftrace for kernel developers—to help them more easily analyze their code.

        I was recently discussing tcp_sendmsg() with another developer who was concerned about large message sizes (such as 100 megabytes) causing failures. 100 MB?? I doubt Netflix is sending messages anywhere near that large in production.

      • 5.3 Merge window, part 2

        At the end of the 5.3 merge window, 12,608 non-merge changesets had been pulled into the mainline repository. Nearly 6,000 of those were pulled after the first-half summary was written. As expected, there was still a lot of material yet to be merged for this development cycle.

      • Accessing zoned block devices with zonefs

        Zoned block devices are quite different than the block devices most people are used to. The concept came from shingled magnetic recording (SMR) devices, which allow much higher density storage, but that extra capacity comes with a price: less flexibility. Zoned devices have regions (zones) that can only be written sequentially; there is no random access for writes to those zones. Linux already supports these devices, and filesystems are adding support as well, but some applications may want a simpler, more straightforward interface; that's what a new filesystem, zonefs, is targeting.

        Damien Le Moal posted an RFC patch series for zonefs to the linux-fsdevel mailing list in mid-July. He also spoke about zonefs at the Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) back in May. It is a way for applications to use the POSIX file API, "rather than relying on direct block device file ioctls and read/write". Applications that use log-structured merge-trees (such as RocksDB and LevelDB) will be able to use zoned block devices more easily via zonefs, Le Moal said.

        Zoned block devices typically have both conventional zones—those that allow normal random-access reads and writes—and sequential zones, which only allow writing to the end of the zone. Sequential zones each have a write pointer stored by the device that indicates where the next write operation will be done for that zone. Zonefs simply exposes the zones as files in its filesystem.

      • Steam Proposes Linux Kernel Changes To Improve Multi-Threaded Games

        Steam announced this week that it released the first build of Proton 4.11, which is based on WINE 4.11, the Linux utility that allows thousands of Windows games to run on Linux. The new version includes many bug fixes, as well as a new Vulkan-based implementation of Direct3D 9. Additionally, the new release includes functionality that could reduce the CPU overhead for multi-threaded games if Linux kernel developers adopt Steam's proposed changes to the kernel.

      • Linux Foundation

    • Applications

      • 4 best Linux sticky-note apps

        There are a lot of great sticky-note apps on the Linux platform that allows users to quickly paste thoughts, lists, and other important information to notes in the form of virtual Post-it notes. But what app is best? Let’s find out in this list of the 5 best Linux sticky-note apps for Linux!

      • crashstats-tools v1.0.1 released! cli for Crash Stats.

        I extracted two commands we have in the Socorro local dev environment as a separate Python project. This allows anyone to use those two commands without having to set up a Socorro local dev environment.

        The audience for this is pretty limited, but I think it'll help significantly for testing analysis tools.

        Say I'm working on an analysis tool that looks at crash report minidump files and does some additional analysis on it. I could use supersearch command to get me a list of crash ids to download data for and the fetch-data command to download the requisite data.

      • Daniel Stenberg: 2000 contributors

        At 7804 days since the birthday, it means one new contributor roughly every 4 days. For over 21 years. Kind of impressive when you think of it.

        A “contributor” here means everyone that has reported bugs, helped out with fixing bugs, written documentation or authored commits (and whom we recorded the name at the time it happened, but this is something we really make an effort to not miss out on). Out of the 2000 current contributors, 708 are recorded in git as authors.

        Plotted out on a graph, with the numbers from the RELEASE-NOTES over time we can see an almost linear growth. (The graph starts at 2005 because that’s when we started to log the number in that file.)

      • Multi-monitor wallpapers with Hydrapaper

        When using multiple monitors, by default, means that your desktop wallpaper is duplicated across all of your screens. However, with all that screen real-estate that a multiple monitor setup delivers, having a different wallpaper for each monitor is a nice way to brighten up your workspace even more.

        One manual workaround for getting different wallpapers on multiple monitors is to manually create it using something like the GIMP, cropping and positioning your backgrounds by hand. There is, however, a neat wallpaper manager called Hydrapaper that makes setting multiple wallpapers a breeze.

      • Proprietary

        • 0.14

          I type this on a Thinkpad t480s that I recently switched to from a lifetime of using Apple machines (literally grew up on Apple computers, shoutout to the Macintosh Classic!). I switched because it was time for a new machine and I didn't want to be using a faulty keyboard for the next 5 years.

          [...]

          I desperately miss macOS but the Apple laptop hardware has atrophied to such a degree that the software alone isn't worth it.

    • Instructionals/Technical

    • Games

      • Towertale, a story-driven 2D action game with a focus on big boss battles is coming to Linux

        With some absolutely insane looking action sequences, Towertale just recently released and they're planning to support Linux.

      • Valve add additional titles to the Steam Play Whitelist

        After recently pushing out a pretty big update to Steam Play with Proton 4.11, Valve have now added some additional titles to their Whitelist.

        What is the Whitelist? Currently, this is the list Valve have accepted to be shown as a game you can install in the Linux Steam client, without enabling Steam Play on your entire library. They are also set to a specific version of Proton by Valve, to hopefully give the best experience.

      • Gunslugs:Rogue Tactics, the tactical action-platformer confirmed for release on August 6th

        Possible one of the most interesting action-platformer games I've seen in a while, Gunslugs:Rogue Tactics is launching on August 6th.

        I'm a big fan (understatement) of games like Broforce, which focus heavily on over-the-top action and a lot of platformers simply go along and follow that design. This is why Gunslugs:Rogue Tactics has my attention, it doesn't seem like yet another platformer. Not only does it have some random generation, to keep things from feeling stale, it has a focus on tactical decision making and stealth on top of some ridiculous looking action of course.

      • Counter-Strike: Global Offensive adds new maps and a "Scrimmage" game mode

        Valve have updated Counter-Strike: Global Offensive to introduce some new maps as well as mix up competitive play with a new "Scrimmage" game mode.

        The Workout map has been removed, with Breach and Seaside making an appearance in Defusal Group Sigma. Breach, Seaside and Ruby have also been added as new "Scrimmage Maps" to official competitive matchmaking.

    • Desktop Environments/WMs

      • Xfce 4.14pre3 released!



        The final pre-release before Xfce 4.14 stable is out since two days ago so here goes a quick look at the most notable bugfixes. While this release was optional, we decided to give ourselves a little more time for bugfixes and translation updates to flow in, which results in sticking to the original plan of releasing 4.14 in mid-August.

      • Xfce 4.14 Should Finally Be Out By Mid-August - Final Testing Now With "Pre3"

        Xfce 4.12 was released in February 2015 while finally getting ready to succeed that is the long talked about Xfce 4.14 that is expected to ship this month.

        With Xfce 4.14, most of the Xfce components should now be in good shape following a lengthy GTK3 porting process from GTK2. Xfce 4.14 should be playing much better with the other latest upstream software components, improvements for display/multi-monitor setups, and a plethora of bugs got fixed along the way.

        Xfce 4.14.0 should be out in "mid-August" while Xfce 4.14pre3 was released this week as the anticipated final snapshot for testing.

      • GNOME Desktop/GTK

        • The Latest GNOME Performance Issue Being Addressed Are OpenGL Pipeline Stalls

          The latest upstream GNOME performance shortcomings being investigated by prolific contributor Daniel Van Vugt of Canonical are OpenGL pipeline stalls.

          Van Vugt continues working on some terrific upstream contributions to GNOME for improving the default desktop of Ubuntu. As is the case with most of his GNOME work, it's in the area of bettering the performance by often addressing various long-standing bugs. On top of his other fixes so far for GNOME 3.34, he has been investigating OpenGL pipeline stalls most recently. These OpenGL pipeline stalls lead to frame skips and limiting the frame-rate when such situations occur.

        • Christian Hergert: Sysprof Updates

          I just uploaded the sysprof-3.33.4 tarball as we progress towards 3.34. This alpha release has some interesting new features that some of you may find interesting as you continue your quests to improve the performance of your system by improving the software running upon it.

          [...]

          Thanks to the West Coast Hackfest, I had a chance to sit down with Matthias and work through that design. GtkLabel was already using some accelerated text rendering so we started by making that work for GtkTextView. Then we extended the GSK PangoRenderer to handle the rest of the needs of GtkTextView and Matthias re-implemented some features to avoid cairo fallbacks.

        • Sysprof Picks Up Profiling Support For CPU Power Consumption

          GNOME's Sysprof profiler continues on a trajectory of becoming an incredibly versatile component for developers looking to maximize performance and efficiency under this desktop environment. Sysprof already picked up a number of new features for GNOME 3.34 but work is not yet finished.

          This cycle has seen GTK4 and other components supporting Sysprof's new engine and other work to narrow down performance bottlenecks within the code.

    • Distributions

      • Sparky news 2019/07

        A few years ago, Sparky was releasing as a Rolling edition only, with no additional changes at its repositories required; it used just Debian & Sparky ‘testing’ repos.

        After added Sparky ‘stable’ line, the rolling/testing edition automatically becomes ‘stable’ when ready, so there is manual installation of ‘testing’ repos back required now. With this fact, make sure, Sparky Rolling is a Semi-Rolling edition now.

      • Mesa, ImageMagick, Plasma, Frameworks Update in Tumbleweed

        There have been three openSUSE Tumbleweed snapshots released since last week.

        The snapshots brought a single major version update and new versions of KDE’s Plasma and Frameworks.

        ImageMagick’s 7.0.8.56 version arrived in snapshot 20190730 and added support for the TIM2 image format, which is commonly used in PlayStation 2 and sometimes in PlayStation Portable games. The snapshot also delivered an update for Mesa 3D Graphics Library with version 19.1.3 that mostly provided fixes for ANV and RADV drivers, as well as NIR backend fixes. File searching tool catfish 1.4.8 provided some fixes with directories and a fix running on Wayland. The GNU Compiler Collection 7 added a patch and fixed for a Link Time Optimization (LTO) linker plugin. The 9.0.1 glu, which is the OpenGL Utility library for Mesa, fixed a possible memory leak. The Linux Kernel was updated to 5.2.3; the new version made a few fixes for PowerPC and added Bluetooth for some new devices. Serval Python packages were updated in the snapshot. LLVM tools and libraries were updated in Tumbleweed with llvm8 8.0.1 but the changelog states not to run LLVM tests on PowerPC because of sporadic hangs. The 2.4.7 version of openvpn in the snapshot added support for tls-ciphersuites for TLS 1.3 and updated openvpn.keyring with public key downloaded from https://swupdate.openvpn.net/community/keys/security-key-2019.asc. A lengthy list of fixes were made to the VIM text editor in version 8.1.1741. Other packages updated in the snapshot were ucode-intel 20190618, xapps 1.4.8, ypbind 2.6.1 and zstd 1.4.1. The snapshot is trending as moderately stable with a rating of 79, according to the Tumbleweed snapshot reviewer.

      • Screenshots/Screencasts

      • Fedora Family

        • Fedora Localization project status and horizons

          L10n (short for “localization”) is the Fedora sub-project dedicated to translation. It is unique in its form and organization because under this label are a set of autonomous teams of speakers. Some statistics will show you the reduction of our community, and invite you to come discuss with us at Flock.

          First, the number of unique contributors per week, by time in the project (based on the model of what Matthew Miller does in his “state of Fedora” talk each year at Flock).

        • Flock to Budapest
        • Modularity at Flock 2019

          There are three sessions ready that will help you decide when to make a module, how to make them, and a discussion about making everything Modularity work better.

        • Outreachy FHP week 7: Django, Docker, and fedora-messaging

          The main goal for the next half of the internship is deploying the project locally to Minishift and then in production on OpenShift. This will help see in effect the badges for Fedora Happiness Packet in action! I will also be preparing for the project showcase at the annual contributor summit, Flock to Fedora. As a stretch goal I hope to integrate the filter methods for the search option in archive.

      • Debian Family

        • Daniel Pocock: Mollamby, Conflicts of Interest vs Privacy

          As the Mollamby affair has emerged, some people have rushed to defend the privacy of Chris Lamb and Molly de Blanc or dismissed it as mere innuendo without understanding the ethical issues.

          What is the difference between innuendo and incrimination? Evidence.

          Privacy is a valid consideration, but it is not the only one. I delayed publishing my own blog about the subject while weighing the privacy implications against the ethical issues.

          Let's consider some of the evidence backing up the facts about Mollamby. Parts of the evidence have been redacted for the privacy of third parties but the material presented here accurately reflects the situation.

          [...]

          Notice that de Blanc does not mention her conflict of interest (romantic relationship with the DPL, Chris Lamb) in that email. Lamb never mentioned it either. Neither of them recused themselves. I was travelling that weekend and couldn't make time to join a hastily organized meeting. As boyfriend and girlfriend, they had a meeting without the rest of the Debian GSoC admin team. When the boyfriend is also the leader of the project and when the girlfriend's conduct is in question, is it any surprise that another volunteer is blamed and the girlfriend takes over the team?

          That email is the smoking gun: two people at the very top of the free software ecosystem (Debian and OSI) using a volunteer as a scapegoat for mistakes one of them had been party to.

          This farce is further compounded by the fact the original complaint was about conflicts of interest.

        • Sylvain Beucler: Debian LTS - July 2019
        • Paul Wise: FLOSS Activities July 2019

          The File::LibMagic, purple-discord, librecaptcha & harmony work was sponsored by my employer. All other work was done on a volunteer basis.

        • Kurt Kremitzki: Summer Update for FreeCAD & Debian Science Work

          Hello, and welcome to my "summer update" on my free software work on FreeCAD and the Debian Science team. I call it a summer update because it was winter when I last wrote, and quite some time has elapsed since I fell out of the monthly update habit. This is a high-level summary of what I've been working on since March.

        • Jonathan Carter: Free Software Activities (2019-07)

          There is really too much to write about that happened at DebConf, I hope to get some time and write seperate blog entries on those really soon.

      • Canonical/Ubuntu Family

        • Linux Mint 19.2 “Tina” now available for download

          lthough the official release of Linux Mint 19.2 “Tina” still awaits, its official ISO image is now available for download to give you a full taste of what’s to come.

          [...]

          Linux Mint 19.2 “Tina” is currently expected to have its official release later this week. But the availability of this ISO image opens the doors for people who can’t wait to get their hands on the revamped operating system. If you happen to be one of those individuals, go ahead and download the ISO image with the desktop environment of your choosing from the following link.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • On self-hosting the project

        Something that I cannot highlight often enough, but never did in writing is, that the IPFire Project is entirely self-hosted. We host all services for our developers and users ourselves. We do not use any big services from any third-parties and never share any user-data.

        This is quite important to myself and others in the team, because it has many implications that are not very easy to see: IPFire is being used by many individuals and organisations with a higher need for security. They are a regularly targeted. Although this is not a problem for the average user of IPFire, it still helps to keep a low-profile wherever possible.

      • An Update On Our Data Center Migration

        About two weeks ago we had some planned maintenance to move our servers from one rack to another. Let's just say that this did not go as planned. At all. And here is the story...

        [...]

        Our servers are running oVirt. Some virtualisation software from RedHat that looked pretty good when we set it up in around 2015. However, it was buggy, slow and caused us loads and loads of problems over time. We were at a point were a reboot of the servers was really dangerous because you always had to pray that everything came back up. Underneath we used GlusterFS for storage replication. Another piece of software that I personally do not trust any more.

        And so it came as we feared it: oVirt did not launch correctly after we restarted one of the servers. To not bore you with all the details, the engine (which is the machine that manages the whole cluster) did not want to start and it failed to connect to the nodes, so nothing worked.

        One part of the migration was to replace oVirt. This was sort of the right time to do it, but only after we have completed the physical move. We were going to use Proxmox in the future which was dearly recommended to me. We were prepared to reinstall one of the two servers there and then to transfer our virtual machines over. But we were not even lucky with that. Even the USB stick that we brought with a fresh image of Debian Buster was not found by the server's firmware. Great! Nothing, not even the little things like this worked.

        At this time, it was almost midnight and time was really running out. After finding another creative way to install the server with Debian, we were finally up and running and started migrating the virtual machines...

      • Github Has Restricted Accounts of Users from US Sanctioned Countries



        Github has started to restrict the accounts of users in US sanctioned countries including Iran, Cuba, North Korea, Syria, and disputed zones like Crimea.

      • Events

        • The Linux Application Summit is coming to Barcelona in November

          LAS 2019 will be held in Barcelona, Spain from November 12th to November 15th. Our Call for Participation opens on July 31st, and will run until August 18th.

          LAS is a conference focused on building an application market. Through LAS, the GNOME and KDE communities intend to help build an ecosystem that will encourage the creation of quality applications, seek ways of compensating application developers, and foster a thriving market for the Linux operating system. We are excited about combining our efforts in app development for Linux and we aim to take on an active role leading the way into the future.

        • Ubucon Europe 2019: Call for Papers – deadline extended!

          Yesterday was crazy in the submissions inbox, and first of all, we want to thank all the last minute submitters!

          Even though some of you reached out organization members and asked for a deadline extension, and, after a very long meeting and some thinking we decided to do it!

        • foss-north call for papers

          The summer is flying by and it is already August. The call for papers for foss-north IoT and Security Day is still open for a few more days, so make sure to get your talk in. We are looking for talks touching on connected embedded devices and how to do them securely.

        • Thomas Goirand: My work during DebCamp / DebConf

          Unfortunately, Horizon, the OpenStack dashboard, is currently still broken in Debian Sid. Indeed, since Django 1.11, the login() function in views.py has been deprecated in the favor of a LoginView class. And in Django 2.2, the support for the function has been removed. As a consequence, since the 9th of July, when Django 2.2 was uploaded, Horizon’s openstack_auth/views.py is boken. Upstream says they are targeting Django 2.2 for next February. That’s a way too late. Hopefully, someone will be able to fix this situation with me (it’s probably a bit too much for Django my skills). Once this is fixed, I’ll be able to work on all the Horizon plugins which are still in Experimental. Note that I already fixed all of Horizon’s reverse dependencies in Sid, but some of the patches need to be upstreamed.

      • Web Browsers

        • Mozilla

          • The latest Facebook Container for Firefox

            Last year we helped you keep Facebook contained to Facebook, making it possible for you to stay connected to family and friends on the social network, while also keeping your activity isolated in a separate container. That made it harder for Facebook to track your activity outside of Facebook with third-party cookies and made it easier for you to enjoy the web without your browsing activities following you from site to site. However, Facebook isn’t just the site. With the social sharing, liking or login widgets that many sites use, their reach is broad and, until now, hard to contain.

          • This Week in Rust 297
      • BSD

        • BSD Now 309

          DragonFlyBSD Project Update - colo upgrade, future trends, resuming ZFS send, realtime bandwidth terminal graph visualization, fixing telnet fixes, a chapter from the FBI’s history with OpenBSD and an OpenSSH vuln, and more.

        • Project Trident Stable-12 is Now Available

          Project Trident is a desktop-focused operating system based on TrueOS. It uses the Lumina desktop and number of self-developed utilities to provide an easy-to-use system for users.

          It uses a rolling release update cycle using a “current” branch based on upstream TrueOS & FreeBSD.

          Project Trident has announced the new stable release of Trident Stable-12, which is based on the FreeBSD/TrueOS STABLE branch (version 12).

          This train stable-12 release also provides rolling updates to the packages that are available in the repository.

      • FSF/FSFE/GNU/SFLC

        • gNewSense Maintainer (Sam Geeraerts) Steps Down His Role

          gNewSense is a Linux distribution based on Debian, and developed with sponsorship from the Free Software Foundation.

          It’s bundled only with free software and doesn’t included any proprietary and non-free software.

          In other word, we can say gNewSense to be composed entirely of free software.

          Free software is a matter of the users’ freedom to run, copy, distribute, study, change and improve the software.

          It is built by people across the globe who work together as a community and sponsored by the FSF (Free software foundation).

      • Openness/Sharing/Collaboration

        • Open Hardware/Modding

          • RISC-V gains new performance leader with Alibaba’s 16-core XT 910

            Alibaba announced a 16-core XuanTie 910 RISC-V CPU with a 7.1/MHz CoreMark score. RISC-V continues to expand quickly in China, accelerated by U.S. tariffs, but Arm is fighting back with “Arm Flexible Access” licensing.

            Chinese Internet retail and tech giant Alibaba Group has announced its first processor and the most powerful design based on the open source RISC-V IP yet. First reported by Nikkei Asian Review, the XuanTie 910 (also called the XT 910 or T-Head), is a 16-core, 2.5GHz design.

      • Programming/Development

        • PyPI now supports uploading via API token

          We're further increasing the security of the Python Package Index with another new beta feature: scoped API tokens for package upload. This is thanks to a grant from the Open Technology Fund, coordinated by the Packaging Working Group of the Python Software Foundation.

          Over the last few months, we've added two-factor authentication (2FA) login security methods. We added Time-based One-Time Password (TOTP) support in late May and physical security device support in mid-June. Now, over 1600 users have started using physical security devices or TOTP applications to better secure their accounts. And over the past week, over 7.8% of logins to PyPI.org have been protected by 2FA, up from 3% in the month of June.

        • Jupyter, PyCharm and Pizza 31.07.19 15:00

          Hi there! Have you tried Jupyter Notebooks integration in PyCharm 2019.2? Not yet? Then let me show you what it looks like!

          In this blog post, we’re going to explore some data using PyCharm and its Jupyter Notebook integration. First, of course, we’ll need said data. Whenever I need a new dataset to play with, I typically head to Kaggle where I’m sure to find something interesting to toy with. This time a dataset called “Pizza Restaurants and the Pizza They Sell” caught my attention. Who doesn’t love pizza? Let’s analyze these pizza restaurants and try to learn a thing or two from it.

        • PyPI now supports uploading via API token

          We're further increasing the security of the Python Package Index with another new beta feature: scoped API tokens for package upload. This is thanks to a grant from the Open Technology Fund, coordinated by the Packaging Working Group of the Python Software Foundation.

          Over the last few months, we've added two-factor authentication (2FA) login security methods. We added Time-based One-Time Password (TOTP) support in late May and physical security device support in mid-June. Now, over 1600 users have started using physical security devices or TOTP applications to better secure their accounts. And over the past week, over 7.8% of logins to PyPI.org have been protected by 2FA, up from 3% in the month of June.

        • Failure is a feature in blameless DevOps

          DevOps is just another term for value stream development. What does value stream mean?

          Value is what arises during our interactions with customers and stakeholders. Once we get into value stream development, we quickly realize that value is not an entity. Value constantly changes. Value is a process. Value is a flow.

          Hence the term stream. Value is only value if it's a stream. And this streaming of value is what we call continuous integration (CI).

        • How to Read and Write JSON Files using Python and Pandas

          In this post we will learn how to read and write JSON files using Python. In the first, part we are going to use the Python package json to create a JSON file and write a JSON file. In the next part we are going to use Pandas json method to load JSON files into Pandas dataframe. Here, we will learn how to read from a JSON file locally and from an URL as well as how to read a nested JSON file using Pandas.

          Finally, as a bonus, we will also learn how to manipulate data in Pandas dataframes, rename columns, and plot the data using Seaborn.

        • First Steps With PySpark and Big Data Processing

          It’s becoming more common to face situations where the amount of data is simply too big to handle on a single machine. Luckily, technologies such as Apache Spark, Hadoop, and others have been developed to solve this exact problem. The power of those systems can be tapped into directly from Python using PySpark!

          Efficiently handling datasets of gigabytes and more is well within the reach of any Python developer, whether you’re a data scientist, a web developer, or anything in between.

        • Tryton Newsletter August 2019

          The Tryton development has resumed now its cruising pace. There are a lot of changes to improve the user experiences. A new major feature, the secondary unit, has landed in the form of four new modules.

          Thanks to the Open Source program of KeyCDN, our website and forum are now speeded up by delivering static content at global scale. We have also pushed our downloads on the KeyCDN, so we encourage you to use downloads-cdn.tryton.org instead of downloads.tryton.org (Thank you for checking your automated scripts which are looking up for new releases).

        • How to start solving problems in the QA profession
        • Agile On The Beach: my first time

          2019 edition of Agile On The Beach was the 9th one. The event has gain a good reputation among agilists for being a good mix of great content and relaxed atmosphere in a beautiful environment. This is not surprising for somebody coming from the Open Source space but is not a so common combination within the lean/agile/CD world.

          I bought the tickets and reserved the accommodation on time (months before the event). As you know, I started in MBition in June. My employer was kind enough to make it easy for me to attend. So on July 10th I headed to Falmouth, Cornwall, UK to participate in Agile On The Beach during the following two days, coming back to Málaga on Saturday July 13th.

        • Improving communities through documentation

          Documentation, said Riona MacNamara at the beginning of her Open Source Summit Japan 2019 talk, is the superpower that we can use to energize users and developers; it is an important part of the creation of a vibrant and inclusive community. While there are a number of roadblocks that can impede participation in a development community, many of those can be addressed with better documentation. The talk was a call for all projects to think about what they are trying to accomplish and to ensure that their documentation is helping to get there. First, though, MacNamara started with a story. The fifth of Euclid's postulates holds that non-parallel lines must eventually cross. Not only has this postulate never been proved, but there are geometries where it is known to be false; these include hyperbolic spaces. Those spaces, though, are hard to visualize and hard to explain, a fact that inhibited research into them for two centuries.

          In 1997, Diana Taimina realized that crochet could be used to create a model of a hyperbolic space; this model is now the standard way of explaining the whole idea. The visualization of hyperbolic spaces is, MacNamara said, a problem that had gone unsolved for centuries for a simple reason: the field of mathematics was closed to women. What else are we losing, she asked, when we exclude the talents held by large parts of our population?

          Open-source software has just such a problem, even if one looks only at gender and ignores (for now) many other potential diversity issues. Surveys have shown that only about 3% of the open-source development community is female; the situation is very much like the 18th-century mathematics field. She would like to improve that situation, increase diversity in our communities, help the process of inclusion, and thereby create equity in the field.

        • Best WordPress Table Creating Plugins of 2019

          Tables make data easy to understand and comprehend as the visual is more compelling and convincing to the viewer. However, for a beginner or for somebody who doesn’t have much coding knowledge, creating a table can be tedious and time-consuming. This is where the use of Table creator plugins comes in.

          Table creator plugins not only create tables easily but they can also process information and create tables directly from data, edit table design, customize, import-export data and in fact, can do much more. Currently, there are hundreds of tables creating plugins available for WordPress which get your job done in clicks.

          So, which one to choose? Well, don’t worry! We have here compiled a list of 10 best Plugins for creating tables in WordPress, which we are sure to help you choose the best based on your requirements and budget.

        • Two numpys diverged in a wood. . .

          This allows us to upgrade python3-numpy to 1.17.0, while python2-numpy stays at 1.16.4, since 1.17.x drops Python 2 support.

        • Python "standard" library

          Python is often mentioned in the same breath with the phrase "batteries included", which refers to the breadth of its standard library. But there is an effort underway to trim back the standard library by removing some unloved modules. In addition, there has been persistent talk of a major restructuring of the library, into a fairly minimal core as described in Amber Brown's talk at this year's Python Language Summit, or in other ways as discussed on the python-dev mailing list in January (though it has come up many times before that as well). A mid-July python-ideas mailing list thread picked up on some of that; it ended up showing, once again, that there is no real consensus on what the standard library is—or should be.

          A fairly simple idea for a Python enhancement was posted by Abdur-Rahmaan Janhangeer; the discussion likely went in directions he was not expecting. He suggested adding a stdlib module, akin to the existing builtins module, that would provide a way to discover all of the modules in the standard library. L

  • Leftovers

    • Science

      • 99 percent of species have gone extinct. A new study looks at our odds of avoiding that fate.

        All of that might make you wonder: What are the odds that natural (as opposed to man-made) risks will drive humanity extinct? A new paper published Tuesday in Scientific Reports, by Andrew E. Snyder-Beattie and Michael Bonsall of Oxford’s Mathematical Ecology Research Group and Toby Ord of Oxford’s Future of Humanity Institute, tries to answer that question with a clever new approach. While other researchers have tried to describe different natural events that might pose an extinction risk, this paper looks at the problem from another angle.

    • Hardware

    • Security (Confidentiality/Integrity/Availability)

      • Visa vulnerability lets cybercrims bypass contactless card limit

        When testing the attack with five major UK banks, Leigh-Anne Galloway and Tim Yunusov were not only able to bypass the verification limit "irrespective of the card terminal," but also found that the attack is possible with foreign cards and terminals.

      • Google’s Plans for Chrome Extensions Won’t Really Help Security

        Note: Sam Jadali, the author of the DataSpii report referenced in this blog post, is an EFF Coders’ Rights client. However, the information about DataSpii in this post is based entirely on public reports.

        Last week we learned about DataSpii, a report by independent researcher Sam Jadali about the “catastrophic data leak” wrought by a collection of browser extensions that surreptitiously extracted their users’ browsing history (and in some cases portions of visited web pages). Over four million users may have had sensitive information leaked to data brokers, including tax returns, travel itineraries, medical records, and corporate secrets.

        While DataSpii included extensions in both the Chrome and Firefox extension marketplaces, the majority of those affected used Chrome. Naturally, this led reporters to ask Google for comment. In response to questions about DataSpii from Ars Technica, Google officials pointed out that they have “announced technical changes to how extensions work that will mitigate or prevent this behavior.” Here, Google is referring to its controversial set of proposed changes to curtail extension capabilities, known as Manifest V3.

        As both security experts and the developers of extensions that will be greatly harmed by Manifest V3, we’re here to tell you: Google’s statement just isn’t true. Manifest V3 is a blunt instrument that will do little to improve security while severely limiting future innovation.

      • EFF at Vegas Security Week

        EFF is back this year at Vegas Security Week, sometimes affectionately known as Hacker Summer Camp. Stop by our booths at BSides, Black Hat, and DEF CON to find out about the latest developments in protecting digital freedom, sign up for our action alerts and mailing list, and donate to become an EFF member. We'll also have our limited-edition DEF CON 27 shirts available. These shirts have a puzzle incorporated into the design—try your hand at cracking it!

      • Protecting update systems from nation-state attackers

        Frequent updates are a key part of keeping systems secure, but that goal will not be met if the update mechanism itself is compromised by an attacker. At a talk during the 2019 Open Source Summit Japan, Justin Cappos described Uptane, an update delivery mechanism for automotive applications that, he said, can prevent such problems, even when the attacker has the resources of a nation state. It would seem that some automobile manufacturers agree. The list of companies that have suffered successful attacks on their update systems is long, Cappos began; it is something that happens all too frequently. Often these attacks are carried out by governments; he listed compromises that have been attributed to North Korea and Russia. The Stuxnet attack exploited the Windows update service as well, he said. Nation-state attackers can launch complex attacks; if you are defending against them, you have to worry about holding off a dedicated team of professionals — the best attackers in the world — who command massive resources and who are focused on your company in particular. It is a scary scenario, he said.

        It is even scarier when one is dealing with the software that makes a modern automobile run. An attacker who gains the ability to install new software on cars could create no end of mayhem, up to and including large-scale loss of life. Clearly, we all want our cars to be well defended against even the most sophisticated intrusion attempts.

        [...]

        There are multiple open-source implementations of Uptane available. It has now been mandated by several manufacturers, but he was not allowed to name them. It meets or surpasses all of the existing proposals for update security, including upcoming regulations that require compromise resistance. There is a standardization effort around Uptane that is funded by the US Department of Homeland Security, rather than by the vendors. The system has been through a number of security audits as well. Uptane has been integrated with in-toto, a mechanism for supply-chain security that has been adopted widely, including by Debian, Arch Linux, and the reproducible builds project.

        This code, he said, can be expected to ship in about one-third of all new cars on US roads in the near future.

        Cappos closed by saying that, regardless of the work he and others have done, some groups will use insecure designs and car companies will put lives at risk. Attacks will happen, and appeals to weak regulations for cover will not suffice; people will die and (seemingly worse for manufacturers) big lawsuits will result. Systems like Uptane are meant to prevent that from happening.

    • Defence/Aggression

      • Turkey Threatens to Reignite European Migrant Crisis

        "We are facing the biggest wave of migration in history. If we open the floodgates, no European government will be able to survive for more than six months. We advise them not to try our patience." — Turkish Interior Minister Süleyman Soylu.

    • Transparency/Investigative Reporting

      • BBC criticised for giving Steve Bannon airtime 'almost completely unchallenged'

        Labour MP David Lammy wrote: "Why is Steve Bannon an avowed white supremacist, anti semite racist given almost 15 mins uninterrupted airtime on Radio 4 Today? Why was he not challenged on his links to Boris Johnson? Why should I pay my licence fee for this normalising of extremism?"

      • I Played Trump in Hillary Clinton’s 2016 Debate Prep. Here’s What It Takes to Beat Him.

        [...] As we see every day, the sheer number of Trump’s lies overwhelms even the most diligent media outlets trying to fact check him. Doing so in real-time is all the tougher. So our nominee should know that Trump will lie throughout their debate, but can’t count on the moderator to call them all out and can’t expect the audience to know on their own. So our nominee needs to be able to say, “You’re lying.” Easier said than done. Especially if Trump lies every time he opens his mouth.

        One possible tactic is to simply, and calmly, count out loud. First time he lies, the nominee should say, “That was the first of many lies to come because that’s what he does best.” After that, when Trump lies again, the nominee should interject with a simple “Lie number two,” or, “That was a few, so we’re up to six.” The moderator might scold the candidate for interrupting, but he or she should respond, “If you were calling out his lies, I wouldn’t have to. But someone has to. He gets away with it all day every day. But not here, not now.”

    • Environment

      • Under-nutrition will grow in warmer world

        Climate change driven by ever-higher levels of carbon dioxide in the atmosphere will do more than just limit harvests. It will increase under-nutrition, making the planet’s staple foods less nourishing.

        Put simply, the higher the use of fossil fuels, the greater the growth in the numbers of anaemic mothers, malnourished babies and stunted children, and the higher the count of overall deaths from malnutrition.

        More than 2 million children of five years or less die each year from conditions associated with protein deficiency. Zinc deficiency is linked to 100,000 deaths a year, and iron levels to 200,000 deaths a year among young children.

        And things will get worse. Over the next three decades, according to a new study in the journal Lancet Planetary Health, the combination of shocks from a hotter, stormier, more extreme world and ever-higher levels of atmospheric carbon dioxide will combine to make plant proteins, zinc and iron less available.

      • The Arctic is ablaze

        Nothing on this scale has been observed since high-resolution satellite records of fires in the globe’s far north began in 2003. A study in 2013 suggests that even the amount of burning seen in boreal regions in recent decades was outside the norm for the past 10,000 years. Researchers call this year’s events “unprecedented”. The data this summer are “insane”, says Guillermo Rein, an expert in peat fires at Imperial College in London.

      • Russia’s army called in as Siberia wildfires engulf area nearly as big as Belgium

        President Vladimir Putin has ordered the Russian army to take part in fire-fighting efforts in Siberia as environmentalists describe the blazes raging across the region as an ecological catastrophe.

      • Trump’s Shadow War on Climate Science

        This trend of suppressing assessments on climate change is dangerous, Schoonover and other experts have warned, because it leaves policymakers less prepared to deal with threats from the knock-on effects of climate change, including more extreme natural disasters, food insecurity, and increased risks of conflict.

    • Finance

      • Unemployment is Low Only Because ‘Involuntary’ Part-time Work is High

        The structure of the labour market has fundamentally changed, and what we used to think of as “unemployment” has been replaced by mass part-time work, much of it unwanted.

        “Gig economy” jobs are to blame, according to Rob Valletta of the San Francisco Fed.

      • The T-Mobile and Sprint Merger Is Blatantly Anticompetitive

        There is no saving grace for the federal government approving what is on its face an illegal horizontal merger between T-Mobile and Sprint. The wireless market is already highly concentrated according to the Department of Justice’s own guidelines, and this merger only exacerbates the problem. Mergers that bring extreme levels of concentration are supposed to be blocked. No supposed benefit to consumers is actually waiting on this merger, including any and all claims about 5G. Here's what this merger really means: people will have fewer choices for wireless services, at higher prices, while innovation suffers.

        It was not that long ago when the DOJ said that mergers that shrunk a highly concentrated market from four competitors into three competitors “significantly harmed” consumers per their own antitrust guidelines. What could possibly be different about this merger?

    • AstroTurf/Lobbying/Politics

      • Ronald Reagan’s Racism Should Come as No Surprise

        In the wake of Ronald Reagan being discovered on the Nixon tapes calling African diplomats “monkeys” who are “still uncomfortable wearing shoes,” the Washington Post (7/31/19) quotes Reagan’s biographer saying there was “no hint that the president would hold the kinds of views he conveyed to Nixon.”

        “In all of my very careful research into his private papers, I never found an instance where I felt that Reagan was racist,” claims Robert Spitz, author of Reagan: An American Journey. “Generally when someone says, ‘I don’t have a racist bone in my body,’ I’m instantly skeptical, but in this case, after all my work, I found myself kind of nodding my head.”

        Says the Post: “Some of Reagan’s most divisive policies—like embracing the apartheid government of South Africa and inventing the trope of the ‘welfare queen’—may take on a different light now.”

    • Censorship/Free Speech

      • The Shame of the Mural Censors — Why Art and History Matter

        Thirdly and finally, the notion that adolescents are excessively delicate and need protection from reality and history is deeply repugnant and patronizing. Even the most temperate of the anti-muralists seems to assume that Americans are not able to handle the inconvenient truth that people do bad things to other people in the names of God, justice, empire, or mere self-interest. Arnautoff's stately mural, even with its hints of America's dirty hands, is no rival for the breathless farrago of mass shootings and abusive drivel that bombards us 24/7.

      • Time to end social media monopolies

        Privately owned or not, the new natural monopolies of social media such as Twitter should not be able to ban any constitutionally protected speech. Sen. Warren recently had some of her speeches removed, although she was powerful enough to get them reinstated.

        Facebook’s Mark Zuckerberg recently wrote in the New York Times that government, tech and experts should be tasked to define permissible speech. While Reich Minister of Public Enlightenment and Propaganda Joseph Goebbels and George Orwell’s 1984’s Ministry of Truth might welcome such an endeavour, the U.S. Supreme Court would certainly strike it down.

        The new social media oligopolies ought to have the full weight of antitrust enforcement brought to bear to stop their efforts to censor free speech. Our free enterprise system isn’t a game of Monopoly, and to function properly, American democracy demands freedom of competition and expression.

      • American Movie Studios Are Wrong to Appease Chinese Censors

        All of this is reminiscent of another time when Hollywood bent low and bowed before foreign censors. In his book The Collaboration: Hollywood’s Pact with Hitler (2013), Harvard scholar Ben Urwand found that Hollywood studios agreed not to make films that attacked Nazis or that depicted their harsh treatment of Jews. With barely a whimper, studios gave the Nazis veto power over films depicting almost every aspect of Nazi Germany

        Once upon a time, the late Jack Valenti, the MPAA’s longtime chairman, expressed regret to me at that sordid chapter in motion-picture history. But today’s MPAA has its smooth self-justifying patter down just right: “The adjustment of some of our films for different world markets is a commercial reality, and we recognize China’s right to determine what content enters their country,” it said in a 2013 statement. “Overall, our members make films for global audiences, and audiences’ tastes and demands evolve, and our members respond to those changes. But we also stand for maximum creative rights for artists.” It all depends on who is defining “maximum,” I guess.

        I worked in Hollywood once upon a time, so I understand the argument that business is business. Of course, the U.S. should pressure the Chinese regime on human rights and intellectual-property [sic] theft [sic]. At the same time, I also believe that trade and cultural exchanges are ultimately helpful.

      • Court Dismisses Democrats' Nutty Lawsuit Against Russia, Wikileaks And Trump Associates

        A little over a year ago we wrote about a truly ridiculous lawsuit filed by the Democratic National Committee against the country of Russia, Wikileaks, the GRU, Julian Assange, the Donald Trump campaign, and a long list of Donald Trump associates, including Paul Manafort, Roger Stone, Jared Kushner, Donald Trump Jr. and more. As we discussed in great detail, this was a pro se-level lawsuit full of absolutely crazy legal theories that stood no chance in court, ostensibly over the hacking of the DNC's computers that occurred during the 2016 election. The complaint was mostly a conspiracy theory wrapped in a legal complaint, tossing in absolutely silly CFAA claims, SCA claims, DMCA claims and (because why not?) a RICO claim, despite the fact that it's never RICO.

        We predicted that this lawsuit would go nowhere fast, and separately noted that many of the theories the DNC put into the lawsuit represented a very real threat to basic press freedoms. Thankfully, though not surprisingly, federal Judge John Koeltl, has dismissed the case. The order runs over 80 pages, but the judge does a nice job summarizing the many, many faults of the complaint upfront. Let's start with suing Russia. That's not how any of this works.

    • Privacy/Surveillance

      • It’s Sentient

        Until now, Sentient has been treated as a government secret, except for vague allusions in a few speeches and presentations. But recently released documents — many formerly classified secret or top secret — reveal new details about the program’s goals, progress, and reach.

        Research related to Sentient has been going on since at least October 2010, when the agency posted a request for Sentient Enterprise white papers. A presentation says the program achieved its first R&D milestone in 2013, but details about what that milestone actually was remain redacted. (Deputy director of NRO’s Office of Public Affairs Karen Furgerson declined to comment on this timing in an email to The Verge.) A 2016 House Armed Services Committee hearing on national security space included a quick summary of this data-driven brain, but public meetings haven’t mentioned it since. In 2018, a presentation posted online claimed Sentient would go live that year, although Furgerson told The Verge it was currently under development.

      • Facebook Isn’t Responsible as Terrorist Platform, Court Says [iophk: FB might not edit but it sorts and ranks postings]

        The lawsuit was among several around the U.S. testing whether victims of terrorist attacks and their families can hold social-media companies to account for allowing violent extremists to use their platforms to recruit followers. The terrorism victims attempted for the first time to argue that social-media companies could be held liable under the U.S. Anti-Terrorism Act.

      • Amazon Told Police It Has Partnered With 200 Law Enforcement Agencies

        The officer who sent the email told Motherboard that the email was a transcribed version of handwritten notes that he took during a team webinar with a Ring representative on April 9. Additional emails obtained by Motherboard indicate that this webinar trained officers on how to use the "Law Enforcement Neighborhood Portal." This portal allows local police to see a map with the approximate locations of all Ring cameras in a neighborhood, and request footage directly from camera owners. Owners need to consent, but police do not need a warrant to ask for footage.

      • Supermarket looks to go cashless as tech is rolled out across five stores

        [...] The retailer is extending its pay-in-aisle technology trial to five stores in Manchester after first trialling the innovative app in its store at its Angel Square HQ in earlier this year. [...]

      • Unpopular cashless car parking is scrapped but it's cost the council €£28k to do it

        An unpopular parking app which was blamed for killing off town centre trade in Ashton-under-Lyne has been scrapped for good – but will have cost the council €£28k.

      • UK could be cashless by 2030

        This raises concerns that, with public transport, chemists and other public services becoming unable to accept cash payments, there could be problems with excluding people who don’t have access to cashless forms of payment.

      • Clues to the alleged Capital One [cracker]'s crimes were all over the internet

        Paige A. Thompson, a 33-year-old Seattle-based software engineer, bragged about [copying] data from Capital One’s Amazon Web Services instances on a private Slack channel and a public GitHub post from an account that displayed her full name. When another GitHub user noticed Thompson’s claims, they alerted Capital One, and it wasn’t long before the bureau was involved.

      • DOJ and FBI Show No Signs of Correcting Past Untruths in Their New Attacks on Encryption

        Don’t be mistaken; the threat to encryption remains high. Australia and the United Kingdom already have laws in place that can enable those governments to undermine encryption, while other countries may follow. And it’s definitely dangerous when senior U.S. law enforcement officials talk about encryption the way Barr and Wray did.

        The reason to ignore these speeches is that DOJ and FBI have not proven themselves credible on this issue. Instead, they have a long track record of exaggeration and even false statements in support of their position. That should be a bar to convincing anyone—especially Congress—that government backdoors are a good idea.

        Barr expressed confidence in the tech sector’s “ingenuity” to design a backdoor for law enforcement that will stand up to any unauthorized access, paying no mind to the broad technical and academic consensus in the field that this risk is unavoidable. As the prominent cryptographer and Johns Hopkins University computer science professor Matt Green pointed out on Twitter, the Attorney General made sweeping, impossible-to-support claims that digital security would be largely unaffected by introducing new backdoors. Although Barr paid the barest lip service to the benefits of encryption—two sentences in a 4,000 word speech—he ignored numerous ways encryption protects us all, including preserving not just digital but physical security for the most vulnerable users.

        For all of Barr and Wray’s insistence that encryption poses a challenge to law enforcement, you might expect that that would be the one area where they’d have hard facts and statistics to back up their claims, but you’d be wrong. Both officials asserted it’s a massive problem, but they largely relied on impossible-to-fact-check stories and counterfactuals. If the problem is truly as big as they say, why can’t they provide more evidence? One answer is that prior attempts at proof just haven’t held up.

      • DNS over HTTPS in a snap

        With the recent news about the ISP UK association proposing Mozilla as “Internet villain of the year” for enabling DNS over HTTPS (and subsequently changing their mind and dropping the whole category of villain of the year. Good move I think.) I figured it was probably about time that I looked at enabling DoH at home.

        Cloudflare have a suite of open source tools called cloudflared which has, among other things, a DNS over HTTPS proxy. By default it points at their 1.1.1.1 service, but you can change that if you want to. Note, at the time of writing there is a bug which seems to stop Google’s DNS service working. If you’re looking to stop people seeing your DNS traffic then Google probably isn’t the right DNS service to use anyway.

    • Freedom of Information/Freedom of the Press

      • UN Special Rapporteur on torture says he is “gravely concerned” about the situation of Julian Assange

        "Gravely concerned". The UN Special Rapporteur on torture, Nils Melzer, does not mince words in conveying his serious concerns about the situation of the WikiLeaks founder, Julian Assange. Last May, Melzer visited Assange at the Belmarsh high-security prison in London assisted by two doctors who are experts on torture and inhuman or degrading treatment. At that time, Nils Melzer had already publicly denounced that Assange showed "all symptoms typical of prolonged exposure to psychological torture", but in a newly released diplomatic correspondence, the UN Special Rapporteur accuses the United States, Britain, Sweden and Ecuador of grave responsibility for the highly worrying condition of Assange and denounces the risk of his extradition to the US exposing him to excessively severe criminal sanctions and serious abuses of his human rights.

    • Civil Rights/Policing

      • Tear gas has been banned in warfare. Why do police still use it?

        Tear gas is a chemical weapon used all over the world by law enforcement to control riots and disperse crowds — from the United States to Hong Kong, to Venezuela. Despite its frequent use, various international treaties have ruled the use of tear gas illegal in wartime.

      • Head of UN investigators calls for an IS 'Nuremberg'

        Despite the horror, these crimes "are not new," he said. "What is new perhaps with IS, is that the ideology fuels the criminal group in the same way that fascism fuelled the criminal pogroms of Hitler".

      • Muslim practice of instant divorce made illegal in India after historic vote

        Instant divorce is when a Muslim man has the ability to terminate his marriage by saying "talaq" three times in succession. The expression, which translates from Arabic as "you are divorced," can be used at any time, and in any form, including telephone, text message or even in a social media post.

        The victory for the government was a narrow one, as lawmakers in the Parliament's upper house supported the bill by 99 votes to 84. The more powerful lower house approved the bill last week.

      • How to Save a Dying Language

        The number of Aramaic speakers alive today is difficult to calculate. Though some estimates set the figure as high as a half-million, that number is misleading. Because of its ancient lineage, lack of standardization and the isolation of speakers from one another, the modern tongue, known as Neo-Aramaic, has more than 100 dialects, most with no written analogue. Many dialects are already extinct, and others are down to their last one or two speakers.

      • Iran Regime Appeals Court Upholds Flogging and Lengthy Imprisonment Sentence for Female Activist

        Sepideh Farhan (Farahabadi) was arrested by the regime's security forces in January 2018 during the anti-regime uprising in Iran. She was released from Evin Prison on a bail of 2.5 billion rials on February 17, 2018.

        Branch 26 of the regime's Revolutionary Court had sentenced her in absentia to six years in prison on June 24, 2018.

      • Building Community in Brooklyn: A Grassroots Case Study

        Grassroots-level organizing has long been an important tool for advancing policy goals and activating a constituency. More importantly, local organizing can provide an avenue through which the skills and knowledge of some are leveraged to support the previously-unmet needs of the wider community.

        As a member of the Electronic Frontier Alliance—a network of independent local advocacy groups in the U.S.—The Cypurr Collective is offering down-to-earth tech guidance to their neighbors in Brooklyn, New York, and holding space for greater digital rights and privacy awareness.

        Cypurr utilizes such engagement methods as tea socials, digital security workshops, and cross-issue allyship, which enables the group to speak on local organizing from a people-focused perspective. We asked group members Grey Cohen, Rory Mir, and Sam DiBella to share a bit of what they’ve learned in their quest for digital equality.

      • Former Law Enforcement Officer Displays His Ignorance Of The Law In Civil Forfeiture Article

        Why am I being so harsh on Trooper Steve? Well, it's a few things. First and foremost, his leap from law enforcement officer to "traffic safety expert" assumes he actually knows how to keep traffic safe. The thing about cops is they are under no obligation to keep the public safe. As the occupation name makes clear, they are there to perform law enforcement, not keep drivers safe. If the two happen to align occasionally, everyone wins. But LEOs have no "duty of care."

        More than that, touting someone as an "expert" tends to lead viewers and readers to believe this person knows what the fuck they're talking about. But as this recent column by "Trooper Steve" painfully proves, police PR reps make for terrible "experts."

        The question is fairly innocuous: are there any safety tips Trooper "Traffic Safety Expert" Steve could offer travelers roaming around the country with cash in their possession?

    • Internet Policy/Net Neutrality

      • Cord Cutting Is Setting Records In 2019

        Again, customers are tired of paying an arm and a leg for a giant bundle of channels they don't watch. So they're axing traditional TV and shifting over to streaming video providers the data says not only offer cheaper, more flexible options, but far better customer service. With a number of high-profile streaming options just over the horizon from the likes of Apple and Disney, the trend is only going to accelerate.

        And while many traditional cable TV companies have responded to this surge in competitors by offering their own streaming alternatives, that's no sure thing either. Just ask AT&T, which not only lost 778,000 traditional video users last quarter, but 168,000 subscribers from its streaming video alternative, DirecTV Now. Why? AT&T gobbled up so many companies in its bid to dominate the space, it became one of the most indebted companies in the world. When it raised streaming TV prices to try and recoup some of this debt, customers unsurprisingly headed for the exits.

    • Monopolies

      • Patents and Software Patents

        • House Democrats easing opposition to Trump's new NAFTA deal

          Congress is supposed to give trade agreements an up-or-down vote, no amendments allowed.

          The reality is different. Despite those so-called fast-track provisions, Congress has managed to pressure past administrations into making changes to the last four U.S. free-trade agreements before approving them.

        • [Old] Happy birthday, Mr. Ferris: Big wheel’s inventor had close ties to Pittsburgh

          Following the Chicago exposition, thoughts of the “Monster” consumed Ferris. He worked on refining its design in hopes of selling a new wheel. Meanwhile, competitors capitalized on the notoriety of the famous wheel. Ferris had never patented his work. Consequently, dozens of claims were made that he had stolen the idea. His meager profits evaporated over years of court battles defending his design.

        • Avanci, Nokia trying to escape Judge Koh's jurisdiction over Continental case: motion to transfer venue from San Jose to Dallas

          In soccer terminlogy, Nokia's "Munich Maneuver" may be the Goal of the Century, subject to whether or not the anti-antisuit-injunction injunction ("AAII") is lifted. As of now, it appears Daimler supplier Continental, which argues that is hasn't been properly served yet, still hasn't filed an objection to the preliminary injunction. An objection would lead to a hearing. But presumably Continental wants to stay consistent with its views on service (I can't offer any opinion on that procedural part).

          Service (of process) is also an issue affecting Continental's U.S. FRAND/antitrust case against Avanci, Nokia, and others. The defendants (mostly, but not exclusively, the Avanci licensing firm, Nokia, and some privateers holding former Nokia patents) have asked Judge Koh to postpone the upcoming case management conference because "[d]efendant Sharp Corporation has not yet appeared in this case."

      • Trademarks

        • Liverpool FC Also Apparently Attempted To Trademark Widely Used Chant By Football Fans

          We were just discussing Liverpool FC, a football club in the UK's famous Premier League, receiving a ton of backlash from the public and other football clubs over its rather audacious attempt to trademark "Liverpool". Now, Liverpool FC claimed that its trademark application was extremely targeted, claiming that it was geared specifically towards the football marketplace. Unfortunately, in the current protectionist trademark era, that doesn't mean much. First, we see trademark holders threaten and sue those across marketplace borders all the time. Second, there are other football clubs in Liverpool, meaning that the trademark application represented a direct threat to their brands.

          It turns out this callous attitude towards other football clubs isn't a one-off for Liverpool FC. Recent reporting reveals that the club also has attempted, and then withdrawn, trademark applications for a popular football fan chant that doesn't even originate with Liverpool FC fans.



Recent Techrights' Posts

Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
 
Links 27/12/2024: Perfect Desk, Banning Cellphones, Many Cables Cut Near Finland
Links for the day
Gemini Links 27/12/2024: Slop and Self-hosting
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 26, 2024
IRC logs for Thursday, December 26, 2024
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day