EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

08.14.19

Links 14/8/2019: Apache Evaluated, HardenedBSD Has New Release

Posted in News Roundup at 8:46 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audios

      • Clementine Music Player for All Your Audio Needs

        VLC is a mainstay for most fans of FOSS technology and most Linux distros. It’s a great little player, don’t get me wrong, but if you have a large library of audio files, some times you need something more powerful.

        The Clementine Music Player is a full-service audio player with all the tools you need to keep track of your audio library. According to the project’s website, Clementine “inspired by Amarok 1.4, focusing on a fast and easy-to-use interface for searching and playing your music.”

      • Episode #143: Spike the robot, powered by Python!
      • Bigger. Faster. Harder to Maintain. | LINUX Unplugged 314

        It’s huge, and it’s getting bigger every month. How do you test the Linux Kernel? Major Hayden from Red Hat joins us to discuss their efforts to automate Kernel bug hunting.

        Plus our honest conversation about which Linux works best for us.

    • Kernel Space

      • Linux 5.3 Will Address Crackling Audio on AMD PCs

        Linux users received some good news today: Phoronix reported that Linux 5.3 will finally address issues with audio input on systems with AMD processors. Those fixes will be added to currently available versions of the Linux kernel, too, so users won’t have to install the point upgrade.
        Phoronix said that Linux users who rely on AMD processors have been reporting “crackling” audio input since at least 2017. The problems don’t usually appear to affect the audio output, so many people were probably unaware of the issue, but there were sporadic reports of “occasional playback hiccups.”
        These issues were said to affect systems featuring motherboards built around AMD’s X470 and X370 chipsets that used Realtek audio codecs. Linux users couldn’t find a workaround to address the issue–which isn’t common for that particular community–so they simply had to accept the crackle.

      • Reiser4 File-System Port Updated For The Linux 5.1 + Linux 5.2 Kernels

        Up until today the newest Linux kernel version supported by the official Reiser4 out-of-tree file-system driver patch was Linux 5.0, but that has now changed with the belated Linux 5.1 kernel support arriving as well as a separate patch for Linux 5.2 kernel support.

        Bringing Reiser4 to the Linux 5.1 kernel required various changes to the block layer’s interface while porting to Linux 5.2 required some additional block layer interface changes. The Linux 5.2 version also has one additional bug fix as well.

      • Patch Workflow With Mutt – 2019

        Given that the main development workflow for most kernel maintainers is with email, I spend a lot of time in my email client. For the past few decades I have used (mutt), but every once in a while I look around to see if there is anything else out there that might work better.

        One project that looks promising is (aerc) which was started by (Drew DeVault). It is a terminal-based email client written in Go, and relies on a lot of other go libraries to handle a lot of the “grungy” work in dealing with imap clients, email parsing, and other fun things when it comes to free-flow text parsing that emails require.

        aerc isn’t in a usable state for me just yet, but Drew asked if I could document exactly how I use an email client for my day-to-day workflow to see what needs to be done to aerc to have me consider switching.

        Note, this isn’t a criticism of mutt at all. I love the tool, and spend more time using that userspace program than any other. But as anyone who knows email clients, they all suck, it’s just that mutt sucks less than everything else (that’s literally their motto)

      • Building The Default x86_64 Linux Kernel In Just 16 Seconds

        It’s now been one week since the launch of AMD’s EPYC Rome processors with up to 64 cores / 128 threads per socket and better IPC uplift compared to their previous-generation parts. Rome has outperformed Intel Xeon Scalable CPUs in their class while offering better power efficiency and way better performance-per-dollar. One of my favorite metrics has been how quickly the new EPYC 7742 2P can build the Linux kernel.

        It used to be that building out the Linux kernel could easily take the time needed to enjoy a beverage or have a meal while now with the EPYC 7742 2P it’s easy to build the Linux kernel in just 15~16 seconds! Up until the Rome testing I was never able to crack 20 seconds with any of the hardware at my disposal while now it’s easy hitting 15 seconds. That is with a Linux x86_64 default “defconfig” build. As shown in the launch article, that easily beats the likes of a dual Intel Xeon Platinum 8280 and a big improvement as well over the Naples EPYC 7601 2P configuration.

      • Linux Foundation

        • 9 open source cloud native projects to consider

          I mean, just look at that! And this is just a start. Just as NodeJS’s creation sparked the explosion of endless JavaScript tools, the popularity of container technology started the exponential growth of cloud-native applications.

          The good news is that there are several organizations that oversee and connect these dots together. One is the Open Containers Initiative (OCI), which is a lightweight, open governance structure (or project), “formed under the auspices of the Linux Foundation for the express purpose of creating open industry standards around container formats and runtime.” The other is the CNCF, “an open source software foundation dedicated to making cloud native computing universal and sustainable.”

          In addition to building a community around cloud-native applications generally, CNCF also helps projects set up structured governance around their cloud-native applications. CNCF created the concept of maturity levels—Sandbox, Incubating, or Graduated—which correspond to the Innovators, Early Adopters, and Early Majority tiers on the diagram below.

      • Graphics Stack

        • NVIDIA have released the 435.17 beta driver with Vulkan and OpenGL support for PRIME render offload

          NVIDIA have a little present available for Linux fans today, with the release of the 435.17 beta driver now being available.

          This is a beta driver and it includes quite the highlight with the addition of PRIME render offload support for Vulkan and OpenGL. This is where you might have your Intel GPU running most normal applications, with an NVIDIA chip then powering your games. It’s usually found in Notebooks and it’s been a source of annoyance for NVIDIA Notebook owners for a long time, so it’s really pleasing to see proper progress like this.

        • NVIDIA 435.17 Linux Beta Driver Adds PRIME Offloading For Vulkan and OpenGL+GLX

          The latest NVIDIA 435.17 Linux beta driver has added Vulkan and OpenGL+GLX support for PRIME render offload.

          PRIME is a collection of features in the Linux kernel, display server, and various drivers to enable GPU offloading with multi-GPU configurations under Linux, like laptops using NVIDIA Optimus (which use an integrated Intel GPU and a discrete NVIDIA GPU).

          Thanks to the new on-demand PRIME render offload, you’ll be able to run specific application on the discrete NVIDIA GPU, while using the integrated GPU for everything else, saving battery power.

        • New Firmware update Reportedly solves Ryzen 3000 boot issues Linux

          We don’t talk about Linux a lot, as the install base is small and not really the PC Gamers domain, however as it turns out Linux users have had Boot issues with Ryzen 3000. A problem that is now confirmed to be solved with the latest BIOS updates.

          AMD provided a solution for the Linux issues at hand as firmware updates with AGESA Combo-AM4 1.0.0.3abb should solve the problems (and various others on the Windows platform). The Linux issues had been named Systemd error, at least that is listed at the change log of the ROG Crosshair VII Hero bios.

    • Applications

      • The beast of 3D editors version 2.80 is free in the wild !

        Blender is the free and open source 3D creation suite. It is characterized by high features that made it a fierce competitor for commercial tools. It is considered one of the most important open source pieces.
        Recently, all those interested in the field of 3D tools have been closely watching the developments and news of version 2.80, and also waiting for its release date.

      • 10 Best Free Linux Document Management Systems (Updated 2019)

        Document Management is an information technology that has taken over from legacy systems of manual or server based file sharing, the electronic filing cabinet, to control policies and procedures. It is one of the functions provided by Enterprise Content Management.

        A document management system enables individuals and businesses to manage documents, making it easy to locate a previous document version. This is important from a record control perspective, and to ensure that compliance standards are met within a user-friendly environment.

        The main benefit offered by a document management system is that it gives individuals and businesses the tools to store and index many different types of documents and electronic files. Information and knowledge within the organisation can be accessed as appropriate, leading to an increase in productivity. Any kind of binary data can be stored in the document system. Other uses of this type of system include document workflow, records management, image management, disaster recovery, backup, and access control.

      • Proprietary

        • New Snip Smartphone App Converts Math Screenshots Into LaTeX

          Not so long ago, mathematics students and researchers had to spend a tedious amount of time writing out equations in the technical and scientific documentation typesetting system LaTeX. The launch this April of the AI-powered desktop tool Snip changed that. Available for Mac, Windows and the Ubuntu system, Snip converts screenshots of mathematical formulas into LaTeX code in seconds. Snip went viral as an easy-to-use time-saver for the math and science community.

        • What Microsoft’s upcoming ‘outsourcing’ licensing changes could mean for your business

          Microsoft’s cloud competitors have been making a lot of noise about changes in Microsoft’s licensing coming on October 1. And Microsoft, which has been positioning itself as an ally of customer choice, found itself on the wrong side of accusations of untrustworthiness and price-gouging.

  • Instructionals/Technical

  • Games

    • Korean survival horror-adventure The Coma 2: Vicious Sisters announced with Linux support

      After recently releasing Vambrace: Cold Soul, Devespresso Games are going back to horror with The Coma 2: Vicious Sisters.

    • The Dreamcast emulator Flycast has made some amazing progress lately

      In a post on the official Libretro website, the team notes that open source Dreamcast emulation with Flycast (a fork of Reicast) has progress along tremendously.

      Thanks to all the work that has gone into it, you will no longer need an external Dreamcast BIOS which is a pretty big milestone for such an emulator and will make it a lot easier to setup and use with the RetroArch front-end.

    • The dev of Assault Android Cactus is working on Unpacking, a zen puzzle game

      Witch Beam, known for the awesome twin-stick shooter Assault Android Cactus is going to bring us something a little calmer with their next game: Unpacking.

      Unlike real-life moving, stuffing your life into boxes and then unpacking everything again, Unpacking is supposed to be a little more relaxing. They say it’s like “item Tetris” mixed with home decoration “while learning clues about the life you’re unpacking”.

    • SNES-styled RPG made by Janitors, Kingdoms of the Dump has managed to get funded on Kickstarter

      With only a few hours left to go, Kingdoms of the Dump a SNES-styled RPG which is being made in the FOSS game engine Godot Engine by a team which includes some real-life Janitors has reached over the funding goal.

      Launched on Kickstarter on July 15th with a goal of $60,000 they’ve done really well hitting over $73,000!

    • Mozilla VR Blog: WebXR category in JS13KGames!
    • Roll dice, swap around cards and kick butt in Dicey Dungeons, out now

      Dicey Dungeons is a lighthearted deck-building roguelike, where you’re a massive walking die and it’s available today with Linux support.

      Made by Terry Cavanagh (VVVVVV, Super Hexagon), Chipzel, Marlowe Dobbe and Justo Delgado Baudí, this new team have managed to created something extremely unique with Dicey Dungeons.

    • Impressive looking science fiction point and click game ENCODYA is now on Kickstarter

      Encodya, the upcoming science fiction point and click with a free demo on itch.io, is now on Kickstarter. While the demo showed a rather ordinary day of orphan Tina and her Robot SAM-53, she’ll be going on real adventures in the full game.

      The beautiful game the author attributes to “the sweetness and creativity of Studio Ghibli, the setting and atmosphere of Blade Runner and the humor and game style of Monkey Island”, is looking for at least 27,500€ (~$30,800) in funding. The first stretch goal is 32,500€ for three additional languages, namely Italian (the developer is Italian by origin), German (we are the home of adventure games, right?) and Spanish. The second stretch goal promises an additional hour of gameplay with extra puzzles, locations and characters if 45,000€ is reached. Additional stretch goals would be unlocked later.

    • Be ready for a party with the new Humble Jackbox Party Bundle 2019

      Having people over and fancy a laugh? The Humble Jackbox Party Bundle 2019 just recently went live and has some good picks for you.

  • Desktop Environments/WMs

    • The lightweight desktop environments champion version 4.14 is here !

      XFCE is one of the best Linux desktop environments, its lightness, fast performance and High customization capability, made it very popular among Linux users, especially those with weak hardware.
      Despite the slow development of the project, we are surprised from time to time with new and impressive versions that bring with it a lot of improvements and new features.

    • K Desktop Environment/KDE SC/Qt

      • Krita Sprint 2019

        So, we had a Krita sprint last week, a gathering of contributors of Krita. I’ve been at all sprints since 2015, which was roughly the year I became a Krita contributor. This is in part because I don’t have to go abroad, but also because I tend to do a lot of administrative side things.

        This sprint was interesting in that it was an attempt to have more if not as much artists as developers there. The idea being that the previous sprint was very much focused on bugfixing and getting new contributors familiar with the code base(we fixed 40 bugs back then), this sprint would be more about investigating workflow issues, figuring out future goals, and general non-technical things like how to help people, how to engage people, how to make people feel part of the community.

      • A Script Making It Easier Turning A FreeBSD Install Into A Working Desktop

        With TrueOS (formerly PC-BSD) no longer focused on delivering a quality BSD desktop as they once did, while there still are options out there for a desktop-focused BSD like MidnightBSD, for those wanting to use a vanilla FreeBSD installation can now setup a desktop easier using a new script.

        FreeBSD developer Adriaan de Groot who has done much of the FreeBSD + KDE packaging work and other tasks over the years decided to create a script making it easier to deploy a desktop from a clean FreeBSD install.

      • Introducing Qt Quick 3D: A high-level 3D API for Qt Quick

        As Lars mentioned in his Technical Vision for Qt 6 blog post, we have been researching how we could have a deeper integration between 3D and Qt Quick. As a result we have created a new project, called Qt Quick 3D, which provides a high-level API for creating 3D content for user interfaces from Qt Quick. Rather than using an external engine which can lead to animation synchronization issues and several layers of abstraction, we are providing extensions to the Qt Quick Scenegraph for 3D content, and a renderer for those extended scene graph nodes.

        Does that mean we wrote yet another 3D Solution for Qt? Not exactly, because the core spatial renderer is derived from the Qt 3D Studio renderer. This renderer was ported to use Qt for its platform abstraction and refactored to meet Qt project coding style.

      • The Qt Company Announces Its New High-Level 3D API – Qt Quick 3D

        Continuing on from the recent technical vision for the Qt6 tool-kit, The Qt Company has now announced their new high-level 3D API they are developing for this next major release of Qt.

        Qt Quick 3D is this new high-level API for creating 3D content for user-interfaces out of Qt Quick without the need for any external engine. Qt Quick 3D will make use of the renderer currently employed by the Qt 3D STUDIO.

      • Implementing a derivated class of kis_brushes_pipe

        I am still working on the change of the brush index, so far I’ve been confused with the classes, because I am not sure why somethings are implemented and then overriden or why somethings are where they are, and I am not sure exactly when or why to do this.

        I’ve been working all week, instead of trying to deliver a feature I tried to write and organize the whole class, and then slowly write all the small functions, this is because I’ve had problem with classes and objects, but I understand functions, so I to tried work with my strengths.

  • Distributions

    • Reviews

      • A look at MX Linux 18.3

        I’ve been doing a little bit of distrohopping in the last week or so to take a look at new systems being developed and to try a few I haven’t had a look at in a while; MX Linux being one of the latter.

        The last time I touched MX Linux was at least two or three years ago, and I remember that I wasn’t a fan at the time. However, I’m really happy to say that my opinion of the OS has changed with my latest dive into it.

    • Screenshots/Screencasts

    • Fedora Family

      • Taz Brown: How Do You Fedora?

        We recently interviewed Taz Brown on how she uses Fedora. This is part of a series on the Fedora Magazine. The series profiles Fedora users and how they use Fedora to get things done. Contact us on the feedback form to express your interest in becoming a interviewee.

        Taz Brown is a seasoned IT professional with over 15 years of experience. “I have worked as a systems administrator, senior Linux administrator, DevOps engineer and I now work as a senior Ansible automation consultant at Red Hat with the Automation Practice Team.” Originally Taz started using Ubuntu, but she started using CentOS, Red Hat Enterprise Linux and Fedora as a Linux administrator in the IT industry.

        Taz is relatively new to contributing to open source, but she found that code was not the only way to contribute. “I prefer to contribute through documentation as I am not a software developer or engineer. I found that there was more than one way to contribute to open source than just through code.”

    • Debian Family

  • Devices/Embedded

    • Cooling The Raspberry Pi 4 With The Fan SHIM & FLIRC For Better Performance

      With the Raspberry Pi 4, a passive heatsink is an absolute minimum for running this new ARM SBC unless you want to deal with potentially drastic performance limitations based upon your operating conditions. However, if you will be enduring the Raspberry Pi 4 with significant load for any measurable length of time, an active cooler is almost warranted or otherwise a very capable passive cooler. In this article we’re looking at the Raspberry Pi 4 performance with a Fan SHIM as an active fan designed for running on the Raspberry Pi off the GPIO pins as well as the FLIRC as a metal case that passively cools the device.

    • Tiny i.MX8M Mini module plugs into carrier via M.2

      InnoComm’s audio focused “WB15” module is built around an i.MX8M Mini SoC and ships with 1GB LPDDR4, 8GB eMMC, WiFi/BT, and connectors that plug into dual M.2 expansion slots on the $195 “WB15EVK” dev kit.

      InnoComm has launched a tiny, 50 x 45mm compute module equipped with NXP’s quad-core, Cortex-A53 i.MX8M Mini SoC. The WB15 is designed for streaming audio applications including wireless smart speakers. This is the first module we’ve seen that connects to its carrier board via a pair of M.2 E-Key expansion slots. (See farther below for more on the WB15EVK dev kit.)

    • Orange Pi Zero2 mini PC supports Android & Linux, measures 2.2 inches wide

      About three years after launching a tiny single-board computer called the Orange Pi Zero, the folks at Shenzhen Xunlong are introducing a Orange Pie Zero2 with a faster processor, an HDMI port, and other upgrades.

      It still measures just 2.2″ x 2.2″ across, making it one of the smallest single-board computers I’m aware of to feature a 64-bit, quad-core processor and full-sized USB, HDMI, and Ethernet ports.

    • The Librem 5 Smartphone in Forbes

      Purism’s crowdfunding campaigns on the Crowd Supply platform consistently achieved more than their funding goal. The latest, concerning the Librem 5 smartphone, raised over $2 million. And what makes the Librem 5 smartphone different from other phones? Several factors, such as the business model, an engaged community, and the fact that privacy and security are starting to be a great concern– and not just for everyday smartphone users but for the government as well.

    • Blankets give them enough warm but not Education!

      Operating System?

      Hanthana Linux, a Fedora remix bundle with bunch of Educational tools and Sugar Desktop.

      Software?

      LibreOffice, Firefox, VLC, Educational Tools, Gnome/Sugar Desktop.

  • Free, Libre, and Open Source Software

    • Take Your Time With IBM Stock as it Digests its Behemoth Linux Maker Deal

      Prior to the Red Heat deal, IBM was treading water. The company released earnings on July 17. For the second quarter of 2019, revenue was down year-over-year. Sales were $19.1 billion, down from $20 billion in the prior year’s quarter. The company’s Cloud and Business Services unit saw slight growth (5% and 3% YoY, respectively), but declines in the Global Technology Services and Systems units countered this improvement. Despite this slight revenue slip, IBM managed to keep quarterly operating income steady at ~$2.8 billion.

      The Red Hat deal adds a variety of growth catalysts to the International Business Machines story. For one thing, the acquisition makes IBM a bigger player in the $1 trillion cloud computing space. The deal is expected to accelerate revenue growth and improve gross margins. The deal is also very synergistic. IBM can now sell Red Hat’s suite of solutions to their existing customer base. With IBM’s global reach, the company could expand Red Hat’s business better than Red Hat would have done as an independent company.

    • Apache Software Foundation’s Code-Base Valued At $20 Billion USD

      The Apache Software Foundation has published their 2019 fiscal year report highlighting their more than 350 open-source projects/initiatives and this also marks their 20th anniversary.

      The Apache Software Foundation’s 2019 report values their code-base at more than $20 billion USD using the COCOMO 2 model for estimating. Though for their 2019 fiscal year the foundation turned a profit of $585k USD thanks to sponsors. There are more than 190 million lines of code within Apache repositories.

    • Web Browsers

    • Productivity Software/LibreOffice/Calligra

      • With Microsoft dumping MS Office, consider LibreOffice for your next PC office suite

        LibreOffice’s Export as PDF has improved. It now fully supports PDF/A-2 document format. This is required by several organizations for long-term file storage. It also simplified its editable PDF forms by incorporating the Form menu into LibreOffice Writer.

        A new feature, which security-minded businesses may find interesting, is that you can now “redact” information in documents. With this, you can remove or hide sensitive information such as personal data before exporting or sharing the file.

        You can run LibreOffice on Linux, MacOS, and Windows. You can also use as a cloud Software-as-a-Service (SaaS) application, LibreOffice Online, by deploying it on a cloud you control.

      • New LibreOffice out

        The open source office suite LibreOffice released its version 6.3 with many new features, interoperability enhancements and performance increases.

        There are several performance improvements related to loading and saving documents in Writer and Calc. For example there is a FOURIER() function in its spreadsheet app Calc.

        The biggest improvement are the document redaction tools which enables you to stick black bars you see across sensitive passages in documents that are only intended to be partially released.

        When you select Tools⟶Redact, a Draw window opens up with your flattened document in it. So does a simplified toolset allowing you to draw boxes or scribble over content you don’t want to expose. When you’re done, you can export the redacted version of a document; this produces a completely flattened PDF. There are no hidden text elements to be sleuthed out by pesky journalists.

    • BSD

    • FSF/FSFE/GNU/SFLC

    • Openness/Sharing/Collaboration

      • Open Hardware/Modding

        • Teaching People to Share Technology: Adafruit Founder Limor Fried

          When Adafruit founder Limor Fried was studying electrical engineering and computer science at MIT, she realized she was less interested in the electrical engineering part.

          “What I really liked to do was build stuff,” she said.

          Instead of working on her homework or thesis, Fried spent her time designing hardware projects in her dorm. She built an MP3 player way before Apple made iPods popular.

          “With electronics, you could build anything from an MP3 player to a GPS tracker,” she said.

          [...]

          “Open source hardware is a perfect middle ground. It’s inexpensive and allows you to customize the way you need it,” Fried said. “The code is there. Instructions are there. Anyone can do it. Since it’s open source, people can iterate, tweak, fine-tune to their needs. We are seeing a lot of interest in open source hardware for assistive technologies.”

          Adafruit’s hardware is working for everyone from creative hobbyists to people interested in building things for their smartphones to developers inventing products for the next industrial revolution. Adafruit also worked with computer game company Nvidia to help build its Jetson Nano Developer Kit, which lets users run multiple neural networks for artificial intelligence, machine learning and edge computing.

    • Programming/Development

      • buildah error: vfs driver does not support overlay.mountopt options

        Buildah and podman make a great pair for building, managing and running containers on a Linux system. You can even use them with GitLab CI with a few small adjustments, namely the switch from the overlayfs to vfs storage driver.

        I have some regularly scheduled GitLab CI jobs that attempt to build fresh containers each morning and I use these to get the latest packages and find out early when something is broken in the build process.

      • PyCoder’s Weekly: Issue #381 (Aug. 13, 2019)
      • Gcc 4.2.1 to be removed before FreeBSD 13, a firm timeline
        Greetings,
        
        As promised for almost the past decade or so, gcc 4.2.1 will be removed
        from the tree before FreeBSD 13 is branched.
        
        I propose the following timeline for its removal:
        
        2019-08-31: disconnect gcc 4.2.1 from CI build
        
        Turn off -Werror on gcc 4.2.1 platforms
        
        Turn off all gcc 4.2.1 from universe by default (can be turned on)
        
        2019-12-31: Turn off gcc 4.2.1 build by default (can be turned on)
        
        2020-03-31: svn rm gcc 4.2.1 and friends
        
        2020-05-31: svn rm all non-clang platforms not supported by in-tree LLVM or
        converted to ext toolchain.
        
        2020-07-31: svn rm all ext toolchain platforms not supported by re@ release
        scripts
        
        The basic notion is that it’s long past time to have a firm plan for EOL
        gcc 4.2.1 in the tree. There is ample external toolchain support today for
        platforms that need it to build images, though that integration with
        buildworld could use some more polish. It’s now completely sufficient to
        move to the next phase of removing gcc 4.2.1 from the tree.
        
        We already have gcc 6.4 as an xtoolchain on amd64 in CI. This should
        somewhat mitigate the risk for cross-compiler portability. This is a
        long-established part of our CI. We want to retain gcc support for modern
        versions of gcc since its debuggability is higher. Notifications for this
        are currently turned off, but will be enabled soon. It’s expected that this
        always will be working later in the year. We’ll work to update the
        committers guide to reflect this, as well as give a recipe for testing.
        
        The first phase will be at the end of the month. We’ll turn off -Werror on
        gcc 4.2.1 (and MFC it to stable/11 and stable/12). We’ll then stop building
        all platforms that require it as part of CI. New warnings will come up, but
        will no longer waste developer time in trying to fix. Gcc 4.2.1 platforms
        will no longer be built as part of universe, unless you add
        -DMAKE_OBSOLETE_GCC is added to the command line. We plan on implementing
        this by 2019-08-31.
        
        An experimental branch will be created that will remove gcc related bits to
        expose gaps in planning and to come up with a list of action items needed
        to ensure Tier 1 platforms are unaffected by the gcc removal. The timeline
        for this is by the end of September.
        
        Next, we’ll turn off building gcc by default. This will effectively break
        all gcc platforms with in-tree compilers. The external toolchain support we
        have will suffice here, and patches will be accepted for whatever
        integration are needed for these platforms with our current ports /
        packages. The onus for these changes will be squarely on people that want
        the platforms to continue. However, as a stop-gap gcc building can be
        turned on for those people transitioning gcc-only platforms until gcc 4.2.1
        is removed. This will happen on or about 2019-12-31.
        
        After a 3 month transition period, gcc 4.2.1 will be removed from the tree.
        This will be done on or about 2020-03-31.
        
        After an additional 2 month transition period, all those platforms that
        have not integrated with the FreeBSD CI system, work in a make universe
        with the proper packages installed, and are shown to boot on real hardware
        will be removed from the tree. This will happen on or about 2020-05-31.
        
        After an additional 2 month grace period, those platforms that require
        external toolchain integration that aren’t supported by the release
        engineer’s release scripts will be removed. This  will happen on or about
        2020-07-31.
        
        The timeline gives powerpc, mips, mips64, and sparc64 9 months to integrate
        either into an in-tree compiler, or to have a proven external toolchain
        solution. This is on top of the many-years-long warnings about this being
        the end game of the clang integration.
        
        This is the proposed timeline, but should there be a significant issue
        that’s discovered, the timeline can be amended.
        
        Also note: the all toolchains in tree discussions are specifically out of
        bounds here. Let’s remove one compiler and get the infrastructure needed to
        make external toolchains robust before embarking on that discussion.
        
        Comments?
        
        Warner
        
      • FreeBSD 13 Is Preparing To Finally Retire GCC 4.2

        A firm timeline has been established for removing GCC 4.2.1 before next year’s FreeBSD 13 release. This timeline includes dropping GCC 4.2.1 from continuous integration builds at the end of the month and turning off GCC 4.2.1 from universe by default. At the end of the calendar year they will turn off GCC 4.2.1 by default and at the end of March is when they will remove the compiler code entirely from their SVN. Next May they also intend to drop non-Clang platforms that are not supported by the in-tree LLVM or converted to an external toolchain.

      • Designing Continuous Build Systems: Handling Webhooks with Sanic

        After covering how to design a build pipeline and define build directives in the continuous builds series, it’s time to look at handling events from a code repository.

        As internet standards evolved over the years, the HTTP protocol has become more prevalent. It’s easier to route, simpler to implement and even more reliable. This ubiquity makes it easier for applications that traverse or live on the public internet to communicate with each other. As a result of this, the idea of webhooks came to be as an “event-over-http” mechanism.

  • Leftovers

    • Security (Confidentiality/Integrity/Availability)

      • The Impending Demise of “PGP & GPG”

        My No Starch books normally sell out their print run, get reprinted a few times, and fade into Out Of Print status. But PG3 never sold out its initial print run.

      • Down the Rabbit-Hole…

        It took a lot of effort and research to reach the point that I could understand enough of CTF to realize it’s broken. These are the kind of hidden attack surfaces where bugs last for years. It turns out it was possible to reach across sessions and violate NT security boundaries for nearly twenty years, and nobody noticed.

        Now that there is tooling available, it will be harder for these bugs to hide going forward.

      • Flaws in 4G Routers of various vendors put millions of users at risk

        “Those manufacturers who are going to be selling 5G routers are currently selling 3G and 4G routers. Which – and I really cannot stress this enough – are mainly bad.”

      • Hack in the box: Hacking into companies with “warshipping”

        Penetration testers have long gone to great lengths to demonstrate the potential chinks in their clients’ networks before less friendly attackers exploit them. But in recent tests by IBM’s X-Force Red, the penetration testers never had to leave home to get in the door at targeted sites, and the targets weren’t aware they were exposed until they got the bad news in report form. That’s because the people at X-Force Red put a new spin on sneaking in—something they’ve dubbed “warshipping.”

        Using less than $100 worth of gear—including a Raspberry Pi Zero W, a small battery, and a cellular modem—the X-Force Red team assembled a mobile attack platform that fit neatly within a cardboard spacer dropped into a shipping box or embedded in objects such as a stuffed animal or plaque. At the Black Hat security conference here last week, Ars got a close look at the hardware that has weaponized cardboard.

      • These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer

        It looks like an Apple lightning cable. It works like an Apple lightning cable. But it will give an attacker a way to remotely tap into your computer.

      • Nmap Defcon Release! 80+ improvements include new NSE scripts/libs, new Npcap, etc.

        Nmap 7.80 source code and binary packages for Linux, Windows, and Mac are available for free download from the usual spot: [...]

      • Microsoft Warning Impacts 800M Windows 10 Computers

        Microsoft has warned users of ‘critical’ new vulnerabilities across all versions of Windows which have the potential to spread worldwide…

      • We checked and yup, it’s no longer 2001. And yet you can pwn a Windows box via Notepad.exe

        Software buried in Windows since the days of WinXP can be abused to take complete control of a PC with the help of good ol’ Notepad and some crafty code.

        On Tuesday, ace bug-hunter Tavis Ormandy, of Google Project Zero, detailed how a component of the operating system’s Text Services Framework, which manages keyboard layouts and text input, could be exploited by malware or rogue logged-in users to gain System-level privileges. Such level of access would grant software nasties and miscreants total control over, and surveillance of, the computer.

        The flaw, designated CVE-2019-1162, is patched in this month’s Patch Tuesday release of security fixes from Microsoft. The relevant update should be installed as soon as possible.

      • No, Zwift Racing Wasn’t Hacked. Yet. Sorta. Let Me Explain.

        One of the most well-known conferences from a lore standpoint is Def Con, but there are also many other huge ones such as BlackHat, SANS, and RSA, and other vendor-specific ones like BlueHat (run by Microsoft for Microsoft technologies) or government-specific ones. Again, in general the goal of these summits is to learn about security and improve security practices.

        This past Sunday at Def Con (considered one of the more rambunctious events on the circuit) a presentation was given around Zwift and ‘hacking’ it – titled “Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks”. Now one has to understand that while in the ‘mainstream’ the term ‘hacking’ is usually akin to ‘breaking’, in the computer world, the term ‘hacking’ is often a bit more nebulous. Sometimes used interchangeably with ‘tweaking’ or ‘optimizing’, and sometimes used in the less ideal variant such as ‘credit cards were hacked’. So one has to take any usage of that term with a bit of sanity check to see what’s going on.

      • Protecting your organization against privileged identity theft

        What do the top data breaches of the 21st century have in common? Privileged identity abuse. In these breach instances, well-resourced, external actors were able to gain the credentials of users with access to privileged accounts – such as administrative, service or operational accounts – giving them the ability to collect and exfiltrate industrial-scale amounts of data.

    • Defence/Aggression

      • Rattling the Nuclear Cage: India, Pakistan, Israel, Iran and the US

        We like our anniversaries in blocks of 50 or 100 – at a push we’ll tolerate a 25. The 100th anniversary of the Somme (2016), the 75th anniversary of the Battle of Britain (2015). Next year, we’ll remember the end of the Second World War, the first – and so far the only – nuclear war in history.

      • China Hysteria Down Under

        The blinkered security establishment is standard fare in politics. From Washington to Manila, we hear of terrors and concerns which tend to more spectral than not. Legitimate concerns such as catastrophic environmental failure, or a nuclear accident, are treated with a sigh, its warners doomsday advocates rather than reasoned citizens. It is the unseen demon that preoccupies.

      • Russian Blast Points to Danger of New Nuclear Arms Race

        On Thursday August 8th, an explosion at the Nenoksa Missile test site in northern Russia during testing of a new type of nuclear propelled cruise missile resulted in the death of at least seven people, including scientists and was followed by a spike in radiation in the atmosphere.

      • Chinese intervention in Hong Kong would be a ‘catastrophe,’ says ex-governor Chris Patten

        Patten told BBC Radio 4’s Today programme that Hong Kong was “close to the abyss”, because its leader Carrie Lam refused withdraw a controversial extradition bill and hold an inquiry into the reasons for the ongoing demonstrations and the way they have been policed.

    • Transparency/Investigative Reporting

      • I’m a journalism student in an era of closing newsrooms, ‘fake news.’ But I still want in.

        Journalism jobs are vanishing and the industry is changing, but I still want in.

        A few days after I asked investigative journalist and University of Michigan professor Will Potter for advice on entering the journalism industry, he tweeted that our conversation forced him to escape to the woods. Talking about the state of the journalism industry had literally made him sick.

        That wasn’t exactly the response I expected when I set out to write about why young journalists like me want to pursue a career in journalism. I came into it with a wide-eyed attitude and, though Potter hasn’t changed my mind, he has wisened me up to the stakes.

      • On Banning Terrorist Boots: This Is What Occupation Looks Like

        In its latest, greatest victory, Israel’s COGAT, the bureaucratic arm of the Occupation, just announced it has confiscated several dozen pairs of hiking boots “hidden in a shipment of civilian goods in an attempt to smuggle them into Gaza for terrorist purposes” – news breathlessly reported in the Israeli press with, “Battling Gaza Terrorists On a New Front.” COGAT, for Coordination of Government Activities in the Territories, tweeted the find complete with stark photos of… shoes…and the sinister warning, “This is another miserable and failed attempt by terrorist groups in Gaza to hide behind the civilian population…The more these attempts continue, the more security and stability are compromised.” That’s the “security and stability” of the world’s largest open-air prison, where millions lack water, power, housing and other necessities, up to 70% of people are unemployed, and the still-rubble-strewn streets are filled with groups of young amputees on crutches thanks to the Israeli military’s deliberate shooting of unarmed young men in the legs – a practice an IDF spokesman says represents “the minimal use of force possible.” Since the 2018 start of Great March of Return protests, that restraint has killed 300 Palestinians and injured over 31,000, some as young as 13; over 7,000 have been shot, mostly in the lower legs. The UN estimates 1,700 of those need complex surgeries to walk again; due to lack of funding and medical care, they will likely face amputations instead. Under international law, Israel has now committed 31,000 more war crimes.

      • Russian senator breaks with political establishment and criticizes Moscow’s police crackdown on protesters

        On August 12, Vyacheslav Markhaev wrote on his Instagram page: “Instead of hearing out [protesters’] claims by organizing a dialogue, the administration found it easier to rely on force that was excessive in many cases.” The text was remarkable because Makhaev is a member of Russia’s Communist Party and a sitting senator in the Federation Council, as well as a former riot-police commander with 27 years of service. He says the actions of police officers and National Guard troops in Moscow in recent weeks has been “unlawful and professionally illiterate.” Makhaev’s comments about Moscow’s protests are sharply at odds with statements from other lawmakers. For example, Andrey Klimov, a fellow senator and chairman of Russia’s State Sovereignty Protection Commission, has accused the West of inciting activists. Communist leader and State Duma deputy Gennady Zyuganov, meanwhile, says the protests in the capital are the “evil grin of orange shenanigans” (referring to political unrest in Ukraine more than a decade ago). Meduza special correspondent Kristina Safonova asked Senator Markhaev why he’s decided to speak out in support of Moscow’s protesters, despite the hard-line positions of his colleagues and fellow party members.

    • Environment

      • Old Sailor Logs Show How Frighteningly Fast the Arctic Is Losing Ice

        When scientists report trends in Arctic sea ice, they tend to focus on the satellite era, or 1979 onwards. Research published last month in the Journal of Climate is helping extend those records back to the early 20th century. While it’s not the first attempt to do so, the study makes use of a novel dataset of ships’ logs that volunteers are digitizing from records held in the National Archives as part of the Old Weather project.

      • One in 4 people live in places at high risk of running out of water

        The world is facing a water scarcity crisis, with 17 countries including India, Israel and Eritrea using more than 80 percent of their available water supplies each year, a new analysis finds. Those countries are home to a quarter of the world’s 7.7 billion people. Further population rise or dwindling water supplies could cause critical water shortages, the researchers warn.

      • In Echo of Flint Lead Crisis, Newark Offers Bottled Water

        For nearly a year and a half after high lead levels were first discovered in the water system, Mr. Baraka and other officials blamed aging lead pipes, insisting on the city’s website that the water was “absolutely safe to drink.”

        But Newark changed course after a study found that lead was leaching into the water because of ineffective corrosion treatment at the city’s Pequannock plant. Last year, lead levels in more than half the samples tested at homes served by the plant exceeded the 15 parts per billion standard.

      • Zambia Urged to Declare Emergency After Worst Drought Since 1981

        A Southern Africa Development Community report last month forecast 2.3 million Zambians will be food insecure by March, after large parts of the southern and western areas of the country received the lowest rainfall since at least 1981. Over the same period, the report forecast Zambia would have an 888,000-ton cereal deficit.

        The government says it has enough corn, the staple food, to last until the next season and won’t need to import.

      • Power-Starved Zimbabwe, Zambia Face Further Drought-Induced Blackouts

        The Kariba dam that straddles Zambia and Zimbabwe, the world’s biggest man-made reservoir, is emptying fast, sparking fears the countries may have to cut hydropower production there completely.

      • Oregon Republicans End 9-Day Walkout as Climate Bill Fails

        Republican lawmakers returned to the Oregon Senate on Saturday, ending an acrimonious nine-day walkout over a carbon-emissions bill that would have been the second-such legislation in the nation.

        The boycott had escalated when the Democratic governor ordered the state police to find and return the rogue Republicans to the Senate so the chamber could convene, and a counter-threat by one GOP senator to violently resist any such attempt. Senate Republicans fled the state to avoid being forcibly returned by the Oregon State Police, whose jurisdiction ends at the state line.

        Democrats have an 18 to 12 majority in the Senate but need at least 20 members — and therefore at least two Republicans — to vote on legislation.

        Nine minority Republicans returned to the Senate on Saturday after Senate President Peter Courtney said the majority Democrats lacked the necessary 16 votes to pass the legislation aimed at countering climate change.

        Sen. Sara Gelser, a Democrat from the college town of Corvallis, said the demise of the cap-and-trade bill has deeply upset many constituents.

      • Energy

        • Adani Beware: Coal Is on the Road to Becoming Completely Uninsurable

          The announcement by Suncorp that it will no longer insure new thermal coal projects, along with a similar announcement by QBE Insurance a few months earlier, brings Australia into line with Europe where most major insurers have broken with coal.

          U.S. firms have been a little slower to move, but Chubb announced a divestment policy in July, and Liberty has confirmed it will not insure Australia’s Adani project.

          Other big firms such as America’s AIG are coming under increasing pressure.

      • Wildlife/Nature

        • Proposed California Law Would Punish Companies for Failing to Limit Harm to the Planet’s Forests

          In an effort to cut carbon emissions and forestall the climate crisis, California legislators are pushing a new law aimed at helping limit deforestation around the globe.

          The proposed bill, called the California Deforestation-Free Procurement Act, or AB 572, would require companies that contract with the state to certify that their products do not cause the cutting of sensitive tropical forests or the destruction of boggy peatland soils in tropical regions — both of which contain enormous stores of carbon dioxide.

        • Sea Level Rise!

          Sea level has been stable, at current levels, throughout recorded history for 5,000 years. That’s about to change. Still, it’s very difficult for people to imagine a change in sea level after 5,000 years of rock solid stability.

    • Finance

      • In a Tight Labor Market, the Profit Share of Income is Falling

        Last month’s GDP report also included revisions to previously reported profit data for the last three years. The earlier reports showed a slight increase in the profit share in 2018; the revised data showed that the profit share of corporate income had fallen by 0.4 percentage points from the prior year. This is important both because it means that workers are now clearly getting their share of the gains from growth and also because of what it tells us about the structure of the economy.

      • Sen. Elizabeth Warren: We Need to Make Structural Changes to Our Government & Economy

        Senator Elizabeth Warren pushed for structural changes to the U.S. government in Wednesday’s presidential debate, saying she would make college free and eliminate private insurance altogether. We speak with Anand Giridharadas, editor-at-large at Time magazine and author of Winners Take All: The Elite Charade of Changing the World, about Warren’s debate performance and the issues facing the 2020 candidates. He joins a roundtable discussion with Sunrise Movement co-founder Varshini Prakash, She the People founder Aimee Allison and Ana María Archila, co-executive director of the Center for Popular Democracy.

    • AstroTurf/Lobbying/Politics

      • The Myth of the Rugged Individual

        Let’s stop perpetuating this myth of the self-made individual. And let’s start rebuilding the American dream by creating opportunities for all, not just those who are already wealthy, privileged, and well-connected. 

      • The British Still Haven’t Learned the Lessons of the Troubles

        Fifty years ago, the Battle of the Bogside in Derry between Catholics and police, combined with the attacks on Catholic areas of Belfast by Protestants, led to two crucial developments that were to define the political landscape for decades: the arrival of the British army and the creation of the Provisional IRA.

      • [Old] Reporters Committee urges prison to allow Reality Winner interviews

        In a letter sent May 29, the Reporters Committee for Freedom of the Press urged a Texas prison warden to allow journalists to interview Reality Winner, the first person under the current administration to be sentenced to prison under the Espionage Act for leaking classified information to a news outlet.

        Last year, Winner pled guilty to leaking a classified National Security Agency report that described a Russian cyberattack on a U.S. voting software supplier to a news outlet. Her prison sentence — five years and three months — is the longest a journalistic source has received under the Espionage Act.

      • Greens say withdrawal of UK staff from Brussels is ‘dereliction of duty’

        Responding to reports that Prime Minister Boris Johnson is planning to pull UK officials from meetings in Brussels (1),

        Green Party Deputy Leader Amelia Womack said:

        “The plans would constitute a complete dereliction of duty by the Government that will consciously fail to perform its basic functions.”

        “Once again it is clear that for propagandistic reasons the Prime Minister would risk the security of our country and our standing in relation to our natural allies.

        “Brexit was never presented as a diminishment of our status in the world. Every day we are safer as a country as a result of the exchange of information with our EU allies.”

        “The EU has always been at the forefront of consumer protection, it would be a mistake to abandon those standards.”

      • Media Defend Biden by Attacking Dems for ‘Attacking’ Obama

        Coming out of the second round of Democratic debates, a curious storyline crystallized in the media: The candidates are attacking Obama, and that’s a sure-fire way to hand the election to Trump. It’s the latest flavor of “the Democrats are moving too far left” (FAIR.org, 7/2/19)—this time echoing both Trump himself and the right-wing Democratic candidates, including former Obama Vice President Joe Biden.

        During the first debate, Rep. John Delaney pitched the story, claiming, “Most of the folks running for president want to build economic walls to free trade and beat up on President Obama.” Biden’s team was also quick to hype the story after his own appearance in the second debate. The Washington Post‘s Steven Stromberg (7/31/19) quoted one of his advisers immediately after the debate: “Many people on this stage spent more time attacking Obama than they did Trump. I think Democratic primary voters will make a judgment about this.”

      • How Wavering Democrats Bought Into Kochs’ Free Trade Scheme

        When George Soros and Charles Koch announced in July that they are partnering to create a think tank dedicated to ending the United States’ forever wars, Steven Kinzer of The Boston Globe called the idea “one of the most remarkable partnerships in modern American political history.”

        Despite the jarring image of the liberal billionaire joining forces with the radical conservative, the forthcoming Quincy Institute for Responsible Statecraft is not such an anomaly in the history of the Koch family. As Ryan Grim and Andrew Perez explain in a joint report from The Intercept and Maplight, in 2007, Koch Industries “ secretly financed a report by Third Way, a corporate-funded think tank with ties to the centrist wing of the Democratic Party.”

        Grim and Perez’s reporting is based on research from a new book, “Kochland,” by Christopher Leonard, an investigative reporter.

      • Welcome to Ayn Rand’s America

        There’s a direct link between a sociopathic killer in 1927 and the GOP’s willingness to embrace a sociopathic president like Trump. That link runs through the work of Ayn Rand.

        When Donald Trump was running for the GOP nomination, he told USA Today’s Kirsten Powers that Ayn Rand’s raped-girl-decides-she-likes-it novel, “The Fountainhead,” was his favorite book.

        “It relates to business, beauty, life and inner emotions,” he told Powers. “That book relates to … everything.”

    • Censorship/Free Speech

      • Russian diplomats summon U.S. embassy official to complain about Internet posts…

        Russia’s Foreign Ministry has summoned Tim Richardson, the head of the U.S. Moscow Embassy’s Political Section, to question him about a post on the embassy’s website and a tweet by the U.S. State Department’s Travel account on August 2 that showed a map of Moscow’s unpermitted march on August 3.

      • Russia tells Google to block ads for ‘illegal’ protests

        The watchdog, Roscomnadzor, said some entities had been buying advertising tools from YouTube, such as push notifications, to spread information about illegal mass protests, including those aimed at disrupting elections.

      • Dennis Prager Peddles Complete Nonsense About ‘Google Censorship’ In The WSJ

        Another day, another major publication peddling complete and utter bullshit about big internet platforms. The latest is Dennis Prager, whose Wall Street Journal op-ed, Don’t Let Google Get Away With Censorship (possibly paywalled) is so utterly full of wrong that it should maybe be a canonical example of how to bloviate wrongness. The entire premise is bullshit, with most of it focusing on the made up claim that YouTube is somehow censoring Prager’s videos because of his “conservative” viewpoints. We’ve debunked Prager’s arguments in great detail before, but apparently we need to do so again.

        As a quick summary: a very small percentage (less than 12%) of Prager’s videos are put into “restricted” mode. This does not demonetize them. It only means that the very small percentage of people who have opted-in to set up YouTube to not return videos that are inappropriate for children (which is less than 1.5% of YouTube’s users) don’t see that small percentage of YouTube videos in their search results. This includes videos with titles like: “Born to Hate Jews” and “Are 1 in 5 Women Raped at College?” which “includes an animated depiction of a nearly naked man lunging at a group of women.” You might recognize why people at YouTube thought this might not be appropriate for children. But Prager insists that it’s evidence of an anti-conservative bias.

      • NY Times Publishes A Second, Blatantly Incorrect, Trashing Of Section 230, A Day After Its First Incorrect Article

        Last week we wrote about the NY Times having to issue a whopper of a correction on a giant front page of the Business Section, totally false claim, saying that Section 230 “protected hate speech” online — which they later had to edit to note that it was actually the 1st Amendment that protected such speech (and the article leaves out that it’s actually Section 230 that allows websites to remove hate speech). Coming from a paper that, just weeks earlier, had published an editorial mocking politicians for getting 230 wrong, this was kind of embarrassing.

        Even more embarrassing, though, was the day after the NY Times had to totally correct that false article, they ran another blatantly wrong op-ed about Section 230, this one published by Jonathan Taplin, who two years previously had published another op-ed at the NY Times that completely fabricated a bunch of blatant lies about how YouTube and Google operate. You would think that would be enough for the NY Times to maybe think twice about having him publish another op-ed, especially about Section 230 a day after the paper got called out for getting the Constitution wrong. But, nope. Taplin got to publish his anti-Section 230 op ed with no problems, until the NY Times felt the need to issue a correction on that one too.

      • Be Careful What You Wish For In Asking Silicon Valley To Police Speech Online

        We live in a weird moment right now where any piece — no matter how misleading or unhinged — seems to be able to find a publication place so long as it blames basically everything on the big internet companies and demands that they do more (or sometimes less) to stop bad stuff from happening online. There are still a few brave souls out there pointing out how problematic all of this might be, and thankfully the EFF’s executive director, Cindy Cohn, has taken to the pages of Wired to explain why asking the internet to stifle speech online could backfire in a really big way. She notes that it’s a reasonable emotional reaction to mass murdering assholes posting screeds on 8chan to seek to shut the site down entirely, but that comes with serious costs as well.

      • Online Harms: Blocking websites doesn’t work – use a rights-based approach instead

        Blocking websites isn’t working. It’s not keeping children safe and it’s stopping vulnerable people from accessing information they need. It’s not the right approach to take on “Online Harms”.

    • Privacy/Surveillance

      • Cambridge Analytica whistleblower Chris Wylie says data still not safe from tech giants like Facebook

        Cambridge Analytica used the data to influence not only the 2016 US presidential election of Donald Trump, but also the Brexit Leave vote in the United Kingdom.

        Mr Wylie wants people to understand the risks of social media and data manipulation.

      • NatWest trials home banking via Google Assistant smart speaker [iophk: s/speaker/microphone/;]

        The trial will use a combination of voice recognition and a six-figure PIN to authenticate users, enabling customers to find out the details of their bank balances, pending transactions, and recent spending – and nothing else at this stage of the trial.

        Because recent reports have suggested that voice recognition alone could be an unreliable form of authentication, users will additionally need to authenticate by barking out two digits from a six-digit code, provided exclusively for voice assistant banking.

      • Evaluating the NSA’s Telephony Metadata Program

        This paper sheds significant light on all three of these concerns. First, we carefully analyze the numbers, showing how forty orders might lead to the collection of several million CDRs, thus offering a model to assist in understanding Intelligence Community transparency reporting across its surveillance programs. Second, we show how the architecture of modern telephone communications might cause collection errors that fit the reported reasons for the 2018 purge. Finally, we show how changes in the terrorist threat environment as well as in the technology and communication methods they employ ­ in particular the deployment of asynchronous encrypted IP-based communications ­ has made the telephony metadata program far less beneficial over time. We further provide policy recommendations for Congress to increase effective intelligence oversight.

      • The FBI Can’t Get Into The Dayton Shooter’s Phone. So What?

        A high-profile act of violence has brought FBI complaints about device encryption to the surface again. This has been a long-running theme with the agency, one amplified recently by domestic surveillance advocate/Attorney General William Barr. Barr claimed encryption was creating a more dangerous world for everyone. Barr’s claims echoed those of successive FBI directors. Both Barr and Wray continue to talk about device encryption despite having (so far) refused to update the number of encrypted devices the FBI can’t access.

        As Barr warned in his rant against encryption, all it would take is one major attack to sway public opinion to the government’s side.

        [...]

        Then there’s the dishonesty: intellectual and otherwise. Most of what’s offered as arguments for backdoors is intellectually dishonest. The FBI’s failure to inform the American public about the true number of locked devices in its possession is the regular kind of dishonest. So is the assertion made by the FBI that it could be “months or years” before it can access the phone’s contents. Multiple companies offer devices that can (supposedly) bypass any device’s encryption, including the latest iPhones. The FBI and DOJ simply pretend these options don’t exist when talking to Congress, law enforcement agencies, and the general public.

        Every tragedy is an opportunity. The FBI isn’t going to let these pass without attempting to capitalize on them. Unfortunately, it seems our country is capable of generating an endless amount of tragic opportunities. And it only takes one to give the government everything it wants.

    • Civil Rights/Policing

      • Jeffrey Epstein’s Eyes

        Jeffrey Epstein had a collection of eyeballs on his wall. They were originally “made for injured soldiers,” we’re told, which presumably means they were artificial. Each was individually framed and mounted in his entranceway. We’re not told whether any soldiers had the chance to use them first.

      • The Case That Made an Ex-ICE Attorney Realize the Government Was Relying on False “Evidence” Against Migrants

        Laura Peña could see that her 36-year-old client was wasting away. Gaunt and haggard after nearly two months in jail, he ran his fingers through his hair and opened his hands to show her the clumps that were falling out. He was so distraught that his two young children had been taken from him at the border, he could barely speak without weeping.

        After Carlos requested political asylum, border and immigration agents had accused him of being a member of the notorious MS-13 gang in El Salvador — a criminal not fit to enter the United States. But as Peña looked at him, she saw none of the typical hallmarks of gang membership: the garish MS-13 tattoos or a criminal record back home. He was the sole caregiver for his 7-year-old son and 11-year-old daughter. He’d even brought an official letter from El Salvador’s Justice Ministry certifying that he’d never been in jail. Something else about his case bothered her, too: She’d been peppering the government’s lawyers with phone calls and emails for weeks and they’d yet to reveal any evidence to back up their accusation.

      • Trump Called Baltimore “Vermin Infested” While the Federal Government Fails to Clean Up Rodents in Subsidized Housing

        BALTIMORE — President Donald Trump launched a multiday Twitter tirade last month directed at U.S. Rep. Elijah Cummings, sharing video footage of derelict Baltimore neighborhoods and asking why the Democratic congressman wasn’t doing more to address the “disgusting, rat and rodent infested mess” in his district.

        Though Trump didn’t say so, some of the responsibility for any such conditions rests with his own administration. The U.S. Department of Housing and Urban Development has ultimate oversight of nearly 35,000 public housing and federally subsidized rental units in the city, many of which suffer from the squalor the president decried on social media. HUD has known for years of failing conditions in many of them but hasn’t taken steps to ramp up oversight as it has done in other regions, such as New York City.

      • Confounding New Details Emerge in Epstein Case

        One of Jeffrey Epstein’s two guards the night he hanged himself in his federal jail cell wasn’t a regular correctional officer, according to people familiar with the detention center, which is now under scrutiny for what Attorney General William Barr on Monday called “serious irregularities.”

      • Placido Domingo Concerts Canceled as Harassment Probe Opens

        SAN FRANCISCO—Two music companies canceled appearances by Placido Domingo and the Los Angeles Opera said Tuesday it would launch an investigation in response to an Associated Press story in which numerous women accused the opera legend of sexual harassment and inappropriate behavior spanning decades.

      • Top Trump Official Disavows Statue of Liberty Greeting

        Acting Director of U.S. Citizenship and Immigration Services Ken Cuccinelli is under fresh fire on Tuesday after telling NPR in an interview that the famous words engraved on the U.S. Statue of Liberty—based on the poem by Emma Lazarus—should be re-cast with a qualifier when it comes to the kinds of people arriving at the nation’s shores seeking refuge or welcome.

      • Expanding Involuntary Confinement is Not the Answer to Solve Gun Violence

        In the wake of last weekend’s tragic shootings, President Trump did what he does best: stoked fear and cast blame. He proclaimed that  “we must reform our mental health laws to better identify mentally disturbed individuals who may commit acts of violence and make sure those people, not only get treatment, but when necessary, involuntary confinement.”

      • We have Until Aug 13 to Oppose Trump’s Anti-Trans Health Care Plan

        The Trump Administration has shown it will stop at nothing to undermine access to health care for marginalized communities. Most recently, the Administration has proposed to undermine critical protections against sex discrimination in Section 1557 of the Affordable Care Act, the Health Care Rights Law. Instead of combatting discrimination in accessing health care and insurance coverage, the Administration is looking for any opportunity to weaken the Health Care Rights Law’s protections, which have been life saving for many transgender and non-binary people.

      • After the Power of Protest Ousts a Governor, Puerto Rico has a New Leader. For Now.

        Public outcry and protests in Puerto Rico brought on the resignation of Governor Ricardo Rosselló, and the successor he appointed — former politician and lawyer Pedro Pierluisi — had to step down yesterday. The Puerto Rico Supreme Court unanimously decided that appointing Pierluisi as governor without Senate confirmation is unconstitutional. Wanda Vázquez, the former secretary of justice, took the oath as governor before the end of day yesterday. Puerto Ricans are now in a new period of doubt in its leadership, with many wondering how long the seemingly unpopular Vázquez might be governor.

      • They’re Still Dying at an Early Age

        Fast forward thirty years later. I retired from teaching in public schools and learned that the Providence schools were looking for counselors. I put my name in for a position and I was soon called and asked to report to a middle school only a few miles from the school where I had taught in 1969.

        The single day I spent in a counseling role in that school opened my eyes as almost no other experience I had in those decades of teaching. I was assigned to work in a counseling holding room where students who misbehaved spent the day out of class. It was a recipe for disaster because placing so many adolescents in a room for an entire school day was akin to asking a leftist to spend a day trying to reason with all of those doves that Donald Trump claims to have working in his administration.

        During the first hour of that day, two students began prodding a young girl to arrange times after school where she would be available to have sex with people they were lining up. After listening in on the conversation, I called the administrative office to have someone come down to the room to sort out the situation: No one ever showed up.

        Next, a student in the back of the room found some 78 rpm records on a shelf and began breaking them by hurling them across the room. I had never seen this kind of acting out, and thought that I had seen and dealt with everything in several educational roles over many decades.

    • Monopolies

      • Patents and Software Patents

        • Sisvel / Xiaomi – FRAND: Injunction Claim in Summary Proceedings Denied

          While the numerous recent court decisions may suggest so, the ‘F’ in FRAND does not stand for ‘Fashionable’. The reader of this blog, well-informed in patent matters, will know by heart what this acronym spells out. He (or, I say once and for all, she)1 will also know that, next to technical intricacies of assessing the validity of a (portfolio of) SEP – yes, another term of this fine art – FRAND cases add another layer of complexity: what is FRAND? Not the acronym, but in the facts and circumstance of a specific case.

          This question was not answered in a recent judgment in summary proceedings (in Dutch: Kort Geding) between Sisvel and Xiaomi (1 August 2019, Dutch version here). The Preliminary Relief Judge – who is not known to shy away from complex cases, even in summary proceedings – did not touch upon the What is FRAND? question. Sisvel’s claim for an injunction under its SEP patents was already denied due to a lack of urgent interest.

          [...]

          Disclaimer: This author’s firm represented Xiaomi in this case.

        • Our Product is Lossy and Slow — Therefore we Don’t Infringe

          Iridescent’s patent covers a method of providing “high quality” bandwith “on demand” using custom routes (rather than ad hoc packet-by-packet routing) to maximize the availability of bandwidth, minimize packet loss, and reduce latency.

          On appeal, the main issue was the meaning of “high quality” network service as used in the claims. AT&T argued particularly that the term should be defined as having a connection speed of >= 1 mbps; packet loss <= 0.0001%; and latency of < 1 second. Under that definition, everyone agreed that AT&T’s service was not “high quality.”

          On appeal, the Federal Circuit agreed. Although the patent does not define “high quality,” it did provide a chart that appeared to delineate between some services that are high quality and those that are not.

          [...]

          Thus, the decision here provides some caution and guidance to patent prosecutors using “coined terms:” (1) even if your term uses “ordinary words” it can be considered coined if it lacks an “ordinary and customary meaning” in the art; (2) the court is more willing to look to prosecution history to understand the meaning of a coined term.

      • Trademarks

        • Brewery In Wales Changes Name Of 2 Beers After Fight With Hugo Boss

          For some time now we’ve discussed in a series of posts the trademark fallout that has hit the craft brewing industry. With the explosion of this industry throughout the world, the once-congenial attitude breweries had towards intellectual property concerns has slipped away, replaced by both aggression when it comes to protecting IP and the threat of aggressive action from those outside the industry, given the amount of money being made in brewing. It’s been sad to see and it has frankly led to some of the silliest IP disputes I’ve ever seen.

          As in any other industry, however, the truly frustrating stories when it comes to trademark disputes in the brewing business involve those outside the industry initiating conflict where it doesn’t belong. The most recent example of this is Boss Brewing having to change the name of a couple of its beers after being bullied by Hugo Boss, the upscale clothier.

      • Copyrights

        • Top University Of California Scientists Tell Elsevier They’ll No Longer Work On Elsevier Journals

          Last week we highlighted the ongoing dispute between academic publishing giant Elsevier and the University of California (UC) system. Earlier this year, UC cancelled its contract with Elsevier, after the publishing giant — which gets nearly all of its content and labor for free, but charges insane prices for what is often publicly funded research — refused to lower prices or to work with the UC system on moving to an open access approach. Last week, we covered how Elsevier had emailed a bunch of UC folks with what appeared to be outright lies about the status of negotiations between the two organizations, and UC hit back with some facts to debunk Elsevier.

        • Leadership Transitions at Creative Commons

          Today Creative Commons CEO Ryan Merkley is announcing the conclusion of his five years of leadership of the organization. As he describes in his personal message, he is stepping down as CEO to start a new position at Wikimedia. We are thankful to Ryan for his five years of leadership at CC and excited for him and the Commons that he will continue as a leader in the open knowledge community. We are all very proud of Creative Commons’ accomplishments during the past five years—including redesign of our global network, launch and development of the CC Certificate program, and our new search engine—which provides a welcoming front door to the commons.

          In other leadership news, I am delighted to announce today the appointment of four new members of the Creative Commons Board of Directors. Carolina Botero, Bilal Randeree, Alek Tarkowski, and Alexander Macgillivray are all longtime members of the CC community. Each of them brings incredible expertise and insight to this new role with the organization, as the bios below illustrate. Carolina, Bilal, and Alek have begun their CC board service, while Alex will begin his term in January 2020. All of us at Creative Commons are thrilled to start working with these outstanding CC community members in this new capacity.

          Two of the touchstones of the organizational strategy that has driven our recent work have been gratitude and collaboration. On behalf of the Creative Commons Board of Directors, I want to express my sincere gratitude for Ryan’s service to our organization and mission. Looking to the future, we are excited about the opportunities for collaboration we will have with Ryan in his new role. I am also grateful to our new board members for their willingness to serve, and I’m excited to collaborate with them and with the global Creative Commons community on the process of searching for a new leader for CC as we enter our third decade. We will soon be announcing details about that search process and inviting community input. In the meantime, my board colleagues and I are working closely with CC’s dedicated management team to ensure continuity and momentum for our important work.

        • Moving on from Creative Commons

          I have some bittersweet professional news to share. I will be stepping down from my position at Creative Commons and joining the Wikimedia Foundation as Chief of Staff. Leading Creative Commons has been the most challenging and rewarding role of my career. It has been a privilege to do this work, and together we’ve had some incredible accomplishments. I’m deeply grateful for the opportunity to work with such a dedicated and professional staff, and a caring and driven community — I deeply believe that our collaborative efforts are the reason for every success we’ve had. I’m excited to continue working on issues that I care about in the open community. And I’m excited to continue working collaboratively with the CC team as a community member and partner.

          Looking back on five years as CC’s CEO, I believe that the organization is in a stronger position than it has ever been. CC’s focus is clear, building a vibrant, usable commons powered by collaboration and gratitude through community support and training, product development and partnerships, and engagement.

          Operationally, CC has an inspired and driven management team, with exceptional staff leading all aspects of our operations and programs. They are some of my favorite humans, and it’s been a joy to work with them. The team is guided by a multi-year strategy and collaboratively developed goals that support accountability and transparency. Financially, the organization has established a meaningful reserve upon which it can draw, secured partnerships with new multi-year funders, and initiated a strategy to secure multi-year relationships that has been embraced by the Board and is being executed upon by CC’s senior management.

        • Zomato delivery boys refuse to deliver beef and pork as it hurts their ‘religious sentiments’

          Raged by the hypocrisy, people had slammed Zomato for the stark contrast in the manner in which it deals with the grievances of different religious communities. Customers pointed out how Zomato customer care which had offered a moral science lecture to the Hindu customer, was seen prostrated before one community for Halal meat.

        • Why the Jeffrey Epstein Investigation Is Not Over

          Federal prosecutors and F.B.I. agents who built the case against Mr. Epstein will turn their attention to people whom his accusers have said participated in a scheme that dates back more than a decade and involved the sexual exploitation of dozens of underage girls.

          That could include a circle of close associates whom accusers said helped recruit, train and coerce them into catering to Mr. Epstein, a wealthy financier.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 22/10/2019: MX-19, Tails 4, Mesa 19.1.8 Released

    Links for the day



  2. “Stallman Was Right” is Not Just a Meme as It's Usually True

    The track record of Stallman isn't immaculate, but it's exceptionally good if not impressive



  3. EPO Diplomatic Immunity

    What people can get away with at the European Patent Office (EPO) if their name is Battistelli or António Campinos



  4. Dr. Ingve Björn Stjerna Reveals How the German Government Actively Ignored SMEs to Push the Notorious 'Unitary Patent' Sham

    Turning European Patents (which are no longer good patents but expensive or overpriced patent monopolies — patents which European courts will likely reject) into “unitary” ones (i.e. enforceable EU-wide with one legal action) would harm wrongly-accused parties that mostly or only operate in one single country, overriding the authority of those parties’ national laws and courts



  5. Links 22/10/2019: Pacman 5.2, Shame of Disney+ DRM, Microsoft's DRM Scheme, Microsoft Reprimanded for Privacy Abuses

    Links for the day



  6. Patents Need to Exist Only to Pass Information Around and Keep Good Ideas Alive, Not to Feed Litigation Firms and Litigation 'Enthusiasts'

    The current situation or the status quo where legal professionals are advised not to even look at patents means that patents aren’t for “information” and “innovation” anymore; moreover, calling them “intellectual property rights” (or IPRs) is spreading a malicious lie



  7. IRC Proceedings: Monday, October 21, 2019

    IRC logs for Monday, October 21, 2019



  8. SUEPO Protest Tomorrow. All EPO Staff in Munich Ought to Attend and Prepare to Strike Too.

    Tomorrow’s planned protest should be a bridge towards a full strike, which takes more time to plan for and get authorisation for (because of increasingly strict restrictions)



  9. Looking for Explanations About Samsung's DeX and Other FOSS Initiatives Being Canned

    DeX was primarily a threat to the desktop/laptop monopoly of Microsoft, so its sudden abandonment — without even an explanation — continues to attract speculations



  10. EPO Will Need a Lot More Than Photo Ops and Hoax 'Studies' to Restore the Perception of Lawfulness

    Battistelli‘s illegal attacks on European Patent Office (EPO) judges have tarnished any impression that the EPO serves justice and the current regime torpedoes an assessment of these attacks; EPO workers understand that to follow guidelines from the management may be a breach of the EPC



  11. Links 21/10/2019: More on DeX, Disney DRM and Linux 5.4 RC4

    Links for the day



  12. GNU/Linux is Bigger Than Ever (Used More Than Ever Before), But Communication Means and Brands Have Changed

    The GNU/Linux market is alive and healthy; it's how we measure its health that ought to adapt because things are constantly changing, more rapidly in the realm of technology than anywhere else



  13. IRC Proceedings: Sunday, October 20, 2019

    IRC logs for Sunday, October 20, 2019



  14. Samsung Does Not Say Why It's Dropping DeX, But the ASUS EEE Story Might Offer Clues

    It's not at all outlandish or unreasonable to suggest that Microsoft used patents or bribes or kickbacks as incentives for Samsung to abandon GNU/Linux as a desktop platform



  15. EPO: It's Only Getting Worse

    Inhaling Seagull meme for EPO presidents



  16. It Has Begun: EPO Staff Protests Against António Campinos (Starting Wednesday)

    Wednesday marks the resumption of EPO protests; it’s happening for the first time under Campinos and only a year after he took Office. Even Battistelli, the notorious thug, lasted longer before such escalations/actions or — put another way — he did better than that (if one checks the timeline of his presidency)



  17. Links 20/10/2019: GNU/Linux at Penn Manor School District, Wine-Staging 4.18, Xfce 4.16 Development, FreeBSD 12.1 RC2

    Links for the day



  18. Guest Post: Understanding Autism for More Complete Inclusion

    "...assuming that autistic people are all the same isn't only technically wrong, it is misleading and leads to harmful and needless misunderstandings."



  19. Guest Post: Free Software Freedom is Not a Freedom of Choice

    The concept of "Freedom of Choice" and how the ruling class uses it to give a false impression of "Freedom"



  20. Guest Post: Free Software Developers and Pursuing 'Market Share'

    "The only people interested in software freedom are (almost always) free software developers. And users are interested in freedom to a very limited extent: the "free beer" side. Even many free software developers are only interested in the "free beer" part of free software."



  21. The Assertion That Microsoft Uses Communist Tactics Against GNU/Linux and Free/Libre Software

    A study of Taistoism might help understand how Free/libre software is being undermined



  22. European Patent Office and US Patent and Trademark Office Cranks Discovered Buzzwords, Stopped Worrying, Started Granting Patents They Know to be Fake

    The world's patent repositories are being saturated with loads of junk patents or patents that have no legal bearing but can still be leveraged for extortion purposes; the EPO is resorting to lies and artificially-elevated buzzwords to justify granting such fake (yet ruinous) patents



  23. IRC Proceedings: Saturday, October 19, 2019

    IRC logs for Saturday, October 19, 2019



  24. “The True Hypocrite is the One Who Ceases to Perceive His Deception, the One Who Lies With Sincerity,” Said André Paul Guillaume Gide (Nobel Prize in Literature)

    Lies flow like water in the realm of EPO and its publishers, whose sole role is dissemination of deliberate falsehoods, misnomers and misinformation



  25. The EPO Cannot Guard Fake European Patents From Scrutiny (in the Long Run)

    Legal certainty associated with newly-granted European Patents is already pretty low and as long as the EPO refuses to acknowledge that its courts (or boards) lack autonomy the EPO merely brushes a growing problem under the rug



  26. Links 19/10/2019: DeX Discontinued, DXVK 1.4.3 and Wine 4.18 Released

    Links for the day



  27. 'Corporate Linux' Will Not Protect Software Freedom

    The corporate model is inherently not compatible with software that users themselves fully control (or Software Freedom in general), so we must rely on another model of sovereignty over code and compiled code (binaries)



  28. IRC Proceedings: Friday, October 18, 2019

    IRC logs for Friday, October 18, 2019



  29. 26,000 Posts

    We want to thank those who help spread the word; it gives us moral support and morale.



  30. The Myth of 'Analysts'

    People with exaggerated roles (exaggerated by corporate media and corporations that control them) distort public perceptions about their clients; they're in effect just elevated marketing or Public Relations (PR) operatives


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts