Bonum Certa Men Certa

Links 20/8/2019: KMyMoney 5.0.6, Kdenlive 19.08



  • GNU/Linux

    • Desktop

      • System76 announce their own graphical Firmware Manager

        System76, the company known for their Linux hardware and the Pop!_OS Linux distribution recently announced their new Firmware Manager.

        Supporting their own Pop!_OS as well as other Debian-based distributions like Ubuntu, their firmware tooling is aimed at easing the update process for users. Developed due to a "lack of options for graphical frontends to firmware management services", since previous tools for LVFS (Linux Vendor Firmware Service) relied on GNOME Software or KDE Discover "which is not viable for Linux distributions which have their own application centers, or frontends to package managers".

        They've created a GTK application for other distributions to use, as well as widget library with it integrated into GNOME Settings. They do say that the core of the framework is "toolkit-agnostic", enabling frontends to be written in any toolkit. System76 said their new Firmware Manager project supports updating from both LVFS and system76-firmware, along with being compatible with Wayland.

      • System76 Unveils Graphical Firmware Updater for All Debian-Based Linux Distros

        American computer manufacturer System76 announced a new, cross-platform graphical utility that promises to make checking and updating your computer's firmware a lot more easier.

        The Firmware Manager project is System76's latest toy for the company's in-house built, Ubuntu-based Pop!_OS Linux distribution, but also compatible with any Debian-based GNU/Linux distro out there. Backed by the fwupd and system76-firmware CLI tools, the Firmware Manager utility will integrate into the GNOME Settings panel for easier firmware updating.

        "One of the issues we faced with firmware management on Linux was the lack of options for graphical frontends to firmware management services like fwupd and system76-firmware," said System76.

      • System76 Still Aiming To Be The Apple Of The Linux Space With Software & Hardware

        System76 continues doing much more work on software these days as well as expanding their own hardware manufacturing capabilities. This is much more than they did a decade or even several years ago when they were just selling PCs/laptops pre-loaded with Ubuntu. As summed up by System76 founder and CEO, Carl Richell, their end game is much more Apple-esque.

        Following their announcement on Saturday of their new System76 Firmware Manager project, Carl tweeted, "This work continues our transition from a hardware company shipping a distro to a hardware company providing an integrated, holistic hardware and OS product. Still a lot of work ahead of us but manufacturing, open firmware, and Pop!_OS are pulling together."

      • Google brings Linux app support to some older Chromebooks (including Chromebook Pixel 2015)

        Chrome OS started out as a browser-based operating system that could run web apps only. Eventually Google added support for Android apps, and then for Linux apps, making Chromebooks more useful as general-purpose laptops.

        But while most new Chromebooks feature out-of-the-box support for Android and Linux apps, many older models do not… and it looked like they never would.

        It turns out that may not be true after all: 9to5Google reports that Google seems to be testing an update that would bring Linux app support to the 2015 Chromebook Pixel, along with a number of other models released that year.

      • 2015 Pixel and eight other Chromebooks land Linux apps

        At the center of “kernelnext” is the iconic Pixel Chromebook 2015. Although nearing its end of life, Google’s second iteration Chromebook is still a powerful device with a timeless design. It is fitting that users of the $1000+ Pixel should get a little bit of love from developers and the addition of Linux apps should be a reason to rejoice. A recent report from Kyle Bradshaw reveals that some users are starting to see the “kernelnext” update on their devices which has allowed them to enable the experimental flag that activates Crostini.

      • Your Older Chromebook, Chromebox, Or Chromebase Will Run Linux Soon

        The ability to use Linux on a Chromebook is going to be the norm from this year forward but now at least eight much older devices are gaining that capability too. Code changes associated with the change were first spotted under the 'KernelNext' project codename earlier this year. But that change is now rolling out to no fewer than eight devices.

        Among Chrome OS gadgets receiving the update are three Chromebox PCs, one Chromebase all-in-one, and four Chromebooks. The first and likely biggest of those updates is already shipping now for Google's Pixel Chromebook. Acer's C670 Chromebook 11 and Chromebook 15 — codenamed Paine and Yuna — as well as Dell's Chromebook 13 7310 and Toshiba's Chromebook 2 — codenamed Lulu and Gandof will see the update soon too.

        For alternative Chrome OS hardware, Acer's Chromebox CXI2, the ASUS Chromebox CN62, and the Lenovo ThinkCentre Chromebox — Rikku, Guadu, and Tidus — are included in the list. Finally, Acer's Chromebase 24 — codenamed Buddy — rounds out the list.

    • Server

      • Replicating Particle Collisions at CERN with Kubeflow

        This is where Kubeflow comes in. They started by training their 3DGAN on an on-prem OpenStack cluster with 4 GPUs. To verify that they were not introducing overhead by using Kubeflow, they ran training first with native containers, then on Kubernetes, and finally on Kubeflow using the MPI operator. They then moved to an Exoscale cluster with 32 GPUs and ran the same experiments, recording only negligible performance overhead. This was enough to convince them that they had discovered a flexible, versatile means of deploying their models to a wide variety of physical environments.

        Beyond the portability that they gained from Kubeflow, they were especially pleased with how straightforward it was to run their code. As part of the infrastructure team, Ricardo plugged Sofia’s existing Docker image into Kubeflow’s MPI operator. Ricardo gave Sofia all the credit for building a scalable model, whereas Sofia credited Ricardo for scaling her team’s model. Thanks to components like the MPI operator, Sofia’s team can focus on building better models and Ricardo can empower other physicists to scale their own models.

      • Issue #2019.08.19 – Kubeflow at CERN

        Replicating Particle Collisions at CERN with Kubeflow – this post is interesting for a number of reasons. First, it shows how Kubeflow delivers on the promise of portability and why that matters to CERN. Second, it reiterates that using Kubeflow adds negligible performance overhead as compared to other methods for training. Finally, the post shows another example of how images and deep learning can replace more computationally expensive methods for modelling real-word behaviour. This is the future, today.

      • IBM

        • A POWER'ful Announcement Is Expected Tomorrow Changing The Open-Source Landscape

          For those interested in IBM's POWER architecture and/or open-source hardware prospects, an industry-shaking announcement is expected to happen Tuesday morning.

          Taking place Tuesday and Wednesday in sunny San Diego is the OpenPOWER Summit focused on the open-source POWER ecosystem. There will be keynotes tomorrow from IBM, Microsemi, Raptor Computing Systems, and the OpenPOWER Foundation. Beyond the usual fluff and what not at most industry events / keynotes, there is going to be a very exciting announcement made tomorrow morning in kicking off this event.

        • PHP version 7.2.22RC1 and 7.3.9RC1

          Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests (for x86_64 only), and also as base packages.

          RPM of PHP version 7.3.9RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30 or remi-php73-test repository for Fedora 28-29 and Enterprise Linux.

          RPM of PHP version 7.2.22RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 28-29 or remi-php72-test repository for Enterprise Linux.

        • Self-Serviced, End-to-End Encryption for Kubernetes Applications, Part 2: a Practical Example

          In part one of this series, we saw three approaches to fully automate the provisioning of certificates and create end-to-end encryption. Based on feedback from the community suggesting the post was a bit too theoretical and not immediately actionable, this article will illustrate a practical example. You can see a recording of the demo here.

        • The Tiger that interned at Red Hat

          From the start, Tiger just had the right idea about looking for a college. Instead of reading US World News’ rankings, basing his decisions on sports teams, or even aiming for the Ivy Leagues, Tiger set out to make his college search a data driven effort. He asked himself, first, where he wanted to work. For him, that was an almost typical answer for an aspiring young technology student: Google, Facebook, Red Hat and other big name tech firms.

          [...]

          Tiger's real name is Passawit Kaovilai, and he's now entering his third year at NC State. He said that many people in his native Thailand have nicknames, and that his translates well into any language, and is understood immediately. He was also born in the year of the tiger, so the name is a natural fit.

          Here at Red Hat, Tiger has taken on the duties of a technical marketing intern. That means he's been diving into Red Hat OpenShift 4 to help create documentation and learning tools for users in the field. That also means contributing to open source projects, and getting his handle out there on GitHub, however modestly.

    • Audiocasts/Shows

    • Kernel Space

      • Intel Icelake Thunderbolt Support Still Being Squared Away For Linux - Hopefully For 5.4

        Intel Icelake laptops will soon be hitting store shelves and a vast majority of the Linux support has been squared away for many months. Unfortunately one bit still not mainlined is the Thunderbolt support.

        Back in July we wrote about the Icelake Thunderbolt support still not merged yet while Icelake's Gen11 graphics and other new processor features have all been squared away for several kernel releases in ensuring good launch-day support. With Icelake, the Thunderbolt functionality has moved onto the SoC itself (sans the Thunderbolt power delivery) and that's taken additional time for getting the Linux kernel support in order.

      • Graphics Stack

        • Mesa 19.2's Feature Freeze / Release Candidate Process Beginning Tomorrow

          Mesa 19.2 was supposed to be branched marking its feature freeze two weeks ago on 6 August along with the issuing of the first release candidate. That milestone has yet to be crossed but should happen tomorrow.

          Mesa 19.2 development dragged on for the extra two weeks to allow some extra features to land. Those extra features were metrics/counters support for Intel Iris Gallium3D, CCS_E modifier support, and slice/sub-slice hashing optimizations for Intel -- a big performance win. Now that those blockers have landed, the release process is expected to get underway on Tuesday.

        • Display Stream Compression (DSC) for AMD Navi
          This patchset enables Display Stream Compression (DSC) on DP 
          connectors on Navi ASICs, both SST and DSC.
          
          

          8k60 and 4k144 support requires ODM combine, an AMD internal feature that may be a bit buggy right now.

          Patches 1 through 5 enable DSC for SST. Most of the work was already done in the Navi promotion patches; this just hooks it up to the atomic interface. The first two reverts are of temporary changes to block off DSC. The third is of a commit that was accidentally promoted twice. The fourth and last revert fixes a potential issue with ODM combine.

          Patches 6 and 7 are fixes for bugs that would be exposed by MST DSC. One fix is with the MST code and the other in the DSC code.

          Patches 8, 9, and 10 are small DRM changes required for DSC MST: FEC, a new bit in the standard; some export definitions; and a previously uninitialized variable.

          Patches 11 through 14 are the DSC MST policy itself. This includes the code for detecting and validating DSC capabilities, enabling DSC over a link, computing the fair DSC configurations for multiple DSC displays, and adding to atomic state crtcs that might need reprogramming due to DSC.
        • AMD Posts Navi Display Stream Compression Support For Linux

          One of the kernel-side features not yet in place for AMD's newest Navi graphics processors on Linux has been Display Stream Compression support but that is being squared away with a new patch series.

          Fourteen patches posted today adding more than six hundred lines of code to the AMDGPU Linux kernel driver enable Display Stream Compression support for DisplayPort connectors on Navi GPUs. VESA's Display Stream Compression is for low-latency lossless compression performance for power-savings and higher resolution/refresh-rates based on bandwidth and enabling the likes of DisplayPort Multi-Stream Transport (MST) technology.

    • Benchmarks

      • POWER9 & ARM Performance Against Intel Xeon Cascadelake + AMD EPYC Rome

        For those wondering how ARM and IBM POWER hardware stack up against AMD's new EPYC "Rome" processors and that of Intel's existing Xeon "Cascade Lake" processors, here is a round of tests from the POWER9 Talos II, Ampere eMAG, and Cavium ThunderX in looking at the cross-architecture Linux CPU performance currently in the server space.

        Our AMD EPYC Rome benchmarks this month have been focused on the performance compared to earlier AMD EPYC and Intel Xeon processors, but given the broader architecture support on Linux and there also being significant interest in the likes of IBM POWER / OpenPOWER thanks to more open-source designs when paired with motherboards from Raptor Computing Systems, here are some initial numbers for ARM and POWER9 performance against the new x86_64 server CPUs.

    • Applications

      • Pause Music When Locking The Screen And Resume On Unlock For Spotify, Rhythmbox, Others

        When you lock your computer screen (without suspending the system), most desktop audio players continue playback in the background, sometimes not emitting any sound €¹. Due to this you may unintentionally skip parts of podcasts or songs in a playlist, etc.

        Enter pause-on-lock, a Bash script that pauses your music player when you lock the screen and resumes playback once the screen is unlocked.

        pause-on-lock works on Unity, GNOME, Cinnamon and MATE desktop environments, and by default it supports Spotify and Rhythmbox. With the help of playerctl (a command line controller for controlling media players that support the MPRIS D-Bus interface), this script can extend its supported music players to many others, including Audacious, VLC, Cmus, and others.

      • Easy Way to Screen Mirroring Android on Ubuntu!

        Screen Mirroring is one of the features found on smartphones, one of which is on Android. This feature serves to display the smartphone to a computer. This is very useful for example when used for demo applications that you make, or maybe for other things related to smartphones.

        In Ubuntu, we can do screen mirroring with applications available on Android, for example is AirDroid which can be used for screen mirroring through a browser. But I feel less optimal when using this instant method.

        Because there is a lag between activity on the smartphone and on the monitor screen on the computer, and the results are less than optimal. What might be the cause because it is opened through a browser and uses wi-fi? (Personal question).

        I am looking for another application for screen mirroring on Ubuntu, and one of the very good applications is Scrcpy. This application can be used for screen mirroring without a root device.

      • OBS Studio 24.0 Will Let You Pause While Recording, Other New Options

        For those using OBS Studio for cross-platform live-streaming and screen recording needs, OBS Studio 24.0 is on the way but out first is their release candidate to vet the new features coming into this big update.

      • Storage

    • Instructionals/Technical

    • Games

      • Don't Starve Together has a big free update adding in boats and a strange island

        Klei Entertainment have given the gift of new features to their co-op survival game Don't Starve Together, with the Turn of Tides update now available.

        Taking a little inspiration from the Shipwrecked DLC available for the single-player version Don't Starve, this new free update enables you to build a boat to carry you and other survivors across the sea. Turn of Tides is the first part of a larger update chain they're calling Return of Them, so I'm excited to see what else is going to come to DST.

      • Cthulhu Saves the World has an unofficial Linux port available

        In response to an announcement to a sequel to Cthulhu Saves the World, Ethan Lee AKA flibitijibibo has made a unofficial port for the original and a few other previously Windows-only games. As a quick reminder FNA is a reimplementation of the proprietary XNA API created by Micrsosoft and quite a few games were made with that technology. We’ve gotten several ports thanks to FNA over the years though Ethan himself has mostly moved on to other projects like working on FAudio and Steam Play.

      • EVERSPACE 2 announced, with more of a focus on exploration and it will release for Linux

        EVERSPACE is probably one of my absolute favourite space shooters from the last few years, so I'm extremely excited to see EVERSPACE 2 be announced and confirmed for Linux.

        For the Linux confirmation, I reached out on Twitter where the developer replied with "#Linux support scheduled for full release in 2021!".

      • Google reveal more games with the latest Stadia Connect, including Cyberpunk 2077

        Today, Google went back to YouTube to show off an impressive list of games coming to their Stadia game streaming service, which we already know is powered by Debian Linux and Vulkan.

        As a reminder, Google said not to see Stadia as if it was the "Netflix of games", as it's clearly not. Stadia Base requires you to buy all your games as normal, with Stadia Pro ($9.99 monthly) giving you a trickle of free games to access on top of 4K and surround sound support.

      • The situation with Blood: Fresh Supply getting a Linux version is looking a little unclear

        Blood: Fresh Supply is the revamp of the classic 90's first-person shooter Blood, released by Nightdive Studios in May this year.

        In the most recent update on Steam, the team mentioned "For future issues, we will have to recommend contacting Atari about them.". Their wording is interesting, which seems to indicate that Nightdive will not be making any further additions to Blood: Fresh Supply. Presumably then, this would mean the Linux version they previously confirmed back in May will not be happening either.

      • Spacebase Startopia is the next title from Realmforge and Kalypso Media, coming to Linux

        Set Phasers to fun sci-fi fans, as Realmforge (Dungeons 3) and Kalypso Media just announced Spacebase Startopia and it's confirmed to be supporting Linux.

        From the press release sent over by Kalypso Media, they confirmed it's "an all-new take on the 2001 cult classic" Startopia from Mucky Foot Productions.

      • wsPublish, an open source Steam Workshop Interop Library released

        How about a little open source news to get your Monday flowing? Game porter Ethan Lee recently announced the release of wsPublish, an open source Steam Workshop Interop Library with a little history.

      • Incredibly stylish twin-stick shooter Devader is launching next month

        With some really wild enemy designs and action that just don't stop, Devader is a damn fun game and it's releasing officially next month.

      • Planetary Annihilation: TITANS still seeing updates, Mesa issues on Linux being looked into

        Celebrating one year since Planetary Annihilation Inc took over development of Planetary Annihilation: TITANS from Uber Entertainment, the team have given an update.

        The post goes over what they've been able to achieve and it is quite impressive. Before Planetary Annihilation Inc appeared, it did seem like the game was left on life support so they've given it a big boost. A fair amount of Planetary Annihilation: TITANS was getting old, so their first point of action was to upgrade the underlying tech to be more modern. Along with that they also upgraded the AI, put a fair amount of effort into their servers to improve performance, gave it more multi-threading and so on.

      • Based on the classic FPS Warsow, the new Warfork is now live in Early Access

        Fast-paced arena shooter Warsow has been forked, updated under the name of Warfork and it's now in Early Access on Steam.

        If you're curious why they forked it and put it on Steam, according to the team behind Warfork the owner of Warsow is apparently opposed to a Steam release (see the additional notes below on that). Not just that, but until recently Warsow saw very little in the way of updates and seemed a bit dead overall. In addition, the developers of Warfork are planning lots of work to make Warfork more easily adjusted with mods.

      • Open-world vehicle-based survival game Project 5: Sightseer has been officially released

        Set on a huge procedurally generated world, Project 5: Sightseer from the developer of Windward is a sandbox open-world survival game where you pilot various vehicles.

        Instead of running around as person like in other survival sims, Project 5: Sightseer is more about technology. Starting you off in a rather crap land vehicle, you eventually build up an outpost and research much better transportation including those that enable you to fly vast distances easily.

      • GOG are celebrating their Community Wishlist feature with a big sale

        The DRM-free store GOG are currently doing a bit of patting themselves on the back with a sale celebrating their Community Wishlist feature.

        Allowing gamers to suggest, discuss and vote on games they want to see come to GOG it's a pretty fun feature for a curated store to have. GOG say they have completed "over 2 million wishes" and they have "no plans on slowing down" with it. They of course can't fulfil every wish, but it's a good way for them to see what classics people want revived.

    • Desktop Environments/WMs

      • Four more years! Four more years! Svelte Linux desktop Xfce gets first big update since 2015

        In contrast to the frenetic pace of updates now typical in the software industry, the team behind Xfce, a lightweight desktop for Linux, have released version 4.14 nearly four-and-a-half years since the last stable release, 4.12.

        Xfce aims to be fast, consume minimal resources and embody the UNIX philosophy of modularity. Its features include a window manager, a desktop manager, a file manager and an application finder.

      • K Desktop Environment/KDE SC/Qt

        • Kdenlive 19.08 released

          After a well deserved summer break, the Kdenlive community is happy to announce the first major release after the code refactoring. This version comes with a big amount of fixes and nifty new features which will lay the groundwork for the 3 point editing system planned for this cycle. The Project Bin received improvements to the icon view mode and new features were added like the ability to seek while hovering over clips with the mouse cursor and now it is possible to add a whole folder hierarchy. On the usability front the a menu option was added to reset the Kdenlive config file and now you can search for effects from all tabs instead of only the selected tab. Head to our download page for AppImage and Windows packages.

        • Interview with Chayse Goodall

          Hi, my name is Chayse Goodall. I am 14 years old. I just draw for fun!

          [...]

          I normally draw the sketch first in a dark red color. Then I draw the plain body in a light green. I sketch the clothes, hair, and accessories on in a neon color.

          I just use the pen for coloring and shading.

        • KMyMoney 5.0.6 released

          The KMyMoney development team today announces the immediate availability of version 5.0.6 of its open source Personal Finance Manager.

          Another maintenance release is ready: KMyMoney 5.0.6 comes with some important bugfixes. As usual, problems have been reported by our users and the development team fixed some of them in the meantime. The result of this effort is the brand new KMyMoney 5.0.6 release.

          Despite even more testing we understand that some bugs may have slipped past our best efforts. If you find one of them, please forgive us, and be sure to report it, either to the mailing list or on bugs.kde.org.

        • Kontact and Google Integration Issues

          Lately there were some issues with the Google integration in Kontact which caused that it is no longer possible to add new Google Calendar or Gmail account in Kontact because the log in process will fail. This is due to an oversight on our side which lead to Google blocking Kontact as it did not comply with Google’s policies. We are working on resolving the situation, but it will take a little bit.

          Existing users should not be affected by this - if you already had Google Calendar or Gmail set up in Kontact, the sync should continue to work. It is only new accounts that cannot be created.

          In case of Gmail the problem can mostly be worked around when setting up the IMAP account in KMail by selecting PLAIN authentication1 method in the Advanced tab and using your email and password. You may need to enable Less Secure Applications in your Google account settings in order to be able to log in with regular email address and password.

    • Distributions

      • Changing the Chair of the openSUSE Board [Ed: Reposted in OpenSUSE's site now]

        Gerald has been a regular source of advice & support during my tenure as Chairperson. In particular, I will always remember my first visit to FOSDEM as openSUSE Chair. Turning up more smartly dressed than usual, I was surprised to find Gerald, a senior Director at SUSE, diving in to help at the incredibly busy openSUSE booth, and doing so dressed in quite possibly the oldest and most well-loved openSUSE T-shirt I’ve ever seen. When booth visitors came with questions about SUSE-specific stuff, I think he took some glee in being able to point them in my direction while teasingly saying “Richard is the corporate guy here, I’m just representing the community..”

        Knowing full well he will continue being so community minded, while finally giving me the opportunity to tease him in return, it is with a similar glee I now hand over the reigns to Gerald.

        As much as I’m going to miss things about being chairperson of this awesome community, I’m confident and excited to see how openSUSE evolves from here.

      • A new chair for the openSUSE board

        Richard Brown has announced that he is stepping down as the chair of the openSUSE board.

      • Screenshots/Screencasts

        • 10 Linux distros: From different to dangerous

          One of the great benefits of Linux is the ability to roll your own. Throughout the years, individuals, organizations, and even nation states have done just that. In this gallery, we're going to showcase some of those distros. Be careful, though. You may not want to load these, or if you do, put them in isolated VMs. We're not kidding when we say they could be dangerous.

        • Endeavour OS 2019.08.17 Run Through

          In this video, we are looking at Endeavour OS 2019.08.17.

      • Fedora Family

        • Approved: Fedora 31 To Drop i686 Everything/Modular Repositories

          The month-old proposal for the upcoming Fedora 31 Linux distribution release to stop with their i686 repositories for Everything and Modules was voted on today by the Fedora Engineering and Steering Committee.

          The FESCo group gave their formal approval today for permitting these i686 repositories to be removed beginning with Fedora 31. This also goes in-step with Fedora 31 having already decided to stop with their i686 kernel builds.

        • Living my best 4 days: Flock to Fedora 2019

          Months of waiting came to an end and finally, it was time to meet people with whom I have been working for the last 4 months, being on the other side of the screen. Things seemed different when our last Wednesday conference call ended with “Meet you soon” instead of a “Good Day”. The excitement of attending Flock to Fedora, was not only because the virtual interaction is turning to the real meeting but also, it was my first ever International trip. With approaching the 6th of August, the fear of travelling solo was getting on the peak, and at one moment I started questioning if all the trouble I underwent during last month was even worth it. But the time I met Shraddha(another intern working on the same project)at Bangalore airport, we happened to click so much at our first conversation that it was certain that at least my journey will not be me, and my headphones all the time.

          Since I reached Budapest a day before when everyone arrived, I got a handful of time discovering places, getting to know their culture and try on things we never tried before. The excitement of being at such a beautiful place did not make me realise that I was sleep-deprived, I had a jet lag of 4 hours and I was hungry. I spent the entire day roaming the streets, enjoying a breath of fresh air and exploring the city and ways of commute as well.

          Next day we shifted to the hotel that was booked for us and where the conference will be held. The ambience of the whole place was really nice and we met other fellow attendees at the conference.

        • rpminspect Presentation at Flock 2019

          Flock in Budapest was a great event. There were a lot of talks I wanted to attend, but could not make it to all of them. I did give one talk on my project called rpminspect.

          rpminspect is a project I started as a replacement for an internal Red Hat tool. I am working on integrating it in to the build workflow for Fedora but also allow package maintainers to use it locally as a build linter of sorts. Here is a link to the presentation I gave. I think there is video, but I am not sure where those are.

        • rpminspect-0.3 released

          Released rpminspect-0.3 today with bugs reported and fixed during Flock Budapest 2019.

        • Kevin Fenzi: Flock 2019

          Flock time is upon is! This time in lovely Budapest. As always when flock is in europe, it’s a long flight for me, but otherwise travel was uneventfull: Drive 2 hours to PDX, then PDX to AMS, then a short layover for coffee and stoupwaffles and then AMS to BUD, and finally a taxi ride to the hotel.

          The hotel is quite lovely. It’s right next to the danube river and has a nice view. The AC is working nicely too (it’s quite hot outside here right now). After getting into the hotel yesterday and a quick dinner at a very nice place down the road, I managed to sleep for 10+ hours.

      • Debian Family

        • KNOPPIX Live GNU/Linux System Is Now Based on Debian GNU/Linux 10 "Buster"

          A new release of the KNOPPIX Live GNU/Linux system has been released and it's based on the latest Debian GNU/Linux 10 "Buster" operating system series and the Linux 5.2 kernel.

          KNOPPIX 8.6 is now available based on the software repositories of the recently released Debian GNU/Linux 10 "Buster" operating system series, but also packing some elements from the Debian Uunstable (Sid) repos. It's powered by the latest Linux 5.2 kernel series and X.Org Server 7.7 display server to support newer graphics cards and computer hardware.

        • Tails 4.0 Anonymous Linux OS Enters Beta Based on Debian GNU/Linux 10 "Buster"

          Tails 4.0 recently entered beta testing and it's the first release to be based on the just released Debian GNU/Linux 10 "Buster" operating system series, which means that all the pre-installed packages have been updated to newer versions to support the latest hardware components, especially recent Nvidia and ATI/AMD graphics cards, as well as Mac computers.

          Tails 4.0 also promises support for Thunderbolt 3 devices, which is now integrated into the latest GNOME 3 desktop environment, with which the upcoming major Tails release will ship by default. Users who own a Thunderbolt device are urged to test the implementation by navigating to Choose Devices > Thunderbolt from the GNOME Settings utility.

        • Knoppix 8.6 first wide public release to abandon systemd

          Version 8.6 of the popular Debian-derived Linux distribution Knoppix was released on Sunday, rebasing the distribution on Debian 10 (Buster)—released on July 9—with select packages from Debian's testing and unstable branches to enable support for newer graphics hardware. Knoppix is among the first Linux distributions that can be run live from a DVD, and continues to enjoy a great deal of popularity among Linux enthusiasts.

          Knoppix 8.6 is notable for being the first publicly-released version of the distribution to abandon systemd, an init system built by Red Hat's Lennart Poettering intended to replace sysvinit. While adoption of systemd was the subject of considerable controversy and criticism, it is the mainstream default, used by Knoppix's upstream Debian, as well as other Debian forks such as Ubuntu and Mint; RHEL, CentOS, and Fedora; openSUSE and SLES, as well as Mageia, and by default in Arch.

          Complaints about systemd primarily focus on feature creep, as the project does not conform to the "do one thing and do it well" philosophy of Unix systems in general. Other aspects, such as its use of binary logs (as opposed to human-readable, text logs) have likewise drawn criticism.

          The first version of Knoppix to remove systemd is 8.5; though this version was distributed exclusively with copies of Linux Magazine Germany earlier this year, it was not made generally available for download. Knoppix creator Klaus Knopper wrote briefly about the decision to remove systemd in that edition (translated from German, links added for context):

      • Canonical/Ubuntu Family

        • Latest KDE Security Vulnerabilities Are Patched in Ubuntu and Debian, Update Now

          couple of weeks ago, the KDE community fixed a security vulnerability discovered by Dominik Penner in the KConfig component, the configuration settings framework of the KDE Plasma desktop environment, which could allow an attacker to execute malicious code through a specially crafted .desktop file included in an archive that was opened in the file manager.

          "Dominik Penner discovered that KConfig supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed. This update removes this feature," reads the Debian security advisory.

        • Ubuntu MATE 18.04.3 LTS Released for GPD Pocket, Ubuntu MATE 19.04 for GPD WIN 2

          Released earlier this month, Ubuntu MATE 18.04.3 LTS is the third instalment in the long-term supported Ubuntu MATE 18.04 LTS (Bionic Beaver) operating system series, shipping with updated kernel and graphics stacks from the more recent Ubuntu MATE 19.04 (Disco Dingo) operating system, including Linux 5.0.

          While until now users were able to download Ubuntu MATE 18.04.3 LTS for 64-bit and 32-bit computers, starting today the operating system is also available to download for SOFTWIN's GPD Pocket and GPD Pocket 2 gaming computers, as well as for the Topjoy Falcon mini laptop.

        • Design and Web team summary – 16 August 2019

          This iteration was the Web & design team’s first iteration of the second half of our roadmap cycle, after returning from the mid-cycle roadmap sprint in Toronto 2 weeks ago.

          Priorities have moved around a bit since before the cycle, and we made a good start on the new priorities for the next 3 months.

        • Ubuntu Weekly Newsletter Issue 592

          Welcome to the Ubuntu Weekly Newsletter, Issue 592 for the week of August 11 – 17, 2019. The full version of this issue is available here.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • WebAssembly for speed and code reuse

            Imagine translating a non-web application, written in a high-level language, into a binary module ready for the web. This translation could be done without any change whatsoever to the non-web application's source code. A browser can download the newly translated module efficiently and execute the module in the sandbox. The executing web module can interact seamlessly with other web technologies—with JavaScript (JS) in particular. Welcome to WebAssembly.

            As befits a language with assembly in the name, WebAssembly is low-level. But this low-level character encourages optimization: the just-in-time (JIT) compiler of the browser's virtual machine can translate portable WebAssembly code into fast, platform-specific machine code. A WebAssembly module thereby becomes an executable suited for compute-bound tasks such as number crunching.

            Which high-level languages compile into WebAssembly? The list is growing, but the original candidates were C, C++, and Rust. Let's call these three the systems languages, as they are meant for systems programming and high-performance applications programming. The systems languages share two features that suit them for compilation into WebAssembly. The next section gets into the details, which sets up full code examples (in C and TypeScript) together with samples from WebAssembly's own text format language.

          • Mozilla GFX: moz://gfx newsletter #47

            Hi there! Time for another mozilla graphics newsletter. In the comments section of the previous newsletter, Michael asked about the relation between WebRender and WebGL, I’ll try give a short answer here.

            Both WebRender and WebGL need access to the GPU to do their work. At the moment both of them use the OpenGL API, either directly or through ANGLE which emulates OpenGL on top of D3D11. They, however, each work with their own OpenGL context. Frames produced with WebGL are sent to WebRender as texture handles. WebRender, at the API level, has a single entry point for images, video frames, canvases, in short for every grid of pixels in some flavor of RGB format, be them CPU-side buffers or already in GPU memory as is normally the case for WebGL. In order to share textures between separate OpenGL contexts we rely on platform-specific APIs such as EGLImage and DXGI.

            Beyond that there isn’t any fancy interaction between WebGL and WebRender. The latter sees the former as a image producer just like 2D canvases, video decoders and plain static images.

      • Pseudo-Open Source (Openwashing)

        • Qt Visual Studio Tools 2.4 RC Released

          The Visual Studio Project System is widely used as the build system of choice for C++ projects in VS. Under the hood, MSBuild provides the project file format and build framework. The Qt VS Tools make use of the extensibility of MSBuild to provide design-time and build-time integration of Qt in VS projects — toward the end of the post we have a closer look at how that integration works and what changed in the new release.

          Up to this point, the Qt VS Tools extension managed its own project settings in an isolated manner. This approach prevented the integration of Qt in Visual Studio to fully benefit from the features of VS projects and MSBuild. Significantly, it was not possible to have Qt settings vary according to the build configuration (e.g. having a different list of selected Qt modules for different configurations), including Qt itself: only one version/build of Qt could be selected and would apply to all configurations, a significant drawback in the case of multi-platform projects.

          Another important limitation that users of the Qt VS Tools have reported is the lack of support for importing Qt-related settings from shared property sheet files. This feature allows settings in VS projects to be shared within a team or organization, thus providing a single source for that information. Up to now, this was not possible to do with settings managed by the Qt VS Tools.

      • BSD

        • NetBSD Sees Its First Wayland Application Running

          Wayland support is inching ahead on NetBSD for this secure, modern next-generation successor to running an X.Org Server.

          NetBSD has seen a lot of interesting developments this year on the desktop front from DRM graphics driver improvements to better Wine support and now the first Wayland bits are proving successful on this BSD operating system.

      • Programming/Development

        • The Easiest Data Cleaning Method using Python & Pandas

          In this post we are going to learn how to do simplify our data preprocessing work using the Python package Pyjanitor.

        • Weekly Python Exercise A3 (beginner objects) is open

          If you’ve been programming in Python for any length of time, then you’ve undoubtedly heard that “everything is an object.”

          But what does that mean? And who cares? And what effect does that have on you as a developer — or on Python, as a language?

          Indeed, how can (and should) you take advantage of Python’s object-oriented facilities to make your code more readable, maintainable, standard, and (dare I say it) Pythonic?

        • Get started with Eclipse Che 7 and Quarkus: An overview

          In this short video tutorial, hosted by Doug Tidwell, we’ll take a look at the new Eclipse Che 7 interface along with Quarkus, the revolutionary new technology that can make Java applications very small and very fast.

          In the course of this demo, we’ll show how to set up a running workspace and run a simple app. To get started, we’ll also be using Minikube version 1.2.0 and Helm version 2.14.1, both of which you’ll need to have installed. For Che 7, we’re using the chectl tool; note that we’re using the July 30 build of chectl version 0.0.2. Finally, we assume you have wget installed as part of your operating system.

        • CMake: the Case when the Project's Quality is Unforgivable

          CMake is a cross-platform system for automating project builds. This system is much older than the PVS-Studio static code analyzer, but no one has tried to apply the analyzer on its code and review the errors. As it turned out, there are a lot of them. The CMake audience is huge. New projects start on it and old ones are ported. I shudder to think of how many developers could have had any given error.

        • Technical vision for Qt for Python

          Exposing a huge framework such as Qt to another language is not an easy task and this was the main reason for the slow porting from the old PySide version in Qt 4 to Qt 5. Many developers hours were spent in adapting to new Qt 5 APIs, and more importantly, the binding generator tool such that everything can be handled properly.

          Now with Qt 6 things will be different, because the development of Qt for Python is progressing side-by-side to the C++ and QML stories in Qt 6. Hopefully, there will be a lot fewer surprises this time around. In fact, this effect can be seen with current 5.x releases, PySide2 is available almost at the same time as the Qt release, having in some cases a few days delays.

          Since the official release in Qt 5.12.0, the downloads of Qt for Python has been increasing day-by-day, which translates on the community adopting and enjoying the project.

        • Qt 6 Will Bring Improvements To The Toolkit's Python Support

          Adding to the interesting objectives for Qt 6 are further enhancements to "Qt for Python" for enhancing the programming language's support for this tool-kit.

          It was just last year with Qt 5.11 that PySide2 became official as Qt for Python to provide proper bindings for Python to the Qt tool-kit. With Qt for Python continuing to see increased adoption, more improvements to Qt for Python are planned.

        • The Document Foundation/LibreOffice Community Member Monday: Sanjog Sigdel

          I’m currently a Graduate Student pursuing my MTech. in IT degree here in Kathmandu University, Dhulikhel, Nepal. Besides that, I am also a part-time instructor in a private college near the University: NIST College Banepa.

          I love knowing how new technologies work and also love exploring new places. Unitil now I have traveled almost 30 districts of Nepal via trekking, project monitoring and tours. I’ve been using Linux-based operating systems (mainly Ubuntu) since 2012. And I am also a FOSS activist/volunteer. I teach my students to use open source software and most of them are using Linux, LibreOffice, and Python programming in the Nano text editor :-)

        • Debugging Python Applications with the PDB Module

          In this tutorial, we are going to learn how to use Python's PDB module for debugging Python applications. Debugging refers to the process of removing software and hardware errors from a software application. PDB stands for "Python Debugger", and is a built-in interactive source code debugger with a wide range of features, like pausing a program, viewing variable values at specific instances, changing those values, etc.

          In this article, we will be covering the most commonly used functionalities of the PDB module.

        • Mike Driscoll: PyDev of the Week: Paul Ganssle

          This week we welcome Paul Ganssle (@pganssle) as our PyDev of the Week. Paul is the maintainer of the dateutil package and also a maintainer of the setuptools project. You can catch up with Paul on his website or check out some of his talks. Let’s take a few moments to get to know Paul better!

        • Image Process Plugin 1.2.0 for Pelican Released

          Image Process is a plugin for Pelican, a static site generator written in Python.

          Image Process let you automate the processing of images based on their class attribute. Use this plugin to minimize the overall page weight and to save you a trip to Gimp or Photoshop each time you include an image in your post.

          Image Process is used by this blog’s theme to resize the source images so they are the correct size for thumbnails on the main index page and the larger size they are displayed at on top of the articles.

        • Top 7 Compelling Reasons to Hire Ukrainian Developers

          Many people consider offshore development. They seek quality for a lower cost and look where to hire developers. Customers search online, read reviews, or ask for referrals to find the software development team that best fits their goals. Ukraine has become one of the top locations where customers across Europe, Asia, and North America go for developers to build their products from scratch.

        • How to Find and Hire a Python/Django Development Company

          Even though there are about 22 million developers in the world (according to a Nexten.io study), good Python/Django developers aren’t easy to find and can be quite expensive. But there are many job marketplaces for software development companies and individual Python developers. Where you can find profiles of software development companies and their projects, reviews and ratings from current and former clients.

        • The Titler Revamp: QML Producer in the making

          At the beginning of this month, I started testing out the new producer as I had a good, rough structure for the producer code, and was only facing a few minor problems. Initially, I was unclear about how exactly the producer is going to be used by the titler so I took a small step back and spent some time figuring out how kdenlivetitle worked, which is the producer in use.

          Initially, I faced integration problems (which are the ones you’d normally expect) when I tried to make use of the QmlRenderer library for rendering and loading QML templates – and most of them were resolved by a simple refactoring of the QmlRenderer library source code. To give an example, the producer traditionally stores the QML template in global variables which is taken as a character pointer argument (which is, again, traditional C) The QmlRenderer lib takes a QUrl as its parameters for loading the Qml file, so to solve this problem all I had to do was to overload the loadQml() method with one which could accommodate the producer’s needs – which worked perfectly fine. As a consequence, I also had to compartmentalise (further) the rendering process so now we have 3 methods which go sequentially when we want to render something using the library ( initialiseRenderParams( ) -> prepareRenderer( ) -> renderQml( ) )

          [...]

          The problem was resolved (thank you JB) finally and it was not due to OpenGL but it was simply because I hadn’t created an QApplication for the producer (which is necessary for qt producers). The whole month’s been a steep curve, definitely not easy, but, I enjoyed it!

          Right now, I have a producer which is, now, almost complete and with a little more tweaking, will be put to use, hopefully. I’m still facing a few minor issues which I hope to resolve soon and get a working producer. Once we get that, I can start work on the Kdenlive side. Let’s hope for the best!

        • How to Make a Discord Bot in Python

          In a world where video games are so important to so many people, communication and community around games are vital. Discord offers both of those and more in one well-designed package. In this tutorial, you’ll learn how to make a Discord bot in Python so that you can make the most of this fantastic platform.

        • Security, UX, and Sustainability For The Python Package Index

          PyPI is a core component of the Python ecosystem that most developer's have interacted with as either a producer or a consumer. But have you ever thought deeply about how it is implemented, who designs those interactions, and how it is secured? In this episode Nicole Harris and William Woodruff discuss their recent work to add new security capabilities and improve the overall accessibility and user experience. It is a worthwhile exercise to consider how much effort goes into making sure that we don't have to think much about this piece of infrastructure that we all rely on.

        • Moving Conda Environments

          Conda is known as a package manager for Python and R packages produced by Anaconda, Inc. and conda-forge, the open-source community for conda Python packages. In addition to managing packages, Conda is also an environment manager. If you’re new to Python, environments create an isolated environment to manage dependencies in a project. Because the Python ecosystem of packages is both wide and deep, part of Conda’s job is to install packages that don’t conflict with each other.

          Once you have your project environment set up and your code written and tested, you may want to move it to another machine. For example, you would want to move a web application to server with a public address or copy a set of tools you frequently use to a USB drive. You might want to take a snapshot of your project environment as a backup.

        • Moving Code with Refactoring in Wing Pro

          In this issue of Wing Tips we explain how to quickly move functions, methods, classes, and other symbols around in Python code, using Wing Pro's Move Symbol refactoring operation.

          This operation takes care of updating all the points of reference for the symbol that is being moved. For example, if a function is moved from one module to another then Wing will update all the points of call for that function to import the module it has been moved into and invoke the function from there.

  • Leftovers

    • Security (Confidentiality/Integrity/Availability)

      • Security updates for Monday

        Security updates have been issued by CentOS (kernel and openssl), Debian (ffmpeg, golang-1.11, imagemagick, kde4libs, openldap, and python3.4), Fedora (gradle, hostapd, kdelibs3, and mgetty), Gentoo (adobe-flash, hostapd, mariadb, patch, thunderbird, and vlc), Mageia (elfutils, mariadb, mythtv, postgresql, and redis), openSUSE (chromium, kernel, LibreOffice, and zypper, libzypp and libsolv), Oracle (ghostscript), Red Hat (rh-php71-php), SUSE (bzip2, evince, firefox, glib2, glibc, java-1_8_0-openjdk, polkit, postgresql10, python3, and squid), and Ubuntu (firefox).

      • IPFire 2.23 - Core Update 135 is ready for testing

        after a little break with many things to fight, we are back with a brand new Core Update which is packed with various bug fixes and cleanup of a lot of code.

      • Wladimir Palant: Kaspersky in the Middle - what could possibly go wrong?

        Roughly a decade ago I read an article that asked antivirus vendors to stop intercepting encrypted HTTPS connections, this practice actively hurting security and privacy. As you can certainly imagine, antivirus vendors agreed with the sensible argument and today no reasonable antivirus product would even consider intercepting HTTPS traffic. Just kidding… Of course they kept going, and so two years ago a study was published detailing the security issues introduced by interception of HTTPS connections. Google and Mozilla once again urged antivirus vendors to stop. Surely this time it worked?

        Of course not. So when I decided to look into Kaspersky Internet Security in December last year, I found it breaking up HTTPS connections so that it would get between the server and your browser in order to “protect” you. Expecting some deeply technical details about HTTPS protocol misimplementations now? Don’t worry, I don’t know enough myself to inspect Kaspersky software on this level. The vulnerabilities I found were far more mundane.

      • KNOB attack: Is my Bluetooth device insecure?

        A recent attack against Bluetooth, called KNOB, has been making waves last week. In essence, it allows an attacker to downgrade the security of a Bluetooth so much that it's possible for the attacker to break the encryption key and spy on all the traffic. The attack is so devastating that some have described it as the "stop using bluetooth" flaw.

        This is my attempt at answering my own lingering questions about "can I still use Bluetooth now?" Disclaimer: I'm not an expert in Bluetooth at all, and just base this analysis on my own (limited) knowledge of the protocol, and some articles (including the paper) I read on the topic.

      • Dear sysadmins: Patch Webmin now – zero-day exploit emerges for potential hijack hole in server control panel

        The bug appears to have been revealed on Saturday, August 10, by Özkan Mustafa Akkuş at DEF CON and to have been made available as an exploit in a module for the Metasploit framework. The Webmin maintainers didn't hear about it until Saturday, August 17, when they noticed people discussing the issue on Twitter and Reddit. The CVE was created Thursday, August 15.

        Webmin has about 215,000 installations, according to a Shodan search (account required), and about 13,000 instances of the particularly vulnerable version 1.890.

        [...]

        According to Cooper, the malicious code was introduced into Webmin and Usermin through the project's build infrastructure. "We're still investigating how and when, but the exploitable code has never existed in our GitHub repositories, so we've rebuilt from git source on new infrastructure," he said.

        In an email to The Register, Cooper said the malicious code – which appeared in the Sourceforge repo but not the GitHub repo – was introduced to Webmin on local package build infrastructure before it reached Sourceforge.

      • Backdoor found in Webmin, a popular web-based utility for managing Unix servers [Ed: No, it is not a backdoor and it's not there by design]
    • Defence/Aggression

      • On Gun Violence, ‘We Need the Federal Government to Take Bold Steps’ - CounterSpin interview with Ernest Coverson on guns & human rights

        When Walmart responded to the early August mass murder by a white supremacist by announcing they’d stopped selling certain video games, and the National Rifle Association responded to that and a subsequent mass shooting by likening those seeking gun regulations to mass murderers, as likewise seeking to “take away our God-given rights”—well, it’s a hard thing to measure, but you almost felt you could hear vast numbers of Americans saying, “You have got to be kidding.”

        Public conversation seems to have advanced to the point where it’s understood that the reason the United States has so many incidents of gun violence is because the United States has so many guns. The crisis is neither natural nor necessary, and not so much a matter of a lack of public appetite for regulation, as of a political system in which that public interest does not translate into policy or law. If the US gun nightmare is the result of choices, work like that of our next guest is aimed at helping us make the choices to escape it. Ernest Coverson is End Gun Violence campaign manager at Amnesty International USA. He joins us now by phone. Welcome to CounterSpin, Ernest Coverson

    • Environment

      • Intelligence Thieves: How Toxic Pollutants Are Robbing Communities of Color

        Environmental racism has been well documented for decades — beginning with the work of sociologist Robert Bullard in Houston in the 1970s to a recent study in March on pollution burdens.

        But as Washington writes in her new book A Terrible Thing to Waste: Environmental Racism and the Assault on the American Mind, the fallout from environmental toxicity isn’t just physical. Lead, arsenic, mercury, PCBs, phthalates, DDT and even some pathogens can all rob people of their mental acuity and lower their intelligence, disrupting their livelihoods and thwarting their potential.

        Washington, a former research fellow in medical ethics at Harvard Medical School and senior research scholar at the National Center for Bioethics at Tuskegee University, is also the author of Infectious Madness and Medical Apartheid, which won a National Book Critics Circle Award.

        We spoke to Washington about why the dangers to mental capacity from environmental pollution are so often overlooked, why communities of color bear the brunt and what can be done about it.

      • Unique climate change has no natural cause

        European and US scientists have cleared up a point that has been nagging away at climate science for decades: not only is the planet warming faster than at any time in the last 2,000 years, but this unique climate change really does have neither a historic precedent nor a natural cause.

        Other historic changes – the so-called Medieval Warm Period and then the “Little Ice Age” that marked the 17th to the 19th centuries – were not global. The only period in which the world’s climate has changed, everywhere and at the same time, is right now.

        And other shifts in the past, marked by advancing Alpine glaciers and sustained droughts in Africa, could be pinned down to a flurry of violent volcanic activity.

      • Energy

        • Documents Show Koch Network's 'Structure of Social Change' in Action

          Back in 1996, the president of the Charles Koch Foundation laid out a blueprint for the Koch network’s goals of social transformation — a three-tiered integrated strategy to roll back government regulations, promote free market principles, and, in doing so, to protect the industries that turned the Koch brothers into billionaires.

          More than three decades later, that blueprint is still being followed in a broad-scale effort to serve the Kochs’ free-market libertarian ideology, to prop up the oil and gas industries that pad their fortunes, and to forestall any political action on climate change that they believe would threaten their bottom line.

        • Did North Dakota Regulators Hide an Oil and Gas Industry Spill Larger Than Exxon Valdez?

          In July 2015 workers at the Garden Creek I Gas Processing Plant, in Watford City, North Dakota, noticed a leak in a pipeline and reported a spill to the North Dakota Department of Health that remains officially listed as 10 gallons, the size of two bottled water delivery jugs.

          But a whistle-blower has revealed to DeSmog the incident is actually on par with the 1989 Exxon Valdez oil spill in Alaska, which released roughly 11 million gallons of thick crude.

    • Finance

      • Does International Travel Cause Economic Growth? Evidence from China’s Deregulation on Foreigners’ Traveling

        International travel is a key channel of international knowledge diffusion and has been hypothesized to shape large cross-country differences in productivity and income. However, causal evidence, especially evidence from developing countries, supporting this hypothesis remains scarce. This paper exploits a novel natural experiment, China’s Opening-to-Foreigner-County (OFC) policy, to examine the effect of deregulating foreigners’ traveling restrictions on regional economic outcomes. Using a difference-in-differences strategy, we find that deregulating foreigners’ traveling restrictions leads to a 7.9% additional increase of per capita industrial output for the OFCs in 1985-1991. The positive effects are larger in counties with more foreign equipment and greater industrial human capital. Additionally, the OFCs record more patent applications. The OFC policy’s effect were not triggered by export and FDI entry. We highlight the role of person-based international knowledge diffusion in the economic catch-up of technology recipient countries.

    • AstroTurf/Lobbying/Politics

      • Electoral Commission Obstructionism on Indyref2 is Just a Foretaste

        The Electoral Commission has sought to apply the handbrake to the gathering momentum for a new Independence referendum, by a submission to the Scottish Parliament which is a model of bureaucratic obstructionism. This is simply a foretaste of the attitude of the “neutral” and “independent” organs of the United Kingdom state, such as the BBC and Electoral Commission, in the coming struggle for Independence, in which the British state will be using all possible levers to defend its own existence.

        It should not be forgotten that it is the Electoral Commission which insists that the postal ballots be mixed with the ordinary ballots before counting, so there can be no record of any discrepancy between the postal ballot result and ordinary ballots. If the ordinary ballot was 60% yes and 40% no, but the postal ballot was 90% no and 10% yes, this information is deliberately and systematically destroyed by the counting method insisted on by the Electoral Commission. I have for years been attempting to get a coherent official justification for this deliberate destruction of obviously vital information in guarding against fraud, and have never received one. So I openly proclaim I do not start here from a position of trust in the Electoral Commission.

        The Guardian is reporting triumphantly that the Electoral Commission’s submission to the Scottish Parliament on the legislation for Indyref2 throws a 2020 date into doubt and requires at least a nine month lead period for the referendum. This is (for once) a broadly accurate report from the Guardian.

      • Twitter And Facebook Removing Chinese Disinfo Campaigns Shows That, Contrary To Popular Opinion, They Do Moderate Against Disinfo

        Leaving aside the ridiculous and ignorant suggestions from some that no internet platforms should moderate anything, many, many people seem to believe (incorrectly) that the various internet companies refuse to moderate anything because it goes against their bottom lines. We've heard this from a number of politicians -- especially among those seeking to change Section 230, arguing (again, incorrectly) that because of Section 230 there's somehow no incentive to moderate content on their platforms.

        This is wrong on multiple levels. There is tremendous business, political, moral, and social pressure to moderate content on these platforms. When they get it wrong, they get criticized. They can lose users. And (importantly) they can lose advertisers, partners, customers and investors. There is demand for "healthy" platforms, and it's Section 230 that allows them to experiment and moderate accordingly. That's why it's notable to me that both Twitter and Facebook announced the removal of what appears to be a coordinated attempt to abuse both platforms to push disinformation against protesters in Hong Kong.

    • Censorship/Free Speech

      • Latest 'Google Whistleblower' To Prove Anti-Conservative Bias Doesn't Prove Anything And Appears To Be Bigoted Conspiracy Theorist

        So, we had just pointed out that the "fired ex-Googler whistleblower" whom everyone was pointing to last week as "proof" of "anti-conservative bias" at Google, didn't look so good when you got to see the details (which included statements that certainly read to be pretty supportive of white nationalists, rather than support for, say, the free market and lower taxes). You'd think that peddlers continuing to push this theory with the next person would take more time in the vetting process. But... of course, if it's Project Veritas we're talking about, it appears the only vetting they like to do is "can we spin this the way we want so that idiot suckers will buy it?" And that's what's happened.

        [...]

        One of the leaked documents also isn't new and is completely misrepresented. Project Veritas had already posted it back in June and totally misrepresented it then. They claim it shows "election interference" regarding Ireland's election in which abortion rights were up for referendum. Project Veritas -- because they have to misrepresent basically everything -- claimed it proved that YouTube was trying to influence the election by suppressing searches on phrases like "abortion is murdering." What they leave out in all the hype and bluster, is that the document also contains many, many phrases on the other side of the debate, including "repeal the 8th," "pro choice," "woman's right to choose" and more. In other words, the document is not YouTube putting its finger on the scales, but, just as the company explained at the time, an attempt to have the top results on YouTube be focused on more authoritative neutral content providers, rather than those pushing one side or the other. That's... kinda reasonable? And also the very thing that "conservatives" keep demanding of the company -- to be "neutral."

        Indeed, so much of these documents seem to be evidence of Google trying to figure out how to deal with liars, trolls, and propagandists peddling nonsense. And PV turns that into "proof" of anti-conservative bias. Sorry, dudes. Unless you're admitting that "conservative" only means liars, trolls and propagandists peddling nonsense...

        Amusingly, among the documents, which were released the very same day a laughably bad complaint was filed against YouTube for discriminating against LGBTQ+ folks, was a document about how YouTube was trying to improve its machine learning algorithms to better handle such content.

      • Beto O'Rourke Joins The Silly Parade Of Confused Politicians Looking To Destroy Section 230

        Earlier this year it was revealed that Presidential candidate Beto O'Rourke was a member of the Cult of the Dead Cow when he was a kid. To lots of folks in the tech world, this was a big deal. cDc was the original "hacking group." And while it doesn't sound like o'Rourke actually did that much hacking while in cDc, at the very least, it suggested that he was tech savvy and might actually understand the internet. Apparently not. On Friday, Beto revealed his plan to deal with gun violence -- and apparently, that plan is to take away Section 230 protections from large internet companies.

        [...]

        Finally, any non-government person can certainly express their opinion that platforms shouldn't host sites like 8chan or Stormfront, but both of those host mostly 1st Amendment protected content, and thus a Presidential campaign really should not be saying that, because as President you literally cannot have a policy that silences 1st Amendment protected speech. That's how the 1st Amendment works.

        And, arguably, it's not that difficult to trace a pretty direct lineage from Cult of the Dead Cow to 8chan -- and, if anyone, Beto should know that.

        "Require large social media platforms to create systems designed to remove hateful activities on their sites." Are there any "large" social media platforms that don't already ban hateful activities in their terms and have systems designed to remove that content? The answer is no. This is a pointless, meaningless policy demanding something that's already been done.

      • NC Appeals Court Withdraws Its Horrendous, Free Speech-Damaging Opinion On Retaliatory Arrests

        Late last week, the North Carolina State Court of Appeals released an astounding decision. Ignoring a number of precedential rulings finding otherwise, the court decided it was okay for state law enforcement officers to engage in retaliatory arrests, so long as they could find something to charge a citizen with.

        In this case, a car carrying a passenger who flipped the bird to a trooper engaged in a traffic stop was pulled over for… um… "disturbing the peace." Apparently, all hell was on the verge of breaking loose due to the enthusiastic bird-flipping in the direction of the officer. By the time the stop was over, the passenger was arrested for obstructing an officer. This was because the passenger refused to ID himself, which isn't actually a crime in North Carolina.

        The court looked at this retaliatory traffic stop and eventual arrest and said, yeah, I guess it's "reasonable" to assume a drive-by birding is a criminal act in the making, even if the supposed initiating factor (the finger) was protected expression.

        The dissenting opinion was the only reasonable thing about the decision. It pointed out one person's obscene gesture was highly unlikely to result in disturbed peace and that the traffic stop was nothing more than a fishing expedition to find something to charge the bird-flipping passenger with.

    • Privacy/Surveillance

      • As The NSA Declares Phone Record Program Dead, Trump Administration Asks For A Permanent Reauthorization

        The NSA decided to abandon its phone data collection earlier this year, stating that it was having all sorts of technical issues collecting only the stuff it was asking for. In the good old days prior to the enactment of the USA Freedom Act, the NSA simply asked for everything. "Reasonable articulable suspicion" now guides the record collection -- something that appears to be too tricky for the NSA to wrap its collective collection powers around.

        It's not all the NSA's fault. The telcos now hold the records and only hand over what's asked for when the NSA approaches them. Easier said than done, apparently, as over-collection continues and the NSA seems unable to prevent collecting records it's not actually trying to correct.

        But it's also the NSA's fault because it's had plenty of time to get used to the new rules and develop better practices/software to sort through collected data. Of course, the NSA has also hinted the program is of limited usefulness and has seemed willing to give it up for years now, especially if the token sacrifice saves other, far more intrusive programs from the Congressional chopping block.

        Is it really shut down, though? That's been a tough question to answer. The NSA did recommend the program be shut down and claims it's just gathering dust at the moment, but there's been nothing definitive delivered to its oversight. Until now. Charlie Savage reports for the New York Times that there's finally official confirmation of the program's (possibly temporary) demise. Exiting Director of National Intelligence Dan Coats' unclassified letter makes it clear the NSA has shut down the program indefinitely.

      • EFF Calls on California to End Vendor-Driven ALPR Training

        A single surveillance vendor has garnered a monopoly on training law enforcement in California on the use of automated license plate readers (ALPRs)—a mass surveillance technology used to track the movements of drivers. After examining the course materials, EFF is now calling on the state body that oversees police standards to revoke the training certification.

        In a letter to the California Commission on Peace Officer Standards and Training (POST) sent today, EFF raises a variety of concerns related to factual accuracy of its ALPR training on legal matters. Additionally, we are concerned about the apparent conflict of interest and threat to civil liberties that occurs when a sales-driven company also provides instruction on “best practices” to police.

        ALPRs are camera systems that capture license plates and character-recognition software to document the travel patterns of vehicles. The cameras are often attached to fixed locations, such as streetlights and overpasses, and to police cars, which collect data while patrolling neighborhoods. This data is uploaded to a central database that investigators can use to analyze a driver’s travel patterns, identify visitors to particular destinations, predict individuals’ locations, and track targeted vehicles in real-time. ALPR is a mass surveillance technology in the sense that the systems collect information on every driver—regardless of whether the vehicles have a nexus to a criminal investigation.

    • Civil Rights/Policing

      • Protest Song Of The Week: ‘Star-Spangled Banner’ by Jimi Hendrix

        It was fifty years ago that Jimi Hendrix performed the United States national anthem during a Monday morning for tens of thousands of people at the Woodstock Music and Art Fair.

        Hendrix was the last act to take the stage. He had top-billing and was supposed to take the stage Sunday evening. Technical and weather delays led to the only morning performance he ever did for an audience. By the time he was introduced, many of the attendees had left to return home.

        The national anthem was part of a medley of songs. In the set, Hendrix smoothly segues into the “Star Spangled Banner” after completing “Voodoo Child (Slight Return).” As his guitar distorts and wails the last notes, he launches into “Purple Haze.”

        In fact, Hendrix performed the U.S. national anthem before, but his rendition had never achieved such a glorious sonic impact.

        As journalist Barnard Collier recalled for PBS’ “Woodstock” documentary, “Into my head stabbed this sound. It sounded exactly like rockets, missiles, and bombs bursting in air. I’d never heard anything like that in my life.”

    • Monopolies

      • Canada Announces Reforms to Reduce Prices on Patented Drugs

        The Canadian government has announced amendments to its regulations concerning patented drugs that it says will make medicines more affordable. According to Health Canada, these changes will save Canadians $13.2 billion (US $9.97 billion) over the next decade.

        Under the Patent Act, enacted in Canada in 1987, the Patented Medicine Prices Review Board (PMPRB) can take action against patent holders who charge what the board determines to be an excessive price. Factors that PMPRB takes into consideration include the price for which a drug is sold, the prices of other drugs in the same class are sold, the price charged in other countries, and changes in the consumer price index (CPI).

        Drugs are assessed for their therapeutic benefit relative to existing products, and depending on the outcome of that assessment, are given a ceiling price based on the median price of the same drug in United States, United Kingdom, France, Germany, Switzerland, Italy, and Sweden. The ceiling price can then grow in keeping with the CPI.

      • Patents and Software Patents

        • Lawyers say Federal Circuit’s USPTO request may affect trials

          The Federal Circuit has asked USPTO director Andrei Iancu to explain what deference should be afforded to a panel that determines whether patent disputes are precedential – a move which, lawyers say, could affect future disputes

          Lawyers say the US Court of Appeals for the Federal Circuit’s request for the USPTO director to explain what deference should be afforded to an office panel could affect how future trials are interpreted...

        • After Filing Statutory Disclaimer, Constitution Bars Court from Finding Claims Invalid

          Sanofi-Aventis U.S. LLC v. Fresenius Kabi USA, LLC, CV147869MASLHG, 2018 WL 9364037 (D.N.J. Apr. 25, 2018). The remaining claims that had been rejected by the PTAB were revived by the Federal Circuit in a Feb 2019 decision — ordering the PTAB to consider allowing amendments to the claims. Sanofi Mature IP v. Mylan Laboratories Ltd., 757 Fed. Appx. 988 (Fed. Cir. 2019)(unpublished).

          On appeal, the Federal Circuit has vacated this decision — holding that “disclaimer of the disclaimed claims mooted any controversy.” Rather, once the claims were disclaimed the invalidity relief became “both speculative and immaterial to its possible future defenses, and Defendants thus failed to demonstrate an Article III case or controversy.”

          Fresenius pointed to the fact that Sanofi is now in the process of amending its claims before the PTAB — and could potentially recaputure some aspect of those claims. In addition, Fresenius argued that the decision could provide the company with issue preclusion armor in the future. On appeal, the Federal Circuit found these potential harms too speculative and insufficient to be considered.

          The decision here is somewhat surprising to me because we’re talking about a Constitutional question. Would the constitution allow a judgment on these claims — especially taking into account the ongoing litigation, the potential for recapture, and the notion that a patent covers a single invention (even if re-stated in number of claims). The Federal Circuit did not cite the Supreme Court’s recent, Already, LLC v. Nike, Inc., 568 U.S. 85 (2013). In that case, Nike sued Already for trademark infringement (Air Force 1) and Already counterclaimed that the mark was invalid. Prior to judgment, Nike dismissed its side of the lawsuit and also issued a broadly worded “covenant not to sue” Already.

        • The Vaccine Race in the 21st Century

          In a world in which infectious diseases are spreading increasingly faster, the development of new human vaccines remains a priority in biopharmaceutical innovation. Legal scholars have addressed different aspects of vaccine regulation and administration, but less attention has been paid to the role of laws governing innovation during the stages of research and development (R&D) of vaccines.

          This Article explores the race to develop new vaccines from its beginnings through the early 21st century, with a particular focus on the progressively pervasive role of intellectual property in governing vaccine innovation. It describes the insufficiencies of current innovation regimes in promoting socially desirable levels of vaccine R&D, particularly in the case of emerging pathogens, a phenomenon that is at odds with public health needs.

          Moreover, the Article identifies transactional inefficiencies affecting the licensure of vaccine technology. In order to address this problem, the Article argues for adoption of a technology-specific solution, and proposes a narrowly construed “take-and-pay” regime based on liability rules, enabling access to vaccine technology by follow-on innovators.

        • Apple challenges RED over RAW patent legitimacy
      • Trademarks

        • Double Standards: An Empirical Study of Patent and Trademark Discipline

          Our legal system is built on the foundation that lawyers have a number of coexisting and sometimes conflicting duties — to their clients, to others who might be affected by their practice, and to the effective and equitable administration of justice. While most lawyers fulfill these duties ethically, invariably some fail to live up to these expectations. For this reason, all states have created disciplinary authorities to regulate and sanction lawyer misconduct. The United States Patent and Trademark Office (“USPTO”) is one of the few agencies to have developed its own disciplinary system for policing the conduct of trademark attorneys and patent practitioners, owing to the critical role that these professionals play in the provision of intellectual property rights.

          With fraudulent and suspicious activity before the USPTO on the rise, the question arises of how the USPTO is leveraging its disciplinary authority to ensure that it continues to fulfill its mission. It is this question that this Article begins to answer, filling a critical gap in the scholarly literature and providing a blueprint for how to conduct such research for other disciplinary authorities in the future. Through innovative empirical methods marshalling data over 16 years from disciplinary authorities throughout the country, this Article shows that the USPTO is not only failing to discipline bad actors with regularity, but also not focusing its attention on the types of misconduct that threaten to undercut the provision of intellectual property rights that are in the public interest. It then provides a series of recommendations so that the USPTO can align its disciplinary work in accordance with its vital regulatory role.

      • Copyrights

        • A Cycle of Renewal, Broken: How Big Tech and Big Media Abuse Copyright Law to Slay Competition

          In 1950, a television salesman named Robert Tarlton put together a consortium of TV merchants in the town of Lansford, Pennsylvania to erect an antenna tall enough to pull down signals from Philadelphia, about 90 miles to the southeast. The antenna connected to a web of cables that the consortium strung up and down the streets of Lansford, bringing big-city TV to their customers — and making TV ownership for Lansfordites far more attractive. Though hobbyists had been jury-rigging their own "community antenna television" networks since 1948, no one had ever tried to go into business with such an operation. The first commercial cable TV company was born.

          The rise of cable over the following years kicked off decades of political controversy over whether the cable operators should be allowed to stay in business, seeing as they were retransmitting broadcast signals without payment or permission and collecting money for the service. Broadcasters took a dim view of people using their signals without permission, which is a little rich, given that the broadcasting industry itself owed its existence to the ability to play sound recordings over the air without permission or payment.

          The FCC brokered a series of compromises in the years that followed, coming up with complex rules governing which signals a cable operator could retransmit, which ones they must retransmit, and how much all this would cost. The end result was a second way to get TV, one that made peace with—and grew alongside—broadcasters, eventually coming to dominate how we get cable TV in our homes.

          By 1976, cable and broadcasters joined forces to fight a new technology: home video recorders, starting with Sony's Betamax recorders. In the eyes of the cable operators, broadcasters, and movie studios, these were as illegitimate as the playing of records over the air had been, or as retransmitting those broadcasts over cable had been. Lawsuits over the VCR continued for the next eight years. In 1984, the Supreme Court finally weighed in, legalizing the VCR, and finding that new technologies were not illegal under copyright law if they were "capable of substantial noninfringing uses."

        • Moviepass Changed User Passwords So They Couldn't Use The Flopping Service

          Originally, the Moviepass business model seemed like a semi-sensible idea, though we were quick to wonder if it would ever actually make a profit. Under the model, users paid $30 (eventually $10) a month in exchange for unlimited movie tickets at participating theaters, provided they signed up for a full year of service. There were of course caveats: you could only buy a ticket per day, and could only buy one ticket per movie. It also prohibited users from viewing 3D, IMAX, or XD films. Still, the proposal was widely heralded by some as a savior for the traditional, brick and mortar, sticky floor movie industry.

          While it looked like the effort was going well, that appears to have been a ruse. A four month investigation by Business Insider (warning possible paywall) is well worth a read, documenting how the effort was bleeding money due to many of the issues Mike asked questions about back in 2012. The outfit went to great lengths to mislead investors that the effort was going well when it was really losing millions of dollars after blowing a fortune on trying to build technology that could easily and quickly geo-match users with theaters in their neighborhoods.

          A 2017 price drop to $10 per month resulted in all kinds of breezy press coverage, but all but ensured the project would never make money



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day