Bonum Certa Men Certa

Links 11/9/2019: Acer in LVFS, RawTherapee 5.7 and Qt 5.12.5 Released



  • GNU/Linux

    • Server

      • Docker Not Doomed?

        Modern application development essentially consists of composing an application from a variety of services. These services aren't just infrastructure components that live on a server any more. They're delivered via an API and could be almost anything underneath as the abstractions start to pile up.

        COBOL code at the other end of a message bus with a lambda-function frontend? Okay. Ephemeral container running a Spring Boot service that connects to an RDBMS on a physical Unix server on the other side of the country? Sure, why not? Modern applications don't really care, because it's all about getting the job done. The name of the game is loosely-coupled modular components.

        This is why Docker has joined forces with Microsoft, Bitnami, HashiCorp, and a few others to create the Cloud Native Application Bundle (CNAB) specification. Docker uses this spec as part of its Docker App tool, which behaves a lot like docker-compose to collect a variety of services together into a single application bundle that can be shared around. It's a lot like a container collection, and brings the same easy portability of containers to composed applications.

        "[Docker App] allows you to describe not just containers, but other services around which the app is dependent," says Johnston. "And it allows you to do things that enterprises care about, such as signing the bundle, verifying that signature, and automatically promoting it based on that signature and things like that."

      • IBM

        • Red Hat OpenShift Service Mesh is now available: What you should know

          As Kubernetes and Linux-based infrastructure take hold in digitally transforming organizations, modern applications frequently run in a microservices architecture and therefore can have complex route requests from one service to another. With Red Hat OpenShift Service Mesh, we’ve gone beyond routing the requests between services and included tracing and visualization components that make deploying a service mesh more robust. The service mesh layer helps us simplify the connection, observability and ongoing management of every application deployed on Red Hat OpenShift, the industry’s most comprehensive enterprise Kubernetes platform.

          Red Hat OpenShift Service Mesh is available through the OpenShift Service Mesh Operator, and we encourage teams to try this out on Red Hat OpenShift 4 here.

        • Catching up with Red Hat at Sibos 2019

          Red Hat is excited to once again be attending Sibos, an annual financial services industry conference exhibition and networking event that is hosted by SWIFT. This year, the event is being held in London, England from September 23rd through 26th. Red Hat will be attending to sponsor a number of activities and discuss how and why enterprise open source technologies offer innovative capabilities that can help firms thrive in their digital journeys.

    • Audiocasts/Shows

    • Kernel Space

      • It’s Now Easier to Install Acer Firmware on Linux

        Y’know, the Linux Vendor Firmware Service!

        It’s an awesome initiative spearheaded by open source developer Richard Hughes that enables well-known hardware companies — Dell! Lenovo! Wacom! Etc! — safely distribute firmware updates to Linux users, sans hassle.

        Yup! And as Acer is one of the biggest laptop sellers in the world their addition to the ranks of the LVFS is pretty big news (just like I said in my opening line, keep up!).

      • Please welcome Acer to the LVFS
      • Acer Begins Publishing UEFI Firmware Updates For Linux Users On LVFS For Fwupd

        Following a lengthy evaluation period, Acer is the latest hardware manufacturer offering firmware updates for their products via the Linux Vendor Firmware Service (LVFS) for easily applying these updates from the Linux desktop with Fwupd.

        Acer joins the likes of Dell, HP, Lenovo and other manufacturers in offering firmware updates (primarily UEFI updates, but also other firmware files) via LVFS/Fwupd.

      • F2FS Will Have Faster Case-Insensitive Lookups With Linux 5.4

        F2FS has done a good job following EXT4 that spearheaded this modern case-insensitive directory/file feature that's optional and opt-in on a per directory basis. Like with F2FS' other following of EXT4 around this feature, it's now ported the look-up optimization from 5.3 to its driver. On the EXT4 side it has resulted in around 30% faster look-ups on large directories by introducing a temporary cache to avoid repeated case-folding.

      • How Intel's Clear Linux Team Cut The Kernel Boot Time From 3 Seconds To 300 ms

        Intel engineer Feng Tang spoke at this week's Linux Plumbers Conference in Lisbon, Portugal on how the Clear Linux team managed to boot their kernel faster. They started out with around a three second kernel boot time but cut it down to just 300 ms.

        Among the optimizations carried out to really speed-up their boot time were ensuring more asynchronous driver probing, only initializing a small amount of RAM at start and then after booted hot-plug the rest of it in parallel via systemd, optimized root file-system mounting, disabling unnecessary kernel modules, and similar approaches.

      • Graphics Stack

        • Intel's Gallium3D Linux Driver Now Exposes OpenGL 4.6

          But unlike the i965 driver with OpenGL 4.6 support back-ported to Mesa 19.2, for the Intel Gallium3D driver it isn't marked for back-porting so is likely a feature for next quarter's Mesa 19.3 with that being the version in development on Git master. The Intel Gallium3D support comes after all the heavy-lifting done for getting the SPIR-V extensions in place for the common Intel graphics code over the past two years. This Intel Gallium3D driver is now the second in Mesa supporting GL 4.6 and the first Gallium3D driver to do so.

        • AMD "Trusted Memory Zone" Encrypted vRAM Support Coming To Their Linux GPU Driver

          AMD Trusted Memory Zone support is a new feature being worked on for their open-source graphics driver that works in conjunction with the graphics hardware for being able to encrypt portions of the video memory.

          Trusted Memory Zone (TMZ) support appears to be present going back to the original Vega graphics processors but this is the first time we're seeing it implemented on the Linux side. Trusted Memory Zone protects the contents of TMZ'ed pages from being read by the CPU (non-GPU) clients and fend off writes to the protected pages. AMD TMZ support is being used to offer secure buffer object support on Linux.

        • AMD Navi 14 Workstation Graphics Cards Discovered In Linux Driver Update

          AMD has barely scratched the desktop surface with its Navi GPU architecture—there are just two main models, the Radeon RX 5700 XT and Radeon RX 5700, and three overall if you count the Radeon RX 5700 XT 50th Anniversary Edition. It's a sure bet we will see more Navi cards in the future. That includes workstation models, as hinted by a breakdown of a recent patch for Linux.

          Up to this point, AMD has leaned on its Vega GPU architecture for its latest workstation graphics cards. That includes the Radeon Pro Vega II and Radeon Pro Vega II Duo, both if which were introduced in June, coinciding with a refreshed Mac Pro desktop.

    • Benchmarks

      • AMD Ryzen 9 3900X Benchmarks On 11 Linux Distributions

        Now that BIOS updates over the past month have resolved the early boot issue with Ryzen 3000 processors and thus the new AMD CPUs playing nicely with modern Linux distributions, here is the long-awaited benchmark comparison of the Ryzen 9 3900X + X570 system benchmarked across an array of different Linux distributions... In fact, 11 Linux OS releases in total were tested on this high-end 12-core / 24-thread desktop processor.

        Last week was a look at eight Linux distributions on the AMD EPYC 7742 2P server while this is the desktop equivalent and pulling in more distributions given the more diverse Linux desktop ecosystem. The Ryzen 9 3900X was running at stock speeds on the ASUS ROG CROSSHAIR VIII HERO WiFi motherboard with 2TB Corsair Force MP600 PCIe 4.9 NVMe SSD, and Radeon RX 560 graphics (not the focus of today's tests).

    • Applications

      • RawTherapee 5.7 Released, Here’s How to Install it on Ubuntu & Linux Mint

        A new version of open source RAW image processing software RawTherapee is now available to download. We show you how to install it on Ubuntu.

        This post, RawTherapee 5.7 Released, Here’s How to Install it on Ubuntu & Linux Mint, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

      • RawTherapee 5.7 Released! How to Install it in Ubuntu 18.04

        The official Linux Appimage, single executable to launch the software (non-install), is available for download in the previous link

        For Ubuntu 18.04, Ubuntu 19.04, Linux Mint 19.x, you can also install RawTherapee 5.7 via this unofficial PPA.

        1. Open terminal either via Ctrl+Alt+T keyboard shortcut or by searching for “Terminal” from application menu.

      • Daniel Stenberg: curl 7.66.0 – the parallel HTTP/3 future is here

        I personally have not done this many commits to curl in a single month (August 2019) for over three years. This increased activity is of course primarily due to the merge of and work with the HTTP/3 code. And yet, that is still only in its infancy…

      • Proprietary

        • Chrome 77 Released With Serial API, WebVR 1.1 & Any Element Can Provide Form Data

          Google has rolled out Chrome 77 into their stable channel as the newest version of their lightning fast web browser for Linux.

          Chrome 77 now supports any HTML element providing form data via the "formdata" event, various security improvements, a Serial API for interacting with devices connected to physical or virtual serial ports, WebVR 1.1 support, tab sharing between devices, and a variety of other improvements.

        • Chrome for Android Update

          Hi, everyone! We've just released Chrome 77 (77.0.3865.73) for Android: it'll become available on Google Play over the next few weeks.

        • Chrome 77 for Mac, Windows rolling out: ‘Send this page’ sharing, new favicon animation, more

          Google is rolling out the latest version of Chrome for Mac, Windows, and Linux. Chrome 77 more widely introduces the “Send this page” cross-device sharing...

        • Google Chrome 77 Is Out for Linux, Android, Windows & Mac with 52 Security Fixes

          Google has promoted the Chrome 77 web browser to the stable channel for all supported platforms, including Linux, Android, Windows, and Mac. Google Chrome 77 introduces several performance enhancements to speed up your browsing experience, including new performance metrics that helps web developers measure how fast the content of a web page loads so you can access it faster than ever, as well as new form capabilities to support custom form controls.

          "It has not always been easy for developers to measure how quickly the main content of a web page loads and is visible to users. The usefulness of existing metrics varies. Some metrics are only measurable in a lab, while others tell nothing about content that users care about. Consider the example below, taken from a DevTools performance audit," said Google.

          Additionally, Google Chrome 77 introduces new origin trials that lets you to try new Chrome features before they are released and give feedback to the web standards community on their usability, effectiveness, and practicality. Users will be able to register for the origin trials here.

    • Instructionals/Technical

    • Games

      • Try the demo of the amusingly quirky point & click adventure Edgar - Bokbok in Boulzac

        Edgar - Bokbok in Boulzac is an upcoming in-development point and click adventure game, one that I came across recently and it's well worth taking a look at the demo.

        Seems it's one entirely missed by us here at GamingOnLinux, with it appearing on Steam earlier this year and a Linux demo being added back in May.

      • Seems like Discord's new "Go Live" feature is not coming to the Linux version

        Recently, the voice & text chat app Discord released a pretty fun sounding new feature called "Go Live" which sadly seems like Linux will miss out on.

        Go Live is a feature that allows you to share your game screen with a group of friends on a Discord channel, have them join the chat for it and watch you play. Like smaller and more intimate version of Twitch, only it's just for Discord.

        Tweeting out about this new feature last week, the official Discord Twitter said "We just rolled out Go Live to... 100% of you! Everyone can now launch a game, click a button, and start streaming to their friends."

      • Harebrained Schemes continue to tweak BATTLETECH with a new update out

        Ready for one more turn? Harebrained Schemes have some new tweaks ready in the BATTLETECH 1.7 update that's out now.

        It's not a huge update, mostly about giving all their mechs a little spit and polish. The AI has seen a couple of improvements this time including their ability to avoid a potential ECM exploit, ECM carriers actually work a little better at keeping allies cloaked, pathfinding fixes in missions where the AI might become stuck and updated lance role tags for some mechs.

        Something I'm sure a lot of people will appreciate, is their focus on improving performance too. Both the UI rendering and particle systems went through a bunch of optimizations for this update so hopefully it will be smoother overall.

      • Age of Grit is a stylish steampunk turn-based, tactical RPG with airship combat

        Released into Early Access recently, Age of Grit gives Steampunk a little cowboy-themed makeover with turn-based airship combat and it's supporting Linux too.

        Another game crowdfunded on Kickstarter, where Age of Grit managed to get funded back in 2014 so it's been in development for quite a while now. Nearly five years after the end of the Kickstarter and it's entered Early Access on Steam.

    • Desktop Environments/WMs

    • Distributions

      • Screenshots/Screencasts

      • Debian Family

        • Debian 10: Playing catch-up with the rest of the Linux world (that’s a good thing)

          I've been using Debian 10 for three months now (yes, before it was officially released via a testing channel), and, as you would expect, it is a super solid release. This is remarkable only because I did not have the same experience at all on Debian 9. My initial foray into Debian 9 was fraught with problems, and I went scurrying back to Debian 8 in a hurry. I tried again after a year and had better luck, but this time around I've had no problems at all on either the desktop or server (it's worth noting, though: before you upgrade, back up any PostgreSQL data, since Debian 10 moves from PostgreSQL 9.6 to 11, a significant migration for any live servers).

          While I plan to wait for at least a one-point release before I test updating any production servers, Debian 10 looks like a great release. I fully expect to be running Debian 10 servers well into the mid 2020s.

          On the desktop side, I still prefer Arch Linux to Debian on my main machine. This might sound like diametrically opposed distros to compare—Debian is focused on stability and changes at a glacial pace, while Arch is a rolling release with updates on a daily basis—but in my experience these have both been the most stable, reliable distros I've used. The chief difference is that one updates all the time to achieve that stability while the other updates hardly at all. They may take different approaches, but they arrive at the same result.

        • Debian 10 Buster with GNOME 3: I didn't expect it to be this fast, but that could be the SSD talking

          I don’t know how much of it is Debian 10 and how much is swapping a 5400-RPM hard drive with an M.2 NVMe SSD, but my 2-year-old laptop is FLYING now that I’ve ditched Windows 10 and the 1 GB magnetic drive that came with it.

          And this is with GNOME 3. The stock or lightly/heavily-favored desktop environment in Debian, Fedora and Ubuntu looks great, runs with no hesitation (in constrast to Windows 10) and doesn’t have me thinking that I need anything else for speed-related reasons.

        • Markus Koschany: My Free Software Activities in August 2019

          Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

      • Canonical/Ubuntu Family

        • Ubuntu 19.10 "Eoan Ermine" Promises More Boot Speed Improvements

          According to Colin Ian King, the Ubuntu Kernel Team worked hard during the past few months to find a faster compression/decompression algorithm for the upcoming Ubuntu 19.10 (Eoan Ermine) operating system, which will hit the streets later this fall on October 17th.

          The Ubuntu Kernel Team benchmarked six compression methods for the initramfs, including BZIP2, GZIP, LZ4, LZMA, LZMO and XZ, to measure the loading time of the Linux kernel, as well as the decompression time. The benchmarking was conducted on x86 configurations using the x86 TSC (Time Stamp Counter).

        • My Ubuntu Reached EOL, What Should I Do?

          If your Ubuntu version reached its End of Life (EOL), it will not install software anymore. You can still use the system without time limit but you cannot get more applications nor security updates. This article explains with example to take care of Ubuntu 14.10 "Utopic Unicorn" which has been EOL since 2015 so it can install programs once again (but without updates). This tutorial can be used for other EOLed versions of Ubuntu for example 10.10 or 17.04. I hope this helps.

          Each Ubuntu release has support duration, meaning, a certain period of time where Canonical provides software repository (including security updates) for it. When the support duration ended, it is called End Of Life, meaning Canonical deletes the repository (including security updates) for it. Once your Ubuntu system reached EOL, you cannot install software anymore nor receive any updates. For example, in 2019, versions considered EOL are 12.10, 14.10, and 17.04, among others.

        • Canonical Fixes Linux 4.15 Kernel Regression in Ubuntu 18.04 LTS and 16.04 LTS

          Earlier this month, Canonical published major Linux kernel security updates for all supported Ubuntu Linux operating systems, addressing no less than 28 security vulnerabilities. However, one of the patches also introduced a regression causing the Linux kernel 4.15 on Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems to crash when handling fragmented packets.

          "USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue. We apologize for the inconvenience," said Canonical in the security advisory.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla's Faces Criticism

            Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user's DNS server to a corresponding DoH server, and if available, use that for DNS resolution.

            For those unfamiliar with DoH, it allows DNS resolution to be conducted over encrypted HTTPS connections rather than through the normal plain text DNS lookups.

          • Mozilla Reps Community: Rep of the Month – July 2019

            Please join us in congratulating Bhuvana Meenakshi Koteeswaran, Rep of the Month for July 2019!

            Bhuvana is from Salem, India. She joined the Reps program at the end of 2017 and since then she has been involved with Virtual and Augmented Reality projects.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice Conference 2019, Day 1: Some photos

          Yes, the main part of the LibreOffice Conference 2019 is underway, in Almeria, Spain. We’ll have a full write-up (including presentation videos) on this blog – but in the meantime, a quick look-back at the first day…

      • Pseudo-Open Source (Openwashing)

      • FSF/FSFE/GNU/SFLC

        • Oracle introduces patch series to add eBPF support for GCC

          Yesterday, the team at Oracle introduced a patch series that brings a port of GCC to eBPF (extended Berkeley Packet Filter), a virtual machine that is placed in the Linux kernel. With the support for binutils (binary tools), this port can be used for developing compiled eBPF applications.

          eBPF was initially used for capturing user-level packet and filtering, it is now used to serve as a general-purpose infrastructure for non-networking purposes as well.

          Since May, Oracle has been planning on introducing an eBPF back-end to GCC 10 to make the GNU compiler target the general-purpose in-kernel virtual machine. Oracle’s inclination on bringing in the eBPF support for GCC is part of the company’s efforts towards improving DTrace on Linux.

      • Programming/Development

        • This Week in Rust 303

          Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed.

        • Develop with Django 2 and Python 3 in a container with Red Hat Enterprise Linux

          In my previous article, Run Red Hat Enterprise Linux 8 in a container on RHEL 7, I showed how to start developing with the latest versions of languages, databases, and web servers available with Red Hat Enterprise Linux 8 even if you are still running RHEL 7. In this article, I’ll build on that base to show how to get started with Django 2 using the current RHEL 8 application stream versions of Python 3 and PostgreSQL 10.

          From my perspective, using Red Hat Enterprise Linux 8 application streams in containers is preferable to using software collections on RHEL 7. While you need to get comfortable with containers, all of the software installs in the locations you’d expect. There is no need to use scl commands to manage the selected software version. Instead, each container gets an isolated user space. You don’t have to worry about conflicting versions.

          In this article, I show you how to create a Red Hat Enterprise Linux 8 Django container with Buildah, and run it with Podman. The code is stored on your local machine and mapped into the container when it runs. You can edit the code on your local machine as you would any other application. Because it is mapped via a volume mount, the changes you make to the code are immediately visible from the container, which is convenient for dynamic languages that don’t need to be compiled.

        • Deploying a Flask Application to Heroku

          In this tutorial you will learn how to deploy a Flask application to Heroku. The app can be as simple as a "Hello World" app to a social media monitoring platform!

          Nowadays there is no business that doesn't have a web app to help it a reach greater audience, or maybe provide its services through an online portal.

          Today you are about to learn how to make an API using Flask as a case study for how to deploy your app on Heroku.

        • Real Python: Python vs C++: Selecting the Right Tool for the Job

          Are you a C++ developer comparing Python vs C++? Are you looking at Python and wondering what all the fuss is about? Do you wonder how Python compares to the concepts you already know? Or perhaps you have a bet on who would win if you locked C++ and Python in a cage and let them battle it out? Then this article is for you!

        • PyCharm 2019.2.2

          PyCharm 2019.2.2 is now available. This version solves regression issues and improves Jupyter Notebook configuration experience.

        • Qt 5.12.5 Released

          I am happy to Announce we have released Qt 5.12.5 today.

          This fifth patch release to Qt 5.12 LTS contains almost 280 bug fixes. Please check most important changes from Qt 5.12.5 Changes Files.

          If you are still using older Qt versions, I strongly encourage all active projects to migrate to Qt 5.12 LTS if possible. After the Qt 5.12.5 release was branched, the Qt 5.12 LTS has entered in 'strict' phase, so from now on it will receive only the selected important bug and security fixes. New patch releases to Qt 5.12 LTS will be released regularly in the future as well but with fewer changes than before.

        • Why COBOL Still Matters After 60 Years

          In the world of DevOps, the Agile Manifesto and countless other application delivery frameworks, one has to wonder how an anachronism such as the programming language COBOL (common business-oriented language) has managed to remain relevant. After all, COBOL has its roots back in the 1940s, and was built upon Rear Admiral Grace Hopper’s work on the FLOW-MATIC programming language (a text-based programming language). Hopper, who worked as a technical consultant on the FLOW-MATIC project, is sometimes referred to as the grandmother of COBOL.

  • Leftovers

    • Health/Nutrition

    • Security (Confidentiality/Integrity/Availability)

      • Security updates for Wednesday

        Security updates have been issued by Fedora (python38), openSUSE (nginx, nodejs10, nodejs8, python-Twisted, python-Werkzeug, SDL2_image, SDL_image, and util-linux and shadow), Oracle (firefox and nghttp2), Red Hat (.NET Core, firefox, kernel, libwmf, pki-deps:10.6, and poppler), Scientific Linux (firefox), SUSE (ghostscript, libgcrypt, podman, python-SQLAlchemy, qemu, and webkit2gtk3), and Ubuntu (curl, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, systemd, and tomcat8).

      • Duty Of Care

        Put differently, when Toyota recalls hundreds of thousands of cars for potential defects in which exactly zero people were harmed, we consider that responsible stewardship of their product.

      • The California Consumer Privacy Act

        Next January, California is set to have one of the strongest laws in the nation, passed last year with unusual bi-partisan support, seeking to add some first-of-their-kind state protections over our personal data. It is called the California Consumer Privacy Act (CCPA) of 2018. It nicely reflects the fact that our state is one of the only states in the country whose constitution in Article 1, Section 1, actually contains an express right of privacy guaranteed to all Californians.

        This past year, since the bill’s passage, Purism has worked tirelessly–and dedicated substantial staff resources–to help make sure the new law is not substantially thrashed by Big Tech’s huge army before the fledgling law can even take effect: an army of highly-paid lobbyists. The stakes for Big Tech are large, but the stakes for consumer privacy, and for Purism’s philosophy of consumer privacy protection and control, are so much bigger.

        To try to stem the extraordinary political muscle of Big Tech in Sacramento, Purism has worked in close collaboration with California’s top privacy protection groups including the ACLU, EFF, Consumers Union, Common Sense Kids Action and the Privacy Rights Clearinghouse, and many others to try to stop the onslaught of Big Tech-sponsored bills seeking to vitiate the new law.

        Our CEO has testified in legislative hearings against the weakening measures, and has recently co-written a powerful editorial published in the Mercury News, the newspaper in the backyard of Big Tech in Silicon Valley, against these bills. As Purism’s legislative advocate, I have met with key California legislators to try to thwart Big Tech’s predictable onslaught against this new law.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • How the UK Security Services neutralised the country’s leading liberal newspaper

        The Guardian, Britain’s leading liberal newspaper with a global reputation for independent and critical journalism, has been successfully targeted by security agencies to neutralise its adversarial reporting of the ‘security state’, according to newly released documents and evidence from former and current Guardian journalists.

      • Victory! Ruling in hiQ v. Linkedin Protects Scraping of Public Data

        In a long-awaited decision in hiQ Labs, Inc. v. LinkedIn Corp., the Ninth Circuit Court of Appeals ruled that automated scraping of publicly accessible data likely does not violate the Computer Fraud and Abuse Act (CFAA). This is an important clarification of the CFAA’s scope, which should provide some relief to the wide variety of researchers, journalists, and companies who have had reason to fear cease and desist letters threatening liability simply for accessing publicly available information in a way that publishers object to. It’s a major win for research and innovation, which will hopefully pave the way for courts and Congress to further curb abuse of the CFAA.

        The Trouble with the CFAA

      • Big News: Appeals Court Says CFAA Can't Be Used To Stop Web Scraping

        Two years after a lower court correctly decided that LinkedIn couldn't use the CFAA to stop third parties from scraping their site, the 9th Circuit appeals court has upheld that decision in a very important decision for the future of an open web. For a long time we've talked about how various internet companies -- especially the large ones -- have abused the CFAA to stop competition and interoperability. If you're unaware, the CFAA is basically the US's "anti-hacking" law, which was designed to make it a crime (and a civil infraction) to "break into" someone else's computer. But for years it's been interpreted way too broadly (to the point that it's referred to as "the law that sticks" when trying to get someone for "doing something bad on a computer."

    • Environment

    • Finance

      • Cause of Termination: Gross Fraud and Malfeasant Negligence

        In the eyes of the law there are differences in lies. While it is wrong to deceive, deception with the intent to cause injury or damage is especially bad. This is the current, and persistent, practice by President Donald Trump and it is worthy of a deeper look.

      • An Uber Driver’s Death Shows the Harms of Misclassifying Workers

        In 2015, Waheed Etimad immigrated with his wife and their seven children to the United States from Afghanistan on the special immigrant visa he received after translating for the U.S. Army. Etimad began taking courses at Diablo Valley College, studying to become a computer engineer while driving full time for Uber at night. People who knew Etimad called him a hardworking and devoted family man, an “amazing father, husband, and friend.”

      • We Asked Prosecutors if Health Insurance Companies Care About Fraud. They Laughed at Us.

        Like most of us, William Murphy dreads calling health insurance companies. They route him onto a rollercoaster of irrelevant voice menus, and when he finally reaches a human, it’s a customer service rep who has no idea what he’s talking about. Then it can take days to hear back, if anyone responds at all.

        The thing is, Murphy isn’t a disgruntled patient. He prosecutes medical fraud cases for the Alameda County District Attorney’s Office in Oakland, California. And when he calls insurers, he’s in pursuit of criminals stealing from them and their clients. But, he said, they typically respond with something akin to a shrug. “There’s no sense of urgency, even though this is their company that’s getting ripped off.”

      • How to Make Health Insurers Take Fraud Seriously

        In most states, laws require private health insurers to submit information to regulators about suspected fraud in their networks. Such reporting helps everyone by highlighting scammers and their schemes. For instance, a doctor could be billing several insurers for services that weren’t provided, a hospital could be uniformly gaming billing codes to pad profits or a fraudster could be targeting several insurers pretending to be a medical professional.

        But ProPublica found that most insurers prefer to handle suspicious cases internally without notifying regulators or prosecutors, who could pursue the alleged perpetrators in court. Ultimately, money lost to fraud is passed on to employers and working Americans who pay for the health plans.

      • House Democrats Threaten to Subpoena Pentagon After Report Exposes Trump Deal With Scotland Airport

        "We're challenging Trump's laughably fraudulent claim that he had 'nothing to do with' the Prestwick Airport near his failing Scottish resort."

    • AstroTurf/Lobbying/Politics

    • Privacy/Surveillance

      • Equifax Victims Jump Through Hoops To Nab Settlement Money They Won't Get Anyway

        So we've noted that the FTC's settlement over the Equifax hack that exposed the public data of 147 million Americans is a bit of a joke. The FTC originally promised that impacted users would be able to nab 10 years of free credit reporting or a $125 cash payout if users already subscribed to a credit reporting service. But it didn't take long for the government to backtrack, claiming it was surprised by the number of victims interested in modest compensation, while admitting the settlement failed to set aside enough money to pay even 248,000 of the hack's 147 million victims.

      • White House Pushing Proposal That Would Subject Mentally Ill People To Increased Surveillance

        The White House has decided we're going to power through our mass shooting crisis by aiming our surveillance apparatus in the direction of the mentally ill. In addition to claiming we might be able to find the next mass shooter by tracking fitness trackers, the administration is pushing for a mental health-based "solution" that would increase the stigma of not being "normal."

      • Much Of The Assault On 'Big Tech' Is Being Driven By 'Big Telecom'

        Over the last few months, Google, Amazon, and Apple have all taken a significant beating on Wall Street amidst rumblings of looming antitrust investigations by the DOJ and FTC. Google, we're told, is subject of a looming antitrust probe by the DOJ. Amazon, we've learned, is facing growing scrutiny from the FTC. Apple stock also briefly did a nose dive on the news that it too may soon be subject to a significant new antitrust probe.

      • Ring Has A 'Head Of Face Recognition Tech,' Says It's Not Using Facial Recognition Tech. Yet.

        Amazon has developed facial recognition tech it's inordinately proud of. Known as "Rekognition," it's not nearly as accurate as its deliberately misspelled moniker suggests it is. It drew Congressional heat last year when it misidentified a number of Congress members as criminals.

      • Watering Holes and Million Dollar Dissidents: the Changing Economics of Digital Surveillance

        Recently, Google’s Project Zero published a report€ describing a newly-discovered campaign of surveillance using chains of zero day iOS exploits to spy on iPhones. This campaign employed multiple compromised websites in what is known as a “watering hole” attack. The compromised websites would automatically run the chain of exploits on anyone who visited, with the aim of installing a surveillance implant on the device. Google didn’t reveal the names of the websites or indeed who was being targeted but it soon became clear through other reporting that the likely target of this campaign was the Uyghur community, a Turkic Muslim minority in China facing mass detention and other harsh crackdowns perpetrated by the Chinese government with the most repressive policies coming into place in recent years.

        Security company Volexity followed up the week after with detailed reports of similar website exploit chains targeting Android and Windows devices, again hosted on websites with a primarily Uyghur readership. This week, another publication confirmed that the Chinese government had compromised several international telcos in order to perform yet more invasive surveillance on expatriated Uyghurs.

    • Civil Rights/Policing

      • Adorno is Not a Cheery Guy

        Maybe Teddy would be lots of laughs in a Berlin pub after one too many. But, judging from his essay, “Education after Auschwitz,” written in popular style in 1966 (three years from his death), Adorno might chase away the crowds. “Hey, see that dreary old guy sitting alone in the corner? That’s sad old Adorno.” This essay takes no prisoners, it doesn’t offer any sentimental escape routes from facing the premier demand of his (and our) time. “The premier demand upon all education is that Auschwitz not happen again.” Period. Boom, boom, boom. If poetry wasn’t possible after Auschwitz, well, education might be. But education has to face the “monstrous in the face of the monstrosity that took place.”

      • Protest Song Of The Week: ‘Pop Goes The Weapon’ By Prophets Of Rage

        “Warning! The following video contains content that some viewers many not find disturbing. That’s pretty fucked up.”

      • Are We Headed Toward a Techno-Eugenic Future?

        Dr. Stuart A. Newman, Ph.D., is professor of cell biology and anatomy. He has been a visiting professor at the Pasteur Institute, Paris, the Centre à l’Energie Atomique-Saclay, Gif-sur-Yvette, the€ Indian Institute of Science, Bangalore, the University of Tokyo, and was a Fogarty Senior International Fellow at Monash University, Australia. He was a founding member of the Council for Responsible Genetics in Cambridge, Mass. and is a director of the€ Indigenous Peoples Council on Biocolonialism, Nixon, NV and a member of the editorial board of the€ Journal of Biosciences€ (Bangalore). He also writes about social and cultural aspects of biological research and technology.

      • Ukrainian human rights official says government will attempt to return 113 more prisoners from Russia

        In an interview with the Russian business outlet RBC, Lyudmila Denisova said that the Ukrainian government intends to negotiate the release of 113 more Ukrainian prisoners currently held in Russia. Denisova is the human rights commissioner for the Verkhovna Rada, Ukraine’s parliament.

      • Appeals Court Approves Nationwide Injunction Against Trump Asylum Rule, Acknowledges Harm To Legal Groups

        A federal appeals court restored a nationwide injunction against a rule imposed by President Donald Trump’s administration to block asylum seekers.

        On July 16, a rule on asylum eligibility was developed to deny asylum to individuals who enter the United States at the southern border without first applying for asylum in Mexico or a third country. It is commonly referred to as the third-country rule.

      • "We Must Learn to Live Together as Brothers or Perish as Fools"

        We are living in a profoundly dangerous moment.

      • Assaults, Bullying, Rape: A Lawsuit Against One Professor Claims a University Didn’t Stop Him

        Two former students at the University of Illinois at Urbana-Champaign and a professor at another college filed a lawsuit Tuesday against a former UIUC professor, claiming he assaulted, bullied and raped multiple students.

        The lawsuit, filed in federal court in Urbana against Gary Gang Xu, seeks damages for distress from emotional, physical and sexual abuse.

      • Mugabe’s Rule Led Many to Dismiss Nationalism, But That Opened the Door to Something Much Worse

        Robert Mugabe was one of the many leaders who came to power as a national liberator between the 1950s and 1980s, only to establish violent, corrupt and incompetent autocracies. The decades of misrule they inflicted on their countries did much to discredit nationalism as a progressive ideology that could better people’s lives.

      • The Brutality of Robert Mugabe and Zanu-Pf In Zimbabwe

        The independence elections, 27-29 March 1980, saw two main parties competing: ZANU-PF won 57 of the then 80 common roll seats, and 63% of the popular vote; and PF-ZAPU led by Joshua Nkomo gained 20 seats and 24% of the vote. It was clear that ZANU-PF controlled the ZANLA guerrillas whose ‘presence was felt in over two-thirds of the country’, mostly in the Shona-speaking regions, and there was no doubt that ‘peace meant a ZANU-PF victory.’[1] Turnout was a huge 91% of eligible voters. But participation fell to 54% in 1990, ZANU-PF having engulfed ZAPU after December 1987, and fell further to 31% in 1996.[2] A deep and routinised despotism was being entered into under ZANU-PF and Robert Mugabe, almost unparalleled in severity. The liberation struggle had been severe, but the deaths and destruction over four subsequent decades were unrelenting: the main tombstones were Gukurahundi; farm expropriations; war in the Congo; Murambatsvima; the 2008 elections and ‘politicide’ against the MDC; and Marange diamonds. Each will be considered in turn. Robert Mugabe has gone, but ZANU-PF and the military remain. A new Zimbabwe is not around the corner.

      • Moscow metro to begin training women as train drivers for the first time

        Beginning in March of 2020, women will be able to train as drivers for the Moscow metro system. Vice Mayor Maxim Liksutov announced the change on September 10, saying new trainees have been eager to sign up since registration for the March training group opened.

      • American Barbarity on the Border

        The United States’ current immigration system is functioning exactly the way it is supposed to—it is designed to make people suffer.

      • Masked protesters and riot police clash in East Siberian city

        In Ulan-Ude, a city in East Siberia, riot police have clashed with masked individuals at a protest demanding that officials release several jailed followers of Alexander Gabyshev, the Irkutsk “warrior shaman” who since March has been traveling on foot to Moscow, where he plans to “exorcise” Vladimir Putin’s spirit. Demonstrators have also demanded the invalidation of Sunday’s mayoral election results. The Instagram account ves_ulan_ude_ posted video footage of the violence.

      • Moscow court says opposition leaders must pay 1.2 million rubles in damages for traffic disruptions caused by peaceful protests

        Moscow’s Koptevsky District Court has upheld a lawsuit brought by the state-owned bus company “Mosgortrans” against nine opposition leaders who advocated and organized an unpermitted protest in the capital on July 27. The defendants have been ordered to pay 1,218,591 rubles (about $18,630) for supposedly disrupting bus service and reducing the company’s revenue.

      • Indigenous scholar attempts self-immolation in Ural city to protest language death

        A veteran scholar has attempted to commit suicide by self-immolation outside the State Council building of the Udmurt republic. According to Kommersant-Udmurtia, the man’s name was Albert Razin, and he burned himself in an act of protest against the dissipation of Udmurt ethnic traditions. The Udmurt people are a Finno-Ugric ethnic group living predominantly near Russia’s Ural Mountains.

    • Internet Policy/Net Neutrality

      • The Internet Remains Broken In The Ninth Circuit And, At Least For Now, The Third

        Hopes that the Ninth Circuit would correct its earlier awful ruling against HomeAway and Airbnb were dashed recently when the court denied the petition for rehearing. We had supported that petition because the original decision read in an exception to Section 230's statutory protection that is not present in the statute, is out of step with prior precedent (including in the Ninth Circuit itself), and threatens the Internet economy. Unfortunately, now that rehearing has been denied, any platform that facilitates commercial speech, and whose revenue model depends on facilitating the transactions arising from commercial speech, will no longer be able to reliably depend on Section 230's protection, at least not in the Ninth Circuit.

      • Victory! California's Legislature Pulls AT&T and Comcast Bill That Protected Their Monopolies

        AT&T and Comcast lobbyists fought hard this year to pass A.B. 1366, a bill that would have protected their broadband monopolies. Thanks to your support, that bill will not move forward this year.

        The California legislature in 2012 decided to eliminate the authority of its own telecom regulator, the California Public Utilities Commission (CPUC) through the end of 2019—on the promise that such a move would produce an affordable, widely available, high-speed broadband network. What happened instead: over the past several years, California’s broadband market has been heading into a high-speed monopoly. For many, that’s led to more expensive and slower service than many other markets. In fact, all this law has done is€ protect broadband monopolies.€ As a result, the major ISPs were working hard to get it renewed through a new bill introduced this session, A.B. 1366.

    • Digital Restrictions (DRM)

      • Tales From The Platform Wars: Steam Dev Says Calling 'Metro Exodus' Epic Exclusive Unfair Wasn't Intended To Incite

        With us now getting on into nearly a year of the new PC gaming platform war between Valve's Steam platform and the Epic Store, you might have forgotten how this all got kicked off. Before Epic pulled a Healthcare.gov with its platform release, and before crowdfunding efforts to fund PC games began taking a hit, and even before this whole thing transformed into mostly a PR war being fought with the PC gaming fanbase, there was Metro Exodus. The game was the first major title to announce an Epic Store exclusive deal for 6 months and that announcement came shortly after the game also became available for pre-order on Steam. This, understandably, pissed off a great many people. Including, it seems, the folks at Steam, who put out a statement on the game's page. The results were as predictable as the sun rising in the East.

    • Monopolies

      • Copyrights

        • Message to the Creative Commons Community Regarding Joi Ito

          Like many members of the Creative Commons community, I learned about MIT Media Lab Director Joi Ito’s fundraising from Jeffrey Epstein when Ito posted his public apology on August 15. Since then, Ito has resigned from MIT, from several boards, and also from the Creative Commons advisory council. In light of Ito’s history with CC, members of our community may have questions about his role and about our own fundraising practices. The FAQ below aims to answer those questions.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024