Bonum Certa Men Certa

Links 12/9/2019: GNU/Linux at Huawei, GNOME 3.34 Released



  • GNU/Linux

    • Desktop

      • Huawei selling MateBook laptops with Linux preinstalled to consumers in China

        Despite the trade blacklisting of Huawei by the US government, the Chinese electronics giant's notebook division is plugging along, despite reports of component order cancellations in June, prompting concern they could exit the PC OEM market.

        Huawei is now selling the Matebook 13, Matebook 14, and Matebook X Pro at VMALL, Huawei's ecommerce marketplace in China, with Deepin Linux preinstalled. Deepin is a Chinese-domestic distribution, with their own desktop environment—appropriately also called Deepin—called "the single most beautiful desktop on the market" by TechRepublic's Jack Wallen.

      • Huawei Reportedly Shipping Cheaper MateBook Laptops With Linux in China

        According to Redditor, u/xi_save_earth, the Linux models include MateBook 14 (2019), MateBook X Pro (2019) and MagicBook Pro Ryzen edition, although only base models are apparently available with the Linux option, which means people choosing to buy more powerful models will still have to buy theirs’ with Windows.

        As per the report, the Linux models have been priced 300 yuan (around Rs. 3,000 / $42) cheaper than their Windows counterparts. The devices are identical with one another in terms of their hardware, although the Windows key on the keyboard is replaced with a ‘Start’ key in the Linux devices.

        Interestingly enough, Huawei’s distro of choice isn’t one of the biggies in the Linux world, like Ubuntu or Mint, but instead, the company is using a debian-based operating system called ‘Deepin’ that’s developed by Chinese tech firm, Wuhan Deepin Technologies.

        Formerly known as Linux Deeping and HiWeed Linux, Deepin is believed to have been in development in its various avatars since 2004. It has generally been praised for its aesthetics and usability, but had once courted controversy for using a statistical tracking service in its App Store. The controversial code is since believed to have been removed.

    • Server

      • IBM

        • Better Flatpak Support For Firefox Appears To Be Coming

          One of the best and most practical use-cases for sandboxed Linux apps via Flatpak or Snaps is certainly web browsers. There has been unofficial Firefox Flatpaks offered to this point but it's looking like better support for a Flatpak'ed Firefox could be coming down the pipe soon.

        • Deep dive into Virtio-networking and vhost-net

          In this post we will explain the vhost-net architecture described in the introduction, to make it clear how everything works together from a technical point of view. This is part of the series of blogs that introduces you to the realm of virtio-networking which brings together the world of virtualization and the world of networking.

          This post is intended for architects and developers who are interested in understanding what happens under the hood of the vhost-net/virtio-net architecture described in the previous blog.

          We'll start by describing how the different virtio spec standard components and shared memory regions are arranged in the hypervisor, how QEMU emulates a virtio network device and how the guest uses the open virtio specification to implement the virtualized driver for managing and communicating with that device.

          After showing you the QEMU virtio architecture we will analyze the I/O bottlenecks and limitations and we will use the host’s kernel to overcome them, reaching the vhost-net architecture presented in the overview post (link).

        • RHEL 8 Now Powers SAP Solutions
    • Kernel Space

      • Maintaining the kernel's web of trust

        A typical kernel development cycle involves pulling patches from over 100 repositories into the mainline. Any of those pulls could conceivably bring with it malicious code, leaving the kernel (and its users) open to compromise. The kernel's web of trust helps maintainers to ensure that pull requests are legitimate, but that web has become difficult to maintain in the wake of the recent attacks on key servers and other problems. So now the kernel community is taking management of its web of trust into its own hands.

        Some history

        As recently as 2011, there was no mechanism in place to verify the provenance of pull requests sent to kernel maintainers. If an emailed request looked legitimate, and the proposed code changes appeared to make sense, then the requested pull would generally be performed. That degree of openness makes for a low-friction development experience, but it also leaves the project open to at least a couple types of attacks. Email is easy to forge; an attacker could easily create an email that appeared to be from a known maintainer, but which requested a pull from a malicious repository.

        The risk grows greater if an attacker somehow finds a way to modify a maintainer's repository (on kernel.org or elsewhere); then the malicious code would be coming from a trusted location. The chances of a forged pull request from a legitimate (but compromised) repository being acted on are discouragingly high.

        The compromise of kernel.org in 2011 focused minds on this problem. By all accounts, the attackers had no idea of the importance of the machine they had taken over, so they did not even try to tamper with any of the repositories kept there. But they could have done such a thing. Git can help developers detect and recover from such attacks, but only to an extent. What the community really needs is a way to know that a specific branch or tag proposed for pulling was actually created by the maintainer for the relevant subsystem.

        One action that was taken was to transform kernel.org from a machine managed by a small number of kernel developers in their spare time into a carefully thought-out system run by full-time administrators supported by the Linux Foundation. The provision of shell accounts to hundreds of kernel developers was belatedly understood to be something other than the best of ideas, so that is no longer done. No system is immune, but kernel.org has become a much harder target than before, so repositories stored there should be relatively safe.

      • Kernel runtime security instrumentation

        Finding ways to make it easier and faster to mitigate an ongoing attack against a Linux system at runtime is part of the motivation behind the kernel runtime security instrumentation (KRSI) project. Its developer, KP Singh, gave a presentation about the project at the 2019 Linux Security Summit North America (LSS-NA), which was held in late August in San Diego. A prototype of KRSI is implemented as a Linux security module (LSM) that allows eBPF programs to be attached to the kernel's security hooks.

        Singh began by laying out the motivation for KRSI. When looking at the security of a system, there are two sides to the coin: signals and mitigations. The signals are events that might, but do not always, indicate some kind of malicious activity is taking place; the mitigations are what is done to thwart the malicious activity once it has been detected. The two "go hand in hand", he said.

        For example, the audit subsystem can provide signals of activity that might be malicious. If you have a program that determines that the activity actually is problematic, then you might want it to update the policy for an LSM to restrict or prevent that behavior. Audit may also need to be configured to log the events in question. He would like to see a unified mechanism for specifying both the signals and mitigations so that the two work better together. That is what KRSI is meant to provide.

        He gave a few examples of different types of signals. For one, a process that executes and then deletes its executable might well be malicious. A kernel module that loads and then hides itself is also suspect. A process that executes with suspicious environment variables (e.g. LD_PRELOAD) might indicate something has gone awry as well.

        On the mitigation side, an administrator might want to prevent mounting USB drives on a server, perhaps after a certain point during the startup. There could be dynamic whitelists or blacklists of various sorts, for kernel modules that can be loaded, for instance, to prevent known vulnerable binaries from executing, or stopping binaries from loading a core library that is vulnerable to ensure that updates are done. Adding any of these signals or mitigations requires reconfiguration of various parts of the kernel, which takes time and/or operator intervention. He wondered if there was a way to make it easy to add them in a unified way.

      • Change IDs for kernel patches

        For all its faults, email has long proved to be an effective communication mechanism for kernel development. Similarly, Git is an effective tool for source-code management. But there is no real connection between the two, meaning that there is no straightforward way to connect a Git commit with the email discussions that led to its acceptance. Once a patch enters a repository, it transitions into a new form of existence and leaves its past life behind. Doug Anderson recently went to the ksummit-discuss list with a proposal to add Gerrit-style change IDs as a way of connecting the two lives of a kernel patch; the end result may not be quite what he was asking for.

        [...]

        Creation of this tag is relatively easy; it can be entirely automated at the point where a patch is applied to a Git repository. But it doesn't solve the entire problem; it can associate a commit with the final posting of a patch on a mailing list, but it cannot help to find previous versions of a patch. Generally, the discussion of the last version of a patch is boring since there is usually a consensus at that point that it should be applied. It's the discussion of the previous versions that will have caused changes to be made and which can explain some of the decisions that were made. But kernel developers are remarkably and inexplicably poor at placing the message ID of the final version of a patch into the previous versions.

        The most commonly suggested solution to that problem is not fully automatic. Developers like Thomas Gleixner and Christian Brauner argued in favor of adding a link to previous versions of a patch when posting an updated version. Gleixner called for a link to the cover letter of the prior version, while Brauner puts links to all previous versions. Either way, an interested developer can follow the links backward to see how a patch series has changed, along with the discussions that led to those changes.

      • Examining exFAT

        inux kernel developers like to get support for new features — such as filesystem types — merged quickly. In the case of the exFAT filesystem, that didn't happen; exFAT was created by Microsoft in 2006 for use in larger flash-storage cards, but there has never been support in the kernel for this filesystem. Microsoft's recent announcement that it wanted to get exFAT support into the mainline kernel would appear to have removed the largest obstacle to Linux exFAT support. But, as is so often the case, it seems that some challenges remain. For years, the Linux community mostly ignored exFAT; it was a proprietary format overshadowed by an unpleasant patent cloud. A Linux driver existed, though, and was shipped as a proprietary module on various Android devices. In 2013, the code for this driver escaped into the wild and was posted to a GitHub repository. But that code was never actually released under a free license and the patent issues remained, so no serious effort to upstream it into the mainline kernel was ever made.

        The situation stayed this way for some years. Even Microsoft's decision to join the Open Invention Network (OIN) in 2018 did not change the situation; exFAT, being outside the OIN Linux System Definition, was not covered by any new patent grants. Some people pointed this out at the time, but it didn't raise a lot of concern. Most people, it seemed, had simply forgotten about exFAT, which has a relatively limited deployment overall.

      • Linux Foundation

        • CHAOSS project bringing order to open-source metrics

          Providing meaningful metrics for open-source projects has long been a challenge, as simply measuring downloads, commits, or GitHub stars typically doesn't say much about the health or diversity of a project. It's a challenge the Linux Foundation's Community Health Analytics Open Source Software (CHAOSS) project is looking to help solve. At the 2019 Open Source Summit North America (OSSNA), Matt Germonprez, one of the founding members of CHAOSS, outlined what the group is currently doing and why its initial efforts didn't work out as expected.

          Germonprez is an Associate Professor at the University of Nebraska at Omaha and helped to start CHAOSS, which was first announced at the 2017 OSSNA held in Los Angeles. When CHAOSS got started, he said, there was no bar as to what the project was interested in. "We developed a long list of metrics, they were really unfiltered and uncategorized, so it wasn't doing a lot of good for people," Germonprez admitted.

      • Graphics Stack

        • NVIDIA 430.50 Linux Driver Brings Color Fix For Pre-Turing GPUs

          While the NVIDIA 435 series is now stable, for those sticking to the previous NVIDIA 430 driver series that is their current "long-lived" driver branch, a new version is available.

          NVIDIA 430.50 was released on Wednesday as the latest Linux driver release in this driver series supported for an extended period of time. The only listed change for the NVIDIA 430.50 Linux driver is fixing the display color range handling for pre-Turing GPUs. When limiting the color range via the NVIDIA-Settings GUI, the output pixel values will now be properly clamped to the CTA range.

        • Mesa 19.2-RC3 Released While Final Release Expected Around Month's End

          The third release candidate of the belated Mesa 19.2 is now available while a fourth and likely final RC is expected next week while the stable release of this quarterly Mesa3D update should be out at month's end.

          Mesa 19.2-RC3 back-ports the new support for DriConf in Intel's Vulkan driver (for a workaround with GfxBench), various NIR fixes, a GLX segmentation fault is fixed, a few RADV and RadeonSI fixes (including Navi/GFX10 fixes for RadeonSI), and the Intel glthread crash fix for KDE's KWin.

        • AMDGPU Driver Looking To Re-Enable Performance-Boosting "Bulk Moves" Functionality

          AMD developers are looking at finally re-enabling the LRU bulk moves functionality in their AMDGPU Linux kernel graphics driver that has the ability to help with performance.

          The LRU bulk moves patches were posted back in August of 2018 with the ability to help improve OpenCL and Vulkan performance for Radeon graphics. But prior to the release of the Linux 5.0 kernel that functionality was disabled for bugs.

    • Instructionals/Technical

    • Games

      • Highly rated action rpg rogue-lite 'Unexplored' now has a Linux test build available

        Something we've been wait on quite some time, Unexplored from Ludomotion released in 2017 and now game porter Ethan Lee has given it a go with a Linux test build up.

        Turns out the port was a little different than usual, as Ethan Lee noted on the Steam post. The game has always been using their FNA magic, so it didn't exactly have a lot of "porting" work to be done. However, due to some issues they had to do some decompiling and apply some manual fixes to get it here. However, it should be mostly "solid".

      • It's the pre-weekend deals section, plus Endless Space - Collection (Steam Play) free on Humble

        It's coming up to the weekend, here's our usual column taking a quick look over what good deals are going on right now.

        First up, for you Steam Play fans there's the Endless Space - Collection currently going free for 48 hours on Humble Store as part of their End of Summer Sale Encore.

      • Valve have tweaked Steam's mighty algorithms and fixed some bugs with a new store update out

        One of the main problems seemed to be the most popular games driving these sections, Valve claims this happened with the "Similar by Tags" section and it was a bug they've since fixed. There's lots of other little bug fixes and changes done, which has also resulted in the "Recommended for You" section also now being less biased towards the most popular titles.

      • Top 20 Funny Steam Games For Kids To Play Right Now [on Linux]

        There are ample of funny steam games for kids available on the store for the Linux system. A couple of years back, gaming on the Linux was almost impossible. Nevertheless, a vast range of games are now available in different Linux distros, thanks to steam. Moreover, playing games on Linux is no more difficult. However, many games even available for free. Additionally, there are different genres of games, such as indie, action, adventure, casual, strategy, simulation, RPG, Early Access, single-player, violent, and sports. Linux users can play all these genres of games on steam for absolutely free or spending a little buck.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kate in the Windows Store

          Our Windows team is small, any help is very welcome! Thanks again to all the people that made it possible to use Kate nicely on Windows.

        • Kubuntu Meets at Milan Akademy 2019

          We also discussed snaps and when Ubuntu possibly moves to “all snaps all the time” for applications at least. This may be in our future, so it is worth thinking and discussing.

          Tobias Fischbach came by the BOF and told us about Limux which is based on Kubuntu. This has been the official computer distribution of Munich for the past few years. Now however, unless the Mayor changes (or changes his mind) the city is moving to Windows again, which will be unfortunate for the City.

          Slightly off-topic but relevent is that KDE neon will be moving to 20.04 base soon after release, but they will not stay on the Plasma LTS or Qt LTS. So users who want the very latest in KDE Plasma and applications will continue to have the option of using Neon, while our users, who expect more testing and stability can choose between the LTS for the ultimate in stability and our interim releases for newer Plasma and applications.

      • GNOME Desktop/GTK

        • Introducing GNOME 3.34: “Thessaloniki”

          GNOME 3.34 is the latest version of GNOME 3, and is the result of 6 months’ hard work by the GNOME community. It contains major new features, as well as many smaller improvements and bug fixes. In total, the release incorporates 23929 changes, made by approximately 777 contributors. 3.34 has been named “Thessaloniki” in recognition of this year’s GUADEC organizing team. GUADEC is GNOME’s primary annual conference and is only possible due to the amazing work of local volunteers. This year’s event was held in Thessaloniki, Greece, and was a big success. Thank you, Team Thessaloniki!

        • GNOME 3.34 Released

          The latest version of GNOME 3 has been released today. Version 3.34 contains six months of work by the GNOME community and includes many improvements, performance improvements and new features.

        • GNOME 3.34 released
          The GNOME Project is proud to announce the release of GNOME 3.34, Θεσσαλονίκη
          (Thessaloniki).
          
          

          This release brings performance improvements in the shell, Drag-And-Drop in the overview, improved mouse and keybord accessibility, previews in the background panel, support for systemd user sessions, and more.

          Improvements to core GNOME applications include new icons, sandboxed browsing in Web, gapless playback in Music, support for bidirectional text in the Terminal, more featured applications in Software, and more.

          For more information about the changes in GNOME 3.34, you can visit the release notes:

          https://help.gnome.org/misc/release-notes/3.34/

          GNOME 3.34 will be available shortly in many distributions. If you want to try it today, you can use the Fedora 31 beta that will be available soon or the openSUSE nightly live images which include GNOME 3.34.

          https://www.gnome.org/getting-gnome/ http://download.fedoraproject.org/pub/fedora/linux/development/31/Workstation/x86_64/iso/ http://download.opensuse.org/repositories/GNOME:/Medias/images/iso/?P=GNOME_Next*

          To try the very latest developments in GNOME, you can also use Fedora Silverblue, whose rawhide branch always includes the latest GNOME packages.

          https://kojipkgs.fedoraproject.org/compose/rawhide/latest-Fedora-Rawhide/compose/Silverblue/x86_64/iso/

          If you are interested in building applications for GNOME 3.34, you can use the GNOME 3.34 Flatpak SDK, which is available in the sdk.gnome.org repository.

          This six-month effort wouldn't have been possible without the whole GNOME community, made of contributors and friends from all around the world: developers, designers, documentation writers, usability and accessibility specialists, translators, maintainers, students, system administrators, companies, artists, testers and last, but not least, our users.

          GNOME would not exist without all of you. Thank you to everyone!

          Our next release, GNOME 3.36, is planned for March 2020. Until then, enjoy GNOME 3.34!

          💓, the GNOME Release Team
        • GNOME 3.34 is Here. What’s New.

          GNOME 3.34 is the latest iterative release of open-source desktop environment for Linux systems. After 6 months long development cycle, GNOME 3.34 is released and this release brings some long-pending troublemaker feature fixes for this widely used desktop environment.

        • 09/12/2019

          It's open source release day with GNOME 3.34 bringing a host of workflow and usability requirements and Manjaro 18.1 adding a new office suite installer option.

          Plus Mozilla's recent addition of premium Firefox support and a quick look at the Sega Genesis Mini.

        • GNOME 3.34 Released With Its Many Performance Improvements & Better Wayland Support

          Red Hat developer Matthias Clasen has just announced the release of GNOME 3.34 as this widely anticipated update to the GNOME 3 desktop environment.

          Making GNOME 3.34 particularly exciting is the plethora of optimizations/fixes in tow with this six-month update. Equally exciting are a ton of improvements and additions around the Wayland support to ensure its performance and feature parity to X11. GNOME 3.34 also brings other improvements line sandboxed browsing with Epiphany, GNOME Music enhancements, GNOME Software improvements, nd a ton of other refinements throughout GNOME Shell, Mutter, and the many GNOME applications.

        • GNOME 3.34 Desktop Environment Officially Released, Here's What's New

          The GNOME Project announced today the release and general availability of the highly anticipated GNOME 3.34 desktop environment for Linux-based operating systems.

          GNOME 3.34 is dubbed "Thessaloniki" after the host city of the GUADEC (GNOME User and Developer European Conference) 2019 event and it's a major release that adds numerous new features and improvements. It's been in development of the past six months and comes as a drop-in replacement for the GNOME 3.32 "Taipei" desktop environment series with many new features.

          "The latest version of GNOME 3 has been released today. Version 3.34 contains six months of work by the GNOME community and includes many improvements, performance improvements and new features," reads today's announcement. "Highlights from this release include visual refreshes for a number of applications, including the desktop itself. The background selection settings also received a redesign, making it easier to select custom backgrounds."

        • GNOME 3.34 Released with “Drastically Improved” Responsiveness

          And it’s here; the new GNOME 3.34 release is now officially available, six months after development first began.

          And the biggest change on offer in GNOME 3.34 isn’t one you can see, but it is one you can feel: speed.

          Now, yes: each new release of this particular desktop environment comes carrying claims of “faster” or “better performance”. And those claims don’t always feel accurate.

        • GUADEC 2019 wrap-up

          This year is the third edition of the GUADEC. Things were slightly different now: I was not a GSoC student anymore and I had my first jet lag. Three flights, some trains (including a type of train which rails were suspended in the air) were enough to go to Thessaloniki lands. When I arrived to Greece, I was a bit scared of the language since the alphabet would be almost impossible to type in my smartphone. However, I could easily reach the accomodation point.

          My purpose for this GUADEC was different than the past ones. In the past I went basically to talk about my Google Summer of Code projects, but this time I wanted to show to the attendees the project I was working on as part of my dissertation project. I wanted to re-write almost everything of what I did and in the best case my plan was to find a contributor to my project. I am very happy to say that I found one contributor to this project. The project I talk about consisted on adding face overlay effects to Cheese developing a GStreamer plugins which elements should be better than gstfaceoverlay and gstfacedetect. The code of the project I made for my dissertation project can be found on this link and the one that is being written from scratch can be found on this repository. The slides are available on Google Docs and the full details (actually the thesis document) is written (in Spanish) in this document.

          [...]

          After GUADEC I had some vacations in Greece for about one week more and then I was going to Poznan, Poland. As I mentioned, the first day of the event I met Mieszko Mazurek who actually lives in that city. He was showing me the city and his office in which he works were he develops low-level and high-level software to control batteries. He uses GNOME-based technology for this high-level software. I also continued to show him and explaining him about the Cheese Face Effects project. Finally, that day I could get the code I wrote during the event with the help of him to work as expected. Now I am on Krakow, and he is going to do an inter-city trip to continue talking about the mentioned project.

        • Gdk-pixbuf modules - call for help

          I've been doing a little refactoring of gdk-pixbuf's crufty code, to see if the gripes from my braindump can be solved. For things where it is not obvious how to proceed, I've started taking more detailed notes in a gdk-pixbuf survey.

          Today I was looking at which gdk-pixbuf modules are implemented by third parties, that is, which external projects provide their own image codecs pluggable into gdk-pixbuf.

          And there are not that many!

          The only four that I found are libheif, libopenraw, libwmf, librsvg (this last one, of course).

          Update 2019/Sep/12 - Added apng, exif-raw, psd, pvr, vtf, webp, xcf.

    • Distributions

      • Canonical/Ubuntu Family

        • Vulture Central team welcomed to our new nest by crashed Ubuntu that's 3 years out of date

          As eagle-eyed readers may have noted, Vulture Central UK is on the move. Our migratory path has led us to London's Grays Inn Road and, well, you can see what was waiting for us.

          We normally like to feature Windows machines in various states of distress, be it a Tesco or Boots self-service till, or the odd railway terminal having a very, very bad day.

          Today, courtesy of BT's InLinkUK, we have a Linux-based device caught with its pants down on our doorstep.

          InLinkUK is an outfit that plops ad-slinging screens on the pavement, which lure punters with the promise of connectivity. Or, in this case, an insight into the OS on which the things actually run.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Mozilla VR Blog: Multiview on WebXR

            The WebGL multiview extension is already available in several browsers and 3D web engines and it could easily help to improve the performance on your WebXR application

      • Productivity Software/LibreOffice/Calligra

        • Bottom to top, left to right writing direction in Writer conference talk

          Yesterday I gave a Bottom to top, left to right writing direction in Writer talk at the LibreOffice Conference 2019. The room was well-crowded — perhaps because it was on the first day and in the largest room. ;-)

          It contains some details which are not available in previous btLr blog posts, like what natural languages use this direction, how to replace real-world clocks without breaking compatibility and more!

      • CMS

        • Richard Best Releases Free Audio and Ebook: “A Practical Guide to WordPress and the GPL”

          If you’re itching to go deeper into the legal aspects of navigating WordPress’ relationship to the GPL license, Richard Best has recently made his ebook (and the audio version) called “A Practical Guide to WordPress and the GPL” available for free. Best, a technology and public lawyer based in New Zealand, had previously sold the book with other products as part of a business package that is still available for purchase. After receiving feedback on his most recent post titled “Taking GPL’d code proprietary,” he found that the issues addressed in the book are still relevant and decided to release it for free.

      • Pseudo-Open Source (Openwashing)

      • Public Services/Government

        • The Pentagon Needs to Make More Software Open Source, Watchdog Says

          The Defense Department is not abiding by a federal mandate to promote the use of open source software and make common code more readily available to other agencies, according to the Government Accountability Office.

          In 2016, the Office of Management and Budget published a memorandum that required every federal agency to make at least 20% of their custom-built software open source within three years, meaning the code would be available for other agencies to use. However, as of July, the Pentagon had released less than 10% of its software as open source, according to GAO.

          The department has also failed to fully implement a number of other open source software initiatives required by the OMB memo, such as creating an enterprisewide open source software policy and building inventories of custom code, auditors said. Additionally, officials never created performance metrics to measure the success of their open source software efforts.

          In both industry and government, the popularity of open source software has exploded in recent years to keep up with the growing demand for fresh tech. By sharing and reusing code, organizations can reduce the cost of developing software and trust the code they’re using has been thoroughly tested by other users.

          However, relying on software that someone else developed requires a certain level of trust. If the developer overlooks a vulnerability in the code—or intentionally inserts one—that bug could end up in countless applications, and users wouldn’t know it’s there.

      • Programming/Development

        • Bias and ethical issues in machine-learning models

          The success stories that have gathered around data analytics drive broader adoption of the newest artificial-intelligence-based techniques—but risks come along with these techniques. The large numbers of freshly anointed data scientists piling into industry and the sensitivity of the areas given over to machine-learning models—hiring, loans, even sentencing for crime—means there is a danger of misapplied models, which is earning the attention of the public. Two sessions at the recent MinneBOS 2019 conference focused on maintaining ethics and addressing bias in machine-learning applications.

          To define a few terms: modern analytics increasingly uses machine learning, currently the most popular form of the field broadly known as artificial intelligence (AI). In machine learning, an algorithm is run repeatedly to create and refine a model, which is then tested against new data.

          MinneBOS was sponsored by the Twin Cities organization Minne Analytics; the two sessions were: "The Ethics of Analytics" by Bill Franks and "Minding the Gap: Understanding and Mitigating Bias in AI" by Jackie Anderson. (Full disclosure: Franks works on books for O'Reilly Media, which also employs the author of this article.) Both presenters pointed out that bias can sneak into machine learning at many places, and both laid out some ways to address the risks. There were interesting overlaps between the recommendations of Franks, who organized his talk around stages, and of Anderson who organized her talk around sources of bias.

          When we talk about "bias" we normally think of it in the everyday of sense of discrimination on the basis of race, gender, income, or some other social category. This focus on social discrimination is reinforced by articles in the popular press. But in math and science, bias is a technical term referring to improper data handling or choice of inputs. And indeed, the risks in AI go further than protected categories such as race and gender. Bias leads to wrong results, plain and simple. Whether bias leads to social discrimination or just to lost business opportunities and wasted money, organizations must be alert and adopt ways to avoid it.

        • An introduction to Markdown

          For a long time, I thought all the files I saw on GitLab and GitHub with an .md extension were written in a file type exclusively for developers. That changed a few weeks ago when I started using Markdown. It quickly became the most important tool in my daily work.

          Markdown makes my life easier. I just need to add a few symbols to what I'm already writing and, with the help of a browser extension or an open source program, I can transform my text into a variety of commonly used formats such as ODT, email (more on that later), PDF, and EPUB.

        • Intel Tightens Up Its AVX-512 Behavior For The LLVM Clang 10 Compiler

          When targeting Skylake-AVX512, Icelake-Client, Icelake-Server, Cascadelake, or Cooperlake with the LLVM Clang compiler where AVX-512 is supported, it will now default to preferring the 256-bit vector width rather than 512-bit with AVX-512. Unless 512-bit intrinsics are used in the source code, 512-bit ZMM registers will not be used since those operations lead to most processors running at a lower frequency state. On current generation processors, the performance gains of AVX-512 can often times be negated due to the AVX-512 frequency hits.

        • 2019.3 EAP 1

          The first Early Access Program (EAP) for PyCharm 2019.3 is now available to be downloaded from our website!

        • PyCon: Call for Proposals for PyCon 2020 is open!

          The time is upon us again! PyCon 2020’s Call for Proposals has officially opened for talks, tutorials, posters, education summit, and charlas. PyCon is made by you, so we need you to share what you’re working on, how you’re working on it, what you’ve learned, what you’re learning, and so much more.

        • Welcome to the float zone...
        • Robin Wilson: I am now a freelancer in Remote Sensing, GIS, Data Science & Python

          Since I stopped working as an academic, and took time out to focus on my work and look after my new baby, I've been trying to find something which allows me to fit my work nicely around the rest of my life. I've done bits of short part-time work contracts, and various bits of freelance work - and I've now decided that freelancing is the way forward.

        • Talk Python to Me: #229 Building advanced Pythonic interviews with docassemble

          On this episode, we dive into Python for lawyers and a special tool for conducting legal interviews. Imagine you have to collect details for 20,000 participants in a class-action lawsuit. docassemble, a sweet Python web app, can do it for you with easy.

  • Leftovers

    • Civil Rights/Policing

      • South Africans are not xenophobic: Mogoeng

        Mogoeng spoke about the attacks on foreign nationals while addressing today's graduation ceremony at the University of KwaZulu-Natal's Westville campus.

        The Chief Justice, who is the Chancellor at UKZN, says we need to get to the root of this issue.

      • Thuli Madonsela receives ‘highest honour’ from UKZN, condemns xenophobia

        The ceremony, held at the University of KwaZulu-Natal Westville Campus, saw the university chancellor, constitutional court chief justice Mogoeng Mogoeng, confer on Madonsela the university’s highest honour in law, the degree of Doctor of Laws honoris causa, during the institution’s annual graduation ceremony.

        Madonsela was awarded the honour for her “distinguished time in office as public protector, for her unwavering and steely determination to complete complex investigations with courage and conviction”.

        Madonsela was praised for taking risks and putting her personal life in danger and for “creating an awareness both in South Africa and globally that corruption will not be tolerated”.

        Mogoeng called her a “voice for the poor in South Africa, voice for women empowerment and voice for a transformed and just legal system”.

      • Zambian Church pleads for end to xenophobic 'chaos'

        UNZA students burning the sign outside the South African Embassy in Lusaka during a demonstration to protest against xenophobic attacks in South Africa.

      • Zimbabwe: Robert Mugabe - an Opportunist, Ambitious Failure Who Hijacked a People's Revolution

        Born in 1924, Robert Gabriel Mugabe became one of Zimbabwe's most talked about nationalists.

        Much of the publicity surrounding the name Robert Mugabe took place from around 1960, when he was voted as Secretary General of the National Democratic Party [NDP] at its first Congress in October 1960.

        The NDP had been formed on January 1, 1960 amazingly in the absence of Mugabe, leading to some of his critics arguing that he was never where things began.

        The NDP lasted for a year and was banned in December of 1961, resulting in the same organisation reviving itself as the Zimbabwe African Peoples Union [ZAPU].

        Mugabe continued as ZAPU's Publicity Secretary of which the president was Joshua Nkomo since the time of the NDP.

    • Monopolies

      • Voice-overs, peer-to-peer recruitment platforms and IP rights: a survey of 200+ performers

        This Kat has previously discussed the potential (negative) impact of online peer-to-peer recruitment platforms on intellectual property rights (see here and here).

        Remember peer-to-peer recruitment platforms? They are online platforms that operate like ‘Uber’. But instead of arranging taxi rides, they broker the commissioning of bespoke creative content, such as logo design, video making or voice-over acting.

        This Kat brings you more research on artists’ experience of these platforms and of their intellectual property rights – read on!

      • CJEU’s Advocate General expounds on the availability of SPCs where the basic patent claims a functionally defined active ingredient or a Markush formula in the joined cases Royalty Pharma (C-650/17) and Sandoz v. Searle (C-114/18)

        In the field of supplementary protection certificates (SPCs) in the European Union, the majority of all CJEU referrals resolved to date have dealt with the interpretation of the – presumably simple – requirement that an SPC can be only granted for an active ingredient (or a combination of active ingredients) that is “protected” by the basic patent relied upon. Ever since the CJEU endorsed the “identification test” (rather than the “infringement test”) in its landmark decision Medeva (C-322/10), concluding that an active ingredient must be “specified” or “identified” in the claims of the basic patent in order to be “protected” within the meaning of Article 3(a) of the SPC Regulation, an intense controversy has emerged in relation to the question just how specifically an active ingredient has to be identified in the basic patent in order to allow the grant of an SPC.

      • Anti-trust tech suits: Deja vu

        These types of cases can have useful outcomes, even if the decisions are not ones any of the parties expects or anticipates. The messy antitrust case against Microsoft that spanned two centuries didn’t save Netscape nor break up Microsoft. But since then the browser market has remained a competitive area, even to the point of Microsoft using Chromium open source software for its Edge browser.

      • Patents and Software Patents

        • Munich court schedules first hearings in two Sharp v. Daimler patent cases for late November, another anti-antisuit hearing for early October

          The question is whether Sharp is now going to seek a prophylactic anti-antisuit-injunction injunction ("AAII") from the Munich court, given that Daimler supplier Continental may in the not too distant future file an antisuit-injunction motion with Judge Lucy H. Koh in the Northern District of California targeting at least Sharp, Nokia, a couple of patent assertion entities Nokia had fed with patents, and the Avanci patent pool firm. On Tuesday, after Continental's miserable failure over the course of four days (two weekend days, but well-run litigants wouldn't care) to respond to a letter Sharp had addressed to Judge Koh, the world's #1 technology industry judge dismissed a pending antisuit-injunction motion without prejudice so as to avoid piecemeal resolution with two or more antisuit injunction motions in the same case. While Continental was too slow and/or unprofessional to clarify promptly that Sharp wasn't meant to be included by the original antisuit motion, it could have brought a subsequent antisuit motion targeting Sharp. Also, Continental had withdrawn parts of its motion even with respect to Nokia (most importantly the ten aformentioned pending German cases) to comply with the first Munich AAII, but by doing so without prejudice, the automotive supplier reserved the right to revive those parts in the event of a successful appeal to the Munich Higher Regional Court. And then the Avanci pool has various other members, so if Continental refiles, it should target all Avanci contributors (in case its lawyers are conflicted with regard to any of them, it should simply find new ones, which may be a good idea anyway given how things have gone wrong so far with respect to the antisuit effort).

          There are two AAIIs in place, one (the first to come down) against Continental Automotive Systems, Inc. of Auburn Hills, MI, and one against Continental AG, the Germany-based parent company of the entire group (and, as part of that, an indirect parent of the U.S. entity). The first one had been granted ex parte without a hearing and without Continental even having a clue until the decision had come down. But there was a service-of-process dispute as the U.S. entity pointed to the Hague Convention (which according to the Avanci defendants' motion to dismiss Continental's U.S. lawyers may have failed to comply with when attempting to serve Sharp Japan). The second one didn't raise that kind of issue, but the court initially denied an AAII because Nokia had not made it sufficiently clear what complicit or intermediary role Continental AG, which is not a plaintiff in the case before Judge Koh, had played in the U.S. antisuit effort. Nokia didn't take no for an answer, so the court held a hearing, and then decided in Nokia's favor.

        • Federal Circuit Rejects Patenting Designs “in the Abstract”

          The district court dismissed Curver’s design patent infringement lawsuit for failure-to-state-a-claim. Asserted U.S. Design Patent D677,946 is titled “Pattern for a Chair”

          [...]

          On appeal, the Federal Circuit has affirmed — holding that claim language specifying a particular article of manufacture (a chair) limits the scope of the design patent in cases where “the claim language supplies the only instance of an article of manufacture that appears nowhere in the figures.”

          In this case, the patentee essentially asked for the Federal Circuit to construe the patent as covering a disembodied design that could be applied to any article of manufacture. In rejecting that argument, the court first noted that it “has never sanctioned granting a design patent for a surface ornamentation in the abstract such that the patent’s scope encompasses every possible article of manufacture to which the surface ornamentation is applied.”

        • Patent case: Innovative Memory Systems Inc. v. Micron Technology Inc., USA

          Concluding that the Patent Trial and Appeal Board improperly construed certain claims in a patent for memory system circuits owned by Innovative Memory Systems, Inc. in an inter partes review filed by Micron Technology, Inc., the U.S. Court of Appeals for the Federal Circuit has reversed the Board’s finding of unpatentability. The Federal Circuit reversed the Board’s construction for the term “wherein the correspondence of blocks to zones is adjustable by controller” in the patent claims and the Board’s conclusion about a limitation in the patent claims based on prior art references (Innovative Memory Systems, Inc. v. Micron Technology, Inc., August 27, 2019, Prost, S.).

        • Danish High Court radically changes its course on costs awards

          On 29 August 2019, the Danish High Court (Eastern Division) rendered a decisive new decision regarding legal costs in Danish patent (and IP) litigation, markedly changing the previously conservative tendency in awarding costs in Danish patent cases:

          In one among several parallel cases regarding an SPC (Tenofovir), the Maritime and Commercial High Court in April 2018 granted a PI against a generic pharmaceutical (Sandoz Padviram).

          The PI was appealed to the High Court, but the scheduled oral hearing never took place as in the meantime, the Sandoz successfully convinced the Maritime and Commercial Court to repeal the PI while the appeal was still pending at the High Court (Eastern Division).

          Consequently, the High Court was asked to rule on the issue of costs.

          [...]

          With this decision, the High Court (Eastern Division) explicitly acknowledges the general applicability of article 14 of the Enforcement Directive as adopted by the ECJ in United Video Properties, which means that prevailing parties in patent litigation (and by inference in IP litigation in Denmark) may now expect to receive costs that reflect the actual costs incurred as a result of patent litigation.

        • CRISPR Interference: Motion Practice

          CVC also contends that granting its motion and imposing a protective order would not prejudice the public, particularly because the Board authorized the Broad to file a motion to substitute the count, raising the possibility that "CVC will have revealed its preliminary assessment of bases for entitlement to a judgment on priority for a count that is never adjudicated."

        • Prosecution History Disclaimer 1880 – 2019

          The patent at issue here (5,809,336) stems from a 1989 application and a divisional filed just before the 1995 change-over to the 20-year-from-filing patent term. The microprocessor system claims require an “oscillator.” In interpreting that limitation, the court added some additional negative limitations that (1) the oscillator “does not require a command input to change the clock frequency” and (2) the oscillator’s frequency “is not fixed by any external crystal.” The addition was based upon arguments that the patentee made during prosecution. That narrowing, the patentee argues “runs afoul of the separation of powers among Congress, the USPTO, and the federal courts embodied in the Patent Act.”

          The most interesting aspect of the petition here is reliance on so many 19th century decisions by the Supreme Court:

      • Trademarks

        • What's in a name? General Court rules conceptual comparison of names normally not possible

          The case concerns an opposition against the sign LUCIANO SANDRONE on the basis of the word mark DON LUCIANO, both registered for 'Alcoholic beverages (except beer)'. The Opposition Division found no likelihood of confusion and rejected the opposition [here], but the Board of Appeal (BoA) reversed and allowed the opposition [here]. The GC reversed again and held that there is no likelihood of confusion between the signs.

        • Cannot Register “IGP” for Paint in Switzerland – because It Could Be a PGI

          Kat readers familiar with geographical indications (GI) may primarily think of cheese, wine or bakery products when discussing this topic. One of the peculiarities of the (recently revised) Swiss legislation on protected designations of origin (PDO) and protected geographical indications (PGI) is the possibility to register a geographical indication for non-agricultural products (think knives, watches or minerals, for example). Whereas this new IP instrument does not seem to have sparked a huge interest among prospective right holders [as of today not a single geographic indication for non-agricultural products has been registered in Switzerland], it does seem to have sealed the fate of a trade mark application that could easily have sailed through registration in another place at another time.

      • Copyrights

        • AG Szpunar advises CJEU to rule that internet downloads of ebooks are covered by right of communication to the public, not distribution (so, no, there is no digital exhaustion under InfoSoc Directive)

          As readers know, the CJEU has already found - in UsedSoft - that there is such thing as 'digital exhaustion' in relation to software under the Software Directive. However, that piece of legislation is both lex specialis and has a rather narrow field of application (for instance, it does not cover videogames, as the CJEU clarified in Nintendo).

          Hence, in the aftermath of the UsedSoft ruling, it has remained unclear whether the same consequences envisaged in relation to the first lawful sale of the copy of a computer program could extend to subject matter protected under the InfoSoc Directive.

          Certain national courts have attempted to tackle all this, though have done so with diverging outcomes.

          For instance, in 2014, the Court of Appeal of Hamm in Germany excluded that the right of distribution under the InfoSoc Directive, as transposed into German law, could be exhausted in the case of audiobooks (OLG Hamm, 22 U 60/13).

        • Anne Black copyright dispute - originality: how low can you go?

          n June 2019, the Danish Maritime and Commercial High Court gave a landmark decision – at least from a Danish point of view – concerning the question of originality in the sense of copyright law. The dispute concerned a hanging flowerpot, a vase and a jar, all created by the Danish designer Anne Black and all made of clay and sold in various colours and sizes. As shown by the photos, the products were all characterized by a lean and simple design.

        • Case preview: design rights at play in baby baths battle

          After the Trunki v Kiddee design case made its way up to the UK Supreme Court, another dispute, Shnuggle v Munchkin, is brewing

          This oddly named dispute might sound like something out of a fairy tale but the case, due to be heard before the England and Wales Intellectual Property Enterprise Court this month, could make for an interesting design dispute.

          The claim, filed by baby product maker Shnuggle, alleges infringement of two registered Community designs (RCDs) – 002224196-0001 and 002616763-0001 – as well as various UK unregistered designs, directed to its ‘Shnuggle Baby Bath’.

        • BREAKING: CJEU confirms that German press publishers' right is unenforceable due to missed notification to the European Commission

          Readers with an interest in related rights, especially those in favour of press publishers, will know not only that there is now an EU-wide right for press publishers (Article 15 of the DSM Directive), but will also remember that its national predecessor - ie the German related right in favour of press publishers - has been challenged in courts and a referral was made to the Court of Justice of the European Union (CJEU) regarding its actual enforceability.

        • BREAKING: CJEU rules that only requirement for copyright protection of designs is their originality

          Copyright in designs: what are the relevant requirements for protection? Is it compatible with EU law that a certain national law requires a design to be a 'work of art', an 'artistic creation' for copyright to vest in it?

          This, in a nutshell, was the twofold issue at the heart of the referral from the Portuguese Supreme Court to the Court of Justice of the European Union (CJEU) in Cofemel, C-683/17.

          As readers will remember, this referral originated in the uncertainties arisen in the aftermath of earlier CJEU case law, most notably the Flos ruling, which suggests that - in fact - Member States (contrary to what appears from the wording of Article 17 of the Design Directive) would have no freedom whatsoever in determining the conditions at which designs are eligible for copyright protection.

        • Split views after CJEU advised on digital copyright exhaustion

          Exhaustion does not apply to the resale of e-books, advocate general says, in an opinion that has attracted a mixed response among lawyers



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day