Desktop

• System76 Will Begin Shipping 2 Linux Laptops With Coreboot-Based Open Source Firmware

  System76, the Denver-based Linux PC manufacturer and developer of Pop OS, has some stellar news for those who prefer their laptops a little more open. Later this month the company will begin shipping two of their laptop models with its Coreboot-powered open source firmware.

• Modern Linux Laptops with Coreboot Firmware From System76
  

  Are you looking for modern Linux laptops with coreboot? The wait is over. Coreboot is a free and open-source software. The coreboot project aimed at replacing the proprietary BIOS firmware and blobs. System76 recently announced two Intel laptops with Coreboot, which as an alternative to proprietary BIOS. These laptops are using Intel 10th Gen CPUs.

  [...]

  Coreboot itself is opensource; however, Intel CPU depends upon the binary blobs for modern Linux laptops. The good news is Intel ME is removed or disabled permanently on newer Linux models from System76. I think it is a step in the right direction despite few binary blobs (e.g. FSP), and I hope someday will get pure open-source firmware for modern Linux laptop.

Server

• System on module fully-integrated Linux system for accelerated machine learning

  Coral System on Module is a fully-integrated Linux system for accelerated Machine Learning inferencing to be integrated into existing hardware with three 100-pin connectors. The SoM is available now from Mouser. The SoM comprises the NXP iMX8M SoC, eMMC memory, LPDDR4 RAM, Wi-Fi, Bluetooth, and the Google Edge TPU Coprocessor for acceleration.

• What are microservices? Your next software architecture

  Nearly every computer system performs multiple tasks using shared resources, and one of the questions of computer programming is how closely the bits of code that perform those tasks should be tied to one another. An increasingly popular answer is the concept of a microservice—a small, discrete chunk of functionality that interacts with other microservices to create a larger system.

  Although the basic idea of having such discrete components isn’t new, the way microservices are implemented makes them a natural foundation for both modern cloud-based applications. Microservices also dovetail with the devops philosophy, which encourages rapidly and continuously rolled out new functionality.

• IBM

  • Download CentOS 8 – DVD ISO Image

    CentOS is a Linux operating system, which is a 100% compatible rebuild of the Red Hat Enterprise Linux operating system. A user can download and use this enterprise-level operating system free of cost. CentOS 8 is the latest version available to download.

  • Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning: Your questions answered (Part 1)

    During a recent webinar titled, “Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning,” we received a lot of interest and many questions regarding the topic. Some of the questions were coming in at a very rapid rate and we were not able to address them all. As a followup to our webinar, we have decided to put the answers to those questions into this blog post. The questions are listed below.

  • Red Hat Ceph object store on Dell EMC servers (Part 1)

    Organizations are increasingly being tasked with managing billions of files and tens to hundreds of petabytes of data. Object storage is well suited to these challenges, both in the public cloud and on-premise. Organizations need to understand how to best configure and deploy software, hardware, and network components to serve a diverse range of data intensive workloads.

    This blog series details how to build robust object storage infrastructure using a combination of Red Hat Ceph Storage coupled with Dell EMC storage servers and networking. Both large-object and small-object synthetic workloads were applied to the test system and the results subjected to performance analysis. Testing also evaluated the ability of the system under test to scale beyond a billion objects.

  • Why Linux Developers Should Reconsider IBM Mainframes

    When mainframes were mainstream, many software professionals in the industry today were not even born yet. Mainframe computers have an extensive history, which makes it tempting to call them old, but today’s mainframes are extremely mature, fast, reliable and powerful. In fact, they are critical to the modern economy: Top airlines, banks, insurance companies and health care corporations rely on mainframe computing.

    One of the organizations keeping this technology with the times is IBM, with its IBM Z family of mainframe computers. Some of these mainframes—like the 31-bit s390 and, later, the 64-bit s390x architecture—were originally designed and built in the 1960s, and they have continued to evolve and modernize.

    “IBM still sells a lot of these even today,” said Elizabeth K. Joseph, a seasoned open source advocate who recently joined IBM as the developer advocate for its Z architectures. These machines run operating systems including z/OS, z/VM, z/VSE and z/TPF, as well as Linux-based distributions like Red Hat Enterprise Linux and SUSE Linux Enterprise Server.

Audiocasts/Shows

• 2019-10-10 | Linux Headlines

  The Tor Project blacklists old relays, GitLab plans to introduce telemetry, Steam is working on a new multiplayer feature, The Matrix Project announces new funding, and AMP is getting a new home.

• Ubuntu Podcast from the UK LoCo: S12E27 – Exile

  This week we’ve been playing LEGO Worlds and tinkering with Thinkpads. We round up the news and goings on from the Ubuntu community, introduce a new segment, share some events and discuss our news picks from the tech world.

  It’s Season 12 Episode 27 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

• Talk Python to Me: #233 The Masonite Python Web Framework

  Folks, it’s not like the old days where there were just a couple of web frameworks for building apps with Python. These days there are many. One of those frameworks is the Masonite web framework created by Joseph Mancuso. Joseph is here today to tell us all about Masonite, what makes it special, it’s core value proposition for web developers and much more.

Kernel Space

• Google Helps With Linux Scheduling With SchedViz

  Google has just open sourced a tool that lets you visualize how your program is being treated under Linux scheduling. The idea is that you can use SchedViz to tune the system.

  We all know the best scheduling algorithm to use – my program runs, everything else is suspended. Effective, but not cooperative. To achieve the same result while allowing other programs a chance to use the CPU we need to tune, and perhaps even select, the scheduling algorithm.

  The problem is that the basic Linux tools to do the job are lacking and what generally happens is that you guess what might be best. In a modern system such a guess is unlikely to be correct because there are too many variables. Each thread has a priority and these interact under the scheduling policy. It can make a difference which core a thread is assigned to and changing cores is something best avoided.

• Understanding Scheduling Behavior with SchedViz

  Linux kernel scheduling behavior can be a key factor in application responsiveness and system utilization. Today, we?re announcing SchedViz, a new tool for visualizing Linux kernel scheduling behavior. We?ve used it inside Google to discover many opportunities for better scheduling choices and to root-cause many latency issues.

• Understanding Scheduling Behavior with SchedViz (Google Open Source Blog)

  The Google Open Source Blog has an announcement of the release of the SchedViz tool that is used internally at the company “to discover many opportunities for better scheduling choices and to root-cause many latency issues”.

Applications

• OBS Studio is an open source video recorder and streaming app for Windows, Linux and macOS

  OBS Studio aka Open Broadcaster Software Studio is very popular among YouTube users. You can use it to broadcast gameplay streams live or use it to record videos (which you may then upload to YouTube or other video hosting sites). Want to set up a camera and mic to record content for your vlog? You can do that too.

  This is one of those rare applications that is user-friendly on the one hand but still advanced enough to deliver the options that advanced users require. That being said, we’re going to take a look at the basic usage of the program, the recording of on-screen content.

  OBS Studio is a cross-platform program that is available for Windows, Mac OS X and Linux.

• Try App Outlet On Xubuntu, Universal App Store for Linux Desktop!

  In a forum, I often read the debate between the use of several types of package formats on Linux. In Ubuntu we know a variety of applications that are packaged in various packages. Examples are Flatpak, Appimage, Snap, Apt and others.

  Sometimes, one user and another have different opinions when choosing a package. An example is in my post about the advantages of appimage. There are some comments about this package. There are pros and cons to this package. All returned to user needs. We cannot generalize the needs and choices of users who choose certain packages.

• Proprietary

  • IRS-Funded Review Confirms TurboTax Hid Free Filing From Search Engines, but Says There’s No Need for Major Changes

    A four-month outside review of the IRS’ partnership with the private tax software industry to provide free tax preparation offered mixed conclusions: It found serious problems in the program and confirmed ProPublica’s reporting this year that companies, including Intuit, the maker of TurboTax, had hidden the free option from search engines. But the report, written by an IRS contractor that has previously supported the industry’s position, also defended the program’s oversight.

    The review did not recommend sweeping changes. The mandate of the review was to narrowly assess the program to “ensure the continued operations and integrity of the Free File Program.” It did not examine the broader question of whether the premise of the program is sound or look at the IRS’ role in tax filing.

  • Digital Watchdog Adds Extensive List of Features to Spectrum IPVMS

    The DW Spectrum IPVMS server software is included with pre-configured DW Blackjack NVR servers and MEGApix CaaS edge cameras or it can be installed on third-party Windows or Ubuntu Linux-based systems.

Instructionals/Technical

• Set Up a Basic Iptables Firewall on Amazon Linux AMI

• Linux Commands for Beginners 21 – Changing Permissions Numerically

• Install YetiForce on Debian 9

• Installing Google Chrome on CentOS 8

• A little SSH file copy magic at the command line

• VisiData: a table explorer for the terminal

• What happens when you hit Enter?

• List (Show) Tables in a MySQL Database

• Accessible automation: How AutoHotkey can enhance your daily routine

• Achieve high-scale application monitoring with Prometheus

• 5 Ways to Prevent Your IoT Devices from Becoming a Botnet

• How to Setup a Linux Server

• How to enable Apache MPM Prefork to improve performance

• How to install firewalld Graphical User Interface on Linux

• Bitcoin Brainwallet Private Key Calculator

• Making Web Maps using Python, Folium and Shapefiles

• How to set up the Apple Swift language on Linux

• How to install and use Python(x,y) in Python

• How to install Pepper Flash on Ubuntu

• How to get Edge Tab Set Aside in Chrome

• How to Send App Shortcut Icons to Desktop in Ubuntu 19.10

• How to Install OSMC on a Raspberry Pi

• How to Install NodeBB on Ubuntu 18.04

• How to Install Icinga 2 Monitoring Software on Debian 10

• How to Install CentOS 8 on VirtualBox

• How to Enable SSH on Debian 10

• How and Why to Change Default SSH Port

Games

• Open-world action adventure ‘Pine’ where humans are not top of the food chain is now available

  Pine certainly looks good, a proper open-world action adventure with a story depicting humans who never reached the top of the food chain. It just release with Linux support today.

  Note: Both the publisher and GOG sent a copy for us.

• Playing with Godot

  I guess it is quite common to start the path towards programming by making games. I started with a simple guess the number on my dad?s zx81 back in the day. He must have written most of it, but I felt proud of the result, so I will claim that it was mine.

  I?ve experimented with various ways to get my kids into programming. Everything from board games, online resources, scratch, building shitty robots, and so on. They get it, but it is hard to move on from the basics to being able to start from a clean sheet of paper and create something.

  During the summer, I decided to look into the various options and tried using Unity and Godot. After a couple of experiments, I settled on using Godot. Partly because of its open nature, but also because as a tool, it does the job I need it to do just as well as Unity.

• Valve’s Radeon “ACO” Vulkan Compiler Back-End Now Supports Navi

  The promising ACO compiler back-end for the Radeon “RADV” Vulkan driver now has support for GFX10/Navi graphics!

  ACO was recently merged into Mesa 19.3 for this Valve-funded, gaming-focused Vulkan shader compiler back-end for RADV. But up until now it has only supported GFX8 and GFX9 hardware while now initial Navi/GFX10 support has been merged. ACO ultimately aims to deliver better performance over the existing back-end while also more quickly compiling shaders to help with game load times.

• Atari disputes reports that its retro-inspired console is doomed

  Atari put out a lengthy development update for the Atari VCS console earlier this week, on the same day that The Register reported that the project is experiencing significant difficulties. One source with knowledge of the project reportedly described it as a “shit show,” and the console is reportedly shaping up to be more of a Linux PC than a dedicated games console.

  Atari’s post sought to assure backers that the project is proceeding as planned. Amidst numerous photographs of the console’s circuit boards and chassis, the company claimed that the molds for the plastic housing of the console are “largely complete,” that its controllers and joysticks are “just about ready for mass production,” and that it expects to host hands-on preview events for the console later this fall.

Distributions

• Reviews

  • Austrumi Linux Has Great Potential if You Speak Its Language

    This distro needs only limited system resources. Requirements include an Intel-compatible Pentium 2 processor or later and at least 512 MB of RAM. You can stretch this minimal memory level by running the “boot:nocache” option if the computer has less than 512 MB RAM.

    No hard drive is needed, but you can find in the system menu an installation tool to place Austrumi Linux on the hard drive or a bootable USB drive. You also can run a live session directly from a bootable DVD if your system has an optical drive.

    Other than the lack of adequate English language support within this distro, the only other significant design weakness is the lack of persistent memory if you run the OS without a hard drive installation. This means you can not save personal data and system configurations for your applications.

    You can use a USB drive or cloud storage to save personal data. If you use Austrumi Linux as a portable OS, those two storage solutions will be in play anyway.

    Austrumi is clearly not targeting non-European users. If developers fixed the language support for non-Latvian speakers, it could be much more convenient to use. Expanding support for other global regions is a critical need for this otherwise very handy performer.

• Screenshots/Screencasts

  • SparkyLinux 5.9 Run Through

    In this video, we are looking at SparkyLinux 5.9. Enjoy!

• SUSE/OpenSUSE

  • openSUSE WSL images in OBS

    A fundamental concept of all openSUSE packages as well as any image offered for download is a fully transparent, reproducible and automatic build and development process based on sources.

    In openSUSE developers do not perform manual builds on some specially crafted machine in their basement and then upload the result somewhere. Instead all sources are stored in a version control system inside the open build service (OBS) instance at build.opensuse.org. OBS then automatically builds the sources including all dependencies according to defined build instructions (eg spec files for rpms). OBS also automatically adds cryptographic signatures to files that support it to make sure nobody can tamper with those files.

  • Don’t Get Left Behind, Upgrade to SUSE Enterprise Storage 6 Today

• Fedora Family

  • Fedora localization platform migrates to Weblate

    Fedora Project provides an operating system that is used in a wide variety of languages and cultures. To make it easy for non-native English speakers to use Fedora, significant effort is made to translate the user interfaces, websites and other materials.

    Part of this work is done in the Fedora translation platform, which will migrate to Weblate in the coming months.

    This migration was mandatory as development and maintenance of Zanata — the previous translation platform — ceased in 2018.

    There are a number of translation platforms available, but having a translation platform that is open source, answering Fedora Project’s needs, and likely to be long-lived are key considerations in choosing Weblate. Most other translation platforms being closed source or lacking features.

  • F30-20191009 updated Live Isos released

    The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190904 Live ISOs, carrying the 5.2.18-200 kernel.

    This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

    A huge thank you goes out to irc nicks dowdle, Southern-Gentleman for testing these iso.

• Debian Family

  • Norbert Preining: R with TensorFlow 2.0 on Debian/sid

    I recently posted on getting TensorFlow 2.0 with GPU support running on Debian/sid. At that time I didn?t manage to get the tensorflow package for R running properly. It didn?t need much to get it running, though.

  • My Free Software Activities in September 2019

    Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

• Canonical/Ubuntu Family

  • A detailed look at Ubuntu’s new experimental ZFS installer

    Although there isn’t any support built into Eoan’s apt package manager for automatically taking snapshots yet, we can demonstrate a snapshot—oops—rollback moment manually. In the above gallery, first we take a ZFS snapshot. Eoan has split our root filesystem into tons of little datasets (more on that later), so we use the -r option for zfs snapshot to recursively take snapshots throughout the entire tree.

    Now that we’ve insured ourselves against mistakes, we do something we’re going to regret. For the purposes of this demo, we’re just removing Firefox—but we could really recover from anything up to and including an rm -rf –no-preserve-root / this way with a little extra legwork. After removing Firefox, we need to roll back our snapshots to restore the system to its original condition.

    Since the root filesystem is scattered through a bunch of individual datasets, we need to roll them all back individually. Although this is a pain for the casual user without additional tooling, it does make it possible to do more granular restore operations if we’re feeling picky—like rolling back the root filesystem without rolling back /home. Ubuntu will undoubtedly eventually have tooling to make this easier, but for the moment, we do a bit of sysadmin-fu and pipe zfs list to grep to awk to xargs, oh my.

    The command line acrobatics might have been obnoxious, but the rollback itself was instantaneous, and Firefox has returned. It still doesn’t work quite right, though, due to orphaned filehandles—we rolled back a live mounted root filesystem, which is kind of a cowboy thing to do. To make things entirely right, a reboot is necessary—but after the reboot, everything’s the way it once was, and without the need to wait through any lengthy Windows Restore Point-style groveling over the filesystem.

Devices/Embedded

• Tiny Rock Pi S and NanoPi Neo2 Black boards debut

  Radxa has opened $9.90 pre-orders for its tiny “Rock Pi S” SBC, which runs Linux on a quad -A35 RK3308. Meanwhile, FriendlyElec will soon ship a “NanoPi Neo2 Black” spin of the 40 x 40mm, Allwinner H5-based NanoPi Neo2 that adds eMMC, but reduces GPIO.

  Over the last year, the focus of the community-backed Linux hacker board scene has shifted from tiny, power-sipping SBCs for IoT to more muscular, often AI-enabled boards selling for $50 to $100 built around processors such as the RK3399 and RK3399 Pro and Amlogic S922x and Amlogic A311D. But tiny boards are back with the pre-release launch of Radxa’s previously teased, 43.2 x 43.2mm Rock Pi S and the eminent release of a new 40 x 40mm NanoPi Neo2 LTS variant called the NanoPi Neo2 Black (see farther below).

• Rock Pi S mini SBC Now Available for $15 with 512MB RAM, 512MB SD NAND Flash, WiFi & Bluetooth

• Tiny module and dev kit run Android or Linux on Snapdragon 845

  Intrinsyc announced a tiny “Open-Q 845 uSOM” and development kit that runs Android 9 or Yocto Linux on the octa-core Snapdragon 845. The module offers up to 6GB LPDDR4 and 64GB flash plus a WiFi/BT module.

  In Feb. 2018 in conjunction with the launch of Qualcomm’s high-end, AI-enabled Snapdragon 845 (SDA845) SoC, Intrinsyc announced an Open-Q 845 HDK for the SoC aimed primarily at mobile phone developers. The Open-Q 845 comprised a Mini-ITX board with the Snapdragon 845 delivered via a compute module, but we never saw a separate SOM offering until now. The new Open-Q 845 uSOM is a 50 x 25mm mini-module like Intrinsyc’s Snapdragon 820-based Open-Q 820 µSOM. It’s supported by a Mini-ITX form-factor Open-Q 845 μSOM Development Kit, which is similar due to ship by the end of the year.

• 8 of the Best IoT Projects Using Arduino

  If you’re an electronics hobbyist, chances are you’ve heard of the Arduino. It’s a tiny computer that you can use to do surprisingly complex things. It also happens to be behind a fair number of Internet of Things projects.

  While some people reach a for Raspberry Pi or something even more powerful, an Arduino or Arduino Uno might be all you need. We’ve put together a list of IoT projects that prove this to be true.

• py-videocore6 Raspberry Pi 4 GPGPU Python Library Leverages VideoCore 6 GPU

• Mobile Systems/Mobile Applications

  • PS4 Remote Play will fully support Android this week

  • PS4 Update 7.00 Live, Adds Remote Play For Android Users

  • Report: Android Banking Botnet Targeted Russians

  • What to do if your Android phone isn’t charging

  • How To Setup A Simple Machine Learning Demo Application On Android

  • How to use Google text-to-speech on your Android phone to hear text instead of reading it

  • How to Turn On Instagram’s Dark Mode On iOS and Android

  • Signing & Versioning iOS & Android Apps | DevOps for Mobile

  • Google Assistant is getting a second celebrity voice option on both Android and iOS

  • Android 10 update now rolling out for the Nokia 8.1

  • OnePlus shares Android 10 rollout schedule for OnePlus 6T, 6, 5T, and 5

  • These Android 9 TV Box Models Are Available at Great Discount – Includes Mi Box S, MECOOL KM3, More

  • A safe site for Android APK Downloads

  • Google secures two Android phone makers’ backing in fight against EU antitrust order

Free, Libre, and Open Source Software

• Events

  • Contributor Summit San Diego Schedule Announced!

    There are many great sessions planned for the Contributor Summit, spread across five rooms of current contributor content in addition to the new contributor workshops. Since this is an upstream contributor summit and we don’t often meet, being a globally distributed team, most of these sessions are discussions or hands-on labs, not just presentations. We want folks to learn and have a good time meeting their OSS teammates.

    Unconference tracks are returning from last year with sessions to be chosen Monday morning. These are ideal for the latest hot topics and specific discussions that contributors want to have. In previous years, we’ve covered flaky tests, cluster lifecycle, KEPs (Kubernetes Enhancement Proposals), mentoring, security, and more.

• Web Browsers

  • Mozilla

    • These Weeks in Firefox: Issue 66

    • How to speed up the Rust compiler some more in 2019

      In July I wrote about my efforts to speed up the Rust compiler in 2019. I also described how the Rust compiler has gotten faster in 2019, with compile time reductions of 20-50% on most benchmarks. Now that Q3 is finished it’s a good time to see how things have changed since then.

    • Extensions in Firefox 70

      Welcome to another round of new additions and changes to extensions, this time in Firefox 70. We have a new API, some improvements on existing APIs, and some great additions to Firefox Developer Tools to make it easier to debug your extensions.

      [...]

      We’ve made a few improvements to the downloads API in Firefox 70. By popular request, the Referer header is now allowed in the browser.downloads.download API’s headers object. This allows extensions, such as download managers, to download files for sites that require a referrer to be set.

      Also, we’ve improved error reporting for failed downloads. In addition to previously reported failures, the browser.downloads.download API will now report an error in case of various http 4xx failures. This makes the API more compatible with Chrome and gives developers a way to react to these errors in their code.

    • Last version

      Yesterday I released Mail Redirect 0.10.5, which may very well be the last version of Mail Redirect, at least in this form. The version contains some small bug fixes, with relation to compatibility with other extensions, Cardbook and Thunderbird Conversations to be precise.

      I already started trying to make Mail Redirect compatible with Thunderbird 71.0a1, when the Thunderbird developers announced that support traditional XUL-overlay add-ons, which Mail Redirect is, will be dropped in Thunderbird 72. This means that any effort I put in the add-on now with relation to compatibility with future Thunderbird versions will stop working in a month or so, so that won’t do any good.

      The good thing is that XUL-overlay add-ons will beep working in this major ESR-release, so Mail Redirect 0.10.5 will keep on working in Thunderbird 68., and will only stop working in Daily and Beta and in the next major Thunderbird release 76, which is planned to be released somewhere in july, I think.

      I haven’t decided what to do with Mail Redirect. In order to keep on working in Thunderbird 72+, I need to convert it to a WebExtension Experiment, but that will be a major rewrite and the future of WebExtension Experiments isn’t clear either. Thunderbird developers indicated that support for WebExtension Experiments will also be dropped somewhere in the future, so I’m not quite convinced yet that it will be worth the effort.

• Linux Foundation

  • Automotive Grade Linux Announces Chinese Automaker SAIC Motor as a New Member

    AGL is an open source project at the Linux Foundation that is bringing together automakers, suppliers and technology companies to accelerate the development and adoption of a fully open, shared software platform for all technology in the vehicle, from infotainment to autonomous driving. Sharing a single software platform across the industry reduces fragmentation and accelerates time-to-market by encouraging the growth of a global ecosystem of developers and application providers that can build a product once and have it work for multiple automakers.

  • Automotive Grade Linux Announces Chinese Automaker SAIC Motor as a New Member

    Automotive Grade Linux (AGL), a collaborative cross-industry effort developing an open source platform for connected car technologies, announces seven new members. SAIC Motor has joined as a Silver member, and German Autolabs, KPIT, MontaVista, OTAinfo, OUTCERT and Ovo Automotive join as Bronze members.

  • What?s New In Zephyr 2.0.0?

    The Zephyr Project is a small, scalable real-time operating system (RTOS) for use on resource-constrained systems supporting multiple architectures

• Productivity Software/LibreOffice/Calligra

  • Nine more videos from the LibreOffice Conference 2019

    Yes, we’ve uploaded some more presentations from the recent LibreOffice Conference 2019 in Almeria, Spain. Many of these cover interoperability between LibreOffice and other office software.

• FSF/FSFE/GNU/SFLC

  • IDAD 2019: Join us on October 12th, and use this special dust jacket to uphold the right to read

    Each year we stage the International Day Against DRM (IDAD) to help others learn about the dangers of Digital Restrictions Management (DRM). For this year’s IDAD on October 12th, we are focusing in particular on the increasing and disturbing amount of DRM present in ebooks and other online educational materials. Having so thoroughly invaded our leisure time, the digital infection known as DRM should not be allowed to spread into the classroom. Joining us in the fight for IDAD 2019 are the Electronic Frontier Foundation, Creative Commons, and The Document Foundation, among ten other participating organizations we are privileged to have standing with us in the fight against DRM.

    In a bid to become the “Netflix of textbooks,” and like many other publishers, Pearson is doing the opposite of what anyone committed to education should do: severely restricting a student’s access to the materials they need for their courses through arbitrary page limits, “rented” books that disappear, and many which require a constant Internet connection.

    Publishers like Pearson should not be allowed to decide the rigidly specific conditions under which a student can learn. No book should spy on your reading habits or simply “disappear” after you have had it for too long. In the digital age, it is unacceptable for a publisher to impose the same principles of scarcity that would apply to a physical product to a digital file. The computing revolution was caused by files being shared, not merely rented. Imposing these limitations on digital media is an attack on user freedom, no matter how much corporate PR may spin the story. It’s our aim to let the world know that we support the rights of readers. You could say that for IDAD 2019, Defective by Design has you covered.

  • parted-3.3 released [stable]

    Parted 3.3 has been released. This release includes many bug fixes and new features.

  • GNU Project maintainers push to remove Richard Stallman from GNU Project

    At first, it was unclear if Stallman was also resigning from the GNU project after his comments were made public. A message on his website said he was resigning from the GNU project, but it was later deleted. He also released a message that stated: “I recently resigned as president of the FSF, but the FSF continues to provide several forms of crucial support for the GNU Project. As head of the GNU Project, I will be working with the FSF on how to structure the GNU Project’s relationship with the FSF in the future.”

    While the group of GNU maintainers and developers do point out that they own Stallman “a debt of gratitude” for his “decades of important work in the free software movement,” they also acknowledge that “Stallman’s behavior over the years has undermined a core value of the GNU project: the empowerment of all computer users.”

• Licensing/Legal

  • Announcing the Second Annual CopyleftConf!

    Last year’s event was the first ever CopyleftConf. It was great! We have some videos up and more are coming. Also, our call for proposals is open now, through the end of the month — we’d love to hear from you.

    The response was really positive and we’re looking forward to putting on a fantastic 2020 event. Because last year’s event was so well attended, we’ve gotten a larger venue for this year.

    Participants from throughout the copyleft world ? developers, strategists, enforcement organizations, scholars and critics ? will be welcomed for an in-depth, high bandwidth, and expert-level discussion about the day-to-day details of using copyleft licensing, obstacles facing copyleft and the future of copyleft as a strategy to advance and defend software freedom for users and developers around the world.

• Programming/Development

  • RenderDoc 1.5 Released For This Leading OpenGL / Vulkan / Direct3D Open-Source Debugger

    RenderDoc has already been the leading open-source graphics debugging tool for OpenGL / Vulkan / Direct3D across multiple platforms and it continues only getting more useful with each new feature release.

    RenderDoc 1.5 is the project’s first release in six months and as such it’s a fairly big update for this prominent graphics debugger.

    RenderDoc 1.5 now allows better configuring of capture replays, SPIR-V reflection and disassembly is now more reliable as well as working against the latest SPIR-V version, a Vulkan replay-time optimization, an OpenGL low-memory optimization, and various other optimizations throughout. One of the other optimizations worth mentioning is much better capture load and close time performance for D3D12/Vulkan captures with many serialized resources.

  • Wing Tips: Python Code Warnings in Wing Pro 7

    Examples of warnings that Wing might flag include syntax errors, indentation problems, uses of an undefined variable, imports that cannot be resolved, or variables that are set but never used.
    Code warnings save development time because they help to identify errors before code is even run. New code is checked as you work, although Wing will wait until you have finished typing so that it doesn’t warn about code that is still being entered.

  • How to Analyze Survey Data with Python for Beginners

    Conducting surveys and polls is one of the best ways to collect data and gain insight into questions like why are customers leaving our website? or why are voters attracted to this candidate? But analyzing survey data can be a real challenge!

    In this tutorial, we’re going to walk through how to analyze survey data using Python. But don’t worry — even if you’ve never written code before, you can handle this! We’re going to take it step by step, and by the end of this tutorial you’ll see how you can unlock some pretty impressive analytical power with just a few lines of code!

    For the purposes of this article, we’ll be analyzing StackOverflow’s 2019 developer survey data, because it’s a large and recent survey data set that’s public and properly anonymized. But these techniques will work for almost any sort of survey data.

  • 2019.3 EAP 5

    A new version of the Early Access Program (EAP) for PyCharm 2019.3 is available now! Download it from our website.

  • Webinar Preview: “Starting Testing” tutorial step for React+TS+TDD

    The first tutorial steps got us setup in the IDE, with a sample project generated and cleaned up. Now it’s time to learn React and TypeScript by…writing tests?

    Indeed! This tutorial is trying to sell you on the idea that you’ll be more productive and happier writing and using your components from inside the IDE, instead of constantly heading over to the browser. For most of the steps in the tutorial, you do all of the learning, typing, and running from within a test, staying in the IDE and in the “flow”.

  • PyCon US 2020 Hatchery Program Launches Call for Proposals

    The PyCon US Hatchery Program has become a fundamental part of how PyCon as a conference adapts to best serve the Python community as it grows and changes with time.

    Initially we wanted to gauge community interest for this type of program, and since launching in 2018 we have learned more about what kind of events the community might propose. At the end of the inaugural program, we accepted the PyCon Charlas as our first Hatchery event which has grown into a permanent track offered at PyCon US.

  • Episode #151: Certified! It works on my machine

  • Red Hat strengthens commitment to open source tooling, joins new working group

    The Eclipse Cloud Development (ECD) project group started at the Eclipse Foundation in 2016 with Eclipse Che and Orion open source coding tools. Each year since has seen greater interest and new projects added, including Theia, CodeWind, Dirigible, Sprotty, and now Che4z. As the ECD has grown to become a center of open source cloud-native development tooling, user and vendor interest has also increased; users of Eclipse Cloud Development projects now number well over 500k, and several other vendors have joined Red Hat to push tooling forward in this critical market. This has been fantastic, as it has driven more contributions and collaboration from the community.

  • Manage multiple versions of Go with GVM

    Go Version Manager (GVM) is an open source tool for managing Go environments. It supports installing multiple versions of Go and managing modules per-project using GVM “pkgsets.” Developed originally by Josh Bussdieker, GVM (like its Ruby counterpart, RVM) allows you to create a development environment for each project or group of projects, segregating the different Go versions and package dependencies to allow for more flexibility and prevent versioning issues.

  • Excellent Free Books to Learn BASIC

    BASIC (Beginner’s All-purpose Symbolic Instruction Code) is a family of general-purpose, high-level programming languages whose design philosophy emphasizes ease of use. In 1964, John G. Kemeny and Thomas E. Kurtz designed the original BASIC language at Dartmouth College. They wanted to enable students in fields other than science and mathematics to use computers. At the time, nearly all use of computers required writing custom software, which was something only scientists and mathematicians tended to learn.

    The advent of the personal computer was crucial to the success of BASIC. The language was designed for hobbyists, and as personal computers became more accessible to this audience, books of BASIC programs and BASIC games surged in popularity.

    BASIC is generally not regarded as the easiest way to take the first steps in learning the art of programming. But it does not hinder beginners from learning how to program, or teach them bad habits. And it’s the highest low-level language. Even today, there remains value in learning BASIC.

Imagine That

In 2010, Capitol Records released remastered versions of John Lennon’s entire catalog, the best of which remains the Phil Spector-produced Imagine. The title track has become an integral part of the world’s cultural fabric–the centerpiece of a ghetto high school halftime show at a basketball game in New York or a Ben and Jerry’s ice cream flavor (“Imagine Whirled Peace”).

The Old Man and His Smartphone, Episode I

Someone also took pity on me and showed me how to silence alerts from attention-seeking apps, with one notable instance being an app that liked to let me know when spam arrived for each instance of spam.

Health/Nutrition

• Brussels: Innovative Mental Health Support

  A mobile team that supports people with psychosocial disabilities, or mental health conditions, in their own homes offers an innovative rights-based alternative to residential psychiatric care, Human Rights Watch said today in a new web feature.

• Key elements of Patching to consider for Healthcare IT CISOs

  Data breaches that affect businesses of all sizes are now more common than ever, and unsurprisingly this includes Australia. As they become almost a regular affair, healthcare sector is no exception. According to the last quarter Notifiable Data Breaches (NDB) Statistics Report from OAIC, between January to March, the health sector reported 27 per cent of the data breaches, being one of the top industries. Of the 58 notifications over the first quarter, 52 percent was caused by human error, 45 percent was because of malicious or criminal attacks and 3 percent was due to system faults.

  The recent hack events were primarily ransomware attacks, one of the key security vulnerability that allows attackers to plant a malware into unpatched operating systems and legacy systems with the only objective of extorting affected organisations. Reports show that nearly half of reported ransomware attacks are on healthcare institutions. As the privacy violations and data breaches in healthcare industry involves high risks and costs, it is key for healthcare IT administrators to pay close attention to their IT infrastructure and detect security gaps. Here are some crucial elements of patching to consider as a part of the IT security strategy…

Security (Confidentiality/Integrity/Availabilitiy)

• Security updates for Thursday

  Security updates have been issued by Debian (clamav, libtomcrypt, and rsyslog), Fedora (suricata), SUSE (libopenmpt and python-requests), and Ubuntu (libsoup2.4 and octavia).

• IPFire 2.23 – Core Update 136 released

  This is the official release announcement for IPFire 2.23 – Core Update 136. A new update packed with loads of security fixes, bug fixes and a couple of important new features.

• Computer historians crack passwords of Unix’s early pioneers

  Early versions of the free/open Unix variant BSD came with password files that included hashed passwords for such Unix luminaries as Dennis Ritchie, Stephen R. Bourne, Eric Schmidt, Brian W. Kernighan and Stuart Feldman.

  Leah Neukirchen recovered an BSD version 3 source tree and posted about it on the Unix Heritage Society mailing list, revealing that she was able to crack many of the weak passwords used by the equally weak hashing algorithm from those bygone days.

• BlueKeep – Exploit Windows (RDP Vulnerability) Remotely

  Remote desktop protocol (RDP) is a secure network communications protocol designed for remote management, as well as for remote access to virtual desktops, applications and an RDP terminal server. RDP allows network administrators to remotely diagnose and resolve problems individual subscribers encounter. RDP is available for most versions of the Windows operating system.

• Windows Error Reporting Manager arbitrary file move Elevation of Privilege (CVE-2019-1315)

• Mozilla’s sponsored security audit finds a critical vulnerability in the tmux integration feature of iTerm2

  Yesterday, Mozilla announced that a critical security vulnerability is present in the terminal multiplexer (tmux) integration feature in all the versions of iTerm2, the GPL-licensed terminal emulator for macOS.

  The security vulnerability was found by a sponsored security audit conducted by the Mozilla Open Source Support Program (MOSS) which delivers security audits for open source technologies. Mozilla and the iTerm2’s developer George Nachman have together developed and released a patch for the vulnerability in the iTerm2 version 3.3.6.

• HP Flaw Lets Hackers Hijack Your PC: What to Do [Ed: Unless you're a Mono fanatic, you won't have DLLs on your system]

  That’s because there’s a serious flaw in older versions of Touchpoint Analytics, aka HP Device Health Service, a diagnostic program built into most HP PCs running Windows. A user or a program with administrative rights could use Touchpoint Analytics to silently and permanently install malware at the system level, and a limited-user account could also do so in certain cases.

  [...]

  This kind of DLL switcheroo is known as a DLL injection, and it makes a program do things it shouldn’t. PC gamers sometimes use DLL injection to cheat at games, and malicious hackers can use it to make a program run malicious code. (DLL injection works on Macs and Unix/Linux systems as well as on Windows.)

• Thunderbird Will Start Using OpenPGP Encryption in 2020

  The developers of Thunderbird, one of the most-used free email clients in the world, plan to implement OpenPGP support in 2020.

  Thunderbird used to be made by Mozilla, but the company dropped it a few years ago, and the community took over the project. The email client is still using some of Firefox’s infrastructure.

  Since Thunderbird is an open-source and cross-platform email client, it would make sense to bundle GnuPG software, but the differences in licenses make that impossible (MPL version 2.0 vs. GPL version 3+). The devs have to look for another solution, and the only to make it work is to add OpenPGP.

  Thunderbird users until now only had the option to adopt an add-on called Enigmail, which provides data encryption for both the email client and SeaMonkey. When Thunderbird migrates to a newer code, though, the Enigmail add-on will stop working.

Defence/Aggression

• The U.S. Arming of Ukraine Is a Scandal on Its Own

  What follows is a conversation between journalist Aaron Maté and Max Blumenthal of The Grayzone. Read a transcript of their conversation below and watch part one of their interview below.

• Turkey Launches Offensive Against Kurdish Fighters in Syria

  Turkey launched a military operation Wednesday against Kurdish fighters in northeastern Syria after U.S. forces pulled back from the area, with a series of airstrikes hitting a town on Syria’s northern border.

• Trump’s Syria Policy Could Be a Gift to ISIS

• Iraq Protests: Death Toll Soars as Militias Target Protesters

  Iraqi paramilitary groups close to Iran are suspected of joining attacks on protesters in Baghdad and other cities, leading to heavy loss of life among demonstrators. Some 107 people have been killed and over 6,000 wounded in the last six days, though hospital doctors say the government is understating the true number of fatalities.

• From Kabul: Youth on the Road to Peace

  In September 2019, facing everyday dangers of the war and under constant pressure to view those from other tribes as enemies, young people from each of Afghanistan’s 34 provinces gathered for a three day “On the Road to Peace” conference in Kabul.

Environment

• London Airport Braces for Climate Protests

  Thousands of passengers face disruption at London City Airport after climate-change protesters Extinction Rebellion vowed to occupy its terminal and shut down operations for three days as part of its action in the British capital.

  London City is the capital’s fifth-biggest – and most central – airport, popular with business travellers, bankers and politicians for short-haul and regional routes.

• Climate challenges call for open solutions

  Members of a community must believe in a common purpose. That sense of common purpose is not only what unites an open project but also what helps an open, distributed group maintain its focus and measure its success. Clear, public, and mutually agreed-upon statements of purpose are a basic feature of open organizations.

• Wildlife/Nature

  • Power Cut to 1 Million in California to Try to Prevent Deadly Fires

    California’s biggest utility cut power to more than a million people Wednesday for what could be days on end in the most sweeping effort in state history to prevent wildfires caused by windblown power lines.

  • Of Horses and Civilization

    I love all animals. I grew up in a Greek village where domesticated animals were part of my family. We had chickens, dogs, cats, sheep, goats, donkeys and mules.

Finance

• The GM Strike: a Century of Context

  Wars end with treaties. In the middle of the 20th century, the “class war” that finished off America’s original plutocracy ended with the “Treaty of Detroit.”

• Public School Uniforms: Symbol of the Times

  The uniformity of the shades of dark and light blue clothing on the children fans out from the New York City street corner next to a charter school and seems to cover an entire city block. The uniformity is everywhere. Even the student backpacks are blue.

AstroTurf/Lobbying/Politics

• Colin Powell’s Trump Problem

  When the compromised speak of judgment, the voice of credibility vanishes. In its place, a certain niggling sense of hypocrisy and weakness prevails. Former US Secretary of State Colin Powell is one of those of those compromised voices. He presided over a redundant State Department before the pressures of the Pentagon and Secretary of Defence Donald Rumsfeld, keen to initiate an invasion of Iraq. He oversaw the bankruptcy of the Republican ideal before the nibbling sharks of neoconservatism within the administration of President George W. Bush. But that has not prevented him from being cavalier in assessing the legacy of Donald Trump.

• The Battle for the Soul of India

  We are witnessing a battle for the rational soul of India. It has long been the conventional wisdom that the country’s historic and admirable diversity and tolerance would prevent the creation of a Hindu-first nation. But it seems increasingly likely that the narrative of India as a Hindu democratic state will prevail.

• Zelensky’s Capitulation and Trump’s Open Appeals for Foreign Help on Biden Dirt

  “It looks like Zelensky has capitulated” reports MSNBC’ Matt Bradley in Kiev, to President Trump’s demand that he “play ball” and investigate Joe and Hunter Biden. The investigation of Burisma Holdings has been reopened at U.S. mafiosa-like prodding.

• Time to Leave the Political Ghosts of 2016 Behind and Face the Future

• Trump’s Trade War: a Report From the Front

  Donald Trump is bravely carrying on a trade war, not just with the bad guys with China, but with longtime allies like Canada and the European Union. Incredibly, the media just don’t seem that interested in reporting on the ongoing progress.

• Bojo Goes Bonkers: Two Borders Will Divide Ireland From Northern Ireland

  BoJo is nothing if not inventive. The Irish backstop problem had derailed the premiership of his predecessor the Maybot, and he was making no headway in dealing with it up to now.

Censorship/Free Speech

• For NBA’s Quandary over China, Stand with Human Rights

  The NBA has long portrayed itself as standing up for human rights, whether dismissing the Los Angeles Clippers’ owner for racist statements or moving the All-Star Game from Charlotte after North Carolina took a stand against allowing transgender people to use the bathroom associated with their identity. 

• Ridiculous: Judge Says Devin Nunes’ SLAPP Suit Against An Internet Cow And Others Can Continue

  In some surprising, and ridiculous, news the local court judge, Judge John Marshall (no, not that Judge John Marshall), has decided not to dismiss the lawsuit that Nunes filed against Twitter, two satirical Twitter accounts, and political strategist Liz Mair. As you’ll recall, Mair and Twitter had both argued that the case had no reason to be in a local Virginia court, and that, if anything, the proper venue was in California. The judge had demanded that Twitter reveal to him the details of who was behind the Twitter accounts (something that was already questionable under the 1st Amendment, which protects anonymity). Twitter refused, though did say that neither account holder was based in Virginia.

• Thin-Skinned Chinese Government Busy Making American Sports Orgs Look Silly On Free Speech Issues

  It’s no secret that the Chinese government is no friend to free speech. While that statement must seem painfully obvious, the entire world is getting an education into just how thin-skinned Beijing is with the ongoing protests in Hong Kong. While those protesters are chiefly demonstrating for their own civil rights, the Chinese government has apparently made it its business to police the rest of the world’s speech while holding the second largest economy on the planet as a hostage to its own hurt feelings.

Privacy/Surveillance

• Twitter “Unintentionally” Used Your Phone Number for Targeted Advertising

  Stop us if you’ve heard this before: you give a tech company your personal information in order to use two-factor authentication, and later find out that they were using that security information for targeted advertising.

  That’s exactly what Twitter fessed up to yesterday in an understated blog post: the company has been taking email addresses and phone numbers that users provided for “safety and security purposes” like two-factor authentication, and using them for its ad tracking systems, known as Tailored Audiences and Partner Audiences.

• Victory! California Governor Signs A.B. 1215

  California’s Governor Gavin Newsom has officially signed a bill that puts a moratorium on law enforcement’s use of face recognition for three years.

  Under Assemblymember Phil Ting’s bill, A.B. 1215, police departments and law enforcement agencies across the state of California will have until January 1, 2020 to end any existing use of face recognition on body-worn cameras. Three years without police use of this invasive technology means three years without a particularly pernicious and harmful technology on the streets and has the potential to facilitate better relationships between police officers and the communities they serve. As EFF’s Associate Director of Community Organizing Nathan Sheard told the California Assembly, using face recognition technology “in connection with police body cameras would force Californians to decide between actively avoiding interaction and cooperation with law enforcement, or having their images collected, analyzed, and stored as perpetual candidates for suspicion.”

• Trump Administration Demands An End To Strong Encryption While Being Exhibit A For Why We Need It

  In the 18th Century the Founding Fathers were worried about tyrants. They were worried about government officials abusing the powers of their office and the fate of the nation if there were no check on their power. In the 21st Century those concerns have hardly faded. Today we have a presidential administration that, if nothing else, has publicly (and privately) attempted to turn the ship of state against multiple political opponents, and with such an audacious expectation of impunity that it leaves no basis to believe it would not do the same to anyone else who stands against it.

• FISA Court Finds The FBI Is Still Violating The Fourth Amendment With Its Abuse Of NSA Collections

  The NSA isn’t the only agency to abuse its surveillance powers. The FBI’s ability to access unminimized data harvested by the NSA has resulted in abuse after abuse, as the FBI loves to use the massive data haul to perform “backdoor searches” of its domestic targets.

Freedom of Information / Freedom of the Press

• Whistles Blowing

• Navalny’s Anti-Corruption Foundation is blacklisted over two thousand dollars in donations from America and Spain

  The Russian Justice Ministry says it has formally added Alexey Navalny’s Anti-Corruption Foundation (FBK) to its list of “foreign agents” because the organization supposedly received a total of 140,000 rubles ($2,160) in donations from the United States and Spain, ministry spokesman Vladimir Titov told the news agency Interfax.

Civil Rights/Policing

• Turkish Gov’t Demands US Embassy Apologize For ‘Liking’ A Tweet The Turkish Gov’t Didn’t Like

  The government with the thinnest skin is at it again. Turkey can’t handle being criticized in even the slightest way — not after installing Recep “Gollum” Erdogan as president. A very, very long list of well-earned criticisms has led to an equally long list of retaliatory actions against the president’s critics, which has included the misuse of other countries’ laws to secure punishment of non-citizens and the jailing of of journalists declared to be terrorists by President Erdogan’s government.

• French Leader Should Press Hungary’s Orban on Rule of Law

  Later this week, French President Emmanuel Macron will meet Hungary’s Prime Minister Viktor Orban in Paris for his first bilateral visit in France.

• Qatar: Urgently Investigate Migrant Worker Deaths

  Qatar should thoroughly and urgently investigate and publicize the underlying causes of migrant worker deaths in light of new medical research concluding that heatstroke is a likely cause of cardiovascular fatalities among these workers in Qatar, Human Rights Watch said today.

Internet Policy/Net Neutrality

• The Cable Industry Makes $28 Billion Annually In Bullshit Fees

  Last week we highlighted a study showing that your cable bill can be as much as 45 percent higher than the advertised price thanks to bullshit fees. Now a new study by Consumer Reports shows that up to 24 percent of your monthly cable bill is comprised of said bullshit fees. The fees are designed specifically for one purpose: to let companies falsely advertise one rate, then charge you significantly more money. It’s effectively false advertising, but efforts to rein in the practice are fleeting to nonexistent, because creatively fleecing American consumers is just so hot right now.

Monopolies

• After voting down EC candidate Goulard, the European Parliament should oppose giving France control over both DG GROW and DG CONNECT

  What only one of the articles I saw mentioned is, however, the issue I’d like to focus on because innovation matters more than retribution: apparently some MEPs were concerned not only about the integrity of that particular candidate but also (or even primarily) about the allocation of fields of policy-making among the different commissioners.

  No matter who will be named instead of Mrs. Goulard, what the EP should never accept–for the sake of Europe’s fitness for an increasingly digital future–is that one commissioner–and especially not a French commissioner–effectively controls both DG GROW (the Directorate-General for the Internal Market, previously called DG MARKT) and DG CONNECT (Directorate-General for Communications Networks, Content and Technology, previously called DG INFSOC = Information Society).

  Formally, the DGs are part of the Commission’s “services” and “independent” from the commissioners and their aides (“cabinets”). But that’s nominal. In reality, the political appointees make all the decisions.

  The IP policy unit is part of DG GROW, and they consistently promote ever broader patents and ever more leverage in litigation for patent holders. By contrast, DG CONNECT has a tradition of, and hard-earned reputation for, being sympathetic to the digital sector. DG CONNECT takes a more balanced approach. They understand the implications of IP enforcement in connection with highly complex and multifunctional products. They realize to a greater extent than some other people that certain startups seek to be protected by patents, while many others need to be protected from patents. And they tend to look at free and open-source software as an opportunity, not merely a threat to other business models.

  [...]

  France has a rich history, but it doesn’t have much of a future. None of its largest corporations (such as LVMH, L’Oréal, and Sanofi-Aventis) is a digital-economy player. Macron likes to think of France as a “Startup Nation,” but has no facts to back up that vision. And it’s hard to see how this is ever going to improve, given that many of the brightest young French engineers and programmers go to work for GAFA and other non-French companies and, which is so shocking, considering that only 2% of French students reach the top performance level in the TIMSS international math test, roughly at a level with Persian Gulf states. By comparison, 50% of Singapore’s students are top performers in math, 40% of South Korean students, 20% of Russian students, and 14% of American students. Even Kazakhstan is at a level with the U.S., i.e., seven times as strong as France.

  The French digital policy agenda is to dumb down all of Europe only because France has degenerated. This year’s EU copyright reform is an example, as is the French pet project of a “digital tax” (the U.S. threatened with retaliation, but a deal was reached in August). The situation will get a whole lot worse with a Macron appointee controlling both the EU’s internal-market and digital-policy divisions–an unprecedented concentration of power that would be undesirable even if the commissioner came from a more innovative country with brighter students.

• Copyrights

  • Epic Games Settles With Cheating Minor To End Lawsuit

    At long last, the PR nightmare for Epic Games is over. Kind of. You will recall that the company went on a lawsuit blitz over those that develop and/or promote cheats for Epic’s hit game Fortnite. While one can understand that the company was salty over cheat enablers for its online shooter, given that disruption by cheaters makes the game less fun and therefore less popular, the fact is that Epic also fought this battle on claims that such cheats violate copyright and the license provided by the game’s Terms of Service. These are claims that need to be tested, and hopefully defeated, in court, because they are a twisting of copyright law into the worst kind of pretzel.

GNU/Linux Communities at Reddit

Our GNU/Linux community information is naturally centralized at Reddit for news and discussion, it’s not a secret. For instance, all big GNU/Linux distros have Reddits. Even often, news from a FLOSS project comes first at Reddit and being discussed a lot there rather than other social networks. See for example news of r/KDE and r/LibreOffice there (notice that unique Reddit IDs?). If you feel unfamiliar with this, you can think Reddit like Facebook or Twitter, but amazingly faster to browse, with greatly less picture and more text. With this list, after registering you can find your first community on Reddit for example r/Ubuntu and r/linux4noobs. Speaking personally, as an active GNU/Linux user I love Reddit and actually I use DNSCrypt just because I want to visit it. Also, if you’re tired of other social networks you can give Reddit a try and I believe you will love it! I wish you will find nice people and friends there. Now let’s go!

Desktop

• System76 Launches Two Linux Laptops Powered by Coreboot Open-Source Firmware

  Driven by the idea that technology should always be free and open, System76 is launching today the Galago Pro and Darter Pro laptops with their new Coreboot-based open-source firmware, which not only makes these computers boot faster than with a proprietary firmware, but it also protects them against various security vulnerabilities and other threats.

  “Our lightweight open source firmware gets users from boot screen to desktop 29% faster,” said System76. “Removing unnecessary features from the firmware such as network connectivity and execution environments also decreases the potential for vulnerability, meaning users who upgrade to the new laptops will benefit from increased security.”

• System76 Will Begin Shipping 2 Linux Laptops With Coreboot-Based Open Source Firmware

• System76 launches two Linux with Comet Lake chips and Coreboot

• System76 Launches Two Intel Laptops With “Open-Source Firmware” Coreboot

Server

• Google’s Keeping Knative Development Under Its Thumb ‘For the Foreseeable Future’

  In addition to Knative, which is for deploying serverless workloads, Google evidently plans to keep the Kubernetes service mesh, Istio, in-house.

• Puppet’s New Cloud Native Continuous Delivery Tool Builds on the CDF’s Tekton [Ed: It says: "The Linux Foundation, Puppet, and Red Hat are sponsors of The New Stack." Read as: we're being paid to write this article by the subject of this article.]

  Puppet has released into public beta its Project Nebula, a cloud native tool that connects a DevOps team’s existing toolset into an end-to-end, continuous delivery platform. The company aims to simplify deployment of microservices and serverless-based applications by connecting popular tools for infrastructure provisioning, application deployment, and notifications into a single, automated workflow.

  “There are a few folks in the world who believe in one tool that solves all the problems. And then there are folks who believe in best-of-breed and pulling the right tools for the right job with the right people, and the right culture,” said Matthew Young, senior director of product management at Puppet. “And we’re really going after the latter… We are not trying to replace every other tool.”

• Kubectl and friends as a snap

  At Canonical, we build solutions to simplify the lives of our users. We want to reduce complexity, costs, and barriers to entry. When we built the Canonical Distribution of Kubernetes (CDK) and MicroK8s, we made sure it aligned with our mission. We built snaps like kubectl for various Kubernetes clients and services to ensure a harmonious ecosystem.

  From user feedback, requests and going over the exciting use cases our users and partners are experimenting with, sometimes you just need to get up and running. Kubernetes on a Raspberry Pi anyone? This is why we provide Kubernetes components such as kubectl, kubefed, kubeadm, etc. as snaps and open to use for your use cases.

• IBM

  • EPEL8 packages

    With the opening up of EPEL8, there’s a lot of folks looking and seeing packages they formerly used in EPEL6/7 not being available and wondering why. The reason is simple: EPEL is not a fixed exact list of packages, it’s a framework that allows interested parties to build and provide the packages they are interested in providing to the community.

    This means for a package to be in EPEL8, it requires a maintainer to step forward and explicitly ask “I’d like to maintain this in EPEL8” and then build, test and do all the other things needed to provide that package.

    The reason for this is simple: We want a high quality, maintained collection of packages. Simply building things once and never again doesn’t allow for someone fixing bugs, updating the package or adjusting it for other changes. We need a active maintainer there willing and able to do the work.

  • vDPA hands on: The proof is in the pudding

    In this post, we will set up vDPA using its DPDK framework. Since vDPA compatible HW cards are in the process of being commonly available on the market, we will work around the HW constraint by using a paravirtualized Virtio-net device in a guest as if it was a full Virtio HW offload NIC.

  • Open Banking with Microservices Architectures and Apache Kafka on OpenShift

    Last month, at OpenShift Commons Gathering Milan, Paolo Gigante and Pierluigi Sforza of Poste Italiane, showed the audience how they built a microservices based banking architecture using Apache Kafka and OpenShift. Their slides are available here. For more great in-person events like this, register for the next Commons Gathering near you! San Francisco is coming up before the end of the month, and will focus on AI/ML.

Audiocasts/Shows

• Home Network Under $200 | Self-Hosted 3

  How far can you get with a Raspberry Pi 4? We go all in and find out.

  Plus our favorite travel router with WireGuard built in, and Chris kicks off Project Off-Grid. Meanwhile, Alex adopts proprietary software.

• Lack Rack, Jack | BSD Now 319

  Causing ZFS corruption for fun, NetBSD Assembly Programming Tutorial, The IKEA Lack Rack for Servers, a new OmniOS Community Edition LTS has been published, List Block Devices on FreeBSD lsblk(8) Style, Project Trident 19.10 available, and more.

• The Linux Link Tech Show Episode 828

• 2019-10-09 | Linux Headlines

  SUSE drops OpenStack Cloud, OpenLibra looks to piggyback on Facebook’s cryptocurrency, OpenSSH adds in-RAM protections and Essential teases flashy new phone.

Kernel Space

• 5.4 Merge window, part 2

  The release of the 5.4-rc1 kernel and the closing of the merge window for this development cycle came one day later than would have normally been expected. By that time, 12,554 non-merge changesets had been pulled into the mainline repository; that’s nearly 2,900 since the first-week summary was written. That relatively small number of changes belies the amount of interesting change that arrived late in the merge window, though.

• Upstreaming multipath TCP

  The multipath TCP (MPTCP) protocol (and the Linux implementation of it) have been under development for a solid decade; MPTCP offers a number of advantages for devices that have more than one network interface available. Despite having been deployed widely, though, MPTCP is still not supported by the upstream Linux kernel. At the 2019 Linux Plumbers Conference, Matthieu Baerts and Mat Martineau discussed the current state of the Linux MPTCP implementation and what will be required to get it into the mainline kernel.
  MPTCP, described by RFC 6824, is built around one fundamental idea: allowing a single network connection to exchange data over multiple physical paths. One obvious use case is a phone handset, which has both WiFi and broadband interfaces. Being able to use both at the same time would give the device greater bandwidth, but also greater redundancy — a connection could continue uninterrupted despite changes to individual paths.

• Fixing getrandom()

  A report of a boot hang in the 5.3 series has led to an enormous, somewhat contentious thread on the linux-kernel mailing list. The proximate cause was some changes that made the ext4 filesystem do less I/O early in the boot phase, incidentally causing fewer interrupts, but the underlying issue was the getrandom() system call, which was blocking until the /dev/urandom pool was initialized—as designed. Since the system in question was not gathering enough entropy due to the lack of unpredictable interrupt timings, that would hang more or less forever. That has called into question the design and implementation of getrandom().

  Ahmed S. Darwish reported the original problem and tracked it down to the GNOME Display Manager (GDM), which handles graphical logins. It turns out that GDM was calling getrandom() in order to generate the “MIT magic cookie” that is used for authorization by the X Window System. As was pointed out by several in the mega-thread, using cryptographic-strength random numbers for the cookie (or much of anything in terms of X Window security) is well beyond the pale—a much weaker random number generator could have been used with no loss of security. Darwish noted that the call “only” requests a small number of random bytes (five calls requesting 16 bytes each) but, as Theodore Y. Ts’o said, that doesn’t matter: by default getrandom() will not return anything until the cryptographic random number generator (CRNG) is initialized—which requires entropy.

  When Darwish originally bisected the problem, he pinpointed an ext4 commit that had the effect of reducing the amount of disk I/O that was being done early in the boot process. That performance enhancement also, unfortunately, turned out to reduce the amount of entropy gathered on Darwish’s laptop—to the point it would not boot. That change has been reverted for now.

• Compiling to BPF with GCC

  The addition of extended BPF to the kernel has opened up a whole range of use cases, but few developers actually write BPF code. It is, like any other assembly-level language, a tedious pain to work with; developers would rather use a higher-level language. For BPF, the language of choice is C, which is compiled to BPF with the LLVM compiler. But, as Jose Marchesi described during the Toolchains microconference at the 2019 Linux Plumbers Conference, LLVM will soon have company, as he has just added support for a BPF back-end to the GCC compiler.
  Marchesi, who described himself as “just a compiler guy” rather than a tracing wizard, said that this work is proceeding in three phases. The first of those is to get basic BPF support into the toolchain; for GCC, that takes the form of a new bpf-unknown-none target triplet. Support for BPF was added to binutils in May; the first GCC support landed in the project’s repository just before the conference began.

• Google Opens Up “SchedViz” To Visualize Linux Kernel Scheduling Behavior

  Google’s newest open-source contribution for benefiting the Linux kernel is SchedViz.

  SchedViz is a tool developed at Google for visualizing the Linux kernel scheduling behavior. Google has already used this tool internally to find areas for improvement within the kernel to make better scheduling choices and analyzing memory latency problems.

• Amlogic Video Decode Driver Nearly Ready With H.264 Support

  The in-kernel staging Amlogic Meson video decode driver could soon handle H.264 support as soon as Linux 5.5.

  After a lengthy journey getting into the kernel with initially just MPEG-1 and MPEG-2 support, this open-source Amlogic video decode driver should soon be in compliance with H.264.

• Graphics Stack

  • Intel Adds GPU-Accelerated Memory Copy Support To FFmpeg

    Intel engineers have contributed GPU-accelerated memory copy support to FFmpeg when making use of their preferred video decode implementation.

    For those making use of Intel Quick Sync Video decode with FFmpeg, the latest development code has added GPU-accelerated memory copy support between the video and system memory.

  • Intel ANV & Radeon RADV Vulkan Drivers Tacking On More Extensions With Mesa 19.3

    There still is another month until the feature freeze for Mesa 19.3 to end out 2019 and it will be a big one.

    In addition to the continued flurry of OpenGL driver activity and bits like Zink potentially being merged, the Intel and AMD Radeon Vulkan drivers have been seeing more extension work for 19.3-devel. Here’s the latest.

Benchmarks

• The Mitigation Impact Difference On AMD Ryzen 9 3900X vs. Intel Core i9 9900K Performance

  Last week I shared benchmark results of the AMD Ryzen 9 3900X vs. Intel Core i9 9900K in 400+ benchmarks in the largest comparison ever for these two competing ~$500 USD processors. If that wasn’t enough, I repeated the hundreds of CPU/system benchmarks again but without any of the recent CPU security mitigations in place to see how the situation would have played out pre-2018.

  Immediately following those tests last week, I restarted the large benchmark queue with the 300+ system/CPU tests (foregoing the gaming benchmarks with the various CPU speculative execution vulnerabilities having little impact on gaming/graphics performance). As a reminder, both the Intel and AMD systems were tested on Ubuntu 19.10 with the Linux 5.3 kernel and all of the other latest software components for this H2’2019 update to Ubuntu Linux.

  The Core i9 9900K was running with the ASUS PRIME Z390-A motherboard and the Ryzen 9 3900X with the ROG CROSHAIR VIII HERO WiFi motherboard, both boards using their very latest public BIOS releases as of testing. Both systems were tested with the same GSKILL 2 x 8GB DDR4-3600 memory, 280GB Intel Optane 900p NVMe SSD, and Radeon RX Vega 64 graphics card.

• Windows 10 vs. Ubuntu 19.10 vs. Clear Linux vs. Debian 10.1 Benchmarks On An Intel Core i9

  Earlier this week I provided some fresh Windows vs. Linux web browser benchmarks for both Firefox and Chrome. For those curious how the current Windows 10 vs. Linux performance is for other workloads, here is a fresh look across a variety of software applications and while testing the near-final Ubuntu 19.10, Intel’s rolling-release Clear Linux, and Debian 10.1 while running off an Intel Core i9 HEDT platform.

  Ahead of all our autumn 2019 Linux distribution update benchmarks, this article is a fresh look at the Microsoft Windows 10 Pro x64 performance compared to these popular Linux distributions. Particularly with Debian 10 and Clear Linux, they tend to be the fastest Linux distributions we routinely benchmark at Phoronix while Ubuntu is included due to its popularity.

  These four operating systems were all tested on the same Intel Core i9 7980XE + 4 x 4GB DDR4-3200 memory + NVIDIA GeForce GTX TITAN X + Samsung 970 EVO 500GB NVMe SSD system with the i9-7980XE being the newest Intel HEDT platform I have available for testing at the moment.

Applications

• Celluloid is a really good mpv frontend for Linux

  If you are a Linux user who wants a front-end for the popular MPV video player, Celluloid may be your best bet.

  I installed the application via flatpak but you can find quite a few packages linked at the official GitHub; installation instructions for flatpak are available on the same page.

  Celluloid mpv frontend for Linux

  The GUI of Celluloid is quite similar to most Linux apps, and quite minimal. Click on the + button in the top left corner to open a video, or drag and drop one on to the interface. You can also load a web URL to stream content directly using the player from the Open Location menu.

• ImCompressor is a New, User-Friendly Image Compressor for Linux

  It’s written with Python and Gtk and designed to the GNOME HIG. This helps it both look great and integrate well with modern Linux distros, like Fedora and Ubuntu.

  The design of the app makes it incredibly simple to use, too.

  Open ImCompressor and drag and drop jpeg and png images on to the window (or select files through the in-app file picker) to quickly, losslessly, optimise them, i.e. reduce image file size without affecting the overall image quality.

Proprietary

• Opera 64 Released with Privacy Enhancing Features. Download Now

  The latest release of Opera web browser 64 is here focusing on privacy, ad blocking and many more.

• Discord Confirms Layoffs After Internal Restructuring

  The truth is that Discord has had a really complicated 2018 year. After overcoming the barrier of 250 million registered users, last September they canceled their subscription service, Discord Nitro, which allowed access to different video games through a monthly payment. The company wrote in its blog that users were not playing the games in the Nitro subscription.

  Discord made headlines last December when they changed the policy of percentage of profits that the developers who published their video games took on their platform, a kind of counterattack to Steam and Epic Games Store after their two changes at the end of last year.

• DJs You Are Warned ⁠— Do NOT Upgrade Into MacOS Catalina

  With the removal of iTunes in Catalina, users lost support for XML files and native playback on Macs. The XML file loss is a massive blow to most DJ software, which relies on the format for setlist organization.

  Popular DJ apps like Traktor and Rekordbox read these XML files. iTunes has been the default way that many DJs find their tracks for years now. With Music replacing iTunes in Catalina, there’s no feature parity there.

A simple command to open all files with merge conflicts

Amazon Linux AMI install mysql client programs for RDS

Ubuntu 18.04 remove all unused old kernels

Tmux takes your Linux terminal to a whole new level

Three Drives on my Dell Latitude E6440 | Cuz Two Isn’t Enough

How to reduce Red Hat Fuse image size

How to Use Curl Command with Proxy on Linux

How To Install FFmpeg on CentOS 8

The 10 Best Linux Books To Read in 2019

Viewing files and processes as trees on [GNU +] Linux

Linux provides several handy commands for viewing both files and processes in a branching, tree-like format that makes it easy to view how they are related. In this post, we’ll look at the ps, pstree and tree commands along with some options they provide to help focus your view on what you want to see.

How to install htop on Amazon Linux AMI

How to see which groups a user is member of in Debian 10

Install LXD pure-container on Ubuntu 18.04 LTS

How to change the language interface in WPS Office in Zorin OS 15

How to Install Fork CMS with NGINX on CentOS 8

How to Install Django Web Framework on Debian 10

How to Convert Epoch Seconds To the Current Time in linux?

How to Compress and Resize Images from Thunar File Manager in Linux

How To Install Git on CentOS 8

Become the cleaner for government assassins in ‘Nobodies’ and destroy all evidence, out now

Here’s one we missed from the end of last month, it’s called Nobodies and you’re a government agent tasked with cleaning up after their assassins do their thing. Nobodies—no bodies, get it? Ahem…

Steam Play Proton 4.11-7 is out with more gamepad improvements and other misc fixes

Valve and CodeWeavers have unleashed another update to Steam Play with Proton 4.11-7 releasing today.

Seems they’re continuing to try and get gamepads/controllers into a good state, with “Major” improvements to how they handle hotplugging. More games should now see your gamepad when you plug it in after you start it. Additionally, there’s improved support for Windows games built with Unity using the Rewired Unity plugin.

Proton 4.11-7 Released With Controller Improvements, D9VK/DXVK Updates

Valve has released Proton 4.11-7 as the newest version of their Wine downstream that powers Steam Play for running Windows games on Linux.

With Proton 4.11-7 there are controller improvements including better hotplugging support of controllers and improving controller support for games relying upon the Rewired Unity library.

Valve will bring out ‘Remote Play Together’ to give online support to local multiplayer games

The Steam pipes are leaking over at Valve again, as an upcoming feature called Remote Play Together is coming during the week of October 21.

Valve sent word just to game developers, which they never keep quiet on for very long. Multiple game developers (#1, #2 and so on) ended up putting out posts on Twitter to let everyone know about it a bit earlier than Valve seems to have intended.

Strategy adventure game ‘Pathway’ has a huge Adventurers Wanted update, plus a note about Linux

Get ready for another adventure as Pathway just got bigger and better with a huge free update now available.

Mixing together node-based travel (think like FTL and Slay the Spire) with random events and turn-based tactical combat, Pathway is a fun game. However, when you’ve played a lot of hours it can end up perhaps a bit too repetitive. You realise later on the limitations of the game that aren’t quite apparent until you really push through it. Now though? Sounds like it’s a massive improvement to all areas of the game!

The Adventurers Wanted update adds in…deep breath, are you ready? 18 new combat abilities with new ways to interact with both enemies and allies, reworked skill trees, a “sizeable” amount of new events have been added including many new combat arenas to give it more variety, you no longer stock up on consumables like medkits and instead have a new resource called Supplies which is used across multiple items, new combat modes to adjust how combat begins for more variation, an improved armour system that makes armour give direct damage reduction and the list goes on.

The new trailer for Edgar – Bokbok in Boulzac has me wanting more especially after the great demo

Edgar – Bokbok in Boulzac from the French team at La Poule Noir is an upcoming comedy point and click adventure coming to Linux, the new trailer is up and continues my excitement for this one.

It’s a story rich whimsical adventure, with a protagonist who is a bit…eccentric. The kind where you can see a bit of yourself in them and you can’t help but love their weirdness. He loves his chicken, which is amusingly sweet when he calls it “Precious” during dialogue. A dark comic adventure about saving your beloved squash and you stumble upon a “most terrifying secret” during your journey.

Bizarre action-RPG ‘Insignificant’ where you’re three inches tall is out now with Linux support

Insignificant is an action-RPG that tells the story of the little people and when I say that I really do mean tiny little people, you’re only about three inches tall.

Stellaris 2.4 is out with the new Paradox Launcher included

Paradox Interactive and Paradox Development Studio have released the latest update to Stellaris, which includes the new Paradox Launcher to unify the experience.

The launcher isn’t all that’s new though. If you’re running Stellaris from their own store or GOG they have added in cloud saving to both. Paradox also updated all factions titans “with panning light meshes”, updates to the visual effects for “ther drake’s wing attack (muzzle, projectile, hit effect)” and new “/mute ” and “/unmute ” chat commands were added. Defence Platforms also got a boost for Outposts, providing 2 points of Piracy Suppression for their system.

A bunch of UI updates also made it in like the ability to Shift+Click on the ship count in the Fleet Manager, adding ships up to the nearest 10. There’s more tooltips on the Planet Screen, a new notification when one empire guarantees the in

What’s New in Xfce 4.14 Desktop

After 4 years and 5 months of development, Xfce 4.14 was finally released. a release that it is probably included in the software repositories of almost all Linux-based operating systems. The goal for Xfce 4.14, as the developers explain, was to port all of the core components to the latest GTK3 and GDBus open-source technologies, instead of the old GTK2 and D-Bus Glib.

Window manager Xfce 4.14, now support VSync to reduce display flickering. It also now supports HiDPI, NVIDIA proprietary/closed source drivers, XInput2. XFCE 4.14 also introduces a new default theme.

A new default theme is present as well in Xfce 4.14, and the Thunar file manager now features a completely revamped pathbar, BluRay support for the volume manager, support for larger thumbnails, improved keyboard navigation, and support for a “folder.jpg” file to alter the folder’s icon.

XFCE 4.14 Panel got support for RandR’s primary monitor feature, improved window grouping in the tasklist plugin (better UX, visual group indicator etc), a per-panel “icon-size” setting, a new default clock format. Users can also now change the orientation of the icons on the desktop, as well as to preview Fujifilm RAF images in the file manager.

K Desktop Environment/KDE SC/Qt

• Wayland goal – Call for Action

  KDE community has elected to finalize the transition to Wayland and embrace the future of desktop.

  This entails making Plasma running smoothly under Wayland, but also making sure KDE Apps can run without bugs and missing features. It also means that we want to help the wider Wayland community to fill missing features and fix bugs.

  I call App users and developers to try out their favorite app in Wayland and report the issue that may arise. and add wayland as keyword to the bug to keep track on those bugs.

• [Krita] To be Merged in master

  So, finally it seems like, after crossing the deadline by a couple months, Magnetic Lasso is going to get merged, as Boud told me. Lets see how many more weeks it takes, so presumably it is complete feature wise but who knows from where a bug might pop up. This post is mainly for documenting how the Magnetic Lasso works, since I am too good to make an entry in the manual.

• KDE is All About the Apps: October Update

  We are a community of thousands of contributors who make hundreds of Apps using collaborative open source methods. Our apps run on Linux with Plasma, of course, but also fit in well with GNOME, Enlightenment, XFCE, or any other desktop you happen to be using. Many of our apps run on Windows, Android and macOS.

  A new goal for the KDE community is to push how we are All About the Apps. We will be highlighting our best software and promoting it to increase its adoption outside the circle of current KDE fans (who we still love very much!). This is a monthly update of what’s new in our apps. If you’d like to help out with this community goal, take a look at the All About the Apps workboard, and join us in our Matrix chat channel.

• KDE Applications 19.08.2 Open-Source Software Suite Released with Many Bug Fixes

  Coming a month after the first point release, KDE Applications 19.08.2 is here to address more than 20 bug fixes across a wide range of applications and core components, including Dolphin, Gwenview, Kate, Kdenlive, Kontact, Konsole, Lokalize, Spectacle, and many others, in an attempt to make the KDE Applications 19.08 open-source software suite more stable and reliable.

  Highlights of this release include improvements to High-DPI (HiDPI) support in the Konsole terminal emulator and other apps, the ability to update the search parameters when switching between different searches in the Dolphin file manager, and support for the KMail email client to save messages directly to remote folders.

• Applications 19.08.2

GNOME Desktop/GTK

• Philip Chimento: Free software at 40°C

  It’s that time of year again, time for a belated reflection on the GUADEC conference!

  In August I traveled to Thessaloniki, Greece, to attend first the annual GNOME Foundation board handover day, then the advisory board meeting, then the GUADEC conference and associated unconference days.

  The board discussion focused quite a lot on the strategic goals for the GNOME Foundation which you can hear more about in executive director Neil McGovern’s talk. Nuritzi has also blogged about the process of putting together these strategic goals.

New Releases

• NixOS 19.09 released

  NixOS 19.09 “Loris” has been released, the twelfth stable release branch. See the release notes for details. You can get NixOS 19.09 ISOs and VirtualBox appliances from the download page. For information on how to upgrade from older release branches to 19.09, check out the manual section on upgrading.

• NixOS 19.09 Released With Xfce 4.14 Packages, GNOME 3 Updates

  NixOS 19.09 ships with installer improvements so it can run with less privileges, updating to Xfce 4.14 packages for those using that desktop, better handling of different GNOME 3 services and modules, better printer handling, their VLC package now supports Google Chromecast, systemd updates, and an array of other enhancements.

SUSE/OpenSUSE

• SUSE Dumps OpenStack

  Open source vendor SUSE is getting out of the OpenStack business, the company says.

  The decision is part of a shift in company strategy from infrastructure enablement to enabling application delivery, the company said in a blog post announcing the decision Wednesday.

  The blog post quotes IDC analyst Al Gillen, who says “applications and experiences, rather than … infrastructure deployments,” are key to differentiation. SUSE’s decision “moves the company’s value-add higher up the technology stack, to a level where customers want and need tools that empower them to achieve differentiation,” Gillen says.

• Suse’s OpenStack Cloud dissipates

  Suse, the newly independent open-source company behind the eponymous Linux distribution and an increasingly large set of managed enterprise services, today announced a bit of a new strategy as it looks to stay on top of the changing trends in the enterprise developer space. Over the course of the last few years, Suse put a strong emphasis on the OpenStack platform, an open-source project that essentially allows big enterprises to build something in their own data centers akin to the core services of a public cloud like AWS or Azure. With this new strategy, Suse is transitioning away from OpenStack . It’s ceasing both production of new versions of its OpenStack Cloud and sales of its existing OpenStack product.

  “As Suse embarks on the next stage of our growth and evolution as the world’s largest independent open source company, we will grow the business by aligning our strategy to meet the current and future needs of our enterprise customers as they move to increasingly dynamic hybrid and multi-cloud application landscapes and DevOps processes,” the company said in a statement. “We are ideally positioned to execute on this strategy and help our customers embrace the full spectrum of computing environments, from edge to core to cloud.”

• SUSE OpenStack Is No More — But Don’t Panic

  OpenStack as a technology isn’t going away; it’s just become the “boring” infrastructure on which the cool new things like Kubernetes are deployed.

• KDE and openSUSE: Plasma 5.17, Qt 5.14 and more

  The Beta version of Plasma 5.17 was released with many new features and improvements such as per-screen fractional scaling on Wayland, a new User Interface (UI) for configuring permissions of Thunderbolt devices and network statistics in KSysGuard. The latter requires some more privileges than usual for a user application, so is currently being looked at by the SUSE security team.

  openQA found a few bugs already, like GIMP looking more “colorful” than usual and some applications mixing Kirigami and Qt Widgets breaking some keyboard shortcuts. Both of those were addressed meanwhile and will be fixed in the final release of 5.17.

  If you haven’t tested the Plasma 5.17 Beta yet, there’s still some time left! If you come across a problem in the software, please head over to the KDE bug tracker; if instead you find an issue that is openSUSE specific, go over to the openSUSE bugzilla.

• Highlights of YaST Development Sprint 86

  Now that you had a chance to look at our post about Advanced Encryption Options (especially if you are an s390 user), it is time to check what happened during the last YaST development sprint, which finished last Monday.

• OpenSUSE Expanding Encryption Options For Its Installer

  While Ubuntu developers are busy adding experimental ZFS support to their installer, the SUSE developers working on their YaST installer are working on offering better security options for their platform by beefing up the encryption capabilities at install-time.

  YaST has like most Linux distributions out there offered basic encryption options at install-time if wanting to deploy the Linux distribution to an encrypted LVM. With openSUSE Leap 15.2 (and SUSE Linux Enterprise 15 SP2) as well as openSUSE Tumbleweed, they are adding more advanced encryption options to complement the functionality provided already for years.

Slackware Family

• LibreOffice 6.3.2 for Slackware-current – and how to deal with “Shared library .so-version bump”

  Let me first elaborate a bit on the strategies that are available to a Slackware user on how to deal with incompatible library updates in -current.

  One of the reasons people are wary of installing and running Slackware-current is the fact that at any given moment, distro updates can break 3rd-party packages (i.e. packages you have installed that are not part of the Slackware distribution itself). Slackware-current is in constant flux, it is our development environment, and software versions can make sudden jumps with unexpected consequences.

  Big tip: before running any update on a slackware-current system, first check the ChangeLog.txt and scan the updates since your previous upgrade for the text “Shared library .so-version bump.” which is another way of saying “incompatible ABI change”.
  If this text accompanies a package update you can be pretty certain that some 3rd-party packages that depend on it will stop working. And if that particular package is boost, icu4c or poppler, expect massive breakage. The safest approach in a case like this, is: wait with upgrading your Slackware-current; check for packages that have a dependency on the package with the ABI breakage: and track the 3rd-party repositories for updates that address the ABI breakage.

  There is another strategy- one which allows you to upgrade to the latest -current while avoiding broken packages. That is to keep the older libraries on your system – the libraries your 3rd-party packages are depending on. You can simply extract these older libraries from the previous version(s) of the upgraded Slackware package. Darren Austen and I worked together to create a package repository containing historical Slackware-current packages (32bit, 64bit official packages and my own multilib archive). See https://slackware.uk/cumulative/ if you are in need of older package versions.

Debian/Ubuntu Family

• Ubuntu Touch OTA-11 Now Available for Testing with Improved, Smarter Keyboard

  Originally planned as a small update that was supposed to contain only some bug fixes and improvements, the Ubuntu Touch OTA-11 release appears to bring quite some enhancements for Ubuntu Phones, such as a much-improved and smarter keyboard that introduces a Dvorak keyboard layout option, improvements to the Japanese and Polish layouts, as well as a new way to edit text.

  “Using this feature, you can move around your typed text, undo and redo actions, move around a text selection rectangle, and use the cut/copy/paste commands, all from the same overlay. To get started, press and hold the space bar,” explained UBports. “We are still unsure about the discoverability of this feature, so stay tuned for changes that will make it even easier to find and use.”

• Chromium in Ubuntu – deb to snap transition

  Chromium is a very popular web browser, the fully open source counterpart to Google Chrome. On Ubuntu, Chromium is not the default browser, and the package resides in the ‘universe’ section of the archive. Universe contains community-maintained software packages. Despite that, the Ubuntu Desktop Team is committed to packaging and maintaining Chromium because a significant number of users rely on it.

  Maintaining a single release of Chromium is a significant time investment for the Ubuntu Desktop Team working with the Ubuntu Security team to deliver updates to each stable release. As the teams support numerous stable releases of Ubuntu, the amount of work is compounded.

  Comparing this workload to other Linux distributions which have a single supported rolling release misses the nuance of supporting multiple Long Term Support (LTS) and non-LTS releases.

  Google releases a new major version of Chromium every six weeks, with typically several minor versions to address security vulnerabilities in between. Every new stable version has to be built for each supported Ubuntu release − 16.04, 18.04, 19.04 and the upcoming 19.10 − and for all supported architectures (amd64, i386, armhf, arm64).

  Additionally, ensuring Chromium even builds (let alone runs) on older releases such as 16.04 can be challenging, as the upstream project often uses new compiler features that are not available on older releases.

  In contrast, a snap needs to be built only once per architecture, and will run on all systems that support snapd. This covers all supported Ubuntu releases including 14.04 with Extended Security Maintenance (ESM), as well as other distributions like Debian, Fedora, Mint, and Manjaro.

• [Older] Packaging Domoticz for Debian, Ubuntu, Raspbian and Fedora

  Federico Ceratto and I have been working on the packaging of Domoticz, one of the leading free and open source home automation / smart home solutions.

  I’ve taken that a step further, packaging the plugin for the Zigate USB stick and two of the utilities for updating firmware on the Zigate, the JennicModuleProgrammer and the zigate-flasher.

  These are initially Debian packages, also available for Raspbian, but I also try to share any lessons from this effort with the upstream developers and also provide a foundation for Ubuntu and Fedora packaging.

Attaching a CPU fan to a RPi running Ubuntu Core

When I purchased my Raspberry Pi4 I kind of expected it to operate under similar conditions as all the former Pi’s I owned …

So I created an Ubuntu Core image for it (you can find info about this at Support for Raspberry Pi 4 on the snapcraft forum)

Runnig lxd on this image off a USB3.1 SSD to build snap packages (it is faster than the Ubuntu Launchpad builders that are used for build.snapcraft.io, so a pretty good device for local development), I quickly noticed the device throttles a lot once it gets a little warmer, so I decided I need a fan.

A reference architecture for secure IoT device Management

One of the key benefits of IoT is the ability to monitor and control connected devices remotely. This allows operators to interact with connected devices in a feedback loop, resulting in accelerated decisions. These interactions are mediated by a device management interface, which presents data in a user-friendly UI. The interface also serves as a client to remotely control devices in the field. Device management is, therefore, a key component of IoT solution stacks, with a significant impact on the ROI of such deployments.

However, there is no one size fits all when it comes to device management solutions. IoT solutions are deployed in various contexts. The purpose, the devices, and the users involved vary from one deployment to another, even within the same industry. It is, therefore, challenging to find a ready-made device management solution perfectly suitable to any given deployment.

Security is the critical requirement that these deployments invariably share, for it must be implemented in line with the best practices. Secure authentication and communication encryption are indispensable for the management of mission-critical device fleets.

RK3328-based industrial SBC eases Raspbian porting

Novasom’s new M7+ version of its Pi-like, RK3328 based SBC-M7 board adds RS485, power over USB, an FPC connector for HDMI, and a library that lets Pi users recompile Raspbian apps for use with its industrial RASPMOOD stack.

In February, Novasom Industries launched its Linux-powered, Rockchip RK3328 based SBC-M7 single board computer, which Novasom now calls the Novasom M7, along with an SBC-M8 board based on a Snapdragon 410E. Now, Novasom has followed customer feedback to upgrade the somewhat Raspberry Pi-like Novasom M7 with a Novasom M7+ (or M7Plus) model that provides a variety of hardware and software improvements.

Mobile Systems/Mobile Applications

• Chromebook 101: how to use Android apps on your Chromebook

• Nokia starts the Android 10 roll-out, with the Nokia 8.1 at the top of the list

• Google Wins Backing From Two Android Phone Makers in Court Fight

• How to Stream Your PS4 to Any Android Phone

• Google touts Android TV’s features alongside new survey results [Infographic]

• Chrome Beta for desktop lets you send phone numbers to your Android handset

• 6 in 10 Android users using less than 1GB of monthly data – Ofcom

• Chrome Now Let’s You Send Phone Numbers From Your Desktop to Your Android Phone

• PS4 Android Remote Play: How to set up PS4 Remote Play for Android Devices?

• Volvo XC40 will be one of the first cars to run Android Automotive

• Android 10 Review: Small updates across the board

• [Update: New Join beta APK] Latest Tasker and Join betas include workaround to bring back clipboard syncing from Android 10 devices

• Your next Android phone will come with an app to monitor your irresponsible usage

• How to update Google Maps on your iPhone or Android phone, to get the latest features and security updates

• PS4 Update 7.00 Live, Adds Remote Play For Android Users

• Hulu pulls Android TV app from some DVR and cable boxes

• Volvo’s first EV will run native Android

• Maximizing Your Distribution Center Operations with Voice-Directed Workflows and Android OS

• Google Maps dark mode teased on the Android Instagram page

• Google Chrome on desktop lets you send phone numbers to your Android phone

• Google rolls out October security update for Android 10 devices

• Samsung’s Android 10 beta for Galaxy S10 phones starts soon

• Android 10 will make it harder to use third-party gesture navigation

• Google will require all devices to run Android 10 after Jan 31, 2020

• Android cofounder Andy Rubin should stop making smartphones

• Android users blocked again as popular Kodi rival removed from Google Store

• Google mandates Digital Wellbeing for all Android devices going forward

• Google forces Android phone makers to offer digital wellbeing tools

• Google hides OEM navigation systems on Android, can’t include in setup

• Google wants Android phone makers to use the same USB-C standard for fast charging

• Google Android: Latest Update Targets Pixel Smartphone Users, Brings Important Bug Fixes

• Andy Rubin, the creator of Android who left Google after a sexual misconduct allegation, is tweeting again to

• Android founder Andy Rubin gives a first look at a new smartphone that looks like a TV remote

• Icon-hiding Android adware returns to the Play Market

• Volvo’s first EV will run native Android

• How to set up PS4 Remote Play on Android and iOS

• Samsung announces its Android 10 beta is coming to these Galaxy devices soon

• Google will require new Android devices to run Android 10 if approved after January 31, 2020

• Google will require all devices launched after January 31, 2020 to run Android 10

• Google will require all devices to run Android 10 after Jan 31

• How Google is taking control of Gesture Navigation in Android 10

• These are the new default Google apps for Android 10 and Android Go

• Google gives its Android office apps a fresher, more consistent look

• Google now requires Android phone makers to use Digital Wellbeing and USB-C PD charging

• Google plans certification program for Android gaming phones

• Google tweaks editor UIs for Docs, Sheets, and Slides on Android

• Google is forcing Android phone makers to add even more apps no one wants

• Android update is fixing these irritating Google Pixel issues – you must upgrade now

• OnePlus 7T Pro is for sale early on Romanian site

• Android Auto reaches 50 million installs on the Play Store

• Sharp S7 Android One phone with 1-week battery life announced in Japan

• Researcher Discovers Unpatched Zero-Day Flaw affecting Latest Android Phones

• Chrome Beta on desktop lets you send phone numbers to your phone

• Magicsee N5 Nova thin client Android PC review

• OnePlus 7T Review: Fast, Premium And A Fantastic Android Value

• Zero-day exploits found in Android VoIP

• Samsung Galaxy S10 will receive the Android 10 update imminently

• Smartphone apps for food delivery, ordering ahead, and grocery pickup

• 19 new and notable Android apps and live wallpapers from the last two weeks including Vivaldi Browser Snapshot, Threads from Instagram, and Duet Display (9/21/19 – 10/05/19)

• Chromebook 101: how to use Android apps on your Chromebook

• EMUI 10 (Android 10) arrives three Huawei smartphones

• Nokia smartphone roll out of Android 10 begins

• Samsung begins testing Android 10 on Galaxy Note9

• Google rolls out October security update for Android 10, fixes zero day vulnerability

• [Update: T-Mobile, AT&T] Android 9 Pie lands on Verizon LG V30

• Samsung Galaxy M30s review: Swing and miss

• Motorola One Macro review: Budget phones are getting better and better

• Hulu for Android is getting offline downloads

• Hulu is strangely pulling support for some Android TV set-top boxes

• Android banking botnet affects over 800,000 Russians and potentially in control of several million Euros

• Urgent Google Android Update Warning Issued To 100 Million Users

• Volvo teams up with Google to develop next-gen infotainment using Android Automotive

• Electric XC40 will be first Volvo with Android-powered infotainment

• Top Android Phones on AnTuTu in September 2019, Vivo Nex 3 holds Pole Position

• How to Get Google Camera 7.0 (GCam) on Any Android Device [Astrophotography Mode]

• Sneaky Android adware hides its own icon to avoid deletion – here’s how to remove it

• Zero-day exploits found in Android VoIP

• Sharp S7 announced in Japan w/ Android One and bogus one-week battery life claim

• Huawei confirms some P30 Pro units are failing SafetyNet (Updated)

TeXstudio – A cushty yet nerdy LaTeX frontend

TeXstudio is a complex, powerful program, and it definitely appeals to my sense of nerdonics. It’s rich in features, and it can take a while before you figure everything out – prior knowledge with similar software definitely helps. But then, I think LyX is friendlier and simpler, especially for beginners. With TeXstudio, there were a few errors throughout my test, which ought to be handled a bit more gracefully. Beamer sounds like a great thing, but then, frankly, most people will make do with Powerpoint, for better or worse.

I definitely intend to spend more time learning TeXstudio, as it may come handy in technical work now and then. Plus, there’s the simple joy of mastering difficult tools, which then magically turn repetitive burdens into simple tasks. It’s all about the optimization of energy. I believe I’m already there with conventional tools as well as LyX, so this ought to be an interesting experiment. For document lovers among you, this software definitely warrants some extended testing. We’re done.

Beware open source vendor lock-in

With open source having become not only mainstream but also so ubiquitous it is all but invisible, there is a real danger that open source users could find themselves in a whole new world of “open source” vendor lock-in.

That was the warning sounded by Obsidian’s Karl Fisher at the start of LinuxConf [ZA] 2019, a Linux and open source conference which marked the start of Open Source Week in South Africa this week.

Fisher took the delegates, mainly open source aficionados and developers, though a potted evolutionary history of open source – from the days when it was disparaged by Microsoft founder Bill Gates, and later his successor as CEO Steve Ballmer who infamously dubbed Linux a ‘cancer’; to Microsoft’s recent, multi-billion dollar acquisition of GitHub, the world’s largest open source code hosting platform.

BleachBit 2.3 Beta

When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn’t know was there.

Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

Collapse OS is a Special Operating System for the Post-Apocalyptic Future

As reported by Motherboard, there’s a new open-source operating system that is currently under heavy development, and it looks like it will soon be ready for a very dire scenario. Its creator, Virgil Dupras, is a person who believes there’s a good chance that by 2030, the world will have collapsed. The software developer isn’t absolutely certain about this, but he believes that the chances of the scenario are high enough to justify the development of a post-apocalyptic operating system, called “Collapse OS”.

So, what would the ideal scavenger’s operating system be like? The simple answer to this would be “one that can run on virtually anything”. If there is one system out there that can run on almost any hardware, this is the Debian GNU/Linux distribution. Collapse OS is taking things a lot further, being able to run on microcontrollers such as the ubiquitous Z80 microprocessor. Dupras considered what piece of hardware would be the easiest to find in a post-apocalyptic world, and Z80 came as the definitive answer. This 8-bit microprocessor is in cash registers, computers, music instruments, calculators, and virtually anything electronic.

Linux Foundation

• EdgeX Foundry Organizes Its First Hackathon

  The project organized its first hackathon in Chicago to see how the retail industry leverages EdgeX Foundry to solve some of its pressing problems.

• The Zephyr Project Welcomes Eclipse IoT and Oticon As Members to Create a Safe and Secure RTOS

  The Zephyr™ Project, an open source project at the Linux Foundation that aims to build a secure and flexible real-time operating system (RTOS) for the Internet of Things (IoT) announces its growing ecosystem with the addition of Eclipse IoT and the move up for long-time member Oticon to Platinum member. Additionally, the project announces the release of Zephyr 2.0.0 and that several popular developer boards are now shipping with Zephyr including Nordic Semiconductor’s Nordic Thingy91 and Adafruit’s Actinius Icarus.

  In today’s technology landscape, fragmentation is the biggest challenge. Developers have a wide range of choices for platforms, boards and components and many of those don’t and can’t connect with each other. Zephyr offers a small memory footprint and a secure and flexible RTOS that extends functionality of IoT devices. It is a customizable, embedded open source platform that can be built for multiple hardware architectures with safety and security.

• Zephyr RTOS 2.0 Release Highlights
  

  Last month, the Zephyr Project announced the release of Zephyr RTOS 2.0 and we are excited to share the details with you! Zephyr 2.0 is the first release of Zephyr RTOS after the 1.14 release with Long-Term support in April 2019. It is also a huge step up from the 1.14 release, bringing a wide list of new features, significant enhancements in existing features, as well as a large list of new HW platforms and development boards.

SaaS/Back End/Databases

• PostgreSQL considers seccomp() filters

  A discussion on the pgsql-hackers mailing list at the end of August is another reminder that the suitability of seccomp() filters is likely more narrow than was hoped. Applying filters to the PostgreSQL database is difficult for a number of reasons and the benefit for the project and its users is not entirely clear. The discussion highlights the tradeoffs inherent in adding system-call filtering to a complex software suite; it may help crystallize the thinking of other projects that are also looking at supporting seccomp() filters.

  Joe Conway raised the idea in an RFC patch posting. It added a way to filter system calls in the main postmaster process and, with a separate system-call list, in the per-session backends. It also showed how to generate the list of system calls that are being used by PostgreSQL under various workloads, such as the test targets in the Makefile or by running a specific application. Information on the system calls made is logged by the audit subsystem; those logs are then processed to produce the list. Once there is confidence that the list is complete—which may be a sticking point—the remaining system calls could be blocked so that executing them would cause an error.

  But Peter Eisentraut was concerned that the list is going to be incomplete due to the “fantastic test coverage” needed to generate it and that it will require constant maintenance to keep up with GNU C Library (glibc) and other changes. Beyond that, PostgreSQL extensions will need their own lists of allowed system calls. Conway seems to see the support as something that those interested will maintain for themselves, rather than having a list that the project will distribute. “Perhaps most people never use this, but when needed (and increasingly will be required) it is available.”

Productivity Software/LibreOffice/Calligra

• Starting The Document Collective

  The Document Foundation (TDF) is the home of the LibreOffice free-software office suite; it provides financial, governance, and other administrative services to LibreOffice. The foundation was established in part to ensure that commercial entities did not have undue influence on the project, which limited the types of activities in which it can engage. In particular, selling branded versions of LibreOffice in the macOS and Windows app stores has not been something that TDF could tackle. The TDF board of directors is looking to change that with the creation of a new entity, The Document Collective (TDC), to engage in commercial activity that is complementary to that of TDF members—hopefully as an income source to help support TDF.

  The TDC proposal [PDF] was adopted by the TDF board on September 9 and unveiled at the LibreOffice conference (slides [PDF]) and in a post to the board-discuss mailing list on September 11. The board has decided to start the creation of TDC by appointing a transitional leadership group. The TDC leadership has been directed to set up an unincorporated association as part of Public Software CIC, which is a European umbrella organization (a “community interest company” or CIC) that provides administrative services to free and open-source software projects. That is meant to be a temporary measure until a full legal entity can be set up. TDC will also have €50,000 in funds available to draw on from TDF; the money is a loan that is meant to be repaid with interest from the proceeds of selling LibreOffice in the app stores. There may be other moneymaking activities that TDC ends up undertaking as well.

  TDC is tasked with getting LibreOffice into the app stores for macOS and Windows. To that end, Public Software CIC will be granted a trademark license for the LibreOffice mark that can be used for app store packages. Initially there will be no separate TDC entity, but that will eventually be set up in some European jurisdiction and all of the TDC work that has been done will be transferred to the new entity. Effectively, the agreement with Public Software CIC will just allow TDC to start working immediately while it initializes its governance and legal entity in parallel.

  There were a few comments on the announcement. Uwe Altmann wondered about the business plan for TDC; given that there is already some experience from two companies selling LibreOffice in the app stores, it would seem reasonable to put together an initial budget, for example. In addition, starting out by setting up an association with Public Software CIC with a fairly large budget seemed unnecessary; there are other organizational structures that could be set up more easily and cheaply, he said.

FSF/FSFE/GNU/SFLC

• What does the FSF censor during the Richard Stallman lynching?

  Why do the FSF staff censor an email like this supporting the founder of their organization and the founder of the Free Software movement?

  Has the FSF become another Fake Community?

  Since raising the issue of censorship in FSF, I received a number of emails from people who feel their own communications have been censored.

  [...]

  Just as MIT Media Lab staff systematically hid donations from convicted sex trafficker Jeffrey Epstein, Free Software organizations are systematically hiding donations from Google. Censorship is one of the tools they use to achieve this deception.

• Justice for Dr. Richard Matthew Stallman

  Dr. Richard Matthew Stallman (born 16 March 1953), often known by his initials rms, and occasionally upper-case RMS, is an American free (libre) software movement activist, hacker and programmer. He campaigns for software to be distributed in a manner such that its users receive the freedoms to use, study, distribute, and modify that software. Software that ensures these four freedoms is termed free software. Stallman launched the GNU Project, founded the Free Software Foundation, developed the GNU Compiler Collection and GNU Emacs, and wrote the GNU General Public License.

  Richard Stallman is currently the object of an Internet defamatory campaign which forced him to resign from his position at MIT and even from the FSF which he founded himself. He has actual flaws, but the campaign is largely motivated by mischaracterizations, disproportionality and intolerance.

• RMS: No Radical Changes In GNU Project

  With Stallman sticking around as head of the GNU and with that the Free Software Foundation re-evaluating their GNU relationship, Richard Stallman is already saying there will be no major changes to the project he founded.

  RMS yesterday sent out a new message on the matter (though it only cleared the mailing list moderation queue a few minutes ago) on info-gnu. His newest message is simply:

  As Chief GNUisance, I’d like to reassure the community that there won’t be any radical changes in the GNU Project’s goals, principles and policies.

  I would like to make incremental changes in how some decisions are made, because I won’t be here forever and we need to ready others to make GNU Project decisions when I can no longer do so. But these won’t lead to unbounded or radical changes.

• Stallman: No radical changes in GNU Project

  As Chief GNUisance, I'd like to reassure the community
  that there won't be any radical changes in the GNU Project's
  goals, principles and policies.
  
  I would like to make incremental changes in how some decisions are
  made, because I won't be here forever and we need to ready others to
  make GNU Project decisions when I can no longer do so.  But these
  won't lead to unbounded or radical changes.
  
  -- 
  Dr Richard Stallman
  Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
  Internet Hall-of-Famer (https://internethalloffame.org)

• Octave.app Statement on Richard Stallman

  Octave.app is not itself a GNU effort, but depends heavily on and is involved with the work of the GNU Project, especially GNU Octave itself. As such, we feel the need to speak out about the issue of GNU founder Richard Stallman’s behavior.

  Octave.app’s maintainers believe that the Free and Open Source community should be welcoming to a wide population of users and contributors. We also believe that the ideals of Free and Open Source software can best be supported through inclusion, equality, and respect for diversity. Our community’s leadership needs to support those goals, in both words and actions.

  The Octave.app maintainers are deeply troubled by Stallman’s recent statements trivializing sexual assault, and by his history of other exclusionary or offensive statements and behavior. We join the Software Freedom Conservancy in calling for Stallman to step down from positions of leadership in the Free Software movement. We are glad that he has resigned from the Free Software Foundation, and call for the GNU community to reassess his role as head of the GNU Project, and to find a governance arrangement that better supports the need for an inclusive, welcoming community.

• How Richard Stallman repealed Dodd-Frank Act

  In a democracy people should have the right to free speech. Stallman only used that. But his idea was wrong. He accepted that and corrected it. By asking his resignation FSF made lot of confusion. They should have to apologize to Stallman and the public for making this unnecessary issues. Lets bring back Stallman to FSF and Gnu.

  Free speech should be projected. (hate speech and lies are not free speech. its violence)

• Correction: Regarding an Erroneous Allegation in ‘Richard Stallman’s Disgrace’

  As soon as I read this, I was nearly certain my email correspondent had made exactly this mistake, conflating Stallman with Raymond, and that I had passed the error along. I sincerely and deeply regret the error. I should have known Stallman would never have worked with VA Linux (he’d have insisted upon it being named “VA GNU/Linux”, and likely would have had no interest in what was a very commercial enterprise no matter what its name) and also should have remembered that Stallman was never married.

  [...]

  To be clear, my source is a man, and it was he who conflated Raymond (“ESR”) with Stallman (“RMS”). His former colleague at VA Linux, the woman who was propositioned by Raymond, surely remembers it clearly.

  I have updated the original article to remove the anecdote quoted above, and to point to this correction. My source for the anecdote made an honest error — as Shaw suggests conflating two well-known “TLA Old Nerds”. It was my fault and mine alone for publishing it. Again, I regret the mistake, and apologize for it.

• LibrePlanet 2020 IRC CFS Office Hours

  The LibrePlanet call for sessions is open now and will be open until November 20 and we want to hear from you!

  Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS Office Hours.

• Meet the FSF staff in Raleigh, NC on October 15

  Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager Zoë Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year’s licensing seminar on GPL Enforcement and Legal Ethics.

  We look forward to hosting this informal meetup to show our appreciation for your support of the FSF’s work. We’ll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

Openness/Sharing/Collaboration

• Open Hardware/Modding

  • mjbots quad A0: October 2019 Roadmap

    My last video gave an overview of what I’ve accomplished over the past year. Now, let me talk about what I’m planning to work on going forward:

    I intend to divide my efforts into two parallel tracks. The first is to demonstrate increased capabilities and continue learning with the existing quad A0, and second is to design and manufacture the next revision of all its major components.

Programming/Development

• Financial Aid Launches for PyCon US 2020!

  The financial aid program aims to bring many folks to PyCon by limiting the maximum grant amount per person; in that way, we can offer support to more people based on individual need. The financial aid program reimburses direct travel costs including transportation, hotel, and childcare, as well as offering discounted or waived registration tickets. For complete details, see our FAQ, and contact pycon-aid@python.org with further questions.

• 7 Reasons to Get Professional Programming Assignment Help

  Programming is one of the most popular disciplines in schools and universities, and many students learn programming languages at this point. If you are one of them, you know how complicated it can be to study programming, especially if you get a lot of other assignments from other classes.

• Adding stateless support to vicodec

  Prior to joining Collabora, I took part in Round 17 of the Outreachy internships, which ran from December 2018 to March 2019. Outreachy is a paid, remote internship program. Its goal is to support people from groups underrepresented in tech, and help newcomers to free software and open source make their first contributions. Open to applicants around the world, Outreachy internships run twice a year.

  Once your application is approved, you must pick an open source project to make a contribution to, in hopes of being selected as an intern, and teamed with experienced mentors. You can read more about the program here.

  In my case, I was selected as an intern to work on the media subsystem of the Linux kernel, and my mentors were Helen Koike, (who is now my colleague at Collabora!) and Hans Verkuil (who works for Cisco and has been working on the media subsystem for around 15 years).

• Eclipse Foundation Looks to Create Cloud-Based IDE Standards

  The Eclipse Foundation today announced the formation of a working group to create standards for cloud-based integrated development environments (IDEs) led by Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG and Typefox.

• This Week in Rust 307

• Nicholas Nethercote: Visualizing Rust compilation

  Speeding up the Rust compiler isn’t the only way to make a Rust project build faster. Changing the crate structure of a project can also make a big difference. The good news here is that Eric Huss has implemented an amazing tool for visualizing Rust compilation, which can be used to identify inefficient crate structures in Rust projects.

• RcppArmadillo 0.9.800.1.0

  Another month, another Armadillo upstream release! Hence a new RcppArmadillo release arrived on CRAN earlier today, and was just shipped to Debian as well. It brings a faster solve() method and other goodies. We also switched to the (awesome) tinytest unit test frameowrk, and Min Kim made the configure.ac script more portable for the benefit of NetBSD and other non-bash users; see below for more details. One again we ran two full sets of reverse-depends checks, no issues were found, and the packages was auto-admitted similarly at CRAN after less than two hours despite there being 665 reverse depends. Impressive stuff, so a big Thank You! as always to the CRAN team.

• Anaconda Enters a New Chapter

  Today I am excited to announce that I am stepping into the role of CEO at Anaconda. Although I am a founder of the company and have previously served as president, this marks the first time I am serving in the role of chief executive.

  The entire world is undergoing a revolution in computation and data analytics — a revolution that we helped start almost 10 years ago, at the dawn of modern data science.

  [...]

  I am very appreciative of our previous CEO Scott Collison. Under his leadership, we grew from an open-source consultancy into a true product company, put a world-class leadership team in place, and launched our enterprise machine learning platform. He made a lasting impact on our company’s evolution.

• Emacs: The Best Python Editor?

  Finding the right code editor for Python development can be tricky. Many developers explore numerous editors as they grow and learn. To choose the right code editor, you have to start by knowing which features are important to you. Then, you can try to find editors that have those features. One of the most feature-rich editors available is Emacs.

  Emacs started in the mid-1970s as a set of macro extensions for a different code editor. It was adopted into the GNU project by Richard Stallman in the early 1980s, and GNU Emacs has been continuously maintained and developed ever since. To this day, GNU Emacs and the XEmacs variant are available on every major platform, and GNU Emacs continues to be a combatant in the Editor Wars.

• DevSecOps pipelines and tools: What you need to know

  DevOps is well-understood in the IT world by now, but it’s not flawless. Imagine you have implemented all of the DevOps engineering practices in modern application delivery for a project. You’ve reached the end of the development pipeline—but a penetration testing team (internal or external) has detected a security flaw and come up with a report. Now you have to re-initiate all of your processes and ask developers to fix the flaw.

  This is not terribly tedious in a DevOps-based software development lifecycle (SDLC) system—but it does consume time and affects the delivery schedule. If security were integrated from the start of the SDLC, you might have tracked down the glitch and eliminated it on the go. But pushing security to the end of the development pipeline, as in the above scenario, leads to a longer development lifecycle.

  This is the reason for introducing DevSecOps, which consolidates the overall software delivery cycle in an automated way.

  In modern DevOps methodologies, where containers are widely used by organizations to host applications, we see greater use of Kubernetes and Istio. However, these tools have their own vulnerabilities. For example, the Cloud Native Computing Foundation (CNCF) recently completed a Kubernetes security audit that identified several issues. All tools used in the DevOps pipeline need to undergo security checks while running in the pipeline, and DevSecOps pushes admins to monitor the tools’ repositories for upgrades and patches.

• Interview with a Pornhub Web Developer

  Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser’s video limits to pushing ads through WebSocket so ad blockers don’t detect them, you have to be clever to innovate at the bleeding edge of the web.

  I was recently lucky enough to interview a Web Developer at the web’s largest adult website: Pornhub. I wanted to learn about the tech, how web APIs can improve, and what it’s like working on adult websites. Enjoy!

• Indie game makers open up about the money they actually make

  The following 12 testimonies detail appropriately varied situations — the hopes and fears of these indie game makers — and how, ultimately, they’re able to continue sustaining themselves.

• PHP version 7.2.24RC1 and 7.3.11RC1

  Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

  RPM of PHP version 7.3.11RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

  RPM of PHP version 7.2.24RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

• Qt for Android better than ever before

  As you already know KDAB is the largest independent contributor to Qt code. Of course we didn’t get lazy and we’ve added a lot of cool stuff to Qt 5.14.

  In this article I’m going to write about the super cool stuff that we’ve added to Qt 5.14 for Android.

  Folks, this is the biggest feature added to Qt on Android since I made the Qt on Android port! I dreamt on this change for a very loong time! I found that is possible to add such support to qmake by mistake. I had to do some work on Windows (which is not my platform of choice) and there I found that debug and release builds are different on Windows, the makefiles generated by qmake will build twice your source files.

  This was exactly what I needed to add multi abi for Android! A few days later I had a WIP patch and, with the help of The Qt Company people, we landed the change in Qt 5.14 alpha!

Science

• 3 Win Nobel Prize in Physics for Work to Understand Cosmos

  A Canadian American cosmologist and two Swiss scientists won this year’s Nobel Prize in Physics on Tuesday for exploring the evolution of the universe and discovering a new kind of planet, with implications for that nagging question: Does life exist only on Earth?

• Hypoxia Researchers Awarded 2019 Nobel Prize in Medicine

  In recent years, it was common knowledge in the medical field that the body produces a hormone called erythropoietin (EPO) in the kidney as a response to the lack of oxygen in hypoxia.

  Gregg Semenza was studying how EPO generation was connected to specific DNA segments while Sir Peter Ratcliffe was researching into how oxygen regulates EPO generation. Both scientists were able to find that these physiological responses were found in all tissues, instead of just kidney cells as originally thought.

Health/Nutrition

• Exposure to air pollution is linked to an increase in violent crime

  They find that a 10% increase in same-day exposure to PM2.5 (particulate matter less than 2.5 microns in diameter) is associated with a 0.14% increase in violent crimes, such as assault. An equivalent increase in exposure to ozone, an air pollutant, is associated with a 0.3% jump in such crimes. Pollution levels can easily rise by much more than that. Last November, owing to wildfires, PM2.5 levels in San Francisco rose seven times higher than average. Correlation is not causation of course (there may, for example, be a third variable affecting both pollution and crime) and the authors are cautious not to speculate about the precise mechanism by which contaminated air might lead to more rapes or robberies.

  This is not the first time researchers have identified a relationship between pollution and crime. [...]

• 8. US Women Face Prison Sentences for Miscarriages

  One example that Randolph provided is in Alabama, where voters recently passed a measure that “endows fetus’ with ‘personhood’ rights for the first time, potentially making any action that impacts a fetus a criminal behavior with potential for prosecution.” Collectively, laws like Alabama’s have resulted in hundreds of American women facing prosecution for the outcome of their pregnancies.

• 9. Developing Countries’ Medical Needs Unfulfilled by Big Pharma

  The Access to Medicine Foundation’s 2018 report monitored the availability of medications produced by 20 of the largest pharmaceutical companies to lower- and middle-income countries. Of the 139 drugs, vaccines, and diagnostic tests identified as urgently needed by the World Health Organization (WHO), 91 have not been developed by any of the pharmaceutical firms tracked by the report. Sixteen of WHO’s prioritized diseases have “no projects at all,” the Guardian reported.

• 12. New 5G Network Spurs Health Concerns

  In an article published in Environmental Research, Cindy Russell wrote that, because this is the first human generation to experience “cradle-to-grave lifespan exposure” to high levels of human-made microwave radiofrequencies, the “true health consequences” of exposure will not be known for years or decades. Her article documented a range of questions regarding the safety of RFR in 2G, 3G, and 4G wireless technologies and it recommended precaution in the rollout of 5G technology.

Security (Confidentiality/Integrity/Availabilitiy)

• Security updates for Wednesday

  Security updates have been issued by Fedora (chromium), openSUSE (rust and sqlite3), SUSE (dnsmasq, firefox, and kubernetes, patchinfo), and Ubuntu (python2.7, python3.5, python3.6, python3.7).

• Father of Unix Ken Thompson checkmated as his old password has finally been cracked

  Back in 2014, developer Leah Neukirchen found an /etc/passwd file among a file dump from the BSD 3 source tree that included the passwords used by various computer science pioneers, including Dennis Ritchie, Ken Thompson, Brian Kernighan, Steve Bourne, and Bill Joy.

  As she explained in a blog post on Wednesday, she decided at the time to try cracking the password hashes, created using DES-based crypt(3), using various cracking tools like John the Ripper and hashcat.

  When the subject surfaced on the Unix Heritage Society mailing list last week, Neukirchen responded with 20 cracked passwords from the file that’s she’d broken five years ago. Five hashed passwords, however, remained elusive, including Thompson’s.

• Ken Thompson’s Unix password

  Somewhere around 2014 I found an /etc/passwd file in some dumps of the BSD 3 source tree, containing passwords of all the old timers such as Dennis Ritchie, Ken Thompson, Brian W. Kernighan, Steve Bourne and Bill Joy.

  Since the DES-based crypt(3) algorithm used for these hashes is well known to be weak (and limited to at most 8 characters), I thought it would be an easy target to just crack these passwords for fun.

  Well known tools for this are john and hashcat.

  Quickly, I had cracked a fair deal of these passwords, many of which were very weak. (Curiously, bwk used /.,/.,, which is easy to type on a QWERTY keyboard.)

  However, kens password eluded my cracking endeavor. Even an exhaustive search over all lower-case letters and digits took several days (back in 2014) and yielded no result. Since the algorithm was developed by Ken Thompson and Robert Morris, I wondered what’s up there. I also realized, that, compared to other password hashing schemes (such as NTLM), crypt(3) turns out to be quite a bit slower to crack (and perhaps was also less optimized).

  Did he really use uppercase letters or even special chars? (A 7-bit exhaustive search would still take over 2 years on a modern GPU.)

  The topic came up again earlier this month on The Unix Heritage Society mailing list, and I shared my results and frustration of not being able to break kens password.

• How my application ran away and called home from Redmond

  I recently found a surprising leak vector in Windows 10 installations. We were porting our Beacon Application to Windows and for easy deployment. The plan was to create just one .exe including everything. However we found out that End Point Protection (EPP) solutions didn’t like that at all and we had to go with the MSI installer option. This is a story what happened during the .exe testing.

  I used my personal malware analysis lab for testing the application. My lab is an isolated network environment which has a whitelist based firewall rules. Whitelist firewall is needed to carefully allow specific updates and downloads. The lab already has Beacon Virtual Machine running and it has found issues in the past. All of them are fixed. So this leak was something new!

  [...]

  I researched a bit more and made educated guesses about why this happened. I managed to narrow it down to Microsoft Defender and the “Automatic sample submission” feature.

  [...]

  Microsoft Windows 10 sends all new unique binaries for further analysis to Microsoft by default. They run the executable in an environment where network connectivity is available. This opens interesting data leak vector for attacker and also includes some privacy concerns. It is quite common that even in isolated environments, many of the Microsoft IP address ranges are whitelisted to make sure systems will stay up to date. This enables adversary to leak data via Microsoft services which is extremely juicy covert channel.

• Enrico Zini: Fixed XSS issue on debtags.debian.org

  Thanks to Moritz Naumann who found the issues and wrote a very useful report, I fixed a number of Cross Site Scripting vulnerabilities on https://debtags.debian.org.

• Intimate Details on Healthcare Workers Exposed as Cloud Security Lags

  The database was set to be publicly accessible, and anyone could edit, download or delete data without administrative credentials, he said. That’s worrying given the sensitive nature of the information he found.

  [...]

  Surveying over 3,000 IT and IT security practitioners in Australia, Brazil, France, Germany, India Japan, the United Kingdom and the United States, the data shows that nearly half (48 percent) of organizations have a multi-cloud strategy, with Amazon Web Services (AWS), Microsoft Azure and IBM being the top three. The study found that, on average, organizations use three different cloud service providers, and more than a quarter (28 percent) are using four or more.

  The research also found somewhat schizophrenic attitudes towards security in the cloud. For instance, nearly half of survey respondents (46 percent) believe that storing consumer data in the cloud makes them more of a security risk; and more than half (56 percent) also noted that it poses a compliance risk. However, only 23 percent say security is a factor in selecting a cloud provider.

• After banning working cryptography and raiding whistleblowers, Australia’s spies ban speakers from national infosec conference

  This year, AISA opted to co-organise its annual conference with the Australian Cyber Security Centre, a creature of the same spy agencies that led the crackdown on whistleblowers in June.

  But the ACSC has a very different set of priorities to AISA, which is why it insisted on the cancellation of multiple invited talks at the show, including Thomas Drake, a celebrated NSA whistleblower who was scheduled to give a talk on “the golden age of surveillance, both government and corporate”; and the University of Melbourne’s Dr Suelette Dreyfus whose cancelled lecture was on “anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem.”

  Both speakers have posted their slides, and Bruce Schneier, who gave a keynote at the conference, opened his talk by reading the URLs aloud.

  But the censorship doesn’t stop there: ACSC also demanded that invited speaker Ted Ringrose (partner at the Ringrose Siganto law firm) remove criticism in his speech on Australia’s ban on working cryptography, going so far as to edit his slides to remove “bias.” (Ringrose refused and was allowed to give his original talk as planned).

• U.S. and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks.

  State-sponsored advanced persistent threat (APT) groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials.

Defence/Aggression

• 18. Humanitarian Groups Promote Solutions to Extreme Violence in West Africa

  Peer pressure, community identity, and the impact of trauma and humiliation from security forces play a huge role in recruitment. A United Nations Development Programme study found that the arrest or killing of family members was “the tipping point” in recruitment decisions for 70 percent of jihadists. The power of faith provides a significant motivation for these groups as well, helping, for example, to frame conflict in ways that create a narrative and meaning for militants.

• Winners and Losers From Trump Throwing Syrian Kurds Under the Bus

  The reasons for which the Washington Establishment is appalled at Trump’s abrupt withdrawal of US special operations troops from northern Syria are not necessarily the right ones. Former special presidential envoy for combating ISIL Brett McGurk wrote, “Trump tonight after one call with a foreign leader provided a gift to Russia, Iran, and ISIS.”

Environment

• What is Extinction Rebellion and what are its demands?

  What is it demanding and from whom?

  Extinction Rebellion has three primary demands of governments, that they:

  Declare a climate and ecological emergency.

  Act immediately to stop the loss of biodiversity and reduce greenhouse gas emissions to net zero by 2025.

  “Create and be led by the decisions of a Citizens’ Assembly on climate and ecological justice.”

• 13. Corporate Food Brands Drive Massive Dead Zone in Gulf of Mexico

  As Reynard Loki wrote for Truthout, a study by Mighty Earth, an environmental action group, found that the largest fast food, grocery, and food service companies in the United States are “helping to drive one of the nation’s worst human-made environmental disasters.” In a survey of 23 major brands—including Target, McDonald’s, Subway, Trader Joe’s, and Whole Foods—Mighty Earth found that none have policies requiring “even minimal environmental protections from meat suppliers.” Mighty Earth’s study, “Flunking the Planet,” gave all but one of the companies a failing grade overall for environmental safeguards after considering the sources of animal feed, the processing of animals’ manure, and overall greenhouse gas emissions. (Walmart earned a D-grade, based on its commitment to reducing supply chain emissions through its Project Gigaton initiative.)

• The Political Realities of Science Work

  In his recent piece “Geo-engineering is a Scam“, Josue De Luna Navarro points out a fact that has always been true of the engineering profession (and also most other highly refined professions) that its students, first seeking education, and then as graduates seeking employment and lengthy careers, are destined to serve monied patrons, the Golden Rule: “those that have the gold make the rules.” Four to five millennia ago those patrons would have been called “Pharaoh,” and later “king,” “caesar,” “emperor” and “queen,” and in more recent centuries “the company” and “the corporation.” Professional expertise, like high art, has a dependency on patronage by the wealthy, without whose largesse professional ambitions would be nearly fruitless (for there are always some successful independent scientists, like Charles Darwin).

• It’s Not Just Greta: Why are the Developing World’s Inspiring Activists Being Ignored?

  Ridhima Pandey was just nine years old in 2017 when she filed a lawsuit against the Indian government for failing to take action against climate change. Pandey’s fierce, astounding passion for the environment is not accidental. Her mother is a forestry guard and her father an environmental activist; and the whole family was displaced by the Uttarakhand floods of 2013, which claimed hundreds of lives.

• 7.5 Million Humans Say No to Climate Crisis and Yes to Life

  As one of the 7.5 million who recently put their bodies where their mouth are to visibly say “NO” to an out-of-control global climate crisis, this writer continues to reflect upon what lies behind the futility of so many climate crises, anti-war, pro-human protests of the past, and the even more aggressive protests that will be needed in the future to tackle the forces that continue to crush the planet.

• 14. FBI Surveilled Peaceful Climate Change Protesters

  As Adam Federman reported for the Guardian, “The FBI is prohibited from investigating groups or individuals solely for their political beliefs but has been criticized in the past for treating non-violent civil disobedience as a form of terrorism.” The subject of the FBI file on Magram, Krystofiak, and Frick is categorized by the FBI as a “Sensitive Investigative Matter,” a label, Federman explained, that often refers to cases involving political organizations which “therefore require a higher level of scrutiny.” One of the FBI documents, catalogued by the agency as part of a related domestic terrorism case and obtained by the Guardian through a Freedom of Information Act lawsuit, stated that “350.org are referenced in multiple investigations and assessments for their planned protests and disruptions.”

• In European First, Proposed Constitutional Amendment in Sweden Would Enshrine Rights of Nature

  “When we’re in the beginning of an ecological and climate collapse,” said the lawmaker who introduced the measure, “I hope we can re-think our relationship with Nature.”

• Sowing the Seeds of the Climate Crisis in Odisha

  “Everybody is doing it. So we are too,” said Rupa Pirikaka, somewhat uncertainly.

• 3. Indigenous Groups from Amazon Propose Creation of Largest Protected Area on Earth

  A report for Common Dreams quoted Tuntiak Katan, the alliance’s vice president, who called the Amazon rainforest “the world’s last great sanctuary for biodiversity” and said, “It is there because we are there. Other places have been destroyed.”

• 4. US Oil and Gas Industry Set to Unleash 120 Billion Tons of New Carbon Emissions

  Oil Change International’s coverage is based on a study, “Drilling Towards Disaster,” produced in collaboration with 350.org, Amazon Watch, the Center for Biological Diversity, Food & Water Watch, Greenpeace USA, and a dozen other organizations. According to the report, new US oil and gas development could enable 120 billion tons of new carbon pollution, the equivalent to “the lifetime CO2 emissions of nearly 1,000 coal-fired power plants.”

• Massachusetts Lawmakers Step Up Pressure on Enbridge to Scrap Controversial Gas Compressor Station

  Compressor stations, which propel natural gas through pipelines, emit a variety of pollutants and are usually built in rural areas.

• Penguins in peril as winds change and heat rises

  New weather patterns in the warming Antarctic are leaving thousands of penguins in peril, prompting calls for them to be specially protected.

• Water stress rises as more wells run dry

  Soon, communities and even nations could be drawing water faster than the skies can replenish it. As the wells run dry, so will the rivers.

• Energy

  • 16. Underwater Avalanches Heighten Risks of Oil Catastrophes

    As MacDonald reported, one instance of this type of catastrophe has already happened. A well located off the coast of Louisiana owned by Taylor Energy has been leaking oil since 2004. Government regulators and energy companies, MacDonald wrote, “should be doing much more to prevent such catastrophes at other sites.”

• Wildlife/Nature

  • 20. Scientists Accelerate Coral Reef Regrowth with Electricity

    The technique is currently being used by conservationists with Reef Ecologic to restore sections of coral on Australia’s Great Barrier Reef that were badly affected by mass bleaching events in 2016 and 2017. The same technique has previously proven successful on reefs in the Caribbean, the Indian Ocean, and Southeast Asia, Klein wrote.

  • 15. Trump Administration Threatens Endangered Species Act

    For a little over a decade, according to the Earth Island Journal’s report, conservationists have fought to protect Pacific walruses under the Endangered Species Act. Protection for the walrus under the ESA was first proposed in 2008; in 2011, the US Fish and Wildlife Service (FWS) suggested that the Pacific walrus was threatened and endangered. But in October 2017, the Trump administration concluded that the Pacific walrus did not warrant listing. The FWS under Trump appointees explained that “impacts of the effects of climate change on the Pacific walrus population are based on speculation, rather than reliable prediction,” Pekow reported. The Center for Biological Diversity (CBD) has sued the Trump administration over the decision, and that lawsuit is still pending.

  • Owyhee Ecocide: Anatomy of BLM’s Ancient Juniper Forest Destruction

Finance

• How Trump’s Tariffs Are Creating Jobs — for Canadians

  A few months ago, Elliot Markillie started getting calls about small boxes.

  He works for a logistics company near Vancouver, British Columbia, called a52 that handles distribution for big apparel and footwear brands. The brands source their goods from China and had just been hit with steep tariffs, on top of the duties already applied to clothes and shoes.

• 17. More Than 25 Percent of Formerly Incarcerated People are Unemployed

  Their study, “Out of Prison & Out of Work,” drew on statistics from the 2008 Bureau of Justice Statistics’s National Former Prisoner Survey data—the most recent available data—and showed that the unemployment rate for the five million formerly incarcerated people living in the United States was more than 27 percent, compared to 5.8 percent for the general population. (“Contemporary unemployment rates may differ,” Couloute and Kopf wrote, “but we are confident that formerly incarcerated people are still substantially disadvantaged compared to the general public.”)

• 23. New Programs Make School Food Systems More Equitable

  New programs not only connect school children with local farms, they also create jobs in the community, and keep money in the community to support on-campus gardens and farm-fresh meals. A study in Georgia found that for every dollar the program spent, two dollars stayed in the state, instead of leaving to be invested in a large food company, YES! Magazine reported.

• “Your Transaction Has Been Canceled”: Lessons in Lebanon’s Economy

  I sniffed something was wrong in Lebanon when the central bank governor Riad Salame announced to us all that there were plenty of dollars in the system. No shortages. No tightening of the purse strings. I still have the papers with his announcement on page one.

AstroTurf/Lobbying/Politics

• Ellen DeGeneres and the American Psychopath

  A little over a year ago, I wrote an article for this publication called, “The Liberal Rehabilitation of George W. Bush Is Complete,” and so it’s my regrettable duty to inform Ellen DeGeneres that her palling around with George W. Bush at a Dallas Cowboys game Sunday—and her subsequent sanctimonious defense of such as a gesture of benevolent friendship meant to heal our fractured, angry nation—is too late. Michelle Obama’s Werther’s Original has melted away, and there’s nothing left but dry mouths and hacks.

• White House Impeachment Letter Sparks Constitutional Crisis

  President Donald Trump and his administration will not participate in the Congressional impeachment inquiry, the White House announced Tuesday, setting up a constitutional crisis in the conflict between two ostensibly co-equal branches of government.

• Warren calls out Facebook for refusing to remove anti-Biden ad [iophk: more tweets in place of official channels ]

  The ad implies Biden sought to fire the prosecutor because he had been investigating the company where Biden’s son served as a board member.

  There’s no evidence showing Biden sought to fire the prosecutor to protect his son. The Obama administration repeatedly said it sought to oust the prosecutor because of concerns he was not doing enough to root out corruption.

  “Facebook already helped elect Donald Trump once. Now, they’re deliberately allowing a candidate to intentionally lie to the American people. This is a serious threat to our democracy,” Warren tweeted Wednesday. “We need transparency and accountability from Facebook.”

• Republican-led probe finds Russia helped Trump in 2016 election

  A Senate Republican-led investigation said in a report Tuesday that Russia indeed sought to help President Donald Trump in the 2016 election, contradicting persistent White House claims to the contrary.

  The Senate Intelligence Committee’s 2016 election investigation report said a sweeping social media manipulation campaign by the St. Petersburg-based Internet Research Agency (IRA) represented “overt support of Russia’s favored candidate in the U.S. presidential election.”

• ‘We too love money more than freedom’: South Park creators post sarcastic apology to China

  The cartoon’s creators Trey Parker and Matt Stone posted an “official statement” on Twitter: “Like the NBA, we welcome the Chinese censors into our homes and into our hearts. We too love money more than freedom and democracy. Xi doesn’t look just like Winnie the Pooh at all. Tune into our 300th episode this Wednesday at 10! Long live the Great Communist Party of China! May this autumn’s sorghum harvest be bountiful! We good now China?”

• The Real Cover-Up: Putting Donald Trump’s Impeachment in Context

  There is blood in the water and frenzied sharks are closing in for the kill. Or so they think.From the time of Donald Trump’s election, American elites have hungered for this moment. At long last, they have the 45th president of the United States cornered. In typically ham-handed fashion, Trump has given his adversaries the very means to destroy him politically.

• To His Wealthy Donors, Trump Is Their Grifter

  To decipher President Donald Trump’s presidency, apply the basic rule of politics: Follow the money.Last month, for example, Trump performed at rallies in North Carolina and in New Mexico. He entertained adoring crowds, clad in Trump’s MAGA caps and T-shirts.The rallies got featured on Fox and other news stations.

• Portugal’s Lesson for the Global Left

  There’s a place in the West where a smattering of anti-austerity, pro-immigration, pro-public-spending left-wing parties are not only in power, but are actually popular. I’m talking about Portugal, the small European country I have witnessed grow into a global political marvel.

• ‘The Tide Has Shifted’: New Poll Shows Nearly 60% of Americans Support Trump Impeachment Inquiry

  The Washington Post-Schar School poll also found 49 percent of Americans want the House to call for president’s removal from office…

• Putin gives Order of Courage award to American astronaut who survived Soyuz launch accident

  NASA astronaut Nick Hague has received the Order of Courage following a command from Russian President Vladimir Putin. Putin issued the prestigious state award to Hague for “the courage and high professionalism he demonstrated while fulfilling his duties in high-risk, life-threatening conditions during an emergency situation at the Baikonur Cosmodrome.”

• The Kremlin has reportedly met in private and determined how it screwed up Moscow’s September elections

  The Putin administration has reportedly acknowledged, at two private events, the mistakes made ahead of Moscow’s City Duma elections in September. Sources told the newspaper Vedomosti about two events that were closed to the public: a roundtable organized by the state pollster VTsIOM that included Putin staffers, and a seminar held by the administration itself for the political consultants who worked on regional elections.

• Guns For Hire: the US Shouldn’t Be Using the Military to Police the Globe

  Eventually, all military empires fall and fail by spreading themselves too thin and spending themselves to death.

• The Real Venezuela: Dignified, Indivisible and Truthful

  All those wondering who is in charge in Venezuela, should stop reading the biased and confusing corporate media and should look at who represents the country at the United Nations. The UN is not a perfect institution but it is one that is clear on the issue of membership despite powerful attempts at obfuscating that clarity.

• Polling the Warren Factor

  Morning Consult polling shows no change outside its stated 1% margin of error over the last few weeks of polling. Where Joe Biden stood at 31.8% in crosstabs kindly forwarded to me by Morning Consult’s press officer two weeks ago (field dates September 17-23), Biden has risen slightly to 32.7% as of yesterday’s release (field dates September 30 to October 6). Elizabeth Warren, meanwhile, has risen as well, but also under 1% from 19.9% to 20.7% during the same period. Bernie Sanders’ standing has shown almost no change at all from 19.1% on September 23 to 18.9% in data released yesterday evening.

Censorship/Free Speech

• Freedom from censorship on mailing lists

  One prominent tool used to construct the fake community is the email discussion list.

  When people join a discussion list, they assume and believe that they are being exposed to a wide range of opinions. Therefore, when some opinions or critical information is hidden, ordinary members of the list are deceived. People have not consented to this deception.

  In 2018, FSFE used these tactics to make it appear that nobody supported elections any more. In 2019, rogue elements of the Free Software Foundation (FSF) staff used the same tactics to undermine their own founder, Richard Stallman. FSF is the organization that explains their use of the word Free using the phrase Free as in speech, not free as in beer. When they don’t even allow Free Speech on their own LibrePlanet-discuss mailing list, the organization loses all credibility.

• Speakers Censored at AISA Conference in Melbourne

  Two speakers were censored at the Australian Information Security Association’s annual conference this week in Melbourne. Thomas Drake, former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate. Suelette Dreyfus, lecturer at the University of Melbourne, was scheduled to give a talk on her work — funded by the EU government — on anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem.

• The NBA Is Going to Have to Choose

  The NBA reveled in the praise it got for being the pro sports league that welcomes its players’ and employees’ opinions on political and social issues. But the league’s respect for open expression—which supposedly distinguished it from the NFL—suddenly has its limits.

  A posting on Twitter Friday by the Houston Rockets general manager Daryl Morey showing support for the Hong Kong protesters has fractured the relationship between the National Basketball Association and its business partners in China, a country with deep pockets and an insatiable thirst for the sport. The tweet featured an image bearing the caption “Fight for Freedom. Stand with Hong Kong.” It wasn’t up for long, but it was enough to jeopardize the NBA’s growing ties with the Chinese Basketball Association and Chinese corporations.

  Now the NBA is trying desperately to mollify China—which will accept no criticism of its embarrassing human-rights record—while also paying lip service to Morey’s right to express himself. This strategy is working quite miserably.

• Abrar Fahad killing: Bangladesh student was beaten for four hours

  Torture of public university students by the student wing of the ruling parties is nothing new. New students are often forced to attend meetings and rallies just to be able to stay in the dormitories. Beating and bullying of those who hold different views or defy the order of the leaders is common.

Privacy/Surveillance

• Thailand orders restaurants and internet cafes offering public WiFi to log your internet history

  Thailand has ordered all restaurant and cafe owners who provide WiFi to start storing the internet history of patrons for at least 90 days. This new announcement came at a news conference on the 8th of October. The Thai ministers clarified that this is a new update to a newly passed Computer Crimes Act that also forces Thai internet service providers (ISPs) to log internet history for 90 days. This means that no matter how you’re using the internet in Thailand, your internet history is likely being stored and analyzed. That is to say, Thai internet users need VPN to protect their privacy from the government.

• Industry appears to think encryption law review is an eyewash

  Dr Renwick issued a media release last week, extending the date for submissions to 1 November and stressing that though there had been numerous submissions to the Parliamentary Joint Committee on Intelligence and Security, he could not treat those as submissions to his inquiry unless they were submitted to him.

  The law, officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, was passed on 6 December 2018, without any amendments with the Labor Party supporting its passage.

  Soon after, a review of the law by the PJCIS was announced with a reporting date of 3 April. But the only thing that this committee did was to put off any decision on amendments, instead asking Dr Renwick to review the law and report back by 1 March 2020.

• Never Trust a Platform to Put Privacy Ahead of Profit

  A Twitter spokesperson told WIRED that the company doesn’t have further comment on what internal issue caused the mix-up. In September 2018, Facebook admitted that it, too, had used phone numbers customers had shared to set up two-factor authentication for marketing and customization. The Federal Trade Commission fined Facebook a record $5 billion in July over numerous instances of user data mishandling.

• The Data Isn’t Yours

  The typical interaction that generates data about an Internet user involves two parties, a client and a server. Both parties know what happened (a link was clicked, a purchase was made, …). This isn’t “my data”, it is data shared between the client (“me”) and the server. The difference is that the server can aggregate the data from many interactions and, by doing so, create something sufficiently valuable that others will pay for it. The client (“my data”) cannot.

• Taking a ferry to the ATM: which areas face the longest treks to a free cash machine?

  Between January 2018 and May 2019, some 5,334 free machines were either closed or converted to fee-paying.

  When a free machine is lost in a rural area, people have to travel three times further to find an alternative than they would if they lived in a town or city, our analysis revealed.

  Worse still, almost one in eight (12%) rural communities that lost a free ATM now have to travel more than 1km to the nearest machine that doesn’t charge for withdrawals.

• The DOJ Is Conflating The Content Moderation Debate With The Encryption Debate: Don’t Let Them

  As we’ve detailed a lot over the last week, the DOJ has decided that after years of failing to get backdoors mandated by warning about the “terrorism” bogeyman, it’s decided to pick up the FOSTA playbook, and instead start focusing on child porn — or what “serious people” now refer to as Child Sexual Abuse Material (CSAM). It did this last week with an assist from the NY Times, who published an article with (legitimately) scary stories, but somehow blaming the internet companies… because they actually report it when they find such content on their networks. I’ve seen more than a few people, even those who generally have been strong voices on the encryption debate and against backdoors, waver a bit on this particular subject, and note that maybe there shouldn’t be encryption on social media networks, because it might (as the narrative says) help awful people hide their child porn.

• To Stop Threat of ‘For-Profit Surveillance,’ Rights Groups Demand End to Partnerships That Give Cops Access to Amazon Ring Data

  “Our elected officials are supposed to protect us, both from abusive policing practices and corporate overreach. These partnerships are a clear case of both.”

• Civil Rights Groups Ask Government to Stop Amazon Ring Partnership with Police

  There have been many people upset to find that Amazon was partnering with the police, allowing them to use their customers’ Ring Doorbells for surveillance. Many people find it a breach of their privacy. More than 30 civil rights groups find fault with it as well. They signed off on an open letter to elected officials, asking them to end this partnership. Included in these groups are CAIR, United Church of Christ, and United We Dream.

Freedom of Information / Freedom of the Press

• Journalists Who Visited Julian Assange Targeted By Company Spying On CIA’s Behalf

  A Spanish security company was apparently enlisted by the Central Intelligence Agency to compile reports on journalists, attorneys, doctors, and any Russians or Americans who visited WikiLeaks founder Julian Assange while he was living in Ecuador’s embassy in London.

  Undercover Global S.L. operated a security checkpoint. Visitors were instructed to “hand over their bags, computers, electronic devices, and cellphones,” according to Spanish newspaper El País.

• Telugu journalist Ravi Prakash arrested after refusal to remove online interviews

  Tolivelugu reporter Raghu Ganji told CPJ that on September 30 the news website had carried two interviews on its YouTube channel conducted by him on the ongoing strike by 50,000 employees of a state-run transport corporation demanding pay hike and a freeze on the privatization of public transport. In one interview, transport union leader E Aswathama Reddy accused Chief Minister Kalvakuntla Chandrashekhar Rao and industrialist PV Krishna Reddy of being involved in a multi-million dollar public transport scam. In another interview, opposition leader Mallu Bhatti Vikramarka made allegations of corruption against Rao and Reddy relating to a huge irrigation project in Kaleshwaram, Telangana.

• CBP Official Refuses To Give Journalist His Passport Until He ‘Admits’ He Writes ‘Propaganda’

  The situation at our borders is getting worse for some American citizens. I mean, all American citizens are likely dealing with more questions, more screening, and more general hassle now that the President has declared immigrants and asylum seekers to be a “national emergency.”

Civil Rights/Policing

• Mozambique: Police Linked to Killing of Election Observer

  Mozambique police officers have been implicated in the killing of an election observer in an escalation of violence that threatens national elections scheduled for October 15, 2019. 

• Lebanon No Longer A Safe Haven for Activism

  Lebanon used to be known as a port in a storm for human rights defenders from the Arabic-speaking world – especially those working on gender and sexuality – to organize freely and without censorship.

• I Am One of Aimee Stephens’s Lawyers, and I Heard Yesterday’s Argument Firsthand

  Yesterday, the Supreme Court heard argument on whether it is legal to fire people for being transgender or for being gay. I represent Aimee Stephens, the woman who lost her job as a funeral director for being transgender, and I was sitting at counsel table during the argument. You can read the argument transcript online.

• Saudi Arabia is admitting general tourists for the first time. Here are 20 things that could get you arrested or fined, like dabbing, carrying a Bible, or wearing shorts

  While the country is moving toward more a relaxed dress code, recently saying female travelers won’t have to wear a long cloak called an abaya, it’s best to err on the side of caution.

• More than two dozen women accuse President Trump of unwanted sexual contact in new book

  In total, the president has been accused by 43 new women of inappropriate behavior in “All the President’s Women: Donald Trump and the Making of a Predator.” Of those accusations, 26 include instances of unwanted sexual contact, according to Esquire, which published an excerpt from the book. (As of July, Trump faced at least 17 public allegations of sexual misconduct.)

  Based on more than 100 interviews, “All the President’s Women” was written by journalists Barry Levine and Monique El-Faizy. “What emerges from the authors’ reporting is a portrait of a predator who hides behind wealth and institutional power to frequently harass and abuse women,” Esquire editor Adrienne Westenfeld wrote.

• 21. Court Ruling Provides “Blueprint” to Reform Excessive, Discriminatory Policing in Schools

  The California Justice Department’s investigation showed the district had turned thousands of minor student misbehaviors—commonplace in any school—into criminal offenses, disproportionately affecting black, Latino, and disabled students. School police overused handcuffs and restraints on students and conducted random and unannounced searches of students’ belongings using police dogs, while school officials engaged in searches that violated students’ rights to privacy under the Fourth Amendment. In many cases, overreactions by undertrained officers created escalations that led to student arrests.

• 10. Pentagon Aims to Surveil Social Media to Predict Domestic Protests

  A study titled “Social Network Structure as a Predictor of Social Behavior: The Case of Protest in the 2016 US Presidential Election” examined the use of social media in anti-Trump protests after the 2016 presidential elections. Funded by the US Army Research Laboratory, the study concluded that post-elections protests could have been predicted by analyzing millions of American citizens’ Twitter posts. “Civil unrest is associated with information cascades or activity bursts in social media, and these phenomena may be used to predict protests,” the study concluded. “Failure to predict an unexpected protest may result in injuries or damage.” As Ahmed summarized, “This pivotal finding means that extensive real-time monitoring of American citizens’ social media activity can be used to predict future protests.” However, his report noted that, in its current form, the tracking software used is not entirely accurate.

• 11. Ukrainian Fascists Trained US White Supremacists

  A federal criminal rioting complaint, filed in Los Angeles in 2018, included an affidavit stating that four American white supremacists from the Rise Above Movement (RAM) trained with Ukraine’s Azov Battalion. The training took place after the white supremacist gang participated in violent riots in Huntington Beach and Berkeley, California, and in Charlottesville, Virginia, in 2017, Max Blumenthal reported for MintPress News.

• South Sudan/AU: Set Meeting on War Crimes Court

  South Sudan’s government and the African Union should urgently meet to clarify plans to set up a proposed hybrid court for wartime atrocities, Human Rights Watch said in a letter to both the government and the AU that was published today.

• Bulgaria: Despite Court Order, Australian Still Detained

  Bulgarian authorities should clarify the legal basis for the continued detention of an Australian citizen, Paul “Jock” Palfreeman, or release him immediately.

• Myanmar: Rohingya Jailed for Traveling

  Myanmar authorities should immediately release 30 Rohingya Muslims detained for attempting to travel from Rakhine State to the city of Yangon.

• 5. “Modern Slavery” in the United States and around the World

  The Global Slavery Index (GSI) is produced by the Walk Free Foundation, an organization that combines research and direct engagement to influence governments and businesses to address modern slavery as a human rights issue. The GSI draws on national surveys, reports from other agencies, such as the United Nations’s International Labour Organization, and databases of people who have been assisted in trafficking cases.

• 6. Survivors of Sexual Abuse and Sex Trafficking Criminalized for Self-Defense

  In contrast to the spate of news coverage from establishment outlets, which focused on Brown’s biography and the details of her case, independent news organizations—including the Guardian, Democracy Now!, Rolling Stone, and Mother Jones—stood out by reporting that cases like Brown’s are all too common. Victims of sex trafficking and sexual violence are often prosecuted for acts of self-defense. In a January 2019 interview, Mariame Kaba, the cofounder of Survived and Punished, an organization supporting survivors of violence who have been criminalized for self-defense, told Democracy Now!, “There are thousands of Cyntoia Browns in prison.”

• 7. Flawed Investigations of Sexual Assaults in Children’s Immigrant Shelters

  ProPublica’s review of hundreds of police reports showed that, “again and again,” police were “quickly—and with little investigation—closing the cases, often within days, or even hours.” The number of cases of sexual assaults of immigrant children in shelters is likely greater than ProPublica could document, as records from shelters in Texas, “where the largest number of immigrant children are held,” could not be obtained due to state laws in Texas that ban child abuse reports from being made public.

• A Tale of Two Policies: Trump’s Hypocrisy and State Violence in Venezuela and Brazil

• Violating The Fourth Amendment To Break Up An Underage Drinking Party Means No Qualified Immunity

  How far would a cop go to break up an underage drinking party? Far enough to get sued in federal court.

• Your Money Or Your Life: Louisville Cops, Prosecutors Dropping Hefty Trafficking Charges In Exchange For Seized Cash

  Law enforcement agencies like to portray asset forfeiture as an important weapon in the Drug War arsenal — one capable of toppling cartels and kingpins. Every so often, a large amount of cash and drugs is trotted out in front of reporters as evidence of this claim.

Internet Policy/Net Neutrality

• US Court says that states can ignore FCC and pass their own net neutrality laws

  A circuit judge has ruled that States can enact their own net neutrality laws – like California is doing – and that isn’t against the current federal rules on net neutrality. Ever since the Federal Communications Commission (FCC) outlawed net neutrality protections in 2016, the question of whether states could enact their own net neutrality preserving laws loomed large. The FCC, of course, opined that the FCC’s federal ruling would override any state laws existing or future. However, a federal court has now ruled and opined the other way – that states do have the right to pass their own net neutrality laws, that internet service providers (ISPs) need to follow if they wish to do business in said states.

Monopolies

• Teens choose YouTube over Netflix for the first time, according to new survey

  Piper Jaffray found 37% of teens prefer to watch videos on YouTube, narrowly edging out Netflix, which came in at 35%.

• Mark Zuckerberg to testify before Congress on Facebook’s libra cryptocurrency

  Facebook CEO Mark Zuckerberg will testify before the House Financial Services Committee on Oct. 23, the committee announced Wednesday.

  House members had been pushing for Zuckerberg to testify on Facebook’s cryptocurrency plans as the committee had been in talks with COO Sheryl Sandberg about testifying as soon as this month.

  Chairwoman Maxine Waters, D-Calif., has previously called for Facebook to postpone its implementation of libra ahead of regulatory measures.

• Patents and Software Patents

  • Failure To Launch: The Patent Thicket Delay Of US Biosimilars

    Law360 (October 9, 2019, 12:42 PM EDT) — Biologics originators successfully argued that they required longer exclusivity periods without competition from follow-on products because patents covering the originators’ products would not pose the same barriers to entry that patents provide for small molecule drugs.

    Almost 10 years after enactment of the Biologics Price Competition and Innovation Act, it is clear that originators’ concerns were overstated. Patent thickets remain an important obstacle to launching follow-on biologics and help explain why such launches in the U.S. lag behind those in Europe.

    Patent thickets are providing originators with years of additional exclusivity.

  • Judge Koh denies Continental’s anti-anti-antisuit TRO motion against Avanci, Nokia, Sharp, others: complex legal issues require hearing from defendants

    Late Tuesday afternoon by local time, Judge Lucy H. Koh of the United States District Court denied automotive supplier Continental’s motion for a temporary restraining order (TRO) against the Avanci patent pool firm and several of its members (Nokia, Sharp, Conversant, Optis). The motion had been brought earlier in the day and sought not only to prevent defendants from pursuing injunctive relief against Continental supplier Daimler but also to bar them, by means of an ex parte TRO, from seeking yet another anti-antisuit-injunction injunction (AAII) in Munich or from another German court.

    [...]

    What Judge Koh’s order makes clear is that she wasn’t satisfied with how Conti described the situation. She might have missed an affidavit (that word is part of a passage she highlighted when quoting the Federal Rules of Civil Procedure) specifically for the purpose of coherently and compellingly laying out the facts that Conti believes warrant a TRO. Indirectly and implicitly, Conti did; but that wasn’t enough.

    What might also have played a role is Conti’s footnote that the ten already-pending German Nokia cases were, for the time being (awaiting the outcome of the Munich anti-antisuit appeal) excluded. Those are the cases were the Avanci group of companies is most likely to obtain and enforce a first German SEP injunction against Daimler. But due to the Munich anti-antisuit order, Conti had to exclude them (otherwise a contempt proceeding in Munich would surely have started). So the TRO motion was just about five Sharp cases, one Conversant case, and any future or unknown cases, not to the ten more advanced Nokia cases.

• Copyrights

  • Full-Time Writing: Five Years In

    No, start by reading The Copyright Handbook. I reread this book every year, and I buy every new edition. It’s that important. Remember, authors don’t sell books: we create and license intellectual property [sic]. This realization, way back in 1999, was key to me becoming a full time writer.

    Wait–you absolutely must read Rusch’s How To Negotiate Anything. It turns the typical authorial introversion into a negotiating advantage. If you can’t negotiate, you don’t have a business.

    Real businesses have multiple income streams, and add additional streams any time they can. If you rely on a single income stream, your business is inherently short-lived. Maybe exclusivity with one business has been good to you, but it puts you at the mercy of that company. I won’t sign on exclusively with Amazon. I won’t put all my nonfiction through No Starch Press, exactly as they would not agree to me becoming their only author. A single source of income is short term thinking. My largest single customer (Amazon) is less than a third of my income. Losing them would suck but I’d survive.

  • Devastating remix of Ellen’s lecture on befriending George W. Bush disappears after copyright takedown … then reappears in force

    Ellen DeGeneres’s friendship with ex-President George W. Bush became controversial this week, in light of the progressive values she claims and the 600,000 corpses left by his occupation of Iraq. She delivered a monologue on her show in response, casting their friendship as an example of civility, overcoming political differences, and having “faith in America”. So Rafael Shimunov added a simple backdrop of Iraq war scenes to her monolog, in the hopes DeGeneres might better understand the complaints. In response, copyright takedown notices flew and it was removed from the ‘net, so it is at least getting under her skin.

  • Ellen DeGeneres’s George W. Bush Debacle Is a Lesson in the Drawbacks of Assimilation Politics

    His presidency was defined early on by September 11 and the invasion of Afghanistan. But it was the March 2003 invasion of Iraq, publicly predicated in part on the false claim that Iraq’s leadership had weapons of mass destruction (WMDs), that gave him a reputation as a president who lied to get into a war that is believed to have killed hundreds of thousands of Iraqi civilians. The invasion and subsequent occupation of Iraq by U.S. military forces have also been criticized as an oil war and resulted in heavy scrutiny of Bush’s ties to the fossil fuel industry, where he launched his career.

  • Back to Piracy For Adobe Users in Venezuela But Most Pirate Anyway

  • Not The First Rodeo: Lil Nas X And Cardi B Hit With Blurred Lines Style Copyright Complaint Over Rodeo

    We’ve talked quite a bit lately about how the Blurred Lines decision, saying that having a similar “feel” in a song can be copyright infringement even if it’s not a direct copy, has truly messed up the recording industry. Artists are afraid to even mention inspirations for fear of it leading to a lawsuit. New lawsuits are freaking out musicians and even have the RIAA complaining that maybe copyright protection has gone too far.

  • File-Sharing and VPN Traffic Grow Explosively