EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

10.10.19

IRC Proceedings: Thursday, October 10, 2019

Posted in IRC Logs at 11:52 pm by Needs Sunlight

GNOME Gedit

GNOME Gedit

#techrights log

#boycottnovell log

GNOME Gedit

GNOME Gedit

#boycottnovell-social log

#techbytes log

Enter the IRC channels now

Links 11/10/2019: Atari VCS Responds, Rock Pi SBC Debut

Posted in News Roundup at 11:40 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop

      • System76 Will Begin Shipping 2 Linux Laptops With Coreboot-Based Open Source Firmware

        System76, the Denver-based Linux PC manufacturer and developer of Pop OS, has some stellar news for those who prefer their laptops a little more open. Later this month the company will begin shipping two of their laptop models with its Coreboot-powered open source firmware.

      • Modern Linux Laptops with Coreboot Firmware From System76

        Are you looking for modern Linux laptops with coreboot? The wait is over. Coreboot is a free and open-source software. The coreboot project aimed at replacing the proprietary BIOS firmware and blobs. System76 recently announced two Intel laptops with Coreboot, which as an alternative to proprietary BIOS. These laptops are using Intel 10th Gen CPUs.

        [...]

        Coreboot itself is opensource; however, Intel CPU depends upon the binary blobs for modern Linux laptops. The good news is Intel ME is removed or disabled permanently on newer Linux models from System76. I think it is a step in the right direction despite few binary blobs (e.g. FSP), and I hope someday will get pure open-source firmware for modern Linux laptop.

    • Server

      • System on module fully-integrated Linux system for accelerated machine learning

        Coral System on Module is a fully-integrated Linux system for accelerated Machine Learning inferencing to be integrated into existing hardware with three 100-pin connectors. The SoM is available now from Mouser. The SoM comprises the NXP iMX8M SoC, eMMC memory, LPDDR4 RAM, Wi-Fi, Bluetooth, and the Google Edge TPU Coprocessor for acceleration.

      • What are microservices? Your next software architecture

        Nearly every computer system performs multiple tasks using shared resources, and one of the questions of computer programming is how closely the bits of code that perform those tasks should be tied to one another. An increasingly popular answer is the concept of a microservice—a small, discrete chunk of functionality that interacts with other microservices to create a larger system.

        Although the basic idea of having such discrete components isn’t new, the way microservices are implemented makes them a natural foundation for both modern cloud-based applications. Microservices also dovetail with the devops philosophy, which encourages rapidly and continuously rolled out new functionality.

      • IBM

        • Download CentOS 8 – DVD ISO Image

          CentOS is a Linux operating system, which is a 100% compatible rebuild of the Red Hat Enterprise Linux operating system. A user can download and use this enterprise-level operating system free of cost. CentOS 8 is the latest version available to download.

        • Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning: Your questions answered (Part 1)

          During a recent webinar titled, “Modern continuous integration/continuous delivery (CI/CD) pipeline for traditional provisioning,” we received a lot of interest and many questions regarding the topic. Some of the questions were coming in at a very rapid rate and we were not able to address them all. As a followup to our webinar, we have decided to put the answers to those questions into this blog post. The questions are listed below.

        • Red Hat Ceph object store on Dell EMC servers (Part 1)

          Organizations are increasingly being tasked with managing billions of files and tens to hundreds of petabytes of data. Object storage is well suited to these challenges, both in the public cloud and on-premise. Organizations need to understand how to best configure and deploy software, hardware, and network components to serve a diverse range of data intensive workloads.

          This blog series details how to build robust object storage infrastructure using a combination of Red Hat Ceph Storage coupled with Dell EMC storage servers and networking. Both large-object and small-object synthetic workloads were applied to the test system and the results subjected to performance analysis. Testing also evaluated the ability of the system under test to scale beyond a billion objects.

        • Why Linux Developers Should Reconsider IBM Mainframes

          When mainframes were mainstream, many software professionals in the industry today were not even born yet. Mainframe computers have an extensive history, which makes it tempting to call them old, but today’s mainframes are extremely mature, fast, reliable and powerful. In fact, they are critical to the modern economy: Top airlines, banks, insurance companies and health care corporations rely on mainframe computing.

          One of the organizations keeping this technology with the times is IBM, with its IBM Z family of mainframe computers. Some of these mainframes—like the 31-bit s390 and, later, the 64-bit s390x architecture—were originally designed and built in the 1960s, and they have continued to evolve and modernize.

          “IBM still sells a lot of these even today,” said Elizabeth K. Joseph, a seasoned open source advocate who recently joined IBM as the developer advocate for its Z architectures. These machines run operating systems including z/OS, z/VM, z/VSE and z/TPF, as well as Linux-based distributions like Red Hat Enterprise Linux and SUSE Linux Enterprise Server.

    • Audiocasts/Shows

      • 2019-10-10 | Linux Headlines

        The Tor Project blacklists old relays, GitLab plans to introduce telemetry, Steam is working on a new multiplayer feature, The Matrix Project announces new funding, and AMP is getting a new home.

      • Ubuntu Podcast from the UK LoCo: S12E27 – Exile

        This week we’ve been playing LEGO Worlds and tinkering with Thinkpads. We round up the news and goings on from the Ubuntu community, introduce a new segment, share some events and discuss our news picks from the tech world.

        It’s Season 12 Episode 27 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

      • Talk Python to Me: #233 The Masonite Python Web Framework

        Folks, it’s not like the old days where there were just a couple of web frameworks for building apps with Python. These days there are many. One of those frameworks is the Masonite web framework created by Joseph Mancuso. Joseph is here today to tell us all about Masonite, what makes it special, it’s core value proposition for web developers and much more.

    • Kernel Space

      • Google Helps With Linux Scheduling With SchedViz

        Google has just open sourced a tool that lets you visualize how your program is being treated under Linux scheduling. The idea is that you can use SchedViz to tune the system.

        We all know the best scheduling algorithm to use – my program runs, everything else is suspended. Effective, but not cooperative. To achieve the same result while allowing other programs a chance to use the CPU we need to tune, and perhaps even select, the scheduling algorithm.

        The problem is that the basic Linux tools to do the job are lacking and what generally happens is that you guess what might be best. In a modern system such a guess is unlikely to be correct because there are too many variables. Each thread has a priority and these interact under the scheduling policy. It can make a difference which core a thread is assigned to and changing cores is something best avoided.

      • Understanding Scheduling Behavior with SchedViz

        Linux kernel scheduling behavior can be a key factor in application responsiveness and system utilization. Today, we?re announcing SchedViz, a new tool for visualizing Linux kernel scheduling behavior. We?ve used it inside Google to discover many opportunities for better scheduling choices and to root-cause many latency issues.

      • Understanding Scheduling Behavior with SchedViz (Google Open Source Blog)

        The Google Open Source Blog has an announcement of the release of the SchedViz tool that is used internally at the company “to discover many opportunities for better scheduling choices and to root-cause many latency issues”.

    • Applications

      • OBS Studio is an open source video recorder and streaming app for Windows, Linux and macOS

        OBS Studio aka Open Broadcaster Software Studio is very popular among YouTube users. You can use it to broadcast gameplay streams live or use it to record videos (which you may then upload to YouTube or other video hosting sites). Want to set up a camera and mic to record content for your vlog? You can do that too.

        This is one of those rare applications that is user-friendly on the one hand but still advanced enough to deliver the options that advanced users require. That being said, we’re going to take a look at the basic usage of the program, the recording of on-screen content.

        OBS Studio is a cross-platform program that is available for Windows, Mac OS X and Linux.

      • Try App Outlet On Xubuntu, Universal App Store for Linux Desktop!

        In a forum, I often read the debate between the use of several types of package formats on Linux. In Ubuntu we know a variety of applications that are packaged in various packages. Examples are Flatpak, Appimage, Snap, Apt and others.

        Sometimes, one user and another have different opinions when choosing a package. An example is in my post about the advantages of appimage. There are some comments about this package. There are pros and cons to this package. All returned to user needs. We cannot generalize the needs and choices of users who choose certain packages.

      • Proprietary

        • IRS-Funded Review Confirms TurboTax Hid Free Filing From Search Engines, but Says There’s No Need for Major Changes

          A four-month outside review of the IRS’ partnership with the private tax software industry to provide free tax preparation offered mixed conclusions: It found serious problems in the program and confirmed ProPublica’s reporting this year that companies, including Intuit, the maker of TurboTax, had hidden the free option from search engines. But the report, written by an IRS contractor that has previously supported the industry’s position, also defended the program’s oversight.

          The review did not recommend sweeping changes. The mandate of the review was to narrowly assess the program to “ensure the continued operations and integrity of the Free File Program.” It did not examine the broader question of whether the premise of the program is sound or look at the IRS’ role in tax filing.

        • Digital Watchdog Adds Extensive List of Features to Spectrum IPVMS

          The DW Spectrum IPVMS server software is included with pre-configured DW Blackjack NVR servers and MEGApix CaaS edge cameras or it can be installed on third-party Windows or Ubuntu Linux-based systems.

    • Instructionals/Technical

    • Games

      • Open-world action adventure ‘Pine’ where humans are not top of the food chain is now available

        Pine certainly looks good, a proper open-world action adventure with a story depicting humans who never reached the top of the food chain. It just release with Linux support today.

        Note: Both the publisher and GOG sent a copy for us.

      • Playing with Godot

        I guess it is quite common to start the path towards programming by making games. I started with a simple guess the number on my dad?s zx81 back in the day. He must have written most of it, but I felt proud of the result, so I will claim that it was mine.

        I?ve experimented with various ways to get my kids into programming. Everything from board games, online resources, scratch, building shitty robots, and so on. They get it, but it is hard to move on from the basics to being able to start from a clean sheet of paper and create something.

        During the summer, I decided to look into the various options and tried using Unity and Godot. After a couple of experiments, I settled on using Godot. Partly because of its open nature, but also because as a tool, it does the job I need it to do just as well as Unity.

      • Valve’s Radeon “ACO” Vulkan Compiler Back-End Now Supports Navi

        The promising ACO compiler back-end for the Radeon “RADV” Vulkan driver now has support for GFX10/Navi graphics!

        ACO was recently merged into Mesa 19.3 for this Valve-funded, gaming-focused Vulkan shader compiler back-end for RADV. But up until now it has only supported GFX8 and GFX9 hardware while now initial Navi/GFX10 support has been merged. ACO ultimately aims to deliver better performance over the existing back-end while also more quickly compiling shaders to help with game load times.

      • Atari disputes reports that its retro-inspired console is doomed

        Atari put out a lengthy development update for the Atari VCS console earlier this week, on the same day that The Register reported that the project is experiencing significant difficulties. One source with knowledge of the project reportedly described it as a “shit show,” and the console is reportedly shaping up to be more of a Linux PC than a dedicated games console.

        Atari’s post sought to assure backers that the project is proceeding as planned. Amidst numerous photographs of the console’s circuit boards and chassis, the company claimed that the molds for the plastic housing of the console are “largely complete,” that its controllers and joysticks are “just about ready for mass production,” and that it expects to host hands-on preview events for the console later this fall.

    • Distributions

      • Reviews

        • Austrumi Linux Has Great Potential if You Speak Its Language

          This distro needs only limited system resources. Requirements include an Intel-compatible Pentium 2 processor or later and at least 512 MB of RAM. You can stretch this minimal memory level by running the “boot:nocache” option if the computer has less than 512 MB RAM.

          No hard drive is needed, but you can find in the system menu an installation tool to place Austrumi Linux on the hard drive or a bootable USB drive. You also can run a live session directly from a bootable DVD if your system has an optical drive.

          Other than the lack of adequate English language support within this distro, the only other significant design weakness is the lack of persistent memory if you run the OS without a hard drive installation. This means you can not save personal data and system configurations for your applications.

          You can use a USB drive or cloud storage to save personal data. If you use Austrumi Linux as a portable OS, those two storage solutions will be in play anyway.

          Austrumi is clearly not targeting non-European users. If developers fixed the language support for non-Latvian speakers, it could be much more convenient to use. Expanding support for other global regions is a critical need for this otherwise very handy performer.

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • openSUSE WSL images in OBS

          A fundamental concept of all openSUSE packages as well as any image offered for download is a fully transparent, reproducible and automatic build and development process based on sources.

          In openSUSE developers do not perform manual builds on some specially crafted machine in their basement and then upload the result somewhere. Instead all sources are stored in a version control system inside the open build service (OBS) instance at build.opensuse.org. OBS then automatically builds the sources including all dependencies according to defined build instructions (eg spec files for rpms). OBS also automatically adds cryptographic signatures to files that support it to make sure nobody can tamper with those files.

        • Don’t Get Left Behind, Upgrade to SUSE Enterprise Storage 6 Today
      • Fedora Family

        • Fedora localization platform migrates to Weblate

          Fedora Project provides an operating system that is used in a wide variety of languages and cultures. To make it easy for non-native English speakers to use Fedora, significant effort is made to translate the user interfaces, websites and other materials.

          Part of this work is done in the Fedora translation platform, which will migrate to Weblate in the coming months.

          This migration was mandatory as development and maintenance of Zanata — the previous translation platform — ceased in 2018.

          There are a number of translation platforms available, but having a translation platform that is open source, answering Fedora Project’s needs, and likely to be long-lived are key considerations in choosing Weblate. Most other translation platforms being closed source or lacking features.

        • F30-20191009 updated Live Isos released

          The Fedora Respins SIG is pleased to announce the latest release of Updated F30-20190904 Live ISOs, carrying the 5.2.18-200 kernel.

          This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have 1.2GB of updates)).

          A huge thank you goes out to irc nicks dowdle, Southern-Gentleman for testing these iso.

      • Debian Family

        • Norbert Preining: R with TensorFlow 2.0 on Debian/sid

          I recently posted on getting TensorFlow 2.0 with GPU support running on Debian/sid. At that time I didn?t manage to get the tensorflow package for R running properly. It didn?t need much to get it running, though.

        • My Free Software Activities in September 2019

          Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

      • Canonical/Ubuntu Family

        • A detailed look at Ubuntu’s new experimental ZFS installer

          Although there isn’t any support built into Eoan’s apt package manager for automatically taking snapshots yet, we can demonstrate a snapshot—oops—rollback moment manually. In the above gallery, first we take a ZFS snapshot. Eoan has split our root filesystem into tons of little datasets (more on that later), so we use the -r option for zfs snapshot to recursively take snapshots throughout the entire tree.

          Now that we’ve insured ourselves against mistakes, we do something we’re going to regret. For the purposes of this demo, we’re just removing Firefox—but we could really recover from anything up to and including an rm -rf –no-preserve-root / this way with a little extra legwork. After removing Firefox, we need to roll back our snapshots to restore the system to its original condition.

          Since the root filesystem is scattered through a bunch of individual datasets, we need to roll them all back individually. Although this is a pain for the casual user without additional tooling, it does make it possible to do more granular restore operations if we’re feeling picky—like rolling back the root filesystem without rolling back /home. Ubuntu will undoubtedly eventually have tooling to make this easier, but for the moment, we do a bit of sysadmin-fu and pipe zfs list to grep to awk to xargs, oh my.

          The command line acrobatics might have been obnoxious, but the rollback itself was instantaneous, and Firefox has returned. It still doesn’t work quite right, though, due to orphaned filehandles—we rolled back a live mounted root filesystem, which is kind of a cowboy thing to do. To make things entirely right, a reboot is necessary—but after the reboot, everything’s the way it once was, and without the need to wait through any lengthy Windows Restore Point-style groveling over the filesystem.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Events

        • Contributor Summit San Diego Schedule Announced!

          There are many great sessions planned for the Contributor Summit, spread across five rooms of current contributor content in addition to the new contributor workshops. Since this is an upstream contributor summit and we don’t often meet, being a globally distributed team, most of these sessions are discussions or hands-on labs, not just presentations. We want folks to learn and have a good time meeting their OSS teammates.

          Unconference tracks are returning from last year with sessions to be chosen Monday morning. These are ideal for the latest hot topics and specific discussions that contributors want to have. In previous years, we’ve covered flaky tests, cluster lifecycle, KEPs (Kubernetes Enhancement Proposals), mentoring, security, and more.

      • Web Browsers

        • Mozilla

          • These Weeks in Firefox: Issue 66
          • How to speed up the Rust compiler some more in 2019

            In July I wrote about my efforts to speed up the Rust compiler in 2019. I also described how the Rust compiler has gotten faster in 2019, with compile time reductions of 20-50% on most benchmarks. Now that Q3 is finished it’s a good time to see how things have changed since then.

          • Extensions in Firefox 70

            Welcome to another round of new additions and changes to extensions, this time in Firefox 70. We have a new API, some improvements on existing APIs, and some great additions to Firefox Developer Tools to make it easier to debug your extensions.

            [...]

            We’ve made a few improvements to the downloads API in Firefox 70. By popular request, the Referer header is now allowed in the browser.downloads.download API’s headers object. This allows extensions, such as download managers, to download files for sites that require a referrer to be set.

            Also, we’ve improved error reporting for failed downloads. In addition to previously reported failures, the browser.downloads.download API will now report an error in case of various http 4xx failures. This makes the API more compatible with Chrome and gives developers a way to react to these errors in their code.

          • Last version

            Yesterday I released Mail Redirect 0.10.5, which may very well be the last version of Mail Redirect, at least in this form. The version contains some small bug fixes, with relation to compatibility with other extensions, Cardbook and Thunderbird Conversations to be precise.

            I already started trying to make Mail Redirect compatible with Thunderbird 71.0a1, when the Thunderbird developers announced that support traditional XUL-overlay add-ons, which Mail Redirect is, will be dropped in Thunderbird 72. This means that any effort I put in the add-on now with relation to compatibility with future Thunderbird versions will stop working in a month or so, so that won’t do any good.

            The good thing is that XUL-overlay add-ons will beep working in this major ESR-release, so Mail Redirect 0.10.5 will keep on working in Thunderbird 68., and will only stop working in Daily and Beta and in the next major Thunderbird release 76, which is planned to be released somewhere in july, I think.

            I haven’t decided what to do with Mail Redirect. In order to keep on working in Thunderbird 72+, I need to convert it to a WebExtension Experiment, but that will be a major rewrite and the future of WebExtension Experiments isn’t clear either. Thunderbird developers indicated that support for WebExtension Experiments will also be dropped somewhere in the future, so I’m not quite convinced yet that it will be worth the effort.

      • Linux Foundation

        • Automotive Grade Linux Announces Chinese Automaker SAIC Motor as a New Member

          AGL is an open source project at the Linux Foundation that is bringing together automakers, suppliers and technology companies to accelerate the development and adoption of a fully open, shared software platform for all technology in the vehicle, from infotainment to autonomous driving. Sharing a single software platform across the industry reduces fragmentation and accelerates time-to-market by encouraging the growth of a global ecosystem of developers and application providers that can build a product once and have it work for multiple automakers.

        • Automotive Grade Linux Announces Chinese Automaker SAIC Motor as a New Member

          Automotive Grade Linux (AGL), a collaborative cross-industry effort developing an open source platform for connected car technologies, announces seven new members. SAIC Motor has joined as a Silver member, and German Autolabs, KPIT, MontaVista, OTAinfo, OUTCERT and Ovo Automotive join as Bronze members.

        • What?s New In Zephyr 2.0.0?

          The Zephyr Project is a small, scalable real-time operating system (RTOS) for use on resource-constrained systems supporting multiple architectures

      • Productivity Software/LibreOffice/Calligra

      • FSF/FSFE/GNU/SFLC

        • IDAD 2019: Join us on October 12th, and use this special dust jacket to uphold the right to read

          Each year we stage the International Day Against DRM (IDAD) to help others learn about the dangers of Digital Restrictions Management (DRM). For this year’s IDAD on October 12th, we are focusing in particular on the increasing and disturbing amount of DRM present in ebooks and other online educational materials. Having so thoroughly invaded our leisure time, the digital infection known as DRM should not be allowed to spread into the classroom. Joining us in the fight for IDAD 2019 are the Electronic Frontier Foundation, Creative Commons, and The Document Foundation, among ten other participating organizations we are privileged to have standing with us in the fight against DRM.

          In a bid to become the “Netflix of textbooks,” and like many other publishers, Pearson is doing the opposite of what anyone committed to education should do: severely restricting a student’s access to the materials they need for their courses through arbitrary page limits, “rented” books that disappear, and many which require a constant Internet connection.

          Publishers like Pearson should not be allowed to decide the rigidly specific conditions under which a student can learn. No book should spy on your reading habits or simply “disappear” after you have had it for too long. In the digital age, it is unacceptable for a publisher to impose the same principles of scarcity that would apply to a physical product to a digital file. The computing revolution was caused by files being shared, not merely rented. Imposing these limitations on digital media is an attack on user freedom, no matter how much corporate PR may spin the story. It’s our aim to let the world know that we support the rights of readers. You could say that for IDAD 2019, Defective by Design has you covered.

        • parted-3.3 released [stable]

          Parted 3.3 has been released. This release includes many bug fixes and new features.

        • GNU Project maintainers push to remove Richard Stallman from GNU Project

          At first, it was unclear if Stallman was also resigning from the GNU project after his comments were made public. A message on his website said he was resigning from the GNU project, but it was later deleted. He also released a message that stated: “I recently resigned as president of the FSF, but the FSF continues to provide several forms of crucial support for the GNU Project. As head of the GNU Project, I will be working with the FSF on how to structure the GNU Project’s relationship with the FSF in the future.”

          While the group of GNU maintainers and developers do point out that they own Stallman “a debt of gratitude” for his “decades of important work in the free software movement,” they also acknowledge that “Stallman’s behavior over the years has undermined a core value of the GNU project: the empowerment of all computer users.”

      • Licensing/Legal

        • Announcing the Second Annual CopyleftConf!

          Last year’s event was the first ever CopyleftConf. It was great! We have some videos up and more are coming. Also, our call for proposals is open now, through the end of the month — we’d love to hear from you.

          The response was really positive and we’re looking forward to putting on a fantastic 2020 event. Because last year’s event was so well attended, we’ve gotten a larger venue for this year.

          Participants from throughout the copyleft world ? developers, strategists, enforcement organizations, scholars and critics ? will be welcomed for an in-depth, high bandwidth, and expert-level discussion about the day-to-day details of using copyleft licensing, obstacles facing copyleft and the future of copyleft as a strategy to advance and defend software freedom for users and developers around the world.

      • Programming/Development

        • RenderDoc 1.5 Released For This Leading OpenGL / Vulkan / Direct3D Open-Source Debugger

          RenderDoc has already been the leading open-source graphics debugging tool for OpenGL / Vulkan / Direct3D across multiple platforms and it continues only getting more useful with each new feature release.

          RenderDoc 1.5 is the project’s first release in six months and as such it’s a fairly big update for this prominent graphics debugger.

          RenderDoc 1.5 now allows better configuring of capture replays, SPIR-V reflection and disassembly is now more reliable as well as working against the latest SPIR-V version, a Vulkan replay-time optimization, an OpenGL low-memory optimization, and various other optimizations throughout. One of the other optimizations worth mentioning is much better capture load and close time performance for D3D12/Vulkan captures with many serialized resources.

        • Wing Tips: Python Code Warnings in Wing Pro 7

          Examples of warnings that Wing might flag include syntax errors, indentation problems, uses of an undefined variable, imports that cannot be resolved, or variables that are set but never used.
          Code warnings save development time because they help to identify errors before code is even run. New code is checked as you work, although Wing will wait until you have finished typing so that it doesn’t warn about code that is still being entered.

        • How to Analyze Survey Data with Python for Beginners

          Conducting surveys and polls is one of the best ways to collect data and gain insight into questions like why are customers leaving our website? or why are voters attracted to this candidate? But analyzing survey data can be a real challenge!

          In this tutorial, we’re going to walk through how to analyze survey data using Python. But don’t worry — even if you’ve never written code before, you can handle this! We’re going to take it step by step, and by the end of this tutorial you’ll see how you can unlock some pretty impressive analytical power with just a few lines of code!

          For the purposes of this article, we’ll be analyzing StackOverflow’s 2019 developer survey data, because it’s a large and recent survey data set that’s public and properly anonymized. But these techniques will work for almost any sort of survey data.

        • 2019.3 EAP 5

          A new version of the Early Access Program (EAP) for PyCharm 2019.3 is available now! Download it from our website.

        • Webinar Preview: “Starting Testing” tutorial step for React+TS+TDD

          The first tutorial steps got us setup in the IDE, with a sample project generated and cleaned up. Now it’s time to learn React and TypeScript by…writing tests?

          Indeed! This tutorial is trying to sell you on the idea that you’ll be more productive and happier writing and using your components from inside the IDE, instead of constantly heading over to the browser. For most of the steps in the tutorial, you do all of the learning, typing, and running from within a test, staying in the IDE and in the “flow”.

        • PyCon US 2020 Hatchery Program Launches Call for Proposals

          The PyCon US Hatchery Program has become a fundamental part of how PyCon as a conference adapts to best serve the Python community as it grows and changes with time.

          Initially we wanted to gauge community interest for this type of program, and since launching in 2018 we have learned more about what kind of events the community might propose. At the end of the inaugural program, we accepted the PyCon Charlas as our first Hatchery event which has grown into a permanent track offered at PyCon US.

        • Episode #151: Certified! It works on my machine
        • Red Hat strengthens commitment to open source tooling, joins new working group

          The Eclipse Cloud Development (ECD) project group started at the Eclipse Foundation in 2016 with Eclipse Che and Orion open source coding tools. Each year since has seen greater interest and new projects added, including Theia, CodeWind, Dirigible, Sprotty, and now Che4z. As the ECD has grown to become a center of open source cloud-native development tooling, user and vendor interest has also increased; users of Eclipse Cloud Development projects now number well over 500k, and several other vendors have joined Red Hat to push tooling forward in this critical market. This has been fantastic, as it has driven more contributions and collaboration from the community.

        • Manage multiple versions of Go with GVM

          Go Version Manager (GVM) is an open source tool for managing Go environments. It supports installing multiple versions of Go and managing modules per-project using GVM “pkgsets.” Developed originally by Josh Bussdieker, GVM (like its Ruby counterpart, RVM) allows you to create a development environment for each project or group of projects, segregating the different Go versions and package dependencies to allow for more flexibility and prevent versioning issues.

        • Excellent Free Books to Learn BASIC

          BASIC (Beginner’s All-purpose Symbolic Instruction Code) is a family of general-purpose, high-level programming languages whose design philosophy emphasizes ease of use. In 1964, John G. Kemeny and Thomas E. Kurtz designed the original BASIC language at Dartmouth College. They wanted to enable students in fields other than science and mathematics to use computers. At the time, nearly all use of computers required writing custom software, which was something only scientists and mathematicians tended to learn.

          The advent of the personal computer was crucial to the success of BASIC. The language was designed for hobbyists, and as personal computers became more accessible to this audience, books of BASIC programs and BASIC games surged in popularity.

          BASIC is generally not regarded as the easiest way to take the first steps in learning the art of programming. But it does not hinder beginners from learning how to program, or teach them bad habits. And it’s the highest low-level language. Even today, there remains value in learning BASIC.

  • Leftovers

    • Imagine That

      In 2010, Capitol Records released remastered versions of John Lennon’s entire catalog, the best of which remains the Phil Spector-produced Imagine. The title track has become an integral part of the world’s cultural fabric–the centerpiece of a ghetto high school halftime show at a basketball game in New York or a Ben and Jerry’s ice cream flavor (“Imagine Whirled Peace”).

    • The Old Man and His Smartphone, Episode I

      Someone also took pity on me and showed me how to silence alerts from attention-seeking apps, with one notable instance being an app that liked to let me know when spam arrived for each instance of spam.

    • Health/Nutrition

      • Brussels: Innovative Mental Health Support

        A mobile team that supports people with psychosocial disabilities, or mental health conditions, in their own homes offers an innovative rights-based alternative to residential psychiatric care, Human Rights Watch said today in a new web feature.

      • Key elements of Patching to consider for Healthcare IT CISOs

        Data breaches that affect businesses of all sizes are now more common than ever, and unsurprisingly this includes Australia. As they become almost a regular affair, healthcare sector is no exception. According to the last quarter Notifiable Data Breaches (NDB) Statistics Report from OAIC, between January to March, the health sector reported 27 per cent of the data breaches, being one of the top industries. Of the 58 notifications over the first quarter, 52 percent was caused by human error, 45 percent was because of malicious or criminal attacks and 3 percent was due to system faults.

        The recent hack events were primarily ransomware attacks, one of the key security vulnerability that allows attackers to plant a malware into unpatched operating systems and legacy systems with the only objective of extorting affected organisations. Reports show that nearly half of reported ransomware attacks are on healthcare institutions. As the privacy violations and data breaches in healthcare industry involves high risks and costs, it is key for healthcare IT administrators to pay close attention to their IT infrastructure and detect security gaps. Here are some crucial elements of patching to consider as a part of the IT security strategy…

    • Security (Confidentiality/Integrity/Availabilitiy)

      • Security updates for Thursday

        Security updates have been issued by Debian (clamav, libtomcrypt, and rsyslog), Fedora (suricata), SUSE (libopenmpt and python-requests), and Ubuntu (libsoup2.4 and octavia).

      • IPFire 2.23 – Core Update 136 released

        This is the official release announcement for IPFire 2.23 – Core Update 136. A new update packed with loads of security fixes, bug fixes and a couple of important new features.

      • Computer historians crack passwords of Unix’s early pioneers

        Early versions of the free/open Unix variant BSD came with password files that included hashed passwords for such Unix luminaries as Dennis Ritchie, Stephen R. Bourne, Eric Schmidt, Brian W. Kernighan and Stuart Feldman.

        Leah Neukirchen recovered an BSD version 3 source tree and posted about it on the Unix Heritage Society mailing list, revealing that she was able to crack many of the weak passwords used by the equally weak hashing algorithm from those bygone days.

      • BlueKeep – Exploit Windows (RDP Vulnerability) Remotely

        Remote desktop protocol (RDP) is a secure network communications protocol designed for remote management, as well as for remote access to virtual desktops, applications and an RDP terminal server. RDP allows network administrators to remotely diagnose and resolve problems individual subscribers encounter. RDP is available for most versions of the Windows operating system.

      • Windows Error Reporting Manager arbitrary file move Elevation of Privilege (CVE-2019-1315)
      • Mozilla’s sponsored security audit finds a critical vulnerability in the tmux integration feature of iTerm2

        Yesterday, Mozilla announced that a critical security vulnerability is present in the terminal multiplexer (tmux) integration feature in all the versions of iTerm2, the GPL-licensed terminal emulator for macOS.

        The security vulnerability was found by a sponsored security audit conducted by the Mozilla Open Source Support Program (MOSS) which delivers security audits for open source technologies. Mozilla and the iTerm2’s developer George Nachman have together developed and released a patch for the vulnerability in the iTerm2 version 3.3.6.

      • HP Flaw Lets Hackers Hijack Your PC: What to Do [Ed: Unless you're a Mono fanatic, you won't have DLLs on your system]

        That’s because there’s a serious flaw in older versions of Touchpoint Analytics, aka HP Device Health Service, a diagnostic program built into most HP PCs running Windows. A user or a program with administrative rights could use Touchpoint Analytics to silently and permanently install malware at the system level, and a limited-user account could also do so in certain cases.

        [...]

        This kind of DLL switcheroo is known as a DLL injection, and it makes a program do things it shouldn’t. PC gamers sometimes use DLL injection to cheat at games, and malicious hackers can use it to make a program run malicious code. (DLL injection works on Macs and Unix/Linux systems as well as on Windows.)

      • Thunderbird Will Start Using OpenPGP Encryption in 2020

        The developers of Thunderbird, one of the most-used free email clients in the world, plan to implement OpenPGP support in 2020.

        Thunderbird used to be made by Mozilla, but the company dropped it a few years ago, and the community took over the project. The email client is still using some of Firefox’s infrastructure.

        Since Thunderbird is an open-source and cross-platform email client, it would make sense to bundle GnuPG software, but the differences in licenses make that impossible (MPL version 2.0 vs. GPL version 3+). The devs have to look for another solution, and the only to make it work is to add OpenPGP.

        Thunderbird users until now only had the option to adopt an add-on called Enigmail, which provides data encryption for both the email client and SeaMonkey. When Thunderbird migrates to a newer code, though, the Enigmail add-on will stop working.

    • Defence/Aggression

    • Environment

      • London Airport Braces for Climate Protests

        Thousands of passengers face disruption at London City Airport after climate-change protesters Extinction Rebellion vowed to occupy its terminal and shut down operations for three days as part of its action in the British capital.

        London City is the capital’s fifth-biggest – and most central – airport, popular with business travellers, bankers and politicians for short-haul and regional routes.

      • Climate challenges call for open solutions

        Members of a community must believe in a common purpose. That sense of common purpose is not only what unites an open project but also what helps an open, distributed group maintain its focus and measure its success. Clear, public, and mutually agreed-upon statements of purpose are a basic feature of open organizations.

      • Wildlife/Nature

        • Power Cut to 1 Million in California to Try to Prevent Deadly Fires

          California’s biggest utility cut power to more than a million people Wednesday for what could be days on end in the most sweeping effort in state history to prevent wildfires caused by windblown power lines.

        • Of Horses and Civilization

          I love all animals. I grew up in a Greek village where domesticated animals were part of my family. We had chickens, dogs, cats, sheep, goats, donkeys and mules.

    • Finance

      • The GM Strike: a Century of Context

        Wars end with treaties. In the middle of the 20th century, the “class war” that finished off America’s original plutocracy ended with the “Treaty of Detroit.”

      • Public School Uniforms: Symbol of the Times

        The uniformity of the shades of dark and light blue clothing on the children fans out from the New York City street corner next to a charter school and seems to cover an entire city block. The uniformity is everywhere. Even the student backpacks are blue.

    • AstroTurf/Lobbying/Politics

      • Colin Powell’s Trump Problem

        When the compromised speak of judgment, the voice of credibility vanishes. In its place, a certain niggling sense of hypocrisy and weakness prevails. Former US Secretary of State Colin Powell is one of those of those compromised voices. He presided over a redundant State Department before the pressures of the Pentagon and Secretary of Defence Donald Rumsfeld, keen to initiate an invasion of Iraq. He oversaw the bankruptcy of the Republican ideal before the nibbling sharks of neoconservatism within the administration of President George W. Bush. But that has not prevented him from being cavalier in assessing the legacy of Donald Trump.

      • The Battle for the Soul of India

        We are witnessing a battle for the rational soul of India. It has long been the conventional wisdom that the country’s historic and admirable diversity and tolerance would prevent the creation of a Hindu-first nation. But it seems increasingly likely that the narrative of India as a Hindu democratic state will prevail.

      • Zelensky’s Capitulation and Trump’s Open Appeals for Foreign Help on Biden Dirt

        “It looks like Zelensky has capitulated” reports MSNBC’ Matt Bradley in Kiev, to President Trump’s demand that he “play ball” and investigate Joe and Hunter Biden. The investigation of Burisma Holdings has been reopened at U.S. mafiosa-like prodding.

      • Time to Leave the Political Ghosts of 2016 Behind and Face the Future
      • Trump’s Trade War: a Report From the Front

        Donald Trump is bravely carrying on a trade war, not just with the bad guys with China, but with longtime allies like Canada and the European Union. Incredibly, the media just don’t seem that interested in reporting on the ongoing progress.

      • Bojo Goes Bonkers: Two Borders Will Divide Ireland From Northern Ireland

        BoJo is nothing if not inventive. The Irish backstop problem had derailed the premiership of his predecessor the Maybot, and he was making no headway in dealing with it up to now.

    • Censorship/Free Speech

      • For NBA’s Quandary over China, Stand with Human Rights

        The NBA has long portrayed itself as standing up for human rights, whether dismissing the Los Angeles Clippers’ owner for racist statements or moving the All-Star Game from Charlotte after North Carolina took a stand against allowing transgender people to use the bathroom associated with their identity. 

      • Ridiculous: Judge Says Devin Nunes’ SLAPP Suit Against An Internet Cow And Others Can Continue

        In some surprising, and ridiculous, news the local court judge, Judge John Marshall (no, not that Judge John Marshall), has decided not to dismiss the lawsuit that Nunes filed against Twitter, two satirical Twitter accounts, and political strategist Liz Mair. As you’ll recall, Mair and Twitter had both argued that the case had no reason to be in a local Virginia court, and that, if anything, the proper venue was in California. The judge had demanded that Twitter reveal to him the details of who was behind the Twitter accounts (something that was already questionable under the 1st Amendment, which protects anonymity). Twitter refused, though did say that neither account holder was based in Virginia.

      • Thin-Skinned Chinese Government Busy Making American Sports Orgs Look Silly On Free Speech Issues

        It’s no secret that the Chinese government is no friend to free speech. While that statement must seem painfully obvious, the entire world is getting an education into just how thin-skinned Beijing is with the ongoing protests in Hong Kong. While those protesters are chiefly demonstrating for their own civil rights, the Chinese government has apparently made it its business to police the rest of the world’s speech while holding the second largest economy on the planet as a hostage to its own hurt feelings.

    • Privacy/Surveillance

      • Twitter “Unintentionally” Used Your Phone Number for Targeted Advertising

        Stop us if you’ve heard this before: you give a tech company your personal information in order to use two-factor authentication, and later find out that they were using that security information for targeted advertising.

        That’s exactly what Twitter fessed up to yesterday in an understated blog post: the company has been taking email addresses and phone numbers that users provided for “safety and security purposes” like two-factor authentication, and using them for its ad tracking systems, known as Tailored Audiences and Partner Audiences.

      • Victory! California Governor Signs A.B. 1215

        California’s Governor Gavin Newsom has officially signed a bill that puts a moratorium on law enforcement’s use of face recognition for three years.

        Under Assemblymember Phil Ting’s bill, A.B. 1215, police departments and law enforcement agencies across the state of California will have until January 1, 2020 to end any existing use of face recognition on body-worn cameras. Three years without police use of this invasive technology means three years without a particularly pernicious and harmful technology on the streets and has the potential to facilitate better relationships between police officers and the communities they serve. As EFF’s Associate Director of Community Organizing Nathan Sheard told the California Assembly, using face recognition technology “in connection with police body cameras would force Californians to decide between actively avoiding interaction and cooperation with law enforcement, or having their images collected, analyzed, and stored as perpetual candidates for suspicion.”

      • Trump Administration Demands An End To Strong Encryption While Being Exhibit A For Why We Need It

        In the 18th Century the Founding Fathers were worried about tyrants. They were worried about government officials abusing the powers of their office and the fate of the nation if there were no check on their power. In the 21st Century those concerns have hardly faded. Today we have a presidential administration that, if nothing else, has publicly (and privately) attempted to turn the ship of state against multiple political opponents, and with such an audacious expectation of impunity that it leaves no basis to believe it would not do the same to anyone else who stands against it.

      • FISA Court Finds The FBI Is Still Violating The Fourth Amendment With Its Abuse Of NSA Collections

        The NSA isn’t the only agency to abuse its surveillance powers. The FBI’s ability to access unminimized data harvested by the NSA has resulted in abuse after abuse, as the FBI loves to use the massive data haul to perform “backdoor searches” of its domestic targets.

    • Freedom of Information / Freedom of the Press

    • Civil Rights/Policing

      • Turkish Gov’t Demands US Embassy Apologize For ‘Liking’ A Tweet The Turkish Gov’t Didn’t Like

        The government with the thinnest skin is at it again. Turkey can’t handle being criticized in even the slightest way — not after installing Recep “Gollum” Erdogan as president. A very, very long list of well-earned criticisms has led to an equally long list of retaliatory actions against the president’s critics, which has included the misuse of other countries’ laws to secure punishment of non-citizens and the jailing of of journalists declared to be terrorists by President Erdogan’s government.

      • French Leader Should Press Hungary’s Orban on Rule of Law

        Later this week, French President Emmanuel Macron will meet Hungary’s Prime Minister Viktor Orban in Paris for his first bilateral visit in France.

      • Qatar: Urgently Investigate Migrant Worker Deaths

        Qatar should thoroughly and urgently investigate and publicize the underlying causes of migrant worker deaths in light of new medical research concluding that heatstroke is a likely cause of cardiovascular fatalities among these workers in Qatar, Human Rights Watch said today.

    • Internet Policy/Net Neutrality

      • The Cable Industry Makes $28 Billion Annually In Bullshit Fees

        Last week we highlighted a study showing that your cable bill can be as much as 45 percent higher than the advertised price thanks to bullshit fees. Now a new study by Consumer Reports shows that up to 24 percent of your monthly cable bill is comprised of said bullshit fees. The fees are designed specifically for one purpose: to let companies falsely advertise one rate, then charge you significantly more money. It’s effectively false advertising, but efforts to rein in the practice are fleeting to nonexistent, because creatively fleecing American consumers is just so hot right now.

    • Monopolies

      • After voting down EC candidate Goulard, the European Parliament should oppose giving France control over both DG GROW and DG CONNECT

        What only one of the articles I saw mentioned is, however, the issue I’d like to focus on because innovation matters more than retribution: apparently some MEPs were concerned not only about the integrity of that particular candidate but also (or even primarily) about the allocation of fields of policy-making among the different commissioners.

        No matter who will be named instead of Mrs. Goulard, what the EP should never accept–for the sake of Europe’s fitness for an increasingly digital future–is that one commissioner–and especially not a French commissioner–effectively controls both DG GROW (the Directorate-General for the Internal Market, previously called DG MARKT) and DG CONNECT (Directorate-General for Communications Networks, Content and Technology, previously called DG INFSOC = Information Society).

        Formally, the DGs are part of the Commission’s “services” and “independent” from the commissioners and their aides (“cabinets”). But that’s nominal. In reality, the political appointees make all the decisions.

        The IP policy unit is part of DG GROW, and they consistently promote ever broader patents and ever more leverage in litigation for patent holders. By contrast, DG CONNECT has a tradition of, and hard-earned reputation for, being sympathetic to the digital sector. DG CONNECT takes a more balanced approach. They understand the implications of IP enforcement in connection with highly complex and multifunctional products. They realize to a greater extent than some other people that certain startups seek to be protected by patents, while many others need to be protected from patents. And they tend to look at free and open-source software as an opportunity, not merely a threat to other business models.

        [...]

        France has a rich history, but it doesn’t have much of a future. None of its largest corporations (such as LVMH, L’Oréal, and Sanofi-Aventis) is a digital-economy player. Macron likes to think of France as a “Startup Nation,” but has no facts to back up that vision. And it’s hard to see how this is ever going to improve, given that many of the brightest young French engineers and programmers go to work for GAFA and other non-French companies and, which is so shocking, considering that only 2% of French students reach the top performance level in the TIMSS international math test, roughly at a level with Persian Gulf states. By comparison, 50% of Singapore’s students are top performers in math, 40% of South Korean students, 20% of Russian students, and 14% of American students. Even Kazakhstan is at a level with the U.S., i.e., seven times as strong as France.

        The French digital policy agenda is to dumb down all of Europe only because France has degenerated. This year’s EU copyright reform is an example, as is the French pet project of a “digital tax” (the U.S. threatened with retaliation, but a deal was reached in August). The situation will get a whole lot worse with a Macron appointee controlling both the EU’s internal-market and digital-policy divisions–an unprecedented concentration of power that would be undesirable even if the commissioner came from a more innovative country with brighter students.

      • Copyrights

        • Epic Games Settles With Cheating Minor To End Lawsuit

          At long last, the PR nightmare for Epic Games is over. Kind of. You will recall that the company went on a lawsuit blitz over those that develop and/or promote cheats for Epic’s hit game Fortnite. While one can understand that the company was salty over cheat enablers for its online shooter, given that disruption by cheaters makes the game less fun and therefore less popular, the fact is that Epic also fought this battle on claims that such cheats violate copyright and the license provided by the game’s Terms of Service. These are claims that need to be tested, and hopefully defeated, in court, because they are a twisting of copyright law into the worst kind of pretzel.

Azure Apparently Losing Money and Microsoft Lies to Shareholders, in Effect Breaking the Law

Posted in Deception, Finance, Law, Microsoft at 1:35 pm by Dr. Roy Schestowitz

Reprinted with permission from Mitchel Lewis

Azure

Summary: Decades down the line Microsoft continues to lie about its financial performance, as it did before, according to a former insider

New lines of business are seldom profitable out of the gate. Some take years to break even and cloud solutions are not exceptions to this. Although Amazon was able to extend its existing infrastructure to its customers with AWS which kept their break-even to a minimum, others such as Microsoft were not equipped to do the same with Azure and had to break new ground to meet would-be demand. As a result, Microsoft incurred substantial infrastructure and development burdens which dramatically extended Azure’s break-even to 5+ years.

However, Microsoft wasn’t only tasked with having to build out or lease new data center space to meet this demand. They also had to consider future demand and capacity restraints since it takes approximately 3 years to develop an enterprise-class data center beginning to end that meets today’s stringent compliance requirements. Although leasing space allows them to get up and running faster than building new, 9 months on average, it creates another man in the middle which eats away at precious margin and does not accrue equity over time, unlike the property that they own.

If Microsoft undershot on these projections and didn’t build enough data centers, then they’d have to lease out additional space and extend their break-even. But if they overshot, then they stood to lose margin building unnecessary data centers which would take years to offset while also extending their break-even just the same. Needless to say, even a small oversight on this tight rip could prove to be anywhere from profit prohibitive to completely self-defeating.

To do this successfully, Microsoft had to hit a moving target while being in motion themsef. Not only did they have to build out new data centers, they also had to build them in accommodation with hardware that didn’t exist yet in an effort to maximize efficiency and profit. Since server technology is constantly evolving to do more with less of a footprint as time goes on, Microsoft would be able to leverage newer iterations of their old servers to a great benefit. They naturally would be denser with memory and processor cores while reducing their footprint as time goes on. But that understanding alone wasn’t enough and Microsoft needed to know how much space they would need to achieve these efficiency gains.

In order to anticipate future core density and project the efficiency gains associated with them, Microsoft and presumably others banked on Moore’s Law in 2012 which predicted transistor and core density to double every two years. As such, Microsoft projected how core-dense racks of servers could be 2–4–6–8 years in advance just as they have done successfully in the past. While a single 1×20 rack of servers could provide Microsoft with 10,400 cores to sell on Azure in 2012, Moore’s Law projected that this same amount of rack space would be able to host 20,800 cores by 2014, 41,600 cores by 2016, 83,200 cores by 2018, and 166,400 cores in 2020 (roughly). But this did not happen.

Processor improvements were already stagnating by 2012 which continued midway through the decade and the predictions made by Moore’s Law were falling short with no end to this on the horizon. Many were beginning to realize that it wasn’t a law at all, but an observation instead. While racks of servers became more dense over time, they indeed achieved greater efficiency with regard to their energy burden and their reduced footprint but this was nowhere near the rate predicted by Moore’s Law. Consequently, where Microsoft was anticipating being able to host 83,200 sellable cores in a 1×20 rack in 2018, they were only able to host roughly 28,000 cores, less than 1/3 of their projections.

As a result of undershooting their projected capacity by such a large margin, Microsoft was way off on their capacity projections with Azure and only built roughly 1/3 of the data center capacity that was actually necessary. Consequently, they had to over-provision their existing data centers to the point of tripping the breakers and rapidly fill the gaps with an excessive amount of leased space to meet the demand that they projected. All of which effectively doubled the amount of leased space in their portfolio from 25% to 50%, extended their break-even to nearly a decade, and killed their hopes of profitability any time soon.

While an honest mistake and not being able to foresee the future is forgivable, knowingly omitting a mistake of this magnitude is criminal when considering how much Microsoft is hedging its future on Azure. On top of supplying misleading revenue metrics in their quarterly 10K filings to fortify a position of strength and being second only to AWS, Microsoft seems to be wary about reporting Azure’s individual performance metrics or news of these failings that would enable investors to conclude this for themselves. Instead, Microsoft appears to be averaging out Azure’s losses with their legacy mainstays that are profitable by reporting its revenue within their Intelligent Cloud container instead of itemizing it.

Their incentive for hiding such a failure is obvious since much of their future is hedged on Azure. If it was proven to be woefully inefficient and unprofitable, then clients would expect price hikes and an influx of hidden costs on the horizon along with the potential burden of having to migrate away prematurely. Hosting services on an inefficient platform also puts companies at a tactical disadvantage in comparison to those hosting their services on more efficient platforms. That said, I can see why Microsoft would prefer to keep this quiet and why Amazon isn’t in tears when their competition opts to host their workloads on Azure instead of AWS.

Names/email addresses have been redacted

Between these capacity failings and its embarrassing ARPA relative to AWS, it’s difficult to see how Azure could be profitable at the moment. Microsoft seems to be attempting to bury this by omitting statistics while relying on financial containers that serve no purpose other than being a means of deception. Whether this is lying by omission and misleading investors on matters regarding major mistakes that threaten the long-term viability of their investment or simply creative accounting practices at work is ultimately up to the SEC. As an engineer, I can only report my findings to them and offer speculation to the three people reading my blog; done and done.

Links 10/10/2019: KDE Applications 19.08.2 and NixOS 19.09

Posted in News Roundup at 11:40 am by Dr. Roy Schestowitz

  • GNU/Linux

    • GNU/Linux Communities at Reddit

      Our GNU/Linux community information is naturally centralized at Reddit for news and discussion, it’s not a secret. For instance, all big GNU/Linux distros have Reddits. Even often, news from a FLOSS project comes first at Reddit and being discussed a lot there rather than other social networks. See for example news of r/KDE and r/LibreOffice there (notice that unique Reddit IDs?). If you feel unfamiliar with this, you can think Reddit like Facebook or Twitter, but amazingly faster to browse, with greatly less picture and more text. With this list, after registering you can find your first community on Reddit for example r/Ubuntu and r/linux4noobs. Speaking personally, as an active GNU/Linux user I love Reddit and actually I use DNSCrypt just because I want to visit it. Also, if you’re tired of other social networks you can give Reddit a try and I believe you will love it! I wish you will find nice people and friends there. Now let’s go!

    • Desktop

    • Server

      • Google’s Keeping Knative Development Under Its Thumb ‘For the Foreseeable Future’

        In addition to Knative, which is for deploying serverless workloads, Google evidently plans to keep the Kubernetes service mesh, Istio, in-house.

      • Puppet’s New Cloud Native Continuous Delivery Tool Builds on the CDF’s Tekton [Ed: It says: "The Linux Foundation, Puppet, and Red Hat are sponsors of The New Stack." Read as: we're being paid to write this article by the subject of this article.]

        Puppet has released into public beta its Project Nebula, a cloud native tool that connects a DevOps team’s existing toolset into an end-to-end, continuous delivery platform. The company aims to simplify deployment of microservices and serverless-based applications by connecting popular tools for infrastructure provisioning, application deployment, and notifications into a single, automated workflow.

        “There are a few folks in the world who believe in one tool that solves all the problems. And then there are folks who believe in best-of-breed and pulling the right tools for the right job with the right people, and the right culture,” said Matthew Young, senior director of product management at Puppet. “And we’re really going after the latter… We are not trying to replace every other tool.”

      • Kubectl and friends as a snap

        At Canonical, we build solutions to simplify the lives of our users. We want to reduce complexity, costs, and barriers to entry. When we built the Canonical Distribution of Kubernetes (CDK) and MicroK8s, we made sure it aligned with our mission. We built snaps like kubectl for various Kubernetes clients and services to ensure a harmonious ecosystem.

        From user feedback, requests and going over the exciting use cases our users and partners are experimenting with, sometimes you just need to get up and running. Kubernetes on a Raspberry Pi anyone? This is why we provide Kubernetes components such as kubectl, kubefed, kubeadm, etc. as snaps and open to use for your use cases.

      • IBM

        • EPEL8 packages

          With the opening up of EPEL8, there’s a lot of folks looking and seeing packages they formerly used in EPEL6/7 not being available and wondering why. The reason is simple: EPEL is not a fixed exact list of packages, it’s a framework that allows interested parties to build and provide the packages they are interested in providing to the community.

          This means for a package to be in EPEL8, it requires a maintainer to step forward and explicitly ask “I’d like to maintain this in EPEL8” and then build, test and do all the other things needed to provide that package.

          The reason for this is simple: We want a high quality, maintained collection of packages. Simply building things once and never again doesn’t allow for someone fixing bugs, updating the package or adjusting it for other changes. We need a active maintainer there willing and able to do the work.

        • vDPA hands on: The proof is in the pudding

          In this post, we will set up vDPA using its DPDK framework. Since vDPA compatible HW cards are in the process of being commonly available on the market, we will work around the HW constraint by using a paravirtualized Virtio-net device in a guest as if it was a full Virtio HW offload NIC.

        • Open Banking with Microservices Architectures and Apache Kafka on OpenShift

          Last month, at OpenShift Commons Gathering Milan, Paolo Gigante and Pierluigi Sforza of Poste Italiane, showed the audience how they built a microservices based banking architecture using Apache Kafka and OpenShift. Their slides are available here. For more great in-person events like this, register for the next Commons Gathering near you! San Francisco is coming up before the end of the month, and will focus on AI/ML.

    • Audiocasts/Shows

      • Home Network Under $200 | Self-Hosted 3

        How far can you get with a Raspberry Pi 4? We go all in and find out.

        Plus our favorite travel router with WireGuard built in, and Chris kicks off Project Off-Grid. Meanwhile, Alex adopts proprietary software.

      • Lack Rack, Jack | BSD Now 319

        Causing ZFS corruption for fun, NetBSD Assembly Programming Tutorial, The IKEA Lack Rack for Servers, a new OmniOS Community Edition LTS has been published, List Block Devices on FreeBSD lsblk(8) Style, Project Trident 19.10 available, and more.

      • The Linux Link Tech Show Episode 828
      • 2019-10-09 | Linux Headlines

        SUSE drops OpenStack Cloud, OpenLibra looks to piggyback on Facebook’s cryptocurrency, OpenSSH adds in-RAM protections and Essential teases flashy new phone.

    • Kernel Space

      • 5.4 Merge window, part 2

        The release of the 5.4-rc1 kernel and the closing of the merge window for this development cycle came one day later than would have normally been expected. By that time, 12,554 non-merge changesets had been pulled into the mainline repository; that’s nearly 2,900 since the first-week summary was written. That relatively small number of changes belies the amount of interesting change that arrived late in the merge window, though.

      • Upstreaming multipath TCP

        The multipath TCP (MPTCP) protocol (and the Linux implementation of it) have been under development for a solid decade; MPTCP offers a number of advantages for devices that have more than one network interface available. Despite having been deployed widely, though, MPTCP is still not supported by the upstream Linux kernel. At the 2019 Linux Plumbers Conference, Matthieu Baerts and Mat Martineau discussed the current state of the Linux MPTCP implementation and what will be required to get it into the mainline kernel.
        MPTCP, described by RFC 6824, is built around one fundamental idea: allowing a single network connection to exchange data over multiple physical paths. One obvious use case is a phone handset, which has both WiFi and broadband interfaces. Being able to use both at the same time would give the device greater bandwidth, but also greater redundancy — a connection could continue uninterrupted despite changes to individual paths.

      • Fixing getrandom()

        A report of a boot hang in the 5.3 series has led to an enormous, somewhat contentious thread on the linux-kernel mailing list. The proximate cause was some changes that made the ext4 filesystem do less I/O early in the boot phase, incidentally causing fewer interrupts, but the underlying issue was the getrandom() system call, which was blocking until the /dev/urandom pool was initialized—as designed. Since the system in question was not gathering enough entropy due to the lack of unpredictable interrupt timings, that would hang more or less forever. That has called into question the design and implementation of getrandom().

        Ahmed S. Darwish reported the original problem and tracked it down to the GNOME Display Manager (GDM), which handles graphical logins. It turns out that GDM was calling getrandom() in order to generate the “MIT magic cookie” that is used for authorization by the X Window System. As was pointed out by several in the mega-thread, using cryptographic-strength random numbers for the cookie (or much of anything in terms of X Window security) is well beyond the pale—a much weaker random number generator could have been used with no loss of security. Darwish noted that the call “only” requests a small number of random bytes (five calls requesting 16 bytes each) but, as Theodore Y. Ts’o said, that doesn’t matter: by default getrandom() will not return anything until the cryptographic random number generator (CRNG) is initialized—which requires entropy.

        When Darwish originally bisected the problem, he pinpointed an ext4 commit that had the effect of reducing the amount of disk I/O that was being done early in the boot process. That performance enhancement also, unfortunately, turned out to reduce the amount of entropy gathered on Darwish’s laptop—to the point it would not boot. That change has been reverted for now.

      • Compiling to BPF with GCC

        The addition of extended BPF to the kernel has opened up a whole range of use cases, but few developers actually write BPF code. It is, like any other assembly-level language, a tedious pain to work with; developers would rather use a higher-level language. For BPF, the language of choice is C, which is compiled to BPF with the LLVM compiler. But, as Jose Marchesi described during the Toolchains microconference at the 2019 Linux Plumbers Conference, LLVM will soon have company, as he has just added support for a BPF back-end to the GCC compiler.
        Marchesi, who described himself as “just a compiler guy” rather than a tracing wizard, said that this work is proceeding in three phases. The first of those is to get basic BPF support into the toolchain; for GCC, that takes the form of a new bpf-unknown-none target triplet. Support for BPF was added to binutils in May; the first GCC support landed in the project’s repository just before the conference began.

      • Google Opens Up “SchedViz” To Visualize Linux Kernel Scheduling Behavior

        Google’s newest open-source contribution for benefiting the Linux kernel is SchedViz.

        SchedViz is a tool developed at Google for visualizing the Linux kernel scheduling behavior. Google has already used this tool internally to find areas for improvement within the kernel to make better scheduling choices and analyzing memory latency problems.

      • Amlogic Video Decode Driver Nearly Ready With H.264 Support

        The in-kernel staging Amlogic Meson video decode driver could soon handle H.264 support as soon as Linux 5.5.

        After a lengthy journey getting into the kernel with initially just MPEG-1 and MPEG-2 support, this open-source Amlogic video decode driver should soon be in compliance with H.264.

      • Graphics Stack

        • Intel Adds GPU-Accelerated Memory Copy Support To FFmpeg

          Intel engineers have contributed GPU-accelerated memory copy support to FFmpeg when making use of their preferred video decode implementation.

          For those making use of Intel Quick Sync Video decode with FFmpeg, the latest development code has added GPU-accelerated memory copy support between the video and system memory.

        • Intel ANV & Radeon RADV Vulkan Drivers Tacking On More Extensions With Mesa 19.3

          There still is another month until the feature freeze for Mesa 19.3 to end out 2019 and it will be a big one.

          In addition to the continued flurry of OpenGL driver activity and bits like Zink potentially being merged, the Intel and AMD Radeon Vulkan drivers have been seeing more extension work for 19.3-devel. Here’s the latest.

    • Benchmarks

      • The Mitigation Impact Difference On AMD Ryzen 9 3900X vs. Intel Core i9 9900K Performance

        Last week I shared benchmark results of the AMD Ryzen 9 3900X vs. Intel Core i9 9900K in 400+ benchmarks in the largest comparison ever for these two competing ~$500 USD processors. If that wasn’t enough, I repeated the hundreds of CPU/system benchmarks again but without any of the recent CPU security mitigations in place to see how the situation would have played out pre-2018.

        Immediately following those tests last week, I restarted the large benchmark queue with the 300+ system/CPU tests (foregoing the gaming benchmarks with the various CPU speculative execution vulnerabilities having little impact on gaming/graphics performance). As a reminder, both the Intel and AMD systems were tested on Ubuntu 19.10 with the Linux 5.3 kernel and all of the other latest software components for this H2’2019 update to Ubuntu Linux.

        The Core i9 9900K was running with the ASUS PRIME Z390-A motherboard and the Ryzen 9 3900X with the ROG CROSHAIR VIII HERO WiFi motherboard, both boards using their very latest public BIOS releases as of testing. Both systems were tested with the same GSKILL 2 x 8GB DDR4-3600 memory, 280GB Intel Optane 900p NVMe SSD, and Radeon RX Vega 64 graphics card.

      • Windows 10 vs. Ubuntu 19.10 vs. Clear Linux vs. Debian 10.1 Benchmarks On An Intel Core i9

        Earlier this week I provided some fresh Windows vs. Linux web browser benchmarks for both Firefox and Chrome. For those curious how the current Windows 10 vs. Linux performance is for other workloads, here is a fresh look across a variety of software applications and while testing the near-final Ubuntu 19.10, Intel’s rolling-release Clear Linux, and Debian 10.1 while running off an Intel Core i9 HEDT platform.

        Ahead of all our autumn 2019 Linux distribution update benchmarks, this article is a fresh look at the Microsoft Windows 10 Pro x64 performance compared to these popular Linux distributions. Particularly with Debian 10 and Clear Linux, they tend to be the fastest Linux distributions we routinely benchmark at Phoronix while Ubuntu is included due to its popularity.

        These four operating systems were all tested on the same Intel Core i9 7980XE + 4 x 4GB DDR4-3200 memory + NVIDIA GeForce GTX TITAN X + Samsung 970 EVO 500GB NVMe SSD system with the i9-7980XE being the newest Intel HEDT platform I have available for testing at the moment.

    • Applications

      • Celluloid is a really good mpv frontend for Linux

        If you are a Linux user who wants a front-end for the popular MPV video player, Celluloid may be your best bet.

        I installed the application via flatpak but you can find quite a few packages linked at the official GitHub; installation instructions for flatpak are available on the same page.

        Celluloid mpv frontend for Linux

        The GUI of Celluloid is quite similar to most Linux apps, and quite minimal. Click on the + button in the top left corner to open a video, or drag and drop one on to the interface. You can also load a web URL to stream content directly using the player from the Open Location menu.

      • ImCompressor is a New, User-Friendly Image Compressor for Linux

        It’s written with Python and Gtk and designed to the GNOME HIG. This helps it both look great and integrate well with modern Linux distros, like Fedora and Ubuntu.

        The design of the app makes it incredibly simple to use, too.

        Open ImCompressor and drag and drop jpeg and png images on to the window (or select files through the in-app file picker) to quickly, losslessly, optimise them, i.e. reduce image file size without affecting the overall image quality.

    • Proprietary

      • Opera 64 Released with Privacy Enhancing Features. Download Now

        The latest release of Opera web browser 64 is here focusing on privacy, ad blocking and many more.

      • Discord Confirms Layoffs After Internal Restructuring

        The truth is that Discord has had a really complicated 2018 year. After overcoming the barrier of 250 million registered users, last September they canceled their subscription service, Discord Nitro, which allowed access to different video games through a monthly payment. The company wrote in its blog that users were not playing the games in the Nitro subscription.

        Discord made headlines last December when they changed the policy of percentage of profits that the developers who published their video games took on their platform, a kind of counterattack to Steam and Epic Games Store after their two changes at the end of last year.

      • DJs You Are Warned ⁠— Do NOT Upgrade Into MacOS Catalina

        With the removal of iTunes in Catalina, users lost support for XML files and native playback on Macs. The XML file loss is a massive blow to most DJ software, which relies on the format for setlist organization.

        Popular DJ apps like Traktor and Rekordbox read these XML files. iTunes has been the default way that many DJs find their tracks for years now. With Music replacing iTunes in Catalina, there’s no feature parity there.

  • Instructionals/Technical

  • Games

    • Become the cleaner for government assassins in ‘Nobodies’ and destroy all evidence, out now

      Here’s one we missed from the end of last month, it’s called Nobodies and you’re a government agent tasked with cleaning up after their assassins do their thing. Nobodies—no bodies, get it? Ahem…

    • Steam Play Proton 4.11-7 is out with more gamepad improvements and other misc fixes

      Valve and CodeWeavers have unleashed another update to Steam Play with Proton 4.11-7 releasing today.

      Seems they’re continuing to try and get gamepads/controllers into a good state, with “Major” improvements to how they handle hotplugging. More games should now see your gamepad when you plug it in after you start it. Additionally, there’s improved support for Windows games built with Unity using the Rewired Unity plugin.

    • Proton 4.11-7 Released With Controller Improvements, D9VK/DXVK Updates

      Valve has released Proton 4.11-7 as the newest version of their Wine downstream that powers Steam Play for running Windows games on Linux.

      With Proton 4.11-7 there are controller improvements including better hotplugging support of controllers and improving controller support for games relying upon the Rewired Unity library.

    • Valve will bring out ‘Remote Play Together’ to give online support to local multiplayer games

      The Steam pipes are leaking over at Valve again, as an upcoming feature called Remote Play Together is coming during the week of October 21.

      Valve sent word just to game developers, which they never keep quiet on for very long. Multiple game developers (#1, #2 and so on) ended up putting out posts on Twitter to let everyone know about it a bit earlier than Valve seems to have intended.

    • Strategy adventure game ‘Pathway’ has a huge Adventurers Wanted update, plus a note about Linux

      Get ready for another adventure as Pathway just got bigger and better with a huge free update now available.

      Mixing together node-based travel (think like FTL and Slay the Spire) with random events and turn-based tactical combat, Pathway is a fun game. However, when you’ve played a lot of hours it can end up perhaps a bit too repetitive. You realise later on the limitations of the game that aren’t quite apparent until you really push through it. Now though? Sounds like it’s a massive improvement to all areas of the game!

      The Adventurers Wanted update adds in…deep breath, are you ready? 18 new combat abilities with new ways to interact with both enemies and allies, reworked skill trees, a “sizeable” amount of new events have been added including many new combat arenas to give it more variety, you no longer stock up on consumables like medkits and instead have a new resource called Supplies which is used across multiple items, new combat modes to adjust how combat begins for more variation, an improved armour system that makes armour give direct damage reduction and the list goes on.

    • The new trailer for Edgar – Bokbok in Boulzac has me wanting more especially after the great demo

      Edgar – Bokbok in Boulzac from the French team at La Poule Noir is an upcoming comedy point and click adventure coming to Linux, the new trailer is up and continues my excitement for this one.

      It’s a story rich whimsical adventure, with a protagonist who is a bit…eccentric. The kind where you can see a bit of yourself in them and you can’t help but love their weirdness. He loves his chicken, which is amusingly sweet when he calls it “Precious” during dialogue. A dark comic adventure about saving your beloved squash and you stumble upon a “most terrifying secret” during your journey.

    • Bizarre action-RPG ‘Insignificant’ where you’re three inches tall is out now with Linux support

      Insignificant is an action-RPG that tells the story of the little people and when I say that I really do mean tiny little people, you’re only about three inches tall.

    • Stellaris 2.4 is out with the new Paradox Launcher included

      Paradox Interactive and Paradox Development Studio have released the latest update to Stellaris, which includes the new Paradox Launcher to unify the experience.

      The launcher isn’t all that’s new though. If you’re running Stellaris from their own store or GOG they have added in cloud saving to both. Paradox also updated all factions titans “with panning light meshes”, updates to the visual effects for “ther drake’s wing attack (muzzle, projectile, hit effect)” and new “/mute ” and “/unmute ” chat commands were added. Defence Platforms also got a boost for Outposts, providing 2 points of Piracy Suppression for their system.

      A bunch of UI updates also made it in like the ability to Shift+Click on the ship count in the Fleet Manager, adding ships up to the nearest 10. There’s more tooltips on the Planet Screen, a new notification when one empire guarantees the in

  • Desktop Environments/WMs

    • What’s New in Xfce 4.14 Desktop

      After 4 years and 5 months of development, Xfce 4.14 was finally released. a release that it is probably included in the software repositories of almost all Linux-based operating systems. The goal for Xfce 4.14, as the developers explain, was to port all of the core components to the latest GTK3 and GDBus open-source technologies, instead of the old GTK2 and D-Bus Glib.

      Window manager Xfce 4.14, now support VSync to reduce display flickering. It also now supports HiDPI, NVIDIA proprietary/closed source drivers, XInput2. XFCE 4.14 also introduces a new default theme.

      A new default theme is present as well in Xfce 4.14, and the Thunar file manager now features a completely revamped pathbar, BluRay support for the volume manager, support for larger thumbnails, improved keyboard navigation, and support for a “folder.jpg” file to alter the folder’s icon.

      XFCE 4.14 Panel got support for RandR’s primary monitor feature, improved window grouping in the tasklist plugin (better UX, visual group indicator etc), a per-panel “icon-size” setting, a new default clock format. Users can also now change the orientation of the icons on the desktop, as well as to preview Fujifilm RAF images in the file manager.

    • K Desktop Environment/KDE SC/Qt

      • Wayland goal – Call for Action

        KDE community has elected to finalize the transition to Wayland and embrace the future of desktop.

        This entails making Plasma running smoothly under Wayland, but also making sure KDE Apps can run without bugs and missing features. It also means that we want to help the wider Wayland community to fill missing features and fix bugs.

        I call App users and developers to try out their favorite app in Wayland and report the issue that may arise. and add wayland as keyword to the bug to keep track on those bugs.

      • [Krita] To be Merged in master

        So, finally it seems like, after crossing the deadline by a couple months, Magnetic Lasso is going to get merged, as Boud told me. Lets see how many more weeks it takes, so presumably it is complete feature wise but who knows from where a bug might pop up. This post is mainly for documenting how the Magnetic Lasso works, since I am too good to make an entry in the manual.

      • KDE is All About the Apps: October Update

        We are a community of thousands of contributors who make hundreds of Apps using collaborative open source methods. Our apps run on Linux with Plasma, of course, but also fit in well with GNOME, Enlightenment, XFCE, or any other desktop you happen to be using. Many of our apps run on Windows, Android and macOS.

        A new goal for the KDE community is to push how we are All About the Apps. We will be highlighting our best software and promoting it to increase its adoption outside the circle of current KDE fans (who we still love very much!). This is a monthly update of what’s new in our apps. If you’d like to help out with this community goal, take a look at the All About the Apps workboard, and join us in our Matrix chat channel.

      • KDE Applications 19.08.2 Open-Source Software Suite Released with Many Bug Fixes

        Coming a month after the first point release, KDE Applications 19.08.2 is here to address more than 20 bug fixes across a wide range of applications and core components, including Dolphin, Gwenview, Kate, Kdenlive, Kontact, Konsole, Lokalize, Spectacle, and many others, in an attempt to make the KDE Applications 19.08 open-source software suite more stable and reliable.

        Highlights of this release include improvements to High-DPI (HiDPI) support in the Konsole terminal emulator and other apps, the ability to update the search parameters when switching between different searches in the Dolphin file manager, and support for the KMail email client to save messages directly to remote folders.

      • Applications 19.08.2
    • GNOME Desktop/GTK

      • Philip Chimento: Free software at 40°C

        It’s that time of year again, time for a belated reflection on the GUADEC conference!

        In August I traveled to Thessaloniki, Greece, to attend first the annual GNOME Foundation board handover day, then the advisory board meeting, then the GUADEC conference and associated unconference days.

        The board discussion focused quite a lot on the strategic goals for the GNOME Foundation which you can hear more about in executive director Neil McGovern’s talk. Nuritzi has also blogged about the process of putting together these strategic goals.

  • Distributions

    • New Releases

      • NixOS 19.09 released

        NixOS 19.09 “Loris” has been released, the twelfth stable release branch. See the release notes for details. You can get NixOS 19.09 ISOs and VirtualBox appliances from the download page. For information on how to upgrade from older release branches to 19.09, check out the manual section on upgrading.

      • NixOS 19.09 Released With Xfce 4.14 Packages, GNOME 3 Updates

        NixOS 19.09 ships with installer improvements so it can run with less privileges, updating to Xfce 4.14 packages for those using that desktop, better handling of different GNOME 3 services and modules, better printer handling, their VLC package now supports Google Chromecast, systemd updates, and an array of other enhancements.

    • SUSE/OpenSUSE

      • SUSE Dumps OpenStack

        Open source vendor SUSE is getting out of the OpenStack business, the company says.

        The decision is part of a shift in company strategy from infrastructure enablement to enabling application delivery, the company said in a blog post announcing the decision Wednesday.

        The blog post quotes IDC analyst Al Gillen, who says “applications and experiences, rather than … infrastructure deployments,” are key to differentiation. SUSE’s decision “moves the company’s value-add higher up the technology stack, to a level where customers want and need tools that empower them to achieve differentiation,” Gillen says.

      • Suse’s OpenStack Cloud dissipates

        Suse, the newly independent open-source company behind the eponymous Linux distribution and an increasingly large set of managed enterprise services, today announced a bit of a new strategy as it looks to stay on top of the changing trends in the enterprise developer space. Over the course of the last few years, Suse put a strong emphasis on the OpenStack platform, an open-source project that essentially allows big enterprises to build something in their own data centers akin to the core services of a public cloud like AWS or Azure. With this new strategy, Suse is transitioning away from OpenStack . It’s ceasing both production of new versions of its OpenStack Cloud and sales of its existing OpenStack product.

        “As Suse embarks on the next stage of our growth and evolution as the world’s largest independent open source company, we will grow the business by aligning our strategy to meet the current and future needs of our enterprise customers as they move to increasingly dynamic hybrid and multi-cloud application landscapes and DevOps processes,” the company said in a statement. “We are ideally positioned to execute on this strategy and help our customers embrace the full spectrum of computing environments, from edge to core to cloud.”

      • SUSE OpenStack Is No More — But Don’t Panic

        OpenStack as a technology isn’t going away; it’s just become the “boring” infrastructure on which the cool new things like Kubernetes are deployed.

      • KDE and openSUSE: Plasma 5.17, Qt 5.14 and more

        The Beta version of Plasma 5.17 was released with many new features and improvements such as per-screen fractional scaling on Wayland, a new User Interface (UI) for configuring permissions of Thunderbolt devices and network statistics in KSysGuard. The latter requires some more privileges than usual for a user application, so is currently being looked at by the SUSE security team.

        openQA found a few bugs already, like GIMP looking more “colorful” than usual and some applications mixing Kirigami and Qt Widgets breaking some keyboard shortcuts. Both of those were addressed meanwhile and will be fixed in the final release of 5.17.

        If you haven’t tested the Plasma 5.17 Beta yet, there’s still some time left! If you come across a problem in the software, please head over to the KDE bug tracker; if instead you find an issue that is openSUSE specific, go over to the openSUSE bugzilla.

      • Highlights of YaST Development Sprint 86

        Now that you had a chance to look at our post about Advanced Encryption Options (especially if you are an s390 user), it is time to check what happened during the last YaST development sprint, which finished last Monday.

      • OpenSUSE Expanding Encryption Options For Its Installer

        While Ubuntu developers are busy adding experimental ZFS support to their installer, the SUSE developers working on their YaST installer are working on offering better security options for their platform by beefing up the encryption capabilities at install-time.

        YaST has like most Linux distributions out there offered basic encryption options at install-time if wanting to deploy the Linux distribution to an encrypted LVM. With openSUSE Leap 15.2 (and SUSE Linux Enterprise 15 SP2) as well as openSUSE Tumbleweed, they are adding more advanced encryption options to complement the functionality provided already for years.

    • Slackware Family

      • LibreOffice 6.3.2 for Slackware-current – and how to deal with “Shared library .so-version bump”

        Let me first elaborate a bit on the strategies that are available to a Slackware user on how to deal with incompatible library updates in -current.

        One of the reasons people are wary of installing and running Slackware-current is the fact that at any given moment, distro updates can break 3rd-party packages (i.e. packages you have installed that are not part of the Slackware distribution itself). Slackware-current is in constant flux, it is our development environment, and software versions can make sudden jumps with unexpected consequences.

        Big tip: before running any update on a slackware-current system, first check the ChangeLog.txt and scan the updates since your previous upgrade for the text “Shared library .so-version bump.” which is another way of saying “incompatible ABI change”.
        If this text accompanies a package update you can be pretty certain that some 3rd-party packages that depend on it will stop working. And if that particular package is boost, icu4c or poppler, expect massive breakage. The safest approach in a case like this, is: wait with upgrading your Slackware-current; check for packages that have a dependency on the package with the ABI breakage: and track the 3rd-party repositories for updates that address the ABI breakage.

        There is another strategy- one which allows you to upgrade to the latest -current while avoiding broken packages. That is to keep the older libraries on your system – the libraries your 3rd-party packages are depending on. You can simply extract these older libraries from the previous version(s) of the upgraded Slackware package. Darren Austen and I worked together to create a package repository containing historical Slackware-current packages (32bit, 64bit official packages and my own multilib archive). See https://slackware.uk/cumulative/ if you are in need of older package versions.

    • Debian/Ubuntu Family

      • Ubuntu Touch OTA-11 Now Available for Testing with Improved, Smarter Keyboard

        Originally planned as a small update that was supposed to contain only some bug fixes and improvements, the Ubuntu Touch OTA-11 release appears to bring quite some enhancements for Ubuntu Phones, such as a much-improved and smarter keyboard that introduces a Dvorak keyboard layout option, improvements to the Japanese and Polish layouts, as well as a new way to edit text.

        “Using this feature, you can move around your typed text, undo and redo actions, move around a text selection rectangle, and use the cut/copy/paste commands, all from the same overlay. To get started, press and hold the space bar,” explained UBports. “We are still unsure about the discoverability of this feature, so stay tuned for changes that will make it even easier to find and use.”

      • Chromium in Ubuntu – deb to snap transition

        Chromium is a very popular web browser, the fully open source counterpart to Google Chrome. On Ubuntu, Chromium is not the default browser, and the package resides in the ‘universe’ section of the archive. Universe contains community-maintained software packages. Despite that, the Ubuntu Desktop Team is committed to packaging and maintaining Chromium because a significant number of users rely on it.

        Maintaining a single release of Chromium is a significant time investment for the Ubuntu Desktop Team working with the Ubuntu Security team to deliver updates to each stable release. As the teams support numerous stable releases of Ubuntu, the amount of work is compounded.

        Comparing this workload to other Linux distributions which have a single supported rolling release misses the nuance of supporting multiple Long Term Support (LTS) and non-LTS releases.

        Google releases a new major version of Chromium every six weeks, with typically several minor versions to address security vulnerabilities in between. Every new stable version has to be built for each supported Ubuntu release − 16.04, 18.04, 19.04 and the upcoming 19.10 − and for all supported architectures (amd64, i386, armhf, arm64).

        Additionally, ensuring Chromium even builds (let alone runs) on older releases such as 16.04 can be challenging, as the upstream project often uses new compiler features that are not available on older releases.

        In contrast, a snap needs to be built only once per architecture, and will run on all systems that support snapd. This covers all supported Ubuntu releases including 14.04 with Extended Security Maintenance (ESM), as well as other distributions like Debian, Fedora, Mint, and Manjaro.

      • [Older] Packaging Domoticz for Debian, Ubuntu, Raspbian and Fedora

        Federico Ceratto and I have been working on the packaging of Domoticz, one of the leading free and open source home automation / smart home solutions.

        I’ve taken that a step further, packaging the plugin for the Zigate USB stick and two of the utilities for updating firmware on the Zigate, the JennicModuleProgrammer and the zigate-flasher.

        These are initially Debian packages, also available for Raspbian, but I also try to share any lessons from this effort with the upstream developers and also provide a foundation for Ubuntu and Fedora packaging.

  • Devices/Embedded

  • Free, Libre, and Open Source Software

    • TeXstudio – A cushty yet nerdy LaTeX frontend

      TeXstudio is a complex, powerful program, and it definitely appeals to my sense of nerdonics. It’s rich in features, and it can take a while before you figure everything out – prior knowledge with similar software definitely helps. But then, I think LyX is friendlier and simpler, especially for beginners. With TeXstudio, there were a few errors throughout my test, which ought to be handled a bit more gracefully. Beamer sounds like a great thing, but then, frankly, most people will make do with Powerpoint, for better or worse.

      I definitely intend to spend more time learning TeXstudio, as it may come handy in technical work now and then. Plus, there’s the simple joy of mastering difficult tools, which then magically turn repetitive burdens into simple tasks. It’s all about the optimization of energy. I believe I’m already there with conventional tools as well as LyX, so this ought to be an interesting experiment. For document lovers among you, this software definitely warrants some extended testing. We’re done.

    • Beware open source vendor lock-in

      With open source having become not only mainstream but also so ubiquitous it is all but invisible, there is a real danger that open source users could find themselves in a whole new world of “open source” vendor lock-in.

      That was the warning sounded by Obsidian’s Karl Fisher at the start of LinuxConf [ZA] 2019, a Linux and open source conference which marked the start of Open Source Week in South Africa this week.

      Fisher took the delegates, mainly open source aficionados and developers, though a potted evolutionary history of open source – from the days when it was disparaged by Microsoft founder Bill Gates, and later his successor as CEO Steve Ballmer who infamously dubbed Linux a ‘cancer’; to Microsoft’s recent, multi-billion dollar acquisition of GitHub, the world’s largest open source code hosting platform.

    • BleachBit 2.3 Beta

      When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn’t know was there.

      Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

    • Collapse OS is a Special Operating System for the Post-Apocalyptic Future

      As reported by Motherboard, there’s a new open-source operating system that is currently under heavy development, and it looks like it will soon be ready for a very dire scenario. Its creator, Virgil Dupras, is a person who believes there’s a good chance that by 2030, the world will have collapsed. The software developer isn’t absolutely certain about this, but he believes that the chances of the scenario are high enough to justify the development of a post-apocalyptic operating system, called “Collapse OS”.

      So, what would the ideal scavenger’s operating system be like? The simple answer to this would be “one that can run on virtually anything”. If there is one system out there that can run on almost any hardware, this is the Debian GNU/Linux distribution. Collapse OS is taking things a lot further, being able to run on microcontrollers such as the ubiquitous Z80 microprocessor. Dupras considered what piece of hardware would be the easiest to find in a post-apocalyptic world, and Z80 came as the definitive answer. This 8-bit microprocessor is in cash registers, computers, music instruments, calculators, and virtually anything electronic.

    • Linux Foundation

      • EdgeX Foundry Organizes Its First Hackathon

        The project organized its first hackathon in Chicago to see how the retail industry leverages EdgeX Foundry to solve some of its pressing problems.

      • The Zephyr Project Welcomes Eclipse IoT and Oticon As Members to Create a Safe and Secure RTOS

        The Zephyr™ Project, an open source project at the Linux Foundation that aims to build a secure and flexible real-time operating system (RTOS) for the Internet of Things (IoT) announces its growing ecosystem with the addition of Eclipse IoT and the move up for long-time member Oticon to Platinum member. Additionally, the project announces the release of Zephyr 2.0.0 and that several popular developer boards are now shipping with Zephyr including Nordic Semiconductor’s Nordic Thingy91 and Adafruit’s Actinius Icarus.

        In today’s technology landscape, fragmentation is the biggest challenge. Developers have a wide range of choices for platforms, boards and components and many of those don’t and can’t connect with each other. Zephyr offers a small memory footprint and a secure and flexible RTOS that extends functionality of IoT devices. It is a customizable, embedded open source platform that can be built for multiple hardware architectures with safety and security.

      • Zephyr RTOS 2.0 Release Highlights

        Last month, the Zephyr Project announced the release of Zephyr RTOS 2.0 and we are excited to share the details with you! Zephyr 2.0 is the first release of Zephyr RTOS after the 1.14 release with Long-Term support in April 2019. It is also a huge step up from the 1.14 release, bringing a wide list of new features, significant enhancements in existing features, as well as a large list of new HW platforms and development boards.

    • SaaS/Back End/Databases

      • PostgreSQL considers seccomp() filters

        A discussion on the pgsql-hackers mailing list at the end of August is another reminder that the suitability of seccomp() filters is likely more narrow than was hoped. Applying filters to the PostgreSQL database is difficult for a number of reasons and the benefit for the project and its users is not entirely clear. The discussion highlights the tradeoffs inherent in adding system-call filtering to a complex software suite; it may help crystallize the thinking of other projects that are also looking at supporting seccomp() filters.

        Joe Conway raised the idea in an RFC patch posting. It added a way to filter system calls in the main postmaster process and, with a separate system-call list, in the per-session backends. It also showed how to generate the list of system calls that are being used by PostgreSQL under various workloads, such as the test targets in the Makefile or by running a specific application. Information on the system calls made is logged by the audit subsystem; those logs are then processed to produce the list. Once there is confidence that the list is complete—which may be a sticking point—the remaining system calls could be blocked so that executing them would cause an error.

        But Peter Eisentraut was concerned that the list is going to be incomplete due to the “fantastic test coverage” needed to generate it and that it will require constant maintenance to keep up with GNU C Library (glibc) and other changes. Beyond that, PostgreSQL extensions will need their own lists of allowed system calls. Conway seems to see the support as something that those interested will maintain for themselves, rather than having a list that the project will distribute. “Perhaps most people never use this, but when needed (and increasingly will be required) it is available.”

    • Productivity Software/LibreOffice/Calligra

      • Starting The Document Collective

        The Document Foundation (TDF) is the home of the LibreOffice free-software office suite; it provides financial, governance, and other administrative services to LibreOffice. The foundation was established in part to ensure that commercial entities did not have undue influence on the project, which limited the types of activities in which it can engage. In particular, selling branded versions of LibreOffice in the macOS and Windows app stores has not been something that TDF could tackle. The TDF board of directors is looking to change that with the creation of a new entity, The Document Collective (TDC), to engage in commercial activity that is complementary to that of TDF members—hopefully as an income source to help support TDF.

        The TDC proposal [PDF] was adopted by the TDF board on September 9 and unveiled at the LibreOffice conference (slides [PDF]) and in a post to the board-discuss mailing list on September 11. The board has decided to start the creation of TDC by appointing a transitional leadership group. The TDC leadership has been directed to set up an unincorporated association as part of Public Software CIC, which is a European umbrella organization (a “community interest company” or CIC) that provides administrative services to free and open-source software projects. That is meant to be a temporary measure until a full legal entity can be set up. TDC will also have €50,000 in funds available to draw on from TDF; the money is a loan that is meant to be repaid with interest from the proceeds of selling LibreOffice in the app stores. There may be other moneymaking activities that TDC ends up undertaking as well.

        TDC is tasked with getting LibreOffice into the app stores for macOS and Windows. To that end, Public Software CIC will be granted a trademark license for the LibreOffice mark that can be used for app store packages. Initially there will be no separate TDC entity, but that will eventually be set up in some European jurisdiction and all of the TDC work that has been done will be transferred to the new entity. Effectively, the agreement with Public Software CIC will just allow TDC to start working immediately while it initializes its governance and legal entity in parallel.

        There were a few comments on the announcement. Uwe Altmann wondered about the business plan for TDC; given that there is already some experience from two companies selling LibreOffice in the app stores, it would seem reasonable to put together an initial budget, for example. In addition, starting out by setting up an association with Public Software CIC with a fairly large budget seemed unnecessary; there are other organizational structures that could be set up more easily and cheaply, he said.

    • FSF/FSFE/GNU/SFLC

      • What does the FSF censor during the Richard Stallman lynching?

        Why do the FSF staff censor an email like this supporting the founder of their organization and the founder of the Free Software movement?

        Has the FSF become another Fake Community?

        Since raising the issue of censorship in FSF, I received a number of emails from people who feel their own communications have been censored.

        [...]

        Just as MIT Media Lab staff systematically hid donations from convicted sex trafficker Jeffrey Epstein, Free Software organizations are systematically hiding donations from Google. Censorship is one of the tools they use to achieve this deception.

      • Justice for Dr. Richard Matthew Stallman

        Dr. Richard Matthew Stallman (born 16 March 1953), often known by his initials rms, and occasionally upper-case RMS, is an American free (libre) software movement activist, hacker and programmer. He campaigns for software to be distributed in a manner such that its users receive the freedoms to use, study, distribute, and modify that software. Software that ensures these four freedoms is termed free software. Stallman launched the GNU Project, founded the Free Software Foundation, developed the GNU Compiler Collection and GNU Emacs, and wrote the GNU General Public License.

        Richard Stallman is currently the object of an Internet defamatory campaign which forced him to resign from his position at MIT and even from the FSF which he founded himself. He has actual flaws, but the campaign is largely motivated by mischaracterizations, disproportionality and intolerance.

      • RMS: No Radical Changes In GNU Project

        With Stallman sticking around as head of the GNU and with that the Free Software Foundation re-evaluating their GNU relationship, Richard Stallman is already saying there will be no major changes to the project he founded.

        RMS yesterday sent out a new message on the matter (though it only cleared the mailing list moderation queue a few minutes ago) on info-gnu. His newest message is simply:

        As Chief GNUisance, I’d like to reassure the community that there won’t be any radical changes in the GNU Project’s goals, principles and policies.

        I would like to make incremental changes in how some decisions are made, because I won’t be here forever and we need to ready others to make GNU Project decisions when I can no longer do so. But these won’t lead to unbounded or radical changes.

      • Stallman: No radical changes in GNU Project
        As Chief GNUisance, I'd like to reassure the community
        that there won't be any radical changes in the GNU Project's
        goals, principles and policies.
        
        I would like to make incremental changes in how some decisions are
        made, because I won't be here forever and we need to ready others to
        make GNU Project decisions when I can no longer do so.  But these
        won't lead to unbounded or radical changes.
        
        -- 
        Dr Richard Stallman
        Founder, Free Software Foundation (https://gnu.org, https://fsf.org)
        Internet Hall-of-Famer (https://internethalloffame.org)
      • Octave.app Statement on Richard Stallman

        Octave.app is not itself a GNU effort, but depends heavily on and is involved with the work of the GNU Project, especially GNU Octave itself. As such, we feel the need to speak out about the issue of GNU founder Richard Stallman’s behavior.

        Octave.app’s maintainers believe that the Free and Open Source community should be welcoming to a wide population of users and contributors. We also believe that the ideals of Free and Open Source software can best be supported through inclusion, equality, and respect for diversity. Our community’s leadership needs to support those goals, in both words and actions.

        The Octave.app maintainers are deeply troubled by Stallman’s recent statements trivializing sexual assault, and by his history of other exclusionary or offensive statements and behavior. We join the Software Freedom Conservancy in calling for Stallman to step down from positions of leadership in the Free Software movement. We are glad that he has resigned from the Free Software Foundation, and call for the GNU community to reassess his role as head of the GNU Project, and to find a governance arrangement that better supports the need for an inclusive, welcoming community.

      • How Richard Stallman repealed Dodd-Frank Act

        In a democracy people should have the right to free speech. Stallman only used that. But his idea was wrong. He accepted that and corrected it. By asking his resignation FSF made lot of confusion. They should have to apologize to Stallman and the public for making this unnecessary issues. Lets bring back Stallman to FSF and Gnu.

        Free speech should be projected. (hate speech and lies are not free speech. its violence)

      • Correction: Regarding an Erroneous Allegation in ‘Richard Stallman’s Disgrace’

        As soon as I read this, I was nearly certain my email correspondent had made exactly this mistake, conflating Stallman with Raymond, and that I had passed the error along. I sincerely and deeply regret the error. I should have known Stallman would never have worked with VA Linux (he’d have insisted upon it being named “VA GNU/Linux”, and likely would have had no interest in what was a very commercial enterprise no matter what its name) and also should have remembered that Stallman was never married.

        [...]

        To be clear, my source is a man, and it was he who conflated Raymond (“ESR”) with Stallman (“RMS”). His former colleague at VA Linux, the woman who was propositioned by Raymond, surely remembers it clearly.

        I have updated the original article to remove the anecdote quoted above, and to point to this correction. My source for the anecdote made an honest error — as Shaw suggests conflating two well-known “TLA Old Nerds”. It was my fault and mine alone for publishing it. Again, I regret the mistake, and apologize for it.

      • LibrePlanet 2020 IRC CFS Office Hours

        The LibrePlanet call for sessions is open now and will be open until November 20 and we want to hear from you!

        Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS Office Hours.

      • Meet the FSF staff in Raleigh, NC on October 15

        Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager Zoë Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year’s licensing seminar on GPL Enforcement and Legal Ethics.

        We look forward to hosting this informal meetup to show our appreciation for your support of the FSF’s work. We’ll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

    • Openness/Sharing/Collaboration

      • Open Hardware/Modding

        • mjbots quad A0: October 2019 Roadmap

          My last video gave an overview of what I’ve accomplished over the past year. Now, let me talk about what I’m planning to work on going forward:

          I intend to divide my efforts into two parallel tracks. The first is to demonstrate increased capabilities and continue learning with the existing quad A0, and second is to design and manufacture the next revision of all its major components.

    • Programming/Development

      • Financial Aid Launches for PyCon US 2020!

        The financial aid program aims to bring many folks to PyCon by limiting the maximum grant amount per person; in that way, we can offer support to more people based on individual need. The financial aid program reimburses direct travel costs including transportation, hotel, and childcare, as well as offering discounted or waived registration tickets. For complete details, see our FAQ, and contact pycon-aid@python.org with further questions.

      • 7 Reasons to Get Professional Programming Assignment Help

        Programming is one of the most popular disciplines in schools and universities, and many students learn programming languages at this point. If you are one of them, you know how complicated it can be to study programming, especially if you get a lot of other assignments from other classes.

      • Adding stateless support to vicodec

        Prior to joining Collabora, I took part in Round 17 of the Outreachy internships, which ran from December 2018 to March 2019. Outreachy is a paid, remote internship program. Its goal is to support people from groups underrepresented in tech, and help newcomers to free software and open source make their first contributions. Open to applicants around the world, Outreachy internships run twice a year.

        Once your application is approved, you must pick an open source project to make a contribution to, in hopes of being selected as an intern, and teamed with experienced mentors. You can read more about the program here.

        In my case, I was selected as an intern to work on the media subsystem of the Linux kernel, and my mentors were Helen Koike, (who is now my colleague at Collabora!) and Hans Verkuil (who works for Cisco and has been working on the media subsystem for around 15 years).

      • Eclipse Foundation Looks to Create Cloud-Based IDE Standards

        The Eclipse Foundation today announced the formation of a working group to create standards for cloud-based integrated development environments (IDEs) led by Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG and Typefox.

      • This Week in Rust 307
      • Nicholas Nethercote: Visualizing Rust compilation

        Speeding up the Rust compiler isn’t the only way to make a Rust project build faster. Changing the crate structure of a project can also make a big difference. The good news here is that Eric Huss has implemented an amazing tool for visualizing Rust compilation, which can be used to identify inefficient crate structures in Rust projects.

      • RcppArmadillo 0.9.800.1.0

        Another month, another Armadillo upstream release! Hence a new RcppArmadillo release arrived on CRAN earlier today, and was just shipped to Debian as well. It brings a faster solve() method and other goodies. We also switched to the (awesome) tinytest unit test frameowrk, and Min Kim made the configure.ac script more portable for the benefit of NetBSD and other non-bash users; see below for more details. One again we ran two full sets of reverse-depends checks, no issues were found, and the packages was auto-admitted similarly at CRAN after less than two hours despite there being 665 reverse depends. Impressive stuff, so a big Thank You! as always to the CRAN team.

      • Anaconda Enters a New Chapter

        Today I am excited to announce that I am stepping into the role of CEO at Anaconda. Although I am a founder of the company and have previously served as president, this marks the first time I am serving in the role of chief executive.

        The entire world is undergoing a revolution in computation and data analytics — a revolution that we helped start almost 10 years ago, at the dawn of modern data science.

        [...]

        I am very appreciative of our previous CEO Scott Collison. Under his leadership, we grew from an open-source consultancy into a true product company, put a world-class leadership team in place, and launched our enterprise machine learning platform. He made a lasting impact on our company’s evolution.

      • Emacs: The Best Python Editor?

        Finding the right code editor for Python development can be tricky. Many developers explore numerous editors as they grow and learn. To choose the right code editor, you have to start by knowing which features are important to you. Then, you can try to find editors that have those features. One of the most feature-rich editors available is Emacs.

        Emacs started in the mid-1970s as a set of macro extensions for a different code editor. It was adopted into the GNU project by Richard Stallman in the early 1980s, and GNU Emacs has been continuously maintained and developed ever since. To this day, GNU Emacs and the XEmacs variant are available on every major platform, and GNU Emacs continues to be a combatant in the Editor Wars.

      • DevSecOps pipelines and tools: What you need to know

        DevOps is well-understood in the IT world by now, but it’s not flawless. Imagine you have implemented all of the DevOps engineering practices in modern application delivery for a project. You’ve reached the end of the development pipeline—but a penetration testing team (internal or external) has detected a security flaw and come up with a report. Now you have to re-initiate all of your processes and ask developers to fix the flaw.

        This is not terribly tedious in a DevOps-based software development lifecycle (SDLC) system—but it does consume time and affects the delivery schedule. If security were integrated from the start of the SDLC, you might have tracked down the glitch and eliminated it on the go. But pushing security to the end of the development pipeline, as in the above scenario, leads to a longer development lifecycle.

        This is the reason for introducing DevSecOps, which consolidates the overall software delivery cycle in an automated way.

        In modern DevOps methodologies, where containers are widely used by organizations to host applications, we see greater use of Kubernetes and Istio. However, these tools have their own vulnerabilities. For example, the Cloud Native Computing Foundation (CNCF) recently completed a Kubernetes security audit that identified several issues. All tools used in the DevOps pipeline need to undergo security checks while running in the pipeline, and DevSecOps pushes admins to monitor the tools’ repositories for upgrades and patches.

      • Interview with a Pornhub Web Developer

        Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser’s video limits to pushing ads through WebSocket so ad blockers don’t detect them, you have to be clever to innovate at the bleeding edge of the web.

        I was recently lucky enough to interview a Web Developer at the web’s largest adult website: Pornhub. I wanted to learn about the tech, how web APIs can improve, and what it’s like working on adult websites. Enjoy!

      • Indie game makers open up about the money they actually make

        The following 12 testimonies detail appropriately varied situations — the hopes and fears of these indie game makers — and how, ultimately, they’re able to continue sustaining themselves.

      • PHP version 7.2.24RC1 and 7.3.11RC1

        Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

        RPM of PHP version 7.3.11RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

        RPM of PHP version 7.2.24RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

      • Qt for Android better than ever before

        As you already know KDAB is the largest independent contributor to Qt code. Of course we didn’t get lazy and we’ve added a lot of cool stuff to Qt 5.14.

        In this article I’m going to write about the super cool stuff that we’ve added to Qt 5.14 for Android.

        Folks, this is the biggest feature added to Qt on Android since I made the Qt on Android port! I dreamt on this change for a very loong time! I found that is possible to add such support to qmake by mistake. I had to do some work on Windows (which is not my platform of choice) and there I found that debug and release builds are different on Windows, the makefiles generated by qmake will build twice your source files.

        This was exactly what I needed to add multi abi for Android! A few days later I had a WIP patch and, with the help of The Qt Company people, we landed the change in Qt 5.14 alpha!

  • Leftovers

    • Science

      • 3 Win Nobel Prize in Physics for Work to Understand Cosmos

        A Canadian American cosmologist and two Swiss scientists won this year’s Nobel Prize in Physics on Tuesday for exploring the evolution of the universe and discovering a new kind of planet, with implications for that nagging question: Does life exist only on Earth?

      • Hypoxia Researchers Awarded 2019 Nobel Prize in Medicine

        In recent years, it was common knowledge in the medical field that the body produces a hormone called erythropoietin (EPO) in the kidney as a response to the lack of oxygen in hypoxia.

        Gregg Semenza was studying how EPO generation was connected to specific DNA segments while Sir Peter Ratcliffe was researching into how oxygen regulates EPO generation. Both scientists were able to find that these physiological responses were found in all tissues, instead of just kidney cells as originally thought.

    • Health/Nutrition

      • Exposure to air pollution is linked to an increase in violent crime

        They find that a 10% increase in same-day exposure to PM2.5 (particulate matter less than 2.5 microns in diameter) is associated with a 0.14% increase in violent crimes, such as assault. An equivalent increase in exposure to ozone, an air pollutant, is associated with a 0.3% jump in such crimes. Pollution levels can easily rise by much more than that. Last November, owing to wildfires, PM2.5 levels in San Francisco rose seven times higher than average. Correlation is not causation of course (there may, for example, be a third variable affecting both pollution and crime) and the authors are cautious not to speculate about the precise mechanism by which contaminated air might lead to more rapes or robberies.

        This is not the first time researchers have identified a relationship between pollution and crime. [...]

      • 8. US Women Face Prison Sentences for Miscarriages

        One example that Randolph provided is in Alabama, where voters recently passed a measure that “endows fetus’ with ‘personhood’ rights for the first time, potentially making any action that impacts a fetus a criminal behavior with potential for prosecution.” Collectively, laws like Alabama’s have resulted in hundreds of American women facing prosecution for the outcome of their pregnancies.

      • 9. Developing Countries’ Medical Needs Unfulfilled by Big Pharma

        The Access to Medicine Foundation’s 2018 report monitored the availability of medications produced by 20 of the largest pharmaceutical companies to lower- and middle-income countries. Of the 139 drugs, vaccines, and diagnostic tests identified as urgently needed by the World Health Organization (WHO), 91 have not been developed by any of the pharmaceutical firms tracked by the report. Sixteen of WHO’s prioritized diseases have “no projects at all,” the Guardian reported.

      • 12. New 5G Network Spurs Health Concerns

        In an article published in Environmental Research, Cindy Russell wrote that, because this is the first human generation to experience “cradle-to-grave lifespan exposure” to high levels of human-made microwave radiofrequencies, the “true health consequences” of exposure will not be known for years or decades. Her article documented a range of questions regarding the safety of RFR in 2G, 3G, and 4G wireless technologies and it recommended precaution in the rollout of 5G technology.

    • Security (Confidentiality/Integrity/Availabilitiy)

      • Security updates for Wednesday

        Security updates have been issued by Fedora (chromium), openSUSE (rust and sqlite3), SUSE (dnsmasq, firefox, and kubernetes, patchinfo), and Ubuntu (python2.7, python3.5, python3.6, python3.7).

      • Father of Unix Ken Thompson checkmated as his old password has finally been cracked

        Back in 2014, developer Leah Neukirchen found an /etc/passwd file among a file dump from the BSD 3 source tree that included the passwords used by various computer science pioneers, including Dennis Ritchie, Ken Thompson, Brian Kernighan, Steve Bourne, and Bill Joy.

        As she explained in a blog post on Wednesday, she decided at the time to try cracking the password hashes, created using DES-based crypt(3), using various cracking tools like John the Ripper and hashcat.

        When the subject surfaced on the Unix Heritage Society mailing list last week, Neukirchen responded with 20 cracked passwords from the file that’s she’d broken five years ago. Five hashed passwords, however, remained elusive, including Thompson’s.

      • Ken Thompson’s Unix password

        Somewhere around 2014 I found an /etc/passwd file in some dumps of the BSD 3 source tree, containing passwords of all the old timers such as Dennis Ritchie, Ken Thompson, Brian W. Kernighan, Steve Bourne and Bill Joy.

        Since the DES-based crypt(3) algorithm used for these hashes is well known to be weak (and limited to at most 8 characters), I thought it would be an easy target to just crack these passwords for fun.

        Well known tools for this are john and hashcat.

        Quickly, I had cracked a fair deal of these passwords, many of which were very weak. (Curiously, bwk used /.,/.,, which is easy to type on a QWERTY keyboard.)

        However, kens password eluded my cracking endeavor. Even an exhaustive search over all lower-case letters and digits took several days (back in 2014) and yielded no result. Since the algorithm was developed by Ken Thompson and Robert Morris, I wondered what’s up there. I also realized, that, compared to other password hashing schemes (such as NTLM), crypt(3) turns out to be quite a bit slower to crack (and perhaps was also less optimized).

        Did he really use uppercase letters or even special chars? (A 7-bit exhaustive search would still take over 2 years on a modern GPU.)

        The topic came up again earlier this month on The Unix Heritage Society mailing list, and I shared my results and frustration of not being able to break kens password.

      • How my application ran away and called home from Redmond

        I recently found a surprising leak vector in Windows 10 installations. We were porting our Beacon Application to Windows and for easy deployment. The plan was to create just one .exe including everything. However we found out that End Point Protection (EPP) solutions didn’t like that at all and we had to go with the MSI installer option. This is a story what happened during the .exe testing.

        I used my personal malware analysis lab for testing the application. My lab is an isolated network environment which has a whitelist based firewall rules. Whitelist firewall is needed to carefully allow specific updates and downloads. The lab already has Beacon Virtual Machine running and it has found issues in the past. All of them are fixed. So this leak was something new!

        [...]

        I researched a bit more and made educated guesses about why this happened. I managed to narrow it down to Microsoft Defender and the “Automatic sample submission” feature.

        [...]

        Microsoft Windows 10 sends all new unique binaries for further analysis to Microsoft by default. They run the executable in an environment where network connectivity is available. This opens interesting data leak vector for attacker and also includes some privacy concerns. It is quite common that even in isolated environments, many of the Microsoft IP address ranges are whitelisted to make sure systems will stay up to date. This enables adversary to leak data via Microsoft services which is extremely juicy covert channel.

      • Enrico Zini: Fixed XSS issue on debtags.debian.org

        Thanks to Moritz Naumann who found the issues and wrote a very useful report, I fixed a number of Cross Site Scripting vulnerabilities on https://debtags.debian.org.

      • Intimate Details on Healthcare Workers Exposed as Cloud Security Lags

        The database was set to be publicly accessible, and anyone could edit, download or delete data without administrative credentials, he said. That’s worrying given the sensitive nature of the information he found.

        [...]

        Surveying over 3,000 IT and IT security practitioners in Australia, Brazil, France, Germany, India Japan, the United Kingdom and the United States, the data shows that nearly half (48 percent) of organizations have a multi-cloud strategy, with Amazon Web Services (AWS), Microsoft Azure and IBM being the top three. The study found that, on average, organizations use three different cloud service providers, and more than a quarter (28 percent) are using four or more.

        The research also found somewhat schizophrenic attitudes towards security in the cloud. For instance, nearly half of survey respondents (46 percent) believe that storing consumer data in the cloud makes them more of a security risk; and more than half (56 percent) also noted that it poses a compliance risk. However, only 23 percent say security is a factor in selecting a cloud provider.

      • After banning working cryptography and raiding whistleblowers, Australia’s spies ban speakers from national infosec conference

        This year, AISA opted to co-organise its annual conference with the Australian Cyber Security Centre, a creature of the same spy agencies that led the crackdown on whistleblowers in June.

        But the ACSC has a very different set of priorities to AISA, which is why it insisted on the cancellation of multiple invited talks at the show, including Thomas Drake, a celebrated NSA whistleblower who was scheduled to give a talk on “the golden age of surveillance, both government and corporate”; and the University of Melbourne’s Dr Suelette Dreyfus whose cancelled lecture was on “anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem.”

        Both speakers have posted their slides, and Bruce Schneier, who gave a keynote at the conference, opened his talk by reading the URLs aloud.

        But the censorship doesn’t stop there: ACSC also demanded that invited speaker Ted Ringrose (partner at the Ringrose Siganto law firm) remove criticism in his speech on Australia’s ban on working cryptography, going so far as to edit his slides to remove “bias.” (Ringrose refused and was allowed to give his original talk as planned).

      • U.S. and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks.

        State-sponsored advanced persistent threat (APT) groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials.

    • Defence/Aggression

      • 18. Humanitarian Groups Promote Solutions to Extreme Violence in West Africa

        Peer pressure, community identity, and the impact of trauma and humiliation from security forces play a huge role in recruitment. A United Nations Development Programme study found that the arrest or killing of family members was “the tipping point” in recruitment decisions for 70 percent of jihadists. The power of faith provides a significant motivation for these groups as well, helping, for example, to frame conflict in ways that create a narrative and meaning for militants.

      • Winners and Losers From Trump Throwing Syrian Kurds Under the Bus

        The reasons for which the Washington Establishment is appalled at Trump’s abrupt withdrawal of US special operations troops from northern Syria are not necessarily the right ones. Former special presidential envoy for combating ISIL Brett McGurk wrote, “Trump tonight after one call with a foreign leader provided a gift to Russia, Iran, and ISIS.”

    • Environment

      • What is Extinction Rebellion and what are its demands?

        What is it demanding and from whom?

        Extinction Rebellion has three primary demands of governments, that they:

        Declare a climate and ecological emergency.

        Act immediately to stop the loss of biodiversity and reduce greenhouse gas emissions to net zero by 2025.

        “Create and be led by the decisions of a Citizens’ Assembly on climate and ecological justice.”

      • 13. Corporate Food Brands Drive Massive Dead Zone in Gulf of Mexico

        As Reynard Loki wrote for Truthout, a study by Mighty Earth, an environmental action group, found that the largest fast food, grocery, and food service companies in the United States are “helping to drive one of the nation’s worst human-made environmental disasters.” In a survey of 23 major brands—including Target, McDonald’s, Subway, Trader Joe’s, and Whole Foods—Mighty Earth found that none have policies requiring “even minimal environmental protections from meat suppliers.” Mighty Earth’s study, “Flunking the Planet,” gave all but one of the companies a failing grade overall for environmental safeguards after considering the sources of animal feed, the processing of animals’ manure, and overall greenhouse gas emissions. (Walmart earned a D-grade, based on its commitment to reducing supply chain emissions through its Project Gigaton initiative.)

      • The Political Realities of Science Work

        In his recent piece “Geo-engineering is a Scam“, Josue De Luna Navarro points out a fact that has always been true of the engineering profession (and also most other highly refined professions) that its students, first seeking education, and then as graduates seeking employment and lengthy careers, are destined to serve monied patrons, the Golden Rule: “those that have the gold make the rules.” Four to five millennia ago those patrons would have been called “Pharaoh,” and later “king,” “caesar,” “emperor” and “queen,” and in more recent centuries “the company” and “the corporation.” Professional expertise, like high art, has a dependency on patronage by the wealthy, without whose largesse professional ambitions would be nearly fruitless (for there are always some successful independent scientists, like Charles Darwin).

      • It’s Not Just Greta: Why are the Developing World’s Inspiring Activists Being Ignored?

        Ridhima Pandey was just nine years old in 2017 when she filed a lawsuit against the Indian government for failing to take action against climate change. Pandey’s fierce, astounding passion for the environment is not accidental. Her mother is a forestry guard and her father an environmental activist; and the whole family was displaced by the Uttarakhand floods of 2013, which claimed hundreds of lives.

      • 7.5 Million Humans Say No to Climate Crisis and Yes to Life

        As one of the 7.5 million who recently put their bodies where their mouth are to visibly say “NO” to an out-of-control global climate crisis, this writer continues to reflect upon what lies behind the futility of so many climate crises, anti-war, pro-human protests of the past, and the even more aggressive protests that will be needed in the future to tackle the forces that continue to crush the planet.

      • 14. FBI Surveilled Peaceful Climate Change Protesters

        As Adam Federman reported for the Guardian, “The FBI is prohibited from investigating groups or individuals solely for their political beliefs but has been criticized in the past for treating non-violent civil disobedience as a form of terrorism.” The subject of the FBI file on Magram, Krystofiak, and Frick is categorized by the FBI as a “Sensitive Investigative Matter,” a label, Federman explained, that often refers to cases involving political organizations which “therefore require a higher level of scrutiny.” One of the FBI documents, catalogued by the agency as part of a related domestic terrorism case and obtained by the Guardian through a Freedom of Information Act lawsuit, stated that “350.org are referenced in multiple investigations and assessments for their planned protests and disruptions.”

      • In European First, Proposed Constitutional Amendment in Sweden Would Enshrine Rights of Nature

        “When we’re in the beginning of an ecological and climate collapse,” said the lawmaker who introduced the measure, “I hope we can re-think our relationship with Nature.”

      • Sowing the Seeds of the Climate Crisis in Odisha

        “Everybody is doing it. So we are too,” said Rupa Pirikaka, somewhat uncertainly.

      • 3. Indigenous Groups from Amazon Propose Creation of Largest Protected Area on Earth

        A report for Common Dreams quoted Tuntiak Katan, the alliance’s vice president, who called the Amazon rainforest “the world’s last great sanctuary for biodiversity” and said, “It is there because we are there. Other places have been destroyed.”

      • 4. US Oil and Gas Industry Set to Unleash 120 Billion Tons of New Carbon Emissions

        Oil Change International’s coverage is based on a study, “Drilling Towards Disaster,” produced in collaboration with 350.org, Amazon Watch, the Center for Biological Diversity, Food & Water Watch, Greenpeace USA, and a dozen other organizations. According to the report, new US oil and gas development could enable 120 billion tons of new carbon pollution, the equivalent to “the lifetime CO2 emissions of nearly 1,000 coal-fired power plants.”

      • Massachusetts Lawmakers Step Up Pressure on Enbridge to Scrap Controversial Gas Compressor Station

        Compressor stations, which propel natural gas through pipelines, emit a variety of pollutants and are usually built in rural areas.

      • Penguins in peril as winds change and heat rises

        New weather patterns in the warming Antarctic are leaving thousands of penguins in peril, prompting calls for them to be specially protected.

      • Water stress rises as more wells run dry

        Soon, communities and even nations could be drawing water faster than the skies can replenish it. As the wells run dry, so will the rivers.

      • Energy

        • 16. Underwater Avalanches Heighten Risks of Oil Catastrophes

          As MacDonald reported, one instance of this type of catastrophe has already happened. A well located off the coast of Louisiana owned by Taylor Energy has been leaking oil since 2004. Government regulators and energy companies, MacDonald wrote, “should be doing much more to prevent such catastrophes at other sites.”

      • Wildlife/Nature

        • 20. Scientists Accelerate Coral Reef Regrowth with Electricity

          The technique is currently being used by conservationists with Reef Ecologic to restore sections of coral on Australia’s Great Barrier Reef that were badly affected by mass bleaching events in 2016 and 2017. The same technique has previously proven successful on reefs in the Caribbean, the Indian Ocean, and Southeast Asia, Klein wrote.

        • 15. Trump Administration Threatens Endangered Species Act

          For a little over a decade, according to the Earth Island Journal’s report, conservationists have fought to protect Pacific walruses under the Endangered Species Act. Protection for the walrus under the ESA was first proposed in 2008; in 2011, the US Fish and Wildlife Service (FWS) suggested that the Pacific walrus was threatened and endangered. But in October 2017, the Trump administration concluded that the Pacific walrus did not warrant listing. The FWS under Trump appointees explained that “impacts of the effects of climate change on the Pacific walrus population are based on speculation, rather than reliable prediction,” Pekow reported. The Center for Biological Diversity (CBD) has sued the Trump administration over the decision, and that lawsuit is still pending.

        • Owyhee Ecocide: Anatomy of BLM’s Ancient Juniper Forest Destruction
    • Finance

      • How Trump’s Tariffs Are Creating Jobs — for Canadians

        A few months ago, Elliot Markillie started getting calls about small boxes.

        He works for a logistics company near Vancouver, British Columbia, called a52 that handles distribution for big apparel and footwear brands. The brands source their goods from China and had just been hit with steep tariffs, on top of the duties already applied to clothes and shoes.

      • 17. More Than 25 Percent of Formerly Incarcerated People are Unemployed

        Their study, “Out of Prison & Out of Work,” drew on statistics from the 2008 Bureau of Justice Statistics’s National Former Prisoner Survey data—the most recent available data—and showed that the unemployment rate for the five million formerly incarcerated people living in the United States was more than 27 percent, compared to 5.8 percent for the general population. (“Contemporary unemployment rates may differ,” Couloute and Kopf wrote, “but we are confident that formerly incarcerated people are still substantially disadvantaged compared to the general public.”)

      • 23. New Programs Make School Food Systems More Equitable

        New programs not only connect school children with local farms, they also create jobs in the community, and keep money in the community to support on-campus gardens and farm-fresh meals. A study in Georgia found that for every dollar the program spent, two dollars stayed in the state, instead of leaving to be invested in a large food company, YES! Magazine reported.

      • “Your Transaction Has Been Canceled”: Lessons in Lebanon’s Economy

        I sniffed something was wrong in Lebanon when the central bank governor Riad Salame announced to us all that there were plenty of dollars in the system. No shortages. No tightening of the purse strings. I still have the papers with his announcement on page one.

    • AstroTurf/Lobbying/Politics

      • Ellen DeGeneres and the American Psychopath

        A little over a year ago, I wrote an article for this publication called, “The Liberal Rehabilitation of George W. Bush Is Complete,” and so it’s my regrettable duty to inform Ellen DeGeneres that her palling around with George W. Bush at a Dallas Cowboys game Sunday—and her subsequent sanctimonious defense of such as a gesture of benevolent friendship meant to heal our fractured, angry nation—is too late. Michelle Obama’s Werther’s Original has melted away, and there’s nothing left but dry mouths and hacks.

      • White House Impeachment Letter Sparks Constitutional Crisis

        President Donald Trump and his administration will not participate in the Congressional impeachment inquiry, the White House announced Tuesday, setting up a constitutional crisis in the conflict between two ostensibly co-equal branches of government.

      • Warren calls out Facebook for refusing to remove anti-Biden ad [iophk: more tweets in place of official channels :( ]

        The ad implies Biden sought to fire the prosecutor because he had been investigating the company where Biden’s son served as a board member.

        There’s no evidence showing Biden sought to fire the prosecutor to protect his son. The Obama administration repeatedly said it sought to oust the prosecutor because of concerns he was not doing enough to root out corruption.

        “Facebook already helped elect Donald Trump once. Now, they’re deliberately allowing a candidate to intentionally lie to the American people. This is a serious threat to our democracy,” Warren tweeted Wednesday. “We need transparency and accountability from Facebook.”

      • Republican-led probe finds Russia helped Trump in 2016 election

        A Senate Republican-led investigation said in a report Tuesday that Russia indeed sought to help President Donald Trump in the 2016 election, contradicting persistent White House claims to the contrary.

        The Senate Intelligence Committee’s 2016 election investigation report said a sweeping social media manipulation campaign by the St. Petersburg-based Internet Research Agency (IRA) represented “overt support of Russia’s favored candidate in the U.S. presidential election.”

      • ‘We too love money more than freedom’: South Park creators post sarcastic apology to China

        The cartoon’s creators Trey Parker and Matt Stone posted an “official statement” on Twitter: “Like the NBA, we welcome the Chinese censors into our homes and into our hearts. We too love money more than freedom and democracy. Xi doesn’t look just like Winnie the Pooh at all. Tune into our 300th episode this Wednesday at 10! Long live the Great Communist Party of China! May this autumn’s sorghum harvest be bountiful! We good now China?”

      • The Real Cover-Up: Putting Donald Trump’s Impeachment in Context

        There is blood in the water and frenzied sharks are closing in for the kill. Or so they think.From the time of Donald Trump’s election, American elites have hungered for this moment. At long last, they have the 45th president of the United States cornered. In typically ham-handed fashion, Trump has given his adversaries the very means to destroy him politically.

      • To His Wealthy Donors, Trump Is Their Grifter

        To decipher President Donald Trump’s presidency, apply the basic rule of politics: Follow the money.Last month, for example, Trump performed at rallies in North Carolina and in New Mexico. He entertained adoring crowds, clad in Trump’s MAGA caps and T-shirts.The rallies got featured on Fox and other news stations.

      • Portugal’s Lesson for the Global Left

        There’s a place in the West where a smattering of anti-austerity, pro-immigration, pro-public-spending left-wing parties are not only in power, but are actually popular. I’m talking about Portugal, the small European country I have witnessed grow into a global political marvel.

      • ‘The Tide Has Shifted’: New Poll Shows Nearly 60% of Americans Support Trump Impeachment Inquiry

        The Washington Post-Schar School poll also found 49 percent of Americans want the House to call for president’s removal from office…

      • Putin gives Order of Courage award to American astronaut who survived Soyuz launch accident

        NASA astronaut Nick Hague has received the Order of Courage following a command from Russian President Vladimir Putin. Putin issued the prestigious state award to Hague for “the courage and high professionalism he demonstrated while fulfilling his duties in high-risk, life-threatening conditions during an emergency situation at the Baikonur Cosmodrome.”

      • The Kremlin has reportedly met in private and determined how it screwed up Moscow’s September elections

        The Putin administration has reportedly acknowledged, at two private events, the mistakes made ahead of Moscow’s City Duma elections in September. Sources told the newspaper Vedomosti about two events that were closed to the public: a roundtable organized by the state pollster VTsIOM that included Putin staffers, and a seminar held by the administration itself for the political consultants who worked on regional elections.

      • Guns For Hire: the US Shouldn’t Be Using the Military to Police the Globe

        Eventually, all military empires fall and fail by spreading themselves too thin and spending themselves to death.

      • The Real Venezuela: Dignified, Indivisible and Truthful

        All those wondering who is in charge in Venezuela, should stop reading the biased and confusing corporate media and should look at who represents the country at the United Nations. The UN is not a perfect institution but it is one that is clear on the issue of membership despite powerful attempts at obfuscating that clarity.

      • Polling the Warren Factor

        Morning Consult polling shows no change outside its stated 1% margin of error over the last few weeks of polling. Where Joe Biden stood at 31.8% in crosstabs kindly forwarded to me by Morning Consult’s press officer two weeks ago (field dates September 17-23), Biden has risen slightly to 32.7% as of yesterday’s release (field dates September 30 to October 6). Elizabeth Warren, meanwhile, has risen as well, but also under 1% from 19.9% to 20.7% during the same period. Bernie Sanders’ standing has shown almost no change at all from 19.1% on September 23 to 18.9% in data released yesterday evening.

    • Censorship/Free Speech

      • Freedom from censorship on mailing lists

        One prominent tool used to construct the fake community is the email discussion list.

        When people join a discussion list, they assume and believe that they are being exposed to a wide range of opinions. Therefore, when some opinions or critical information is hidden, ordinary members of the list are deceived. People have not consented to this deception.

        In 2018, FSFE used these tactics to make it appear that nobody supported elections any more. In 2019, rogue elements of the Free Software Foundation (FSF) staff used the same tactics to undermine their own founder, Richard Stallman. FSF is the organization that explains their use of the word Free using the phrase Free as in speech, not free as in beer. When they don’t even allow Free Speech on their own LibrePlanet-discuss mailing list, the organization loses all credibility.

      • Speakers Censored at AISA Conference in Melbourne

        Two speakers were censored at the Australian Information Security Association’s annual conference this week in Melbourne. Thomas Drake, former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate. Suelette Dreyfus, lecturer at the University of Melbourne, was scheduled to give a talk on her work — funded by the EU government — on anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem.

      • The NBA Is Going to Have to Choose

        The NBA reveled in the praise it got for being the pro sports league that welcomes its players’ and employees’ opinions on political and social issues. But the league’s respect for open expression—which supposedly distinguished it from the NFL—suddenly has its limits.

        A posting on Twitter Friday by the Houston Rockets general manager Daryl Morey showing support for the Hong Kong protesters has fractured the relationship between the National Basketball Association and its business partners in China, a country with deep pockets and an insatiable thirst for the sport. The tweet featured an image bearing the caption “Fight for Freedom. Stand with Hong Kong.” It wasn’t up for long, but it was enough to jeopardize the NBA’s growing ties with the Chinese Basketball Association and Chinese corporations.

        Now the NBA is trying desperately to mollify China—which will accept no criticism of its embarrassing human-rights record—while also paying lip service to Morey’s right to express himself. This strategy is working quite miserably.

      • Abrar Fahad killing: Bangladesh student was beaten for four hours

        Torture of public university students by the student wing of the ruling parties is nothing new. New students are often forced to attend meetings and rallies just to be able to stay in the dormitories. Beating and bullying of those who hold different views or defy the order of the leaders is common.

    • Privacy/Surveillance

      • Thailand orders restaurants and internet cafes offering public WiFi to log your internet history

        Thailand has ordered all restaurant and cafe owners who provide WiFi to start storing the internet history of patrons for at least 90 days. This new announcement came at a news conference on the 8th of October. The Thai ministers clarified that this is a new update to a newly passed Computer Crimes Act that also forces Thai internet service providers (ISPs) to log internet history for 90 days. This means that no matter how you’re using the internet in Thailand, your internet history is likely being stored and analyzed. That is to say, Thai internet users need VPN to protect their privacy from the government.

      • Industry appears to think encryption law review is an eyewash

        Dr Renwick issued a media release last week, extending the date for submissions to 1 November and stressing that though there had been numerous submissions to the Parliamentary Joint Committee on Intelligence and Security, he could not treat those as submissions to his inquiry unless they were submitted to him.

        The law, officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, was passed on 6 December 2018, without any amendments with the Labor Party supporting its passage.

        Soon after, a review of the law by the PJCIS was announced with a reporting date of 3 April. But the only thing that this committee did was to put off any decision on amendments, instead asking Dr Renwick to review the law and report back by 1 March 2020.

      • Never Trust a Platform to Put Privacy Ahead of Profit

        A Twitter spokesperson told WIRED that the company doesn’t have further comment on what internal issue caused the mix-up. In September 2018, Facebook admitted that it, too, had used phone numbers customers had shared to set up two-factor authentication for marketing and customization. The Federal Trade Commission fined Facebook a record $5 billion in July over numerous instances of user data mishandling.

      • The Data Isn’t Yours

        The typical interaction that generates data about an Internet user involves two parties, a client and a server. Both parties know what happened (a link was clicked, a purchase was made, …). This isn’t “my data”, it is data shared between the client (“me”) and the server. The difference is that the server can aggregate the data from many interactions and, by doing so, create something sufficiently valuable that others will pay for it. The client (“my data”) cannot.

      • Taking a ferry to the ATM: which areas face the longest treks to a free cash machine?

        Between January 2018 and May 2019, some 5,334 free machines were either closed or converted to fee-paying.

        When a free machine is lost in a rural area, people have to travel three times further to find an alternative than they would if they lived in a town or city, our analysis revealed.

        Worse still, almost one in eight (12%) rural communities that lost a free ATM now have to travel more than 1km to the nearest machine that doesn’t charge for withdrawals.

      • The DOJ Is Conflating The Content Moderation Debate With The Encryption Debate: Don’t Let Them

        As we’ve detailed a lot over the last week, the DOJ has decided that after years of failing to get backdoors mandated by warning about the “terrorism” bogeyman, it’s decided to pick up the FOSTA playbook, and instead start focusing on child porn — or what “serious people” now refer to as Child Sexual Abuse Material (CSAM). It did this last week with an assist from the NY Times, who published an article with (legitimately) scary stories, but somehow blaming the internet companies… because they actually report it when they find such content on their networks. I’ve seen more than a few people, even those who generally have been strong voices on the encryption debate and against backdoors, waver a bit on this particular subject, and note that maybe there shouldn’t be encryption on social media networks, because it might (as the narrative says) help awful people hide their child porn.

      • To Stop Threat of ‘For-Profit Surveillance,’ Rights Groups Demand End to Partnerships That Give Cops Access to Amazon Ring Data

        “Our elected officials are supposed to protect us, both from abusive policing practices and corporate overreach. These partnerships are a clear case of both.”

      • Civil Rights Groups Ask Government to Stop Amazon Ring Partnership with Police

        There have been many people upset to find that Amazon was partnering with the police, allowing them to use their customers’ Ring Doorbells for surveillance. Many people find it a breach of their privacy. More than 30 civil rights groups find fault with it as well. They signed off on an open letter to elected officials, asking them to end this partnership. Included in these groups are CAIR, United Church of Christ, and United We Dream.

    • Freedom of Information / Freedom of the Press

      • Journalists Who Visited Julian Assange Targeted By Company Spying On CIA’s Behalf

        A Spanish security company was apparently enlisted by the Central Intelligence Agency to compile reports on journalists, attorneys, doctors, and any Russians or Americans who visited WikiLeaks founder Julian Assange while he was living in Ecuador’s embassy in London.

        Undercover Global S.L. operated a security checkpoint. Visitors were instructed to “hand over their bags, computers, electronic devices, and cellphones,” according to Spanish newspaper El País.

      • Telugu journalist Ravi Prakash arrested after refusal to remove online interviews

        Tolivelugu reporter Raghu Ganji told CPJ that on September 30 the news website had carried two interviews on its YouTube channel conducted by him on the ongoing strike by 50,000 employees of a state-run transport corporation demanding pay hike and a freeze on the privatization of public transport. In one interview, transport union leader E Aswathama Reddy accused Chief Minister Kalvakuntla Chandrashekhar Rao and industrialist PV Krishna Reddy of being involved in a multi-million dollar public transport scam. In another interview, opposition leader Mallu Bhatti Vikramarka made allegations of corruption against Rao and Reddy relating to a huge irrigation project in Kaleshwaram, Telangana.

      • CBP Official Refuses To Give Journalist His Passport Until He ‘Admits’ He Writes ‘Propaganda’

        The situation at our borders is getting worse for some American citizens. I mean, all American citizens are likely dealing with more questions, more screening, and more general hassle now that the President has declared immigrants and asylum seekers to be a “national emergency.”

    • Civil Rights/Policing

      • Mozambique: Police Linked to Killing of Election Observer

        Mozambique police officers have been implicated in the killing of an election observer in an escalation of violence that threatens national elections scheduled for October 15, 2019. 

      • Lebanon No Longer A Safe Haven for Activism

        Lebanon used to be known as a port in a storm for human rights defenders from the Arabic-speaking world – especially those working on gender and sexuality – to organize freely and without censorship.

      • I Am One of Aimee Stephens’s Lawyers, and I Heard Yesterday’s Argument Firsthand

        Yesterday, the Supreme Court heard argument on whether it is legal to fire people for being transgender or for being gay. I represent Aimee Stephens, the woman who lost her job as a funeral director for being transgender, and I was sitting at counsel table during the argument. You can read the argument transcript online.

      • Saudi Arabia is admitting general tourists for the first time. Here are 20 things that could get you arrested or fined, like dabbing, carrying a Bible, or wearing shorts

        While the country is moving toward more a relaxed dress code, recently saying female travelers won’t have to wear a long cloak called an abaya, it’s best to err on the side of caution.

      • More than two dozen women accuse President Trump of unwanted sexual contact in new book

        In total, the president has been accused by 43 new women of inappropriate behavior in “All the President’s Women: Donald Trump and the Making of a Predator.” Of those accusations, 26 include instances of unwanted sexual contact, according to Esquire, which published an excerpt from the book. (As of July, Trump faced at least 17 public allegations of sexual misconduct.)

        Based on more than 100 interviews, “All the President’s Women” was written by journalists Barry Levine and Monique El-Faizy. “What emerges from the authors’ reporting is a portrait of a predator who hides behind wealth and institutional power to frequently harass and abuse women,” Esquire editor Adrienne Westenfeld wrote.

      • 21. Court Ruling Provides “Blueprint” to Reform Excessive, Discriminatory Policing in Schools

        The California Justice Department’s investigation showed the district had turned thousands of minor student misbehaviors—commonplace in any school—into criminal offenses, disproportionately affecting black, Latino, and disabled students. School police overused handcuffs and restraints on students and conducted random and unannounced searches of students’ belongings using police dogs, while school officials engaged in searches that violated students’ rights to privacy under the Fourth Amendment. In many cases, overreactions by undertrained officers created escalations that led to student arrests.

      • 10. Pentagon Aims to Surveil Social Media to Predict Domestic Protests

        A study titled “Social Network Structure as a Predictor of Social Behavior: The Case of Protest in the 2016 US Presidential Election” examined the use of social media in anti-Trump protests after the 2016 presidential elections. Funded by the US Army Research Laboratory, the study concluded that post-elections protests could have been predicted by analyzing millions of American citizens’ Twitter posts. “Civil unrest is associated with information cascades or activity bursts in social media, and these phenomena may be used to predict protests,” the study concluded. “Failure to predict an unexpected protest may result in injuries or damage.” As Ahmed summarized, “This pivotal finding means that extensive real-time monitoring of American citizens’ social media activity can be used to predict future protests.” However, his report noted that, in its current form, the tracking software used is not entirely accurate.

      • 11. Ukrainian Fascists Trained US White Supremacists

        A federal criminal rioting complaint, filed in Los Angeles in 2018, included an affidavit stating that four American white supremacists from the Rise Above Movement (RAM) trained with Ukraine’s Azov Battalion. The training took place after the white supremacist gang participated in violent riots in Huntington Beach and Berkeley, California, and in Charlottesville, Virginia, in 2017, Max Blumenthal reported for MintPress News.

      • South Sudan/AU: Set Meeting on War Crimes Court

        South Sudan’s government and the African Union should urgently meet to clarify plans to set up a proposed hybrid court for wartime atrocities, Human Rights Watch said in a letter to both the government and the AU that was published today.

      • Bulgaria: Despite Court Order, Australian Still Detained

        Bulgarian authorities should clarify the legal basis for the continued detention of an Australian citizen, Paul “Jock” Palfreeman, or release him immediately.

      • Myanmar: Rohingya Jailed for Traveling

        Myanmar authorities should immediately release 30 Rohingya Muslims detained for attempting to travel from Rakhine State to the city of Yangon.

      • 5. “Modern Slavery” in the United States and around the World

        The Global Slavery Index (GSI) is produced by the Walk Free Foundation, an organization that combines research and direct engagement to influence governments and businesses to address modern slavery as a human rights issue. The GSI draws on national surveys, reports from other agencies, such as the United Nations’s International Labour Organization, and databases of people who have been assisted in trafficking cases.

      • 6. Survivors of Sexual Abuse and Sex Trafficking Criminalized for Self-Defense

        In contrast to the spate of news coverage from establishment outlets, which focused on Brown’s biography and the details of her case, independent news organizations—including the Guardian, Democracy Now!, Rolling Stone, and Mother Jones—stood out by reporting that cases like Brown’s are all too common. Victims of sex trafficking and sexual violence are often prosecuted for acts of self-defense. In a January 2019 interview, Mariame Kaba, the cofounder of Survived and Punished, an organization supporting survivors of violence who have been criminalized for self-defense, told Democracy Now!, “There are thousands of Cyntoia Browns in prison.”

      • 7. Flawed Investigations of Sexual Assaults in Children’s Immigrant Shelters

        ProPublica’s review of hundreds of police reports showed that, “again and again,” police were “quickly—and with little investigation—closing the cases, often within days, or even hours.” The number of cases of sexual assaults of immigrant children in shelters is likely greater than ProPublica could document, as records from shelters in Texas, “where the largest number of immigrant children are held,” could not be obtained due to state laws in Texas that ban child abuse reports from being made public.

      • A Tale of Two Policies: Trump’s Hypocrisy and State Violence in Venezuela and Brazil
      • Violating The Fourth Amendment To Break Up An Underage Drinking Party Means No Qualified Immunity

        How far would a cop go to break up an underage drinking party? Far enough to get sued in federal court.

      • Your Money Or Your Life: Louisville Cops, Prosecutors Dropping Hefty Trafficking Charges In Exchange For Seized Cash

        Law enforcement agencies like to portray asset forfeiture as an important weapon in the Drug War arsenal — one capable of toppling cartels and kingpins. Every so often, a large amount of cash and drugs is trotted out in front of reporters as evidence of this claim.

    • Internet Policy/Net Neutrality

      • US Court says that states can ignore FCC and pass their own net neutrality laws

        A circuit judge has ruled that States can enact their own net neutrality laws – like California is doing – and that isn’t against the current federal rules on net neutrality. Ever since the Federal Communications Commission (FCC) outlawed net neutrality protections in 2016, the question of whether states could enact their own net neutrality preserving laws loomed large. The FCC, of course, opined that the FCC’s federal ruling would override any state laws existing or future. However, a federal court has now ruled and opined the other way – that states do have the right to pass their own net neutrality laws, that internet service providers (ISPs) need to follow if they wish to do business in said states.

    • Monopolies

      • Teens choose YouTube over Netflix for the first time, according to new survey

        Piper Jaffray found 37% of teens prefer to watch videos on YouTube, narrowly edging out Netflix, which came in at 35%.

      • Mark Zuckerberg to testify before Congress on Facebook’s libra cryptocurrency

        Facebook CEO Mark Zuckerberg will testify before the House Financial Services Committee on Oct. 23, the committee announced Wednesday.

        House members had been pushing for Zuckerberg to testify on Facebook’s cryptocurrency plans as the committee had been in talks with COO Sheryl Sandberg about testifying as soon as this month.

        Chairwoman Maxine Waters, D-Calif., has previously called for Facebook to postpone its implementation of libra ahead of regulatory measures.

      • Patents and Software Patents

        • Failure To Launch: The Patent Thicket Delay Of US Biosimilars

          Law360 (October 9, 2019, 12:42 PM EDT) — Biologics originators successfully argued that they required longer exclusivity periods without competition from follow-on products because patents covering the originators’ products would not pose the same barriers to entry that patents provide for small molecule drugs.

          Almost 10 years after enactment of the Biologics Price Competition and Innovation Act, it is clear that originators’ concerns were overstated. Patent thickets remain an important obstacle to launching follow-on biologics and help explain why such launches in the U.S. lag behind those in Europe.

          Patent thickets are providing originators with years of additional exclusivity.

        • Judge Koh denies Continental’s anti-anti-antisuit TRO motion against Avanci, Nokia, Sharp, others: complex legal issues require hearing from defendants

          Late Tuesday afternoon by local time, Judge Lucy H. Koh of the United States District Court denied automotive supplier Continental’s motion for a temporary restraining order (TRO) against the Avanci patent pool firm and several of its members (Nokia, Sharp, Conversant, Optis). The motion had been brought earlier in the day and sought not only to prevent defendants from pursuing injunctive relief against Continental supplier Daimler but also to bar them, by means of an ex parte TRO, from seeking yet another anti-antisuit-injunction injunction (AAII) in Munich or from another German court.

          [...]

          What Judge Koh’s order makes clear is that she wasn’t satisfied with how Conti described the situation. She might have missed an affidavit (that word is part of a passage she highlighted when quoting the Federal Rules of Civil Procedure) specifically for the purpose of coherently and compellingly laying out the facts that Conti believes warrant a TRO. Indirectly and implicitly, Conti did; but that wasn’t enough.

          What might also have played a role is Conti’s footnote that the ten already-pending German Nokia cases were, for the time being (awaiting the outcome of the Munich anti-antisuit appeal) excluded. Those are the cases were the Avanci group of companies is most likely to obtain and enforce a first German SEP injunction against Daimler. But due to the Munich anti-antisuit order, Conti had to exclude them (otherwise a contempt proceeding in Munich would surely have started). So the TRO motion was just about five Sharp cases, one Conversant case, and any future or unknown cases, not to the ten more advanced Nokia cases.

      • Copyrights

        • Full-Time Writing: Five Years In

          No, start by reading The Copyright Handbook. I reread this book every year, and I buy every new edition. It’s that important. Remember, authors don’t sell books: we create and license intellectual property [sic]. This realization, way back in 1999, was key to me becoming a full time writer.

          Wait–you absolutely must read Rusch’s How To Negotiate Anything. It turns the typical authorial introversion into a negotiating advantage. If you can’t negotiate, you don’t have a business.

          Real businesses have multiple income streams, and add additional streams any time they can. If you rely on a single income stream, your business is inherently short-lived. Maybe exclusivity with one business has been good to you, but it puts you at the mercy of that company. I won’t sign on exclusively with Amazon. I won’t put all my nonfiction through No Starch Press, exactly as they would not agree to me becoming their only author. A single source of income is short term thinking. My largest single customer (Amazon) is less than a third of my income. Losing them would suck but I’d survive.

        • Devastating remix of Ellen’s lecture on befriending George W. Bush disappears after copyright takedown … then reappears in force

          Ellen DeGeneres’s friendship with ex-President George W. Bush became controversial this week, in light of the progressive values she claims and the 600,000 corpses left by his occupation of Iraq. She delivered a monologue on her show in response, casting their friendship as an example of civility, overcoming political differences, and having “faith in America”. So Rafael Shimunov added a simple backdrop of Iraq war scenes to her monolog, in the hopes DeGeneres might better understand the complaints. In response, copyright takedown notices flew and it was removed from the ‘net, so it is at least getting under her skin.

        • Ellen DeGeneres’s George W. Bush Debacle Is a Lesson in the Drawbacks of Assimilation Politics

          His presidency was defined early on by September 11 and the invasion of Afghanistan. But it was the March 2003 invasion of Iraq, publicly predicated in part on the false claim that Iraq’s leadership had weapons of mass destruction (WMDs), that gave him a reputation as a president who lied to get into a war that is believed to have killed hundreds of thousands of Iraqi civilians. The invasion and subsequent occupation of Iraq by U.S. military forces have also been criticized as an oil war and resulted in heavy scrutiny of Bush’s ties to the fossil fuel industry, where he launched his career.

        • Back to Piracy For Adobe Users in Venezuela But Most Pirate Anyway
        • Not The First Rodeo: Lil Nas X And Cardi B Hit With Blurred Lines Style Copyright Complaint Over Rodeo

          We’ve talked quite a bit lately about how the Blurred Lines decision, saying that having a similar “feel” in a song can be copyright infringement even if it’s not a direct copy, has truly messed up the recording industry. Artists are afraid to even mention inspirations for fear of it leading to a lawsuit. New lawsuits are freaking out musicians and even have the RIAA complaining that maybe copyright protection has gone too far.

        • File-Sharing and VPN Traffic Grow Explosively

The EPO is Gradually Being Outsourced to Private, For-Profit, Unaccountable and Notorious Companies

Posted in Europe, Patents at 10:13 am by Dr. Roy Schestowitz

A neoliberal article
From Wednesday, 17th of October, 2018

Summary: The EPO is becoming a private enterprise one piece at a time; what’s not to like?

EARLIER this year we wrote about EPO President António Campinos planning to give about $50,000,000 to a 'Nazi company' (for so-called 'security'; oppression in disguise actually) without as much as consultation, negotiation or input from workers and their representatives. This was particularly interesting because of Battistelli‘s accusations that EPO staff representatives were like “Nazis” (even judges were called that); if Team Battistelli hires people from a company whose very roots are Nazi Germany (literally created under the Third Reich), won’t Battistelli’s words seem like pure projection?

“Then came Serco Germany, known best for an almost/near-monopoly on ‘detention camps’ or “Secure Immigration Detention” as they like to call it (akin to concentration camps, which were turned into a profitable private venture).”But wait; it gets worse.

Then came Serco Germany, known best for an almost/near-monopoly on ‘detention camps’ or “Secure Immigration Detention” as they like to call it (akin to concentration camps, which were turned into a profitable private venture). What on Earth is Campinos stepping into? Is this what the Mercer (Trump ally) ‘study’ telling him to do?

The EPO is gradually, under a blanket of secrecy, adopting extreme neoliberal tactics that render a “public” monopoly a private one; the EPO’s monopoly is being turned into somebody’s business — a for-profit enterprise without accountability (like mercenaries). Some consequences were seen recently following overt censorship and yesterday Telecompaper reported more outsourcing by the EPO. Yes, it continues! What we have here is a private, for-profit enterprise and monopoly that’s above the law! Campinos did the same thing at EUIPO — outsourcing the “IT” to India in defiance of EU rules/policy. He even got away with it, maybe owing to diplomatic immunity. He soon (months later!) became the President of the EPO. Now comes this contract for OTE:

Specialised engineers from the OTE Group, operating the Business Control Center, will provide monitoring, maintenance and 1st level IT support on-site, 24 hours a day, 7 days a week, for the entire EPO network and IT infrastructure in The Netherlands, Germany, Belgium and Austria.

OTE Group specialises in providing integrated ICT services, having undertaken projects in both the private and public sectors, in Greece and internationally.

This time, unlike the aforementioned EUIPO scandal, the contract seems to have gone to Athens (EU) and not to India.

EPO President Campinos is Just a Great Pretender With ‘Soft Power’ Skills

Posted in Europe, Patents at 7:39 am by Dr. Roy Schestowitz

Soft power
Reference: Soft power

Summary: The Central Staff Committee (CSC) of the EPO has a new paper about its unfruitful negotiation efforts with the soft-spoken President

“Soft power” is a term increasingly used to describe Chinese foreign policy and to some degree domestic policy as well. It’s a relatively new term which may sound self-contradictory because power is, by definition, the opposite of “soft”. This is what makes the term rather clever or thought-provoking. The European Patent Office (EPO) was ruled by a vicious tyrant for 8 years (Battistelli era), but is António Campinos any better? The policies have been the same and arguably even worse. It’s like the sole goal is nowadays to prevent the staff from rebelling/revolting.

The EPO is trying hard to manufacture consent among the staff. EPO management tries to make people feel “proud” — as if pride can be derived from the achievements of people who don’t have anything to do with the EPO!

“Akira Yoshino, European Inventor Award winner, honoured with Nobel Prize” is the title of yesterday’s EPO publication (warning: epo.org link) that says: “The Japanese chemist Akira Yoshino, winner of the European Inventor Award 2019, has been awarded the Nobel Prize in Chemistry this year. Yoshino invented the first modern lithium-ion battery in 1983 and has continued to improve the technology throughout his extensive career.”

They are piggybacking other people’s accomplishments as if European Patents were the cause of their success! This guy isn’t even European! EPO management puppets now act as if they ‘own’ this success story, by virtue of throwing a piece of metal and some money at him. Isn’t that pathetic?

What does that all boil down to? Propaganda.

The Central Staff Committee (CSC) appears to have acknowledged that as well. “The battle of the communiqués” is the title of its latest publication. Another paper (full title “The President’s Update on Social Dialogue or The battle of the communiqués”) forms the basis of rather meaningless exchange between the EPO’s propaganda department and the rest of the staff — workers who are generally far too clever to fall for it.

“The President was getting good at publishing,” the CSC explains, “but it is publishing for publishing’s sake to give the impression to staff and Council alike that social dialogue is working, and working well at that.”

Notice that the last word of the publication (sort of) is “strikes” so there may be more EPO strikes some time soon. This is what CSC says, not SUEPO. CSC is like the “moderates”; SUEPO withdrew its call for a strike after Campinos had rushed to prevent it (just under a year into his tenure!).

Here’s the full publication:

The President’s Update on Social Dialogue

or

The battle of the communiqués

Dear colleagues,

On 27 September, before his bombshell Publication of Financial Measures, the President has published his Update on Social Dialogue on the intranet.

For the sake of clarity and in the interest of staff and constructive social dialogue we would like to set the records straight.

Where are we coming from

“Social dialogue takes many different forms. It can exist as a tripartite process, with the government as an official party to the dialogue or it may consist of bipartite relations only between labour and management (or trade unions and employers’ organizations), with or without indirect government involvement. Concerted search for a consensus can be informal or institutionalized, and often it is a combination of the two. It can take place at the national, regional or local level. It can be inter-sectoral, sectoral or at enterprise level.

Social dialogue institutions are often defined by their composition. They can be bipartite or tripartite. The tripartite actors are the representatives of governments, employers’ and workers’ organizations.”
© ILO

The ILO describes what constitutes Social Dialogue. As an Organisation in the heart of Europe we have a justified expectation to be treated in the same way other European citizens are treated „back home“. In our intergovernmental organisation, the organisation replaces the government and the state for the provision of labour and social regulations, thereby adding complexity. However, we expect all three parties, i.e. management, staff and Administrative Council, to emulate successful processes elsewhere to the benefit of all three parties.

The President often quotes the European Union institutions as a suitable benchmark for our working conditions and service regulations. In doing so, he picks his cherries, though. In the Working Group on Staff representation Resources and social dialogue (WGSR), a joint benchmarking study has been run with the administrations and organs of staff representation of comparable organisations. Both on social dialogue provisions and on resources awarded to bodies of staff representation the EPO compares very unfavourably.


90% information and explanation, 10% consultation, 0% negotiation

Social dialogue in the Office predominantly means being informed, or as VP4 put it: “We will make sure that you understand.” The General Consultative Committee’s (GCC) role is to consult staff, but we have seen only few occasions where comments of the CSC-members in the GCC contributed to a changed decision. In the Working Groups on Performance Management/Career, and Resources/Social Dialogue we receive factual information when we ask for it, we are able to file documents and proposals, but the management representatives have no mandate to comment, never mind converge on a useful regulation.

This begs the question why the President, who is unambiguous about he himself being the only one in charge of social dialogue, is not present in the working groups.

The President repeatedly states that he wants to reduce litigation. The best way to reduce the reasons for litigation is to negotiate agreements. This has not happened at the EPO for a very long time.

Monologue, bipartite or tripartite social dialogue?

The Administrative Council mandated Mr Campinos to put social dialogue back onto the rails. This is not happening. Delegating it to the President obviously does not work. The Administrative Council should also take its own responsibility, being the third party in the social dialogue for our intergovernmental organisation. Staff must be able to meaningfully interact with the person/body taking the binding decisions regarding the working conditions and social security in the Office. Merely engaging staff representatives in working groups, meeting for the sake of being able to report that meetings took place, simply does not work and cheats staff and Council alike.

It is in that light that we read the President’s update:

Meeting with Staff Representatives (16.09)

Resources of SR

Several meetings of the joint Working Group on Staff Representation Resources (WGSR) (i.e. adjustments to “Social Democracy 2.0″) took place, predominantly 90-minute video conferences. Our comments during the meetings and proposals from our side have not led to agreement, nor is one in sight. Staff and staff representatives now have to wait for the President’s near-final proposal and we sincerely hope that agreement can be reached before or at the GCC in December, although time is – by design -running very thin at this moment.

Concerning the right for Staff Committees to publish information on the intranet we welcome that the President now committed to publishing without delay or need for approval, and so far it works. But as the President’s update demonstrates, there is a continued inequality in communication means. Staff Committee communications may no longer be censored, but you still have to go looking for them unless you have activated RSS feeds. The President’s updates feature prominently, in your face, on the intranet, next to those of the Amicale.

Oh, and the Staff Committees are still not allowed to send e-mails to all staff, except for the announcement of General Assemblies of staff (limited to time, place and agenda). When we mention that to staff representatives of any other organisation we see complete disbelief in their faces. Our President alleges he dislikes mass emails, although obviously not for everybody.

Performance management system

The President describes the dialogue to have been constructive. We beg to differ. The WG meetings were 90 minute video conferences without proper agenda or minutes. The staff representatives in the Working Group on Performance Management (WGPM) (i.e. adjustments to the New career System) made oral and written proposals and asked for comments and/or (counter-) proposals from the administration. The atmosphere of the meetings was sometimes quite open and friendly. The Office representatives do not have a mandate to respond to our proposals. They always had to refer back to their superior(s), but replies were never forthcoming, even to our written proposals. We saw the same pattern as described above. We are waiting for the President’s near-final proposal for adjustments to the merit-based career, which he announced for within 4 weeks from the meeting. Looking at measures 5 and 6 we have to conclude that the time we spent in this working group was largely wasted.

The SR is opposed to changing the frequency of the performance management appraisals to shorter intervals. The current on-line management tools already provide real time information on the production and productivity of the individual staff member. This proposed change could lead to even more production pressure put on the shoulders of the staff.

We welcome the President’s commitment to opening the Harmonisation Committee, which is responsible for finalizing the reward process, to the attendance of a staff representative as observer. This step has not yet materialised and more steps will need to follow to provide transparency and to remove the arbitrary nature of the Performance Management system.

The WGPM also worked on defining an acceptable incompetence procedure with sufficient safeguards against abusive use. Like with the other activities of the WG, our proposals were never properly replied to or commented upon by the Office.

We appreciate the proposed measures to protect staff representatives during their mandate, but the procedure should be protecting all staff and consider all elements of competence in a balanced way.

Compensation and benefits

The proposed increase of +3.3% (+1.1% for staff and 2.2% for the Office) is substantial and is the result of an actuarial study. On the positive side it will avert the need to use the RFPSS fund to cover payments for up to a further 2 years. It can also be used as a further valid argument to invalidate the need of a reform of the pensions, since according to the actuarial study all future liabilities of the Office will be covered with this increase. On the negative side, beside the direct negative impact on our salaries, there is a further bias towards the higher grades impact on the SSP.

Again, we guess we were rearranging the deck chairs on the Titanic, now looking at measures 1, 2, 4, 7, 9 and 10.

Financial Study

“Staff representatives were informed [emphasis added] of the next steps in the Financial Study.” When the Financial Study was first published, the President and VP4 committed to involving staff representatives and to consider our input in the further stages of analysing the Financial Study and potentially necessary measures.

“SRs will continue to be involved throughout the process…”. Well, to date SRs have not been involved in the Financial Study, and we do not see our comments and recommendations reflected in the 17 measures. What constitutes involvement in the eyes of the President? Will we continue to be involved like we have been so far (not)? Since the bombshell any residual
optimism has evaporated. Meaningful involvement of SRs will only happen if staff forcefully
claims it loud and clear.

APC Appointments

At present, members of the Appeals Committees nominated by the Central Staff Committee must hold an electoral mandate. Clarifying the terms of mandate for appointees to the ApC when circumstances change by e.g. staff committee elections or resignation will be welcome. But that is only one solution, and not our preferred one. An electoral mandate does not necessarily qualify you for the meticulous legal work in the ApC. In the past the CSC nominated suitable non-elected staff to the ApC to ensure affinity, competence and continuity.

Meeting with SUEPO representatives (17.09)

We understand that SUEPO will publish separately on the further points of the President’s update concerning the meeting with SUEPO representatives.

Conclusion

The President was getting good at publishing, but it is publishing for publishing’s sake to give the impression to staff and Council alike that social dialogue is working, and working well at that.

He can no longer kid anyone after his 17 measures publication. For social dialogue to work we would need to see a change of mind-set in the MAC. If the Administrative Council had in mind to restore genuine and constructive social dialogue, all three parties have a long way to go.

In the absence of proper dialogue we indulge in a battle of communiqués to bring our points across to our audiences, staff and Administrative Council.

Communiqués cannot replace dialogue. Staff will now claim agreement-oriented meaningful dialogue in the forthcoming General Assemblies, demonstrations and, as a last resort, strikes.

Involving staff’s elected representatives is easier, Mr Campinos.

Your Central Staff Committee

There’s lots of stuff to ‘chew’ in there; we’re gratified to see that — even if 15 months too late — the CSC knows too well what it’s dealing with. It’s a lot like today’s China with its negotiation tactics that rarely involve military presence/action. One can be coercive and aggressive without firing a single shot. The effect is almost the same, sans the direct fatalities.

Maybe one day the Communist Party of China will issue statements to the tune of, at least we’re not as oppressive as the EPO in Munich (Bavaria, Germany, EU).

Please do note that over the past 50 days, in its public site at least, SUEPO published nothing but two links. Behind the scenes at the EPO quite a bit is happening…

SUEPO isn’t saying much, but will soon issue a statement (according to the paper above). As for epostaff4rights.org? The site has moved from offline/suspended status to no longer being registered. That’s some ‘soft power’ right there! Dissent being squashed.

The EPO’s President Campinos is a Liar

Posted in Deception, Europe, Patents at 7:07 am by Dr. Roy Schestowitz

One year ago: ‘Efficiency’ in Action: António Campinos is Sending Jobs Abroad, Then Gagging Critics

António Campinos drunken satire

Summary: It’s becoming ever more apparent that the ‘new’ and ‘improved’ or ‘shy’ and ‘gentle’ EPO President isn’t a credible negotiation partner; it’s a wolf masquerading as a bewildered sheep

THE integrity of the European Patent Office (EPO) cannot be restored under António Campinos. Everything we’ve seen so far only reinforces or proves correct our suspicions of him. He’s another Battistelli or maybe even worse because he’s masking things better — a subject we’ll tackle in our next post. Campinos opposes patent quality and promotes software patents in Europe just as much as Battistelli did. Both like to speak of “quality” and “transparency” while pursuing the exact opposite, but Campinos is a slightly better pretender, which makes him even more dangerous.

“Mr Campinos breaks his promise” is a publication circulated in the EPO last week. It’s worded too politely, probably for diplomatic reasons (bureaucracy has its downsides because crude truth and honesty better convey reality). The full title is “Technologia Staff Survey: Mr Campinos breaks his promise” and as put clearly further down in the text, Campinos is even worse than Battistelli in that regard! Battistelli allowed this survey to go on for more than half a decade after he had taken Office. “After only 14 months as head of the Office,” explains the letter below, “Mr Campinos has achieved the feat of acting in exactly the same way, and, on top of that, pulling back on an earlier commitment. We are speechless.”

You would be “speechless” only if you ever genuinely believed that Campinos would turn things around (we wrote about Campinos way back in 2016, saying he was the likely successor of Battistelli). Here’s the full letter:

Technologia Staff Survey: Mr Campinos breaks his promise

Dear Colleagues,

On 15 May 2019 we wrote an open letter to the President asking him to help the CSC with the logistics of the 4th edition of the Technologia Staff Survey, and to authorise the dispatch of individual survey access codes to all EPO staff members at their @epo.org email address.

On Monday 3 June, during a meeting with the CSC, the President committed to exactly that1. The Staff Representation then made contact with the CIO, following which a positive and productive meeting took place with the CIO and an HR representative. It was clear that the EPO administration had been instructed to facilitate the organisation of the Technologia Staff Survey within the EPO. Procedures on how to distribute the roughly 7000 individual access codes to all EPO employees at their epo.org addresses were discussed in detail, and it was decided that further aspects would be finalised after the summer break with a view to launching the survey mid-September.

On Thursday 11 September the President wrote a letter to the CSC, reneging on his promise of 3 June 2019. In his letter Mr Campinos argued, among other things, that “the sending of mass email is, as a matter of principle and in line with the Office’s IT policy, not among the methods of communication generally available for staff representatives”2. The President further stated that we should not worry about psychosocial risk analysis and prevention in the Office, considering “management’s commitment to improving the wellbeing of staff.”

Unavoidably, a disturbing question comes to mind: If management is truly interested in staff’s wellbeing, why is the President forbidding the CSC to provide each of the 7000 EPO staff members with the opportunity to take part in a survey set up by recognised experts on psychosocial risks?

No need to say that we are deeply disappointed in the President’s decision, which is not contributing to building trust between social partners. We wish to recall that the CSC was able to run the first two editions of the Technologia survey (in 2010 and 2013) using the epo.org addresses of staff without any hindrance from management. Mr Battistelli removed this possibility from the CSC for the third edition of the survey in 2016, at a time when he was busy dismissing elected staff representatives3.

After only 14 months as head of the Office, Mr Campinos has achieved the feat of acting in exactly the same way, and, on top of that, pulling back on an earlier commitment. We are speechless.

We intend to inform the Administrative Council of the above events. However, the fact remains that the CSC can no longer organise the Technologia Staff Survey. None of the proposals made by Mr Campinos in his letter – an attempt to fool the inattentive reader? – are viable, something the President should not ignore4.

We will now turn to SUEPO and ask them whether they will accept taking up the baton once more and running the Technologia Staff Survey on their own behalf, as we think that getting a clear picture of the present situation of EPO staff with respect to psychosocial risks is a must.

The Central Staff Committee

______
1 As reported by SUEPO in this paper (cf. point 5, second bullet).
2 This is an anomaly which is only true at the EPO and only since mid-2013 when Mr Battistelli decided to remove access to mass email from the Staff Representation. In all other International Organisations and in EU institutions or agencies, including the EUIPO (where Mr Campinos comes from), Staff Committees can send emails to all staff.
3 At that time, SUEPO decided to take over the survey and successfully ran it.
4 The CSC does not have the private email addresses of EPO staff, and the CSC does not conduct its business outsid

The EPO’s management does not appear to genuinely care about its main asset — the staff. As we recently showed, this staff is increasingly being replaced by outside contractors. More on that later.

We wish to draw attention to this new comment from “Experienced Examiner” over at Kluwer Patent Blog. To quote: “I get the strong impression that the EPO on purpose uses an unrealistically low discount rate, with the aim to fool the readers (apologies).”

To quote the whole comment:

And it is out: The new President published a set of measures aimed to ensure financial stability of the EPO. Those measures follow the Financial Study (a copy is available here: https://www.epo.org/modules/epoweb/acdocument/epoweb2/377/en/CA-46-19_en.pdf)

Said study has been commented on already, also on this blog. Various issues have been raised, like the lack of regularly adjusting the fees to inflation over the 20 years. Now something new popped up: the discount rates relied upon. You may wish to take a look at pages 38 and 44.In all scenarios, the discount rate starts at 2% and increases quite slowly. A low discount rate means that you need a lot of money now to cover future obligations.Page 44 indicates a strong effect of the discount rate.

We also received news from the actuaries calculating the money needed to fund the pensions. Those actuaries also use a discount rate. They relied on a discount rate of 3.25%, lowered from 3.50% compared to the study a few years ago.

Strange that the EPO relies on two different discount rates to assess its financial situation. The professionals of the trade, the actuaries, use a higher discount rate than the financial study. Speaking only for myself, I get the strong impression that the EPO on purpose uses an unrealistically low discount rate, with the aim to fool the readers (apologies).

So the EPO is perfectly OK with propagandistic, misleading ‘studies’; but when the staff wants to commission something more honest and independent, then the staff is being blocked. Even if people’s lives depend on it.

Lies have become the norm at the EPO; anything that helps refute these lies gets scuttled.

IRC Proceedings: Wednesday, October 09, 2019

Posted in IRC Logs at 1:57 am by Needs Sunlight

GNOME Gedit

GNOME Gedit

#techrights log

#boycottnovell log

GNOME Gedit

GNOME Gedit

#boycottnovell-social log

#techbytes log

Enter the IRC channels now

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts