Bonum Certa Men Certa

Links 10/10/2019: KDE Applications 19.08.2 and NixOS 19.09



  • GNU/Linux

    • GNU/Linux Communities at Reddit

      Our GNU/Linux community information is naturally centralized at Reddit for news and discussion, it's not a secret. For instance, all big GNU/Linux distros have Reddits. Even often, news from a FLOSS project comes first at Reddit and being discussed a lot there rather than other social networks. See for example news of r/KDE and r/LibreOffice there (notice that unique Reddit IDs?). If you feel unfamiliar with this, you can think Reddit like Facebook or Twitter, but amazingly faster to browse, with greatly less picture and more text. With this list, after registering you can find your first community on Reddit for example r/Ubuntu and r/linux4noobs. Speaking personally, as an active GNU/Linux user I love Reddit and actually I use DNSCrypt just because I want to visit it. Also, if you're tired of other social networks you can give Reddit a try and I believe you will love it! I wish you will find nice people and friends there. Now let's go!

    • Desktop

    • Server

      • Google's Keeping Knative Development Under Its Thumb 'For the Foreseeable Future'

        In addition to Knative, which is for deploying serverless workloads, Google evidently plans to keep the Kubernetes service mesh, Istio, in-house.

      • Puppet’s New Cloud Native Continuous Delivery Tool Builds on the CDF’s Tekton [Ed: It says: "The Linux Foundation, Puppet, and Red Hat are sponsors of The New Stack." Read as: we're being paid to write this article by the subject of this article.]

        Puppet has released into public beta its Project Nebula, a cloud native tool that connects a DevOps team’s existing toolset into an end-to-end, continuous delivery platform. The company aims to simplify deployment of microservices and serverless-based applications by connecting popular tools for infrastructure provisioning, application deployment, and notifications into a single, automated workflow.

        “There are a few folks in the world who believe in one tool that solves all the problems. And then there are folks who believe in best-of-breed and pulling the right tools for the right job with the right people, and the right culture,” said Matthew Young, senior director of product management at Puppet. “And we’re really going after the latter… We are not trying to replace every other tool.”

      • Kubectl and friends as a snap

        At Canonical, we build solutions to simplify the lives of our users. We want to reduce complexity, costs, and barriers to entry. When we built the Canonical Distribution of Kubernetes (CDK) and MicroK8s, we made sure it aligned with our mission. We built snaps like kubectl for various Kubernetes clients and services to ensure a harmonious ecosystem.

        From user feedback, requests and going over the exciting use cases our users and partners are experimenting with, sometimes you just need to get up and running. Kubernetes on a Raspberry Pi anyone? This is why we provide Kubernetes components such as kubectl, kubefed, kubeadm, etc. as snaps and open to use for your use cases.

      • IBM

        • EPEL8 packages

          With the opening up of EPEL8, there’s a lot of folks looking and seeing packages they formerly used in EPEL6/7 not being available and wondering why. The reason is simple: EPEL is not a fixed exact list of packages, it’s a framework that allows interested parties to build and provide the packages they are interested in providing to the community.

          This means for a package to be in EPEL8, it requires a maintainer to step forward and explicitly ask “I’d like to maintain this in EPEL8” and then build, test and do all the other things needed to provide that package.

          The reason for this is simple: We want a high quality, maintained collection of packages. Simply building things once and never again doesn’t allow for someone fixing bugs, updating the package or adjusting it for other changes. We need a active maintainer there willing and able to do the work.

        • vDPA hands on: The proof is in the pudding

          In this post, we will set up vDPA using its DPDK framework. Since vDPA compatible HW cards are in the process of being commonly available on the market, we will work around the HW constraint by using a paravirtualized Virtio-net device in a guest as if it was a full Virtio HW offload NIC.

        • Open Banking with Microservices Architectures and Apache Kafka on OpenShift

          Last month, at OpenShift Commons Gathering Milan, Paolo Gigante and Pierluigi Sforza of Poste Italiane, showed the audience how they built a microservices based banking architecture using Apache Kafka and OpenShift. Their slides are available here. For more great in-person events like this, register for the next Commons Gathering near you! San Francisco is coming up before the end of the month, and will focus on AI/ML.

    • Audiocasts/Shows

      • Home Network Under $200 | Self-Hosted 3

        How far can you get with a Raspberry Pi 4? We go all in and find out.

        Plus our favorite travel router with WireGuard built in, and Chris kicks off Project Off-Grid. Meanwhile, Alex adopts proprietary software.

      • Lack Rack, Jack | BSD Now 319

        Causing ZFS corruption for fun, NetBSD Assembly Programming Tutorial, The IKEA Lack Rack for Servers, a new OmniOS Community Edition LTS has been published, List Block Devices on FreeBSD lsblk(8) Style, Project Trident 19.10 available, and more.

      • The Linux Link Tech Show Episode 828
      • 2019-10-09 | Linux Headlines

        SUSE drops OpenStack Cloud, OpenLibra looks to piggyback on Facebook's cryptocurrency, OpenSSH adds in-RAM protections and Essential teases flashy new phone.

    • Kernel Space

      • 5.4 Merge window, part 2

        The release of the 5.4-rc1 kernel and the closing of the merge window for this development cycle came one day later than would have normally been expected. By that time, 12,554 non-merge changesets had been pulled into the mainline repository; that's nearly 2,900 since the first-week summary was written. That relatively small number of changes belies the amount of interesting change that arrived late in the merge window, though.

      • Upstreaming multipath TCP

        The multipath TCP (MPTCP) protocol (and the Linux implementation of it) have been under development for a solid decade; MPTCP offers a number of advantages for devices that have more than one network interface available. Despite having been deployed widely, though, MPTCP is still not supported by the upstream Linux kernel. At the 2019 Linux Plumbers Conference, Matthieu Baerts and Mat Martineau discussed the current state of the Linux MPTCP implementation and what will be required to get it into the mainline kernel. MPTCP, described by RFC 6824, is built around one fundamental idea: allowing a single network connection to exchange data over multiple physical paths. One obvious use case is a phone handset, which has both WiFi and broadband interfaces. Being able to use both at the same time would give the device greater bandwidth, but also greater redundancy — a connection could continue uninterrupted despite changes to individual paths.

      • Fixing getrandom()

        A report of a boot hang in the 5.3 series has led to an enormous, somewhat contentious thread on the linux-kernel mailing list. The proximate cause was some changes that made the ext4 filesystem do less I/O early in the boot phase, incidentally causing fewer interrupts, but the underlying issue was the getrandom() system call, which was blocking until the /dev/urandom pool was initialized—as designed. Since the system in question was not gathering enough entropy due to the lack of unpredictable interrupt timings, that would hang more or less forever. That has called into question the design and implementation of getrandom().

        Ahmed S. Darwish reported the original problem and tracked it down to the GNOME Display Manager (GDM), which handles graphical logins. It turns out that GDM was calling getrandom() in order to generate the "MIT magic cookie" that is used for authorization by the X Window System. As was pointed out by several in the mega-thread, using cryptographic-strength random numbers for the cookie (or much of anything in terms of X Window security) is well beyond the pale—a much weaker random number generator could have been used with no loss of security. Darwish noted that the call "only" requests a small number of random bytes (five calls requesting 16 bytes each) but, as Theodore Y. Ts'o said, that doesn't matter: by default getrandom() will not return anything until the cryptographic random number generator (CRNG) is initialized—which requires entropy.

        When Darwish originally bisected the problem, he pinpointed an ext4 commit that had the effect of reducing the amount of disk I/O that was being done early in the boot process. That performance enhancement also, unfortunately, turned out to reduce the amount of entropy gathered on Darwish's laptop—to the point it would not boot. That change has been reverted for now.

      • Compiling to BPF with GCC

        The addition of extended BPF to the kernel has opened up a whole range of use cases, but few developers actually write BPF code. It is, like any other assembly-level language, a tedious pain to work with; developers would rather use a higher-level language. For BPF, the language of choice is C, which is compiled to BPF with the LLVM compiler. But, as Jose Marchesi described during the Toolchains microconference at the 2019 Linux Plumbers Conference, LLVM will soon have company, as he has just added support for a BPF back-end to the GCC compiler. Marchesi, who described himself as "just a compiler guy" rather than a tracing wizard, said that this work is proceeding in three phases. The first of those is to get basic BPF support into the toolchain; for GCC, that takes the form of a new bpf-unknown-none target triplet. Support for BPF was added to binutils in May; the first GCC support landed in the project's repository just before the conference began.

      • Google Opens Up "SchedViz" To Visualize Linux Kernel Scheduling Behavior

        Google's newest open-source contribution for benefiting the Linux kernel is SchedViz.

        SchedViz is a tool developed at Google for visualizing the Linux kernel scheduling behavior. Google has already used this tool internally to find areas for improvement within the kernel to make better scheduling choices and analyzing memory latency problems.

      • Amlogic Video Decode Driver Nearly Ready With H.264 Support

        The in-kernel staging Amlogic Meson video decode driver could soon handle H.264 support as soon as Linux 5.5.

        After a lengthy journey getting into the kernel with initially just MPEG-1 and MPEG-2 support, this open-source Amlogic video decode driver should soon be in compliance with H.264.

      • Graphics Stack

        • Intel Adds GPU-Accelerated Memory Copy Support To FFmpeg

          Intel engineers have contributed GPU-accelerated memory copy support to FFmpeg when making use of their preferred video decode implementation.

          For those making use of Intel Quick Sync Video decode with FFmpeg, the latest development code has added GPU-accelerated memory copy support between the video and system memory.

        • Intel ANV & Radeon RADV Vulkan Drivers Tacking On More Extensions With Mesa 19.3

          There still is another month until the feature freeze for Mesa 19.3 to end out 2019 and it will be a big one.

          In addition to the continued flurry of OpenGL driver activity and bits like Zink potentially being merged, the Intel and AMD Radeon Vulkan drivers have been seeing more extension work for 19.3-devel. Here's the latest.

    • Benchmarks

      • The Mitigation Impact Difference On AMD Ryzen 9 3900X vs. Intel Core i9 9900K Performance

        Last week I shared benchmark results of the AMD Ryzen 9 3900X vs. Intel Core i9 9900K in 400+ benchmarks in the largest comparison ever for these two competing ~$500 USD processors. If that wasn't enough, I repeated the hundreds of CPU/system benchmarks again but without any of the recent CPU security mitigations in place to see how the situation would have played out pre-2018.

        Immediately following those tests last week, I restarted the large benchmark queue with the 300+ system/CPU tests (foregoing the gaming benchmarks with the various CPU speculative execution vulnerabilities having little impact on gaming/graphics performance). As a reminder, both the Intel and AMD systems were tested on Ubuntu 19.10 with the Linux 5.3 kernel and all of the other latest software components for this H2'2019 update to Ubuntu Linux.

        The Core i9 9900K was running with the ASUS PRIME Z390-A motherboard and the Ryzen 9 3900X with the ROG CROSHAIR VIII HERO WiFi motherboard, both boards using their very latest public BIOS releases as of testing. Both systems were tested with the same GSKILL 2 x 8GB DDR4-3600 memory, 280GB Intel Optane 900p NVMe SSD, and Radeon RX Vega 64 graphics card.

      • Windows 10 vs. Ubuntu 19.10 vs. Clear Linux vs. Debian 10.1 Benchmarks On An Intel Core i9

        Earlier this week I provided some fresh Windows vs. Linux web browser benchmarks for both Firefox and Chrome. For those curious how the current Windows 10 vs. Linux performance is for other workloads, here is a fresh look across a variety of software applications and while testing the near-final Ubuntu 19.10, Intel's rolling-release Clear Linux, and Debian 10.1 while running off an Intel Core i9 HEDT platform.

        Ahead of all our autumn 2019 Linux distribution update benchmarks, this article is a fresh look at the Microsoft Windows 10 Pro x64 performance compared to these popular Linux distributions. Particularly with Debian 10 and Clear Linux, they tend to be the fastest Linux distributions we routinely benchmark at Phoronix while Ubuntu is included due to its popularity.

        These four operating systems were all tested on the same Intel Core i9 7980XE + 4 x 4GB DDR4-3200 memory + NVIDIA GeForce GTX TITAN X + Samsung 970 EVO 500GB NVMe SSD system with the i9-7980XE being the newest Intel HEDT platform I have available for testing at the moment.

    • Applications

      • Celluloid is a really good mpv frontend for Linux

        If you are a Linux user who wants a front-end for the popular MPV video player, Celluloid may be your best bet.

        I installed the application via flatpak but you can find quite a few packages linked at the official GitHub; installation instructions for flatpak are available on the same page.

        Celluloid mpv frontend for Linux

        The GUI of Celluloid is quite similar to most Linux apps, and quite minimal. Click on the + button in the top left corner to open a video, or drag and drop one on to the interface. You can also load a web URL to stream content directly using the player from the Open Location menu.

      • ImCompressor is a New, User-Friendly Image Compressor for Linux

        It’s written with Python and Gtk and designed to the GNOME HIG. This helps it both look great and integrate well with modern Linux distros, like Fedora and Ubuntu.

        The design of the app makes it incredibly simple to use, too.

        Open ImCompressor and drag and drop jpeg and png images on to the window (or select files through the in-app file picker) to quickly, losslessly, optimise them, i.e. reduce image file size without affecting the overall image quality.

    • Proprietary

      • Opera 64 Released with Privacy Enhancing Features. Download Now

        The latest release of Opera web browser 64 is here focusing on privacy, ad blocking and many more.

      • Discord Confirms Layoffs After Internal Restructuring

        The truth is that Discord has had a really complicated 2018 year. After overcoming the barrier of 250 million registered users, last September they canceled their subscription service, Discord Nitro, which allowed access to different video games through a monthly payment. The company wrote in its blog that users were not playing the games in the Nitro subscription.

        Discord made headlines last December when they changed the policy of percentage of profits that the developers who published their video games took on their platform, a kind of counterattack to Steam and Epic Games Store after their two changes at the end of last year.

      • DJs You Are Warned ⁠— Do NOT Upgrade Into MacOS Catalina

        With the removal of iTunes in Catalina, users lost support for XML files and native playback on Macs. The XML file loss is a massive blow to most DJ software, which relies on the format for setlist organization.

        Popular DJ apps like Traktor and Rekordbox read these XML files. iTunes has been the default way that many DJs find their tracks for years now. With Music replacing iTunes in Catalina, there’s no feature parity there.

  • Instructionals/Technical

  • Games

    • Become the cleaner for government assassins in 'Nobodies' and destroy all evidence, out now

      Here's one we missed from the end of last month, it's called Nobodies and you're a government agent tasked with cleaning up after their assassins do their thing. Nobodies—no bodies, get it? Ahem…

    • Steam Play Proton 4.11-7 is out with more gamepad improvements and other misc fixes

      Valve and CodeWeavers have unleashed another update to Steam Play with Proton 4.11-7 releasing today.

      Seems they're continuing to try and get gamepads/controllers into a good state, with "Major" improvements to how they handle hotplugging. More games should now see your gamepad when you plug it in after you start it. Additionally, there's improved support for Windows games built with Unity using the Rewired Unity plugin.

    • Proton 4.11-7 Released With Controller Improvements, D9VK/DXVK Updates

      Valve has released Proton 4.11-7 as the newest version of their Wine downstream that powers Steam Play for running Windows games on Linux.

      With Proton 4.11-7 there are controller improvements including better hotplugging support of controllers and improving controller support for games relying upon the Rewired Unity library.

    • Valve will bring out 'Remote Play Together' to give online support to local multiplayer games

      The Steam pipes are leaking over at Valve again, as an upcoming feature called Remote Play Together is coming during the week of October 21.

      Valve sent word just to game developers, which they never keep quiet on for very long. Multiple game developers (#1, #2 and so on) ended up putting out posts on Twitter to let everyone know about it a bit earlier than Valve seems to have intended.

    • Strategy adventure game 'Pathway' has a huge Adventurers Wanted update, plus a note about Linux

      Get ready for another adventure as Pathway just got bigger and better with a huge free update now available.

      Mixing together node-based travel (think like FTL and Slay the Spire) with random events and turn-based tactical combat, Pathway is a fun game. However, when you've played a lot of hours it can end up perhaps a bit too repetitive. You realise later on the limitations of the game that aren't quite apparent until you really push through it. Now though? Sounds like it's a massive improvement to all areas of the game!

      The Adventurers Wanted update adds in…deep breath, are you ready? 18 new combat abilities with new ways to interact with both enemies and allies, reworked skill trees, a "sizeable" amount of new events have been added including many new combat arenas to give it more variety, you no longer stock up on consumables like medkits and instead have a new resource called Supplies which is used across multiple items, new combat modes to adjust how combat begins for more variation, an improved armour system that makes armour give direct damage reduction and the list goes on.

    • The new trailer for Edgar - Bokbok in Boulzac has me wanting more especially after the great demo

      Edgar - Bokbok in Boulzac from the French team at La Poule Noir is an upcoming comedy point and click adventure coming to Linux, the new trailer is up and continues my excitement for this one.

      It's a story rich whimsical adventure, with a protagonist who is a bit…eccentric. The kind where you can see a bit of yourself in them and you can't help but love their weirdness. He loves his chicken, which is amusingly sweet when he calls it "Precious" during dialogue. A dark comic adventure about saving your beloved squash and you stumble upon a "most terrifying secret" during your journey.

    • Bizarre action-RPG 'Insignificant' where you're three inches tall is out now with Linux support

      Insignificant is an action-RPG that tells the story of the little people and when I say that I really do mean tiny little people, you're only about three inches tall.

    • Stellaris 2.4 is out with the new Paradox Launcher included

      Paradox Interactive and Paradox Development Studio have released the latest update to Stellaris, which includes the new Paradox Launcher to unify the experience.

      The launcher isn't all that's new though. If you're running Stellaris from their own store or GOG they have added in cloud saving to both. Paradox also updated all factions titans "with panning light meshes", updates to the visual effects for "ther drake’s wing attack (muzzle, projectile, hit effect)" and new "/mute " and "/unmute " chat commands were added. Defence Platforms also got a boost for Outposts, providing 2 points of Piracy Suppression for their system.

      A bunch of UI updates also made it in like the ability to Shift+Click on the ship count in the Fleet Manager, adding ships up to the nearest 10. There's more tooltips on the Planet Screen, a new notification when one empire guarantees the in

  • Desktop Environments/WMs

    • What’s New in Xfce 4.14 Desktop

      After 4 years and 5 months of development, Xfce 4.14 was finally released. a release that it is probably included in the software repositories of almost all Linux-based operating systems. The goal for Xfce 4.14, as the developers explain, was to port all of the core components to the latest GTK3 and GDBus open-source technologies, instead of the old GTK2 and D-Bus Glib.

      Window manager Xfce 4.14, now support VSync to reduce display flickering. It also now supports HiDPI, NVIDIA proprietary/closed source drivers, XInput2. XFCE 4.14 also introduces a new default theme.

      A new default theme is present as well in Xfce 4.14, and the Thunar file manager now features a completely revamped pathbar, BluRay support for the volume manager, support for larger thumbnails, improved keyboard navigation, and support for a “folder.jpg” file to alter the folder’s icon.

      XFCE 4.14 Panel got support for RandR’s primary monitor feature, improved window grouping in the tasklist plugin (better UX, visual group indicator etc), a per-panel “icon-size” setting, a new default clock format. Users can also now change the orientation of the icons on the desktop, as well as to preview Fujifilm RAF images in the file manager.

    • K Desktop Environment/KDE SC/Qt

      • Wayland goal - Call for Action

        KDE community has elected to finalize the transition to Wayland and embrace the future of desktop.

        This entails making Plasma running smoothly under Wayland, but also making sure KDE Apps can run without bugs and missing features. It also means that we want to help the wider Wayland community to fill missing features and fix bugs.

        I call App users and developers to try out their favorite app in Wayland and report the issue that may arise. and add wayland as keyword to the bug to keep track on those bugs.

      • [Krita] To be Merged in master

        So, finally it seems like, after crossing the deadline by a couple months, Magnetic Lasso is going to get merged, as Boud told me. Lets see how many more weeks it takes, so presumably it is complete feature wise but who knows from where a bug might pop up. This post is mainly for documenting how the Magnetic Lasso works, since I am too good to make an entry in the manual.

      • KDE is All About the Apps: October Update

        We are a community of thousands of contributors who make hundreds of Apps using collaborative open source methods. Our apps run on Linux with Plasma, of course, but also fit in well with GNOME, Enlightenment, XFCE, or any other desktop you happen to be using. Many of our apps run on Windows, Android and macOS.

        A new goal for the KDE community is to push how we are All About the Apps. We will be highlighting our best software and promoting it to increase its adoption outside the circle of current KDE fans (who we still love very much!). This is a monthly update of what's new in our apps. If you'd like to help out with this community goal, take a look at the All About the Apps workboard, and join us in our Matrix chat channel.

      • KDE Applications 19.08.2 Open-Source Software Suite Released with Many Bug Fixes

        Coming a month after the first point release, KDE Applications 19.08.2 is here to address more than 20 bug fixes across a wide range of applications and core components, including Dolphin, Gwenview, Kate, Kdenlive, Kontact, Konsole, Lokalize, Spectacle, and many others, in an attempt to make the KDE Applications 19.08 open-source software suite more stable and reliable.

        Highlights of this release include improvements to High-DPI (HiDPI) support in the Konsole terminal emulator and other apps, the ability to update the search parameters when switching between different searches in the Dolphin file manager, and support for the KMail email client to save messages directly to remote folders.

      • Applications 19.08.2
    • GNOME Desktop/GTK

      • Philip Chimento: Free software at 40€°C

        It’s that time of year again, time for a belated reflection on the GUADEC conference!

        In August I traveled to Thessaloniki, Greece, to attend first the annual GNOME Foundation board handover day, then the advisory board meeting, then the GUADEC conference and associated unconference days.

        The board discussion focused quite a lot on the strategic goals for the GNOME Foundation which you can hear more about in executive director Neil McGovern’s talk. Nuritzi has also blogged about the process of putting together these strategic goals.

  • Distributions

    • New Releases

      • NixOS 19.09 released

        NixOS 19.09 “Loris” has been released, the twelfth stable release branch. See the release notes for details. You can get NixOS 19.09 ISOs and VirtualBox appliances from the download page. For information on how to upgrade from older release branches to 19.09, check out the manual section on upgrading.

      • NixOS 19.09 Released With Xfce 4.14 Packages, GNOME 3 Updates

        NixOS 19.09 ships with installer improvements so it can run with less privileges, updating to Xfce 4.14 packages for those using that desktop, better handling of different GNOME 3 services and modules, better printer handling, their VLC package now supports Google Chromecast, systemd updates, and an array of other enhancements.

    • SUSE/OpenSUSE

      • SUSE Dumps OpenStack

        Open source vendor SUSE is getting out of the OpenStack business, the company says.

        The decision is part of a shift in company strategy from infrastructure enablement to enabling application delivery, the company said in a blog post announcing the decision Wednesday.

        The blog post quotes IDC analyst Al Gillen, who says "applications and experiences, rather than … infrastructure deployments," are key to differentiation. SUSE's decision "moves the company's value-add higher up the technology stack, to a level where customers want and need tools that empower them to achieve differentiation," Gillen says.

      • Suse’s OpenStack Cloud dissipates

        Suse, the newly independent open-source company behind the eponymous Linux distribution and an increasingly large set of managed enterprise services, today announced a bit of a new strategy as it looks to stay on top of the changing trends in the enterprise developer space. Over the course of the last few years, Suse put a strong emphasis on the OpenStack platform, an open-source project that essentially allows big enterprises to build something in their own data centers akin to the core services of a public cloud like AWS or Azure. With this new strategy, Suse is transitioning away from OpenStack . It’s ceasing both production of new versions of its OpenStack Cloud and sales of its existing OpenStack product.

        “As Suse embarks on the next stage of our growth and evolution as the world’s largest independent open source company, we will grow the business by aligning our strategy to meet the current and future needs of our enterprise customers as they move to increasingly dynamic hybrid and multi-cloud application landscapes and DevOps processes,” the company said in a statement. “We are ideally positioned to execute on this strategy and help our customers embrace the full spectrum of computing environments, from edge to core to cloud.”

      • SUSE OpenStack Is No More — But Don’t Panic

        OpenStack as a technology isn’t going away; it’s just become the “boring” infrastructure on which the cool new things like Kubernetes are deployed.

      • KDE and openSUSE: Plasma 5.17, Qt 5.14 and more

        The Beta version of Plasma 5.17 was released with many new features and improvements such as per-screen fractional scaling on Wayland, a new User Interface (UI) for configuring permissions of Thunderbolt devices and network statistics in KSysGuard. The latter requires some more privileges than usual for a user application, so is currently being looked at by the SUSE security team.

        openQA found a few bugs already, like GIMP looking more “colorful” than usual and some applications mixing Kirigami and Qt Widgets breaking some keyboard shortcuts. Both of those were addressed meanwhile and will be fixed in the final release of 5.17.

        If you haven’t tested the Plasma 5.17 Beta yet, there’s still some time left! If you come across a problem in the software, please head over to the KDE bug tracker; if instead you find an issue that is openSUSE specific, go over to the openSUSE bugzilla.

      • Highlights of YaST Development Sprint 86

        Now that you had a chance to look at our post about Advanced Encryption Options (especially if you are an s390 user), it is time to check what happened during the last YaST development sprint, which finished last Monday.

      • OpenSUSE Expanding Encryption Options For Its Installer

        While Ubuntu developers are busy adding experimental ZFS support to their installer, the SUSE developers working on their YaST installer are working on offering better security options for their platform by beefing up the encryption capabilities at install-time.

        YaST has like most Linux distributions out there offered basic encryption options at install-time if wanting to deploy the Linux distribution to an encrypted LVM. With openSUSE Leap 15.2 (and SUSE Linux Enterprise 15 SP2) as well as openSUSE Tumbleweed, they are adding more advanced encryption options to complement the functionality provided already for years.

    • Slackware Family

      • LibreOffice 6.3.2 for Slackware-current – and how to deal with “Shared library .so-version bump”

        Let me first elaborate a bit on the strategies that are available to a Slackware user on how to deal with incompatible library updates in -current.

        One of the reasons people are wary of installing and running Slackware-current is the fact that at any given moment, distro updates can break 3rd-party packages (i.e. packages you have installed that are not part of the Slackware distribution itself). Slackware-current is in constant flux, it is our development environment, and software versions can make sudden jumps with unexpected consequences.

        Big tip: before running any update on a slackware-current system, first check the ChangeLog.txt and scan the updates since your previous upgrade for the text “Shared library .so-version bump.” which is another way of saying “incompatible ABI change”. If this text accompanies a package update you can be pretty certain that some 3rd-party packages that depend on it will stop working. And if that particular package is boost, icu4c or poppler, expect massive breakage. The safest approach in a case like this, is: wait with upgrading your Slackware-current; check for packages that have a dependency on the package with the ABI breakage: and track the 3rd-party repositories for updates that address the ABI breakage.

        There is another strategy- one which allows you to upgrade to the latest -current while avoiding broken packages. That is to keep the older libraries on your system – the libraries your 3rd-party packages are depending on. You can simply extract these older libraries from the previous version(s) of the upgraded Slackware package. Darren Austen and I worked together to create a package repository containing historical Slackware-current packages (32bit, 64bit official packages and my own multilib archive). See https://slackware.uk/cumulative/ if you are in need of older package versions.

    • Debian/Ubuntu Family

      • Ubuntu Touch OTA-11 Now Available for Testing with Improved, Smarter Keyboard

        Originally planned as a small update that was supposed to contain only some bug fixes and improvements, the Ubuntu Touch OTA-11 release appears to bring quite some enhancements for Ubuntu Phones, such as a much-improved and smarter keyboard that introduces a Dvorak keyboard layout option, improvements to the Japanese and Polish layouts, as well as a new way to edit text.

        "Using this feature, you can move around your typed text, undo and redo actions, move around a text selection rectangle, and use the cut/copy/paste commands, all from the same overlay. To get started, press and hold the space bar," explained UBports. "We are still unsure about the discoverability of this feature, so stay tuned for changes that will make it even easier to find and use."

      • Chromium in Ubuntu – deb to snap transition

        Chromium is a very popular web browser, the fully open source counterpart to Google Chrome. On Ubuntu, Chromium is not the default browser, and the package resides in the ‘universe’ section of the archive. Universe contains community-maintained software packages. Despite that, the Ubuntu Desktop Team is committed to packaging and maintaining Chromium because a significant number of users rely on it.

        Maintaining a single release of Chromium is a significant time investment for the Ubuntu Desktop Team working with the Ubuntu Security team to deliver updates to each stable release. As the teams support numerous stable releases of Ubuntu, the amount of work is compounded.

        Comparing this workload to other Linux distributions which have a single supported rolling release misses the nuance of supporting multiple Long Term Support (LTS) and non-LTS releases.

        Google releases a new major version of Chromium every six weeks, with typically several minor versions to address security vulnerabilities in between. Every new stable version has to be built for each supported Ubuntu release − 16.04, 18.04, 19.04 and the upcoming 19.10 − and for all supported architectures (amd64, i386, armhf, arm64).

        Additionally, ensuring Chromium even builds (let alone runs) on older releases such as 16.04 can be challenging, as the upstream project often uses new compiler features that are not available on older releases.

        In contrast, a snap needs to be built only once per architecture, and will run on all systems that support snapd. This covers all supported Ubuntu releases including 14.04 with Extended Security Maintenance (ESM), as well as other distributions like Debian, Fedora, Mint, and Manjaro.

      • [Older] Packaging Domoticz for Debian, Ubuntu, Raspbian and Fedora

        Federico Ceratto and I have been working on the packaging of Domoticz, one of the leading free and open source home automation / smart home solutions.

        I've taken that a step further, packaging the plugin for the Zigate USB stick and two of the utilities for updating firmware on the Zigate, the JennicModuleProgrammer and the zigate-flasher.

        These are initially Debian packages, also available for Raspbian, but I also try to share any lessons from this effort with the upstream developers and also provide a foundation for Ubuntu and Fedora packaging.

  • Devices/Embedded

  • Free, Libre, and Open Source Software

    • TeXstudio - A cushty yet nerdy LaTeX frontend

      TeXstudio is a complex, powerful program, and it definitely appeals to my sense of nerdonics. It's rich in features, and it can take a while before you figure everything out - prior knowledge with similar software definitely helps. But then, I think LyX is friendlier and simpler, especially for beginners. With TeXstudio, there were a few errors throughout my test, which ought to be handled a bit more gracefully. Beamer sounds like a great thing, but then, frankly, most people will make do with Powerpoint, for better or worse.

      I definitely intend to spend more time learning TeXstudio, as it may come handy in technical work now and then. Plus, there's the simple joy of mastering difficult tools, which then magically turn repetitive burdens into simple tasks. It's all about the optimization of energy. I believe I'm already there with conventional tools as well as LyX, so this ought to be an interesting experiment. For document lovers among you, this software definitely warrants some extended testing. We're done.

    • Beware open source vendor lock-in

      With open source having become not only mainstream but also so ubiquitous it is all but invisible, there is a real danger that open source users could find themselves in a whole new world of “open source” vendor lock-in.

      That was the warning sounded by Obsidian’s Karl Fisher at the start of LinuxConf [ZA] 2019, a Linux and open source conference which marked the start of Open Source Week in South Africa this week.

      Fisher took the delegates, mainly open source aficionados and developers, though a potted evolutionary history of open source – from the days when it was disparaged by Microsoft founder Bill Gates, and later his successor as CEO Steve Ballmer who infamously dubbed Linux a 'cancer'; to Microsoft’s recent, multi-billion dollar acquisition of GitHub, the world’s largest open source code hosting platform.

    • BleachBit 2.3 Beta

      When your computer is getting full, BleachBit quickly frees disk space. When your information is only your business, BleachBit guards your privacy. With BleachBit you can free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn't know was there.

      Designed for Linux and Windows systems, it wipes clean thousands of applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.

    • Collapse OS is a Special Operating System for the Post-Apocalyptic Future

      As reported by Motherboard, there’s a new open-source operating system that is currently under heavy development, and it looks like it will soon be ready for a very dire scenario. Its creator, Virgil Dupras, is a person who believes there’s a good chance that by 2030, the world will have collapsed. The software developer isn’t absolutely certain about this, but he believes that the chances of the scenario are high enough to justify the development of a post-apocalyptic operating system, called “Collapse OS”.

      So, what would the ideal scavenger’s operating system be like? The simple answer to this would be “one that can run on virtually anything”. If there is one system out there that can run on almost any hardware, this is the Debian GNU/Linux distribution. Collapse OS is taking things a lot further, being able to run on microcontrollers such as the ubiquitous Z80 microprocessor. Dupras considered what piece of hardware would be the easiest to find in a post-apocalyptic world, and Z80 came as the definitive answer. This 8-bit microprocessor is in cash registers, computers, music instruments, calculators, and virtually anything electronic.

    • Linux Foundation

      • EdgeX Foundry Organizes Its First Hackathon

        The project organized its first hackathon in Chicago to see how the retail industry leverages EdgeX Foundry to solve some of its pressing problems.

      • The Zephyr Project Welcomes Eclipse IoT and Oticon As Members to Create a Safe and Secure RTOS

        The Zephyrâ„¢ Project, an open source project at the Linux Foundation that aims to build a secure and flexible real-time operating system (RTOS) for the Internet of Things (IoT) announces its growing ecosystem with the addition of Eclipse IoT and the move up for long-time member Oticon to Platinum member. Additionally, the project announces the release of Zephyr 2.0.0 and that several popular developer boards are now shipping with Zephyr including Nordic Semiconductor’s Nordic Thingy91 and Adafruit’s Actinius Icarus.

        In today’s technology landscape, fragmentation is the biggest challenge. Developers have a wide range of choices for platforms, boards and components and many of those don’t and can’t connect with each other. Zephyr offers a small memory footprint and a secure and flexible RTOS that extends functionality of IoT devices. It is a customizable, embedded open source platform that can be built for multiple hardware architectures with safety and security.

      • Zephyr RTOS 2.0 Release Highlights

        Last month, the Zephyr Project announced the release of Zephyr RTOS 2.0 and we are excited to share the details with you! Zephyr 2.0 is the first release of Zephyr RTOS after the 1.14 release with Long-Term support in April 2019. It is also a huge step up from the 1.14 release, bringing a wide list of new features, significant enhancements in existing features, as well as a large list of new HW platforms and development boards.

    • SaaS/Back End/Databases

      • PostgreSQL considers seccomp() filters

        A discussion on the pgsql-hackers mailing list at the end of August is another reminder that the suitability of seccomp() filters is likely more narrow than was hoped. Applying filters to the PostgreSQL database is difficult for a number of reasons and the benefit for the project and its users is not entirely clear. The discussion highlights the tradeoffs inherent in adding system-call filtering to a complex software suite; it may help crystallize the thinking of other projects that are also looking at supporting seccomp() filters.

        Joe Conway raised the idea in an RFC patch posting. It added a way to filter system calls in the main postmaster process and, with a separate system-call list, in the per-session backends. It also showed how to generate the list of system calls that are being used by PostgreSQL under various workloads, such as the test targets in the Makefile or by running a specific application. Information on the system calls made is logged by the audit subsystem; those logs are then processed to produce the list. Once there is confidence that the list is complete—which may be a sticking point—the remaining system calls could be blocked so that executing them would cause an error.

        But Peter Eisentraut was concerned that the list is going to be incomplete due to the "fantastic test coverage" needed to generate it and that it will require constant maintenance to keep up with GNU C Library (glibc) and other changes. Beyond that, PostgreSQL extensions will need their own lists of allowed system calls. Conway seems to see the support as something that those interested will maintain for themselves, rather than having a list that the project will distribute. "Perhaps most people never use this, but when needed (and increasingly will be required) it is available."

    • Productivity Software/LibreOffice/Calligra

      • Starting The Document Collective

        The Document Foundation (TDF) is the home of the LibreOffice free-software office suite; it provides financial, governance, and other administrative services to LibreOffice. The foundation was established in part to ensure that commercial entities did not have undue influence on the project, which limited the types of activities in which it can engage. In particular, selling branded versions of LibreOffice in the macOS and Windows app stores has not been something that TDF could tackle. The TDF board of directors is looking to change that with the creation of a new entity, The Document Collective (TDC), to engage in commercial activity that is complementary to that of TDF members—hopefully as an income source to help support TDF.

        The TDC proposal [PDF] was adopted by the TDF board on September 9 and unveiled at the LibreOffice conference (slides [PDF]) and in a post to the board-discuss mailing list on September 11. The board has decided to start the creation of TDC by appointing a transitional leadership group. The TDC leadership has been directed to set up an unincorporated association as part of Public Software CIC, which is a European umbrella organization (a "community interest company" or CIC) that provides administrative services to free and open-source software projects. That is meant to be a temporary measure until a full legal entity can be set up. TDC will also have €50,000 in funds available to draw on from TDF; the money is a loan that is meant to be repaid with interest from the proceeds of selling LibreOffice in the app stores. There may be other moneymaking activities that TDC ends up undertaking as well.

        TDC is tasked with getting LibreOffice into the app stores for macOS and Windows. To that end, Public Software CIC will be granted a trademark license for the LibreOffice mark that can be used for app store packages. Initially there will be no separate TDC entity, but that will eventually be set up in some European jurisdiction and all of the TDC work that has been done will be transferred to the new entity. Effectively, the agreement with Public Software CIC will just allow TDC to start working immediately while it initializes its governance and legal entity in parallel.

        There were a few comments on the announcement. Uwe Altmann wondered about the business plan for TDC; given that there is already some experience from two companies selling LibreOffice in the app stores, it would seem reasonable to put together an initial budget, for example. In addition, starting out by setting up an association with Public Software CIC with a fairly large budget seemed unnecessary; there are other organizational structures that could be set up more easily and cheaply, he said.

    • FSF/FSFE/GNU/SFLC

      • What does the FSF censor during the Richard Stallman lynching?

        Why do the FSF staff censor an email like this supporting the founder of their organization and the founder of the Free Software movement?

        Has the FSF become another Fake Community?

        Since raising the issue of censorship in FSF, I received a number of emails from people who feel their own communications have been censored.

        [...]

        Just as MIT Media Lab staff systematically hid donations from convicted sex trafficker Jeffrey Epstein, Free Software organizations are systematically hiding donations from Google. Censorship is one of the tools they use to achieve this deception.

      • Justice for Dr. Richard Matthew Stallman

        Dr. Richard Matthew Stallman (born 16 March 1953), often known by his initials rms, and occasionally upper-case RMS, is an American free (libre) software movement activist, hacker and programmer. He campaigns for software to be distributed in a manner such that its users receive the freedoms to use, study, distribute, and modify that software. Software that ensures these four freedoms is termed free software. Stallman launched the GNU Project, founded the Free Software Foundation, developed the GNU Compiler Collection and GNU Emacs, and wrote the GNU General Public License.

        Richard Stallman is currently the object of an Internet defamatory campaign which forced him to resign from his position at MIT and even from the FSF which he founded himself. He has actual flaws, but the campaign is largely motivated by mischaracterizations, disproportionality and intolerance.

      • RMS: No Radical Changes In GNU Project

        With Stallman sticking around as head of the GNU and with that the Free Software Foundation re-evaluating their GNU relationship, Richard Stallman is already saying there will be no major changes to the project he founded.

        RMS yesterday sent out a new message on the matter (though it only cleared the mailing list moderation queue a few minutes ago) on info-gnu. His newest message is simply:

        As Chief GNUisance, I'd like to reassure the community that there won't be any radical changes in the GNU Project's goals, principles and policies.

        I would like to make incremental changes in how some decisions are made, because I won't be here forever and we need to ready others to make GNU Project decisions when I can no longer do so. But these won't lead to unbounded or radical changes.

      • Stallman: No radical changes in GNU Project
        As Chief GNUisance, I'd like to reassure the community
        that there won't be any radical changes in the GNU Project's
        goals, principles and policies.
        
        

        I would like to make incremental changes in how some decisions are made, because I won't be here forever and we need to ready others to make GNU Project decisions when I can no longer do so. But these won't lead to unbounded or radical changes.

        -- Dr Richard Stallman Founder, Free Software Foundation (https://gnu.org, https://fsf.org) Internet Hall-of-Famer (https://internethalloffame.org)
      • Octave.app Statement on Richard Stallman

        Octave.app is not itself a GNU effort, but depends heavily on and is involved with the work of the GNU Project, especially GNU Octave itself. As such, we feel the need to speak out about the issue of GNU founder Richard Stallman’s behavior.

        Octave.app’s maintainers believe that the Free and Open Source community should be welcoming to a wide population of users and contributors. We also believe that the ideals of Free and Open Source software can best be supported through inclusion, equality, and respect for diversity. Our community’s leadership needs to support those goals, in both words and actions.

        The Octave.app maintainers are deeply troubled by Stallman’s recent statements trivializing sexual assault, and by his history of other exclusionary or offensive statements and behavior. We join the Software Freedom Conservancy in calling for Stallman to step down from positions of leadership in the Free Software movement. We are glad that he has resigned from the Free Software Foundation, and call for the GNU community to reassess his role as head of the GNU Project, and to find a governance arrangement that better supports the need for an inclusive, welcoming community.

      • How Richard Stallman repealed Dodd-Frank Act

        In a democracy people should have the right to free speech. Stallman only used that. But his idea was wrong. He accepted that and corrected it. By asking his resignation FSF made lot of confusion. They should have to apologize to Stallman and the public for making this unnecessary issues. Lets bring back Stallman to FSF and Gnu.

        Free speech should be projected. (hate speech and lies are not free speech. its violence)

      • Correction: Regarding an Erroneous Allegation in ‘Richard Stallman’s Disgrace’

        As soon as I read this, I was nearly certain my email correspondent had made exactly this mistake, conflating Stallman with Raymond, and that I had passed the error along. I sincerely and deeply regret the error. I should have known Stallman would never have worked with VA Linux (he’d have insisted upon it being named “VA GNU/Linux”, and likely would have had no interest in what was a very commercial enterprise no matter what its name) and also should have remembered that Stallman was never married.

        [...]

        To be clear, my source is a man, and it was he who conflated Raymond (“ESR”) with Stallman (“RMS”). His former colleague at VA Linux, the woman who was propositioned by Raymond, surely remembers it clearly.

        I have updated the original article to remove the anecdote quoted above, and to point to this correction. My source for the anecdote made an honest error — as Shaw suggests conflating two well-known “TLA Old Nerds”. It was my fault and mine alone for publishing it. Again, I regret the mistake, and apologize for it.

      • LibrePlanet 2020 IRC CFS Office Hours

        The LibrePlanet call for sessions is open now and will be open until November 20 and we want to hear from you!

        Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS Office Hours.

      • Meet the FSF staff in Raleigh, NC on October 15

        Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager Zoë Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year's licensing seminar on GPL Enforcement and Legal Ethics.

        We look forward to hosting this informal meetup to show our appreciation for your support of the FSF's work. We'll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

    • Openness/Sharing/Collaboration

      • Open Hardware/Modding

        • mjbots quad A0: October 2019 Roadmap

          My last video gave an overview of what I’ve accomplished over the past year. Now, let me talk about what I’m planning to work on going forward:

          I intend to divide my efforts into two parallel tracks. The first is to demonstrate increased capabilities and continue learning with the existing quad A0, and second is to design and manufacture the next revision of all its major components.

    • Programming/Development

      • Financial Aid Launches for PyCon US 2020!

        The financial aid program aims to bring many folks to PyCon by limiting the maximum grant amount per person; in that way, we can offer support to more people based on individual need. The financial aid program reimburses direct travel costs including transportation, hotel, and childcare, as well as offering discounted or waived registration tickets. For complete details, see our FAQ, and contact pycon-aid@python.org with further questions.

      • 7 Reasons to Get Professional Programming Assignment Help

        Programming is one of the most popular disciplines in schools and universities, and many students learn programming languages at this point. If you are one of them, you know how complicated it can be to study programming, especially if you get a lot of other assignments from other classes.

      • Adding stateless support to vicodec

        Prior to joining Collabora, I took part in Round 17 of the Outreachy internships, which ran from December 2018 to March 2019. Outreachy is a paid, remote internship program. Its goal is to support people from groups underrepresented in tech, and help newcomers to free software and open source make their first contributions. Open to applicants around the world, Outreachy internships run twice a year.

        Once your application is approved, you must pick an open source project to make a contribution to, in hopes of being selected as an intern, and teamed with experienced mentors. You can read more about the program here.

        In my case, I was selected as an intern to work on the media subsystem of the Linux kernel, and my mentors were Helen Koike, (who is now my colleague at Collabora!) and Hans Verkuil (who works for Cisco and has been working on the media subsystem for around 15 years).

      • Eclipse Foundation Looks to Create Cloud-Based IDE Standards

        The Eclipse Foundation today announced the formation of a working group to create standards for cloud-based integrated development environments (IDEs) led by Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG and Typefox.

      • This Week in Rust 307
      • Nicholas Nethercote: Visualizing Rust compilation

        Speeding up the Rust compiler isn’t the only way to make a Rust project build faster. Changing the crate structure of a project can also make a big difference. The good news here is that Eric Huss has implemented an amazing tool for visualizing Rust compilation, which can be used to identify inefficient crate structures in Rust projects.

      • RcppArmadillo 0.9.800.1.0

        Another month, another Armadillo upstream release! Hence a new RcppArmadillo release arrived on CRAN earlier today, and was just shipped to Debian as well. It brings a faster solve() method and other goodies. We also switched to the (awesome) tinytest unit test frameowrk, and Min Kim made the configure.ac script more portable for the benefit of NetBSD and other non-bash users; see below for more details. One again we ran two full sets of reverse-depends checks, no issues were found, and the packages was auto-admitted similarly at CRAN after less than two hours despite there being 665 reverse depends. Impressive stuff, so a big Thank You! as always to the CRAN team.

      • Anaconda Enters a New Chapter

        Today I am excited to announce that I am stepping into the role of CEO at Anaconda. Although I am a founder of the company and have previously served as president, this marks the first time I am serving in the role of chief executive.

        The entire world is undergoing a revolution in computation and data analytics — a revolution that we helped start almost 10 years ago, at the dawn of modern data science.

        [...]

        I am very appreciative of our previous CEO Scott Collison. Under his leadership, we grew from an open-source consultancy into a true product company, put a world-class leadership team in place, and launched our enterprise machine learning platform. He made a lasting impact on our company’s evolution.

      • Emacs: The Best Python Editor?

        Finding the right code editor for Python development can be tricky. Many developers explore numerous editors as they grow and learn. To choose the right code editor, you have to start by knowing which features are important to you. Then, you can try to find editors that have those features. One of the most feature-rich editors available is Emacs.

        Emacs started in the mid-1970s as a set of macro extensions for a different code editor. It was adopted into the GNU project by Richard Stallman in the early 1980s, and GNU Emacs has been continuously maintained and developed ever since. To this day, GNU Emacs and the XEmacs variant are available on every major platform, and GNU Emacs continues to be a combatant in the Editor Wars.

      • DevSecOps pipelines and tools: What you need to know

        DevOps is well-understood in the IT world by now, but it's not flawless. Imagine you have implemented all of the DevOps engineering practices in modern application delivery for a project. You've reached the end of the development pipeline—but a penetration testing team (internal or external) has detected a security flaw and come up with a report. Now you have to re-initiate all of your processes and ask developers to fix the flaw.

        This is not terribly tedious in a DevOps-based software development lifecycle (SDLC) system—but it does consume time and affects the delivery schedule. If security were integrated from the start of the SDLC, you might have tracked down the glitch and eliminated it on the go. But pushing security to the end of the development pipeline, as in the above scenario, leads to a longer development lifecycle.

        This is the reason for introducing DevSecOps, which consolidates the overall software delivery cycle in an automated way.

        In modern DevOps methodologies, where containers are widely used by organizations to host applications, we see greater use of Kubernetes and Istio. However, these tools have their own vulnerabilities. For example, the Cloud Native Computing Foundation (CNCF) recently completed a Kubernetes security audit that identified several issues. All tools used in the DevOps pipeline need to undergo security checks while running in the pipeline, and DevSecOps pushes admins to monitor the tools' repositories for upgrades and patches.

      • Interview with a Pornhub Web Developer

        Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser's video limits to pushing ads through WebSocket so ad blockers don't detect them, you have to be clever to innovate at the bleeding edge of the web.

        I was recently lucky enough to interview a Web Developer at the web's largest adult website: Pornhub. I wanted to learn about the tech, how web APIs can improve, and what it's like working on adult websites. Enjoy!

      • Indie game makers open up about the money they actually make

        The following 12 testimonies detail appropriately varied situations — the hopes and fears of these indie game makers — and how, ultimately, they’re able to continue sustaining themselves.

      • PHP version 7.2.24RC1 and 7.3.11RC1

        Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

        RPM of PHP version 7.3.11RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

        RPM of PHP version 7.2.24RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

      • Qt for Android better than ever before

        As you already know KDAB is the largest independent contributor to Qt code. Of course we didn’t get lazy and we’ve added a lot of cool stuff to Qt 5.14.

        In this article I’m going to write about the super cool stuff that we’ve added to Qt 5.14 for Android.

        Folks, this is the biggest feature added to Qt on Android since I made the Qt on Android port! I dreamt on this change for a very loong time! I found that is possible to add such support to qmake by mistake. I had to do some work on Windows (which is not my platform of choice) and there I found that debug and release builds are different on Windows, the makefiles generated by qmake will build twice your source files.

        This was exactly what I needed to add multi abi for Android! A few days later I had a WIP patch and, with the help of The Qt Company people, we landed the change in Qt 5.14 alpha!

  • Leftovers

    • Science

      • 3 Win Nobel Prize in Physics for Work to Understand Cosmos

        A Canadian American cosmologist and two Swiss scientists won this year’s Nobel Prize in Physics on Tuesday for exploring the evolution of the universe and discovering a new kind of planet, with implications for that nagging question: Does life exist only on Earth?

      • Hypoxia Researchers Awarded 2019 Nobel Prize in Medicine

        In recent years, it was common knowledge in the medical field that the body produces a hormone called erythropoietin (EPO) in the kidney as a response to the lack of oxygen in hypoxia.

        Gregg Semenza was studying how EPO generation was connected to specific DNA segments while Sir Peter Ratcliffe was researching into how oxygen regulates EPO generation. Both scientists were able to find that these physiological responses were found in all tissues, instead of just kidney cells as originally thought.

    • Health/Nutrition

      • Exposure to air pollution is linked to an increase in violent crime

        They find that a 10% increase in same-day exposure to PM2.5 (particulate matter less than 2.5 microns in diameter) is associated with a 0.14% increase in violent crimes, such as assault. An equivalent increase in exposure to ozone, an air pollutant, is associated with a 0.3% jump in such crimes. Pollution levels can easily rise by much more than that. Last November, owing to wildfires, PM2.5 levels in San Francisco rose seven times higher than average. Correlation is not causation of course (there may, for example, be a third variable affecting both pollution and crime) and the authors are cautious not to speculate about the precise mechanism by which contaminated air might lead to more rapes or robberies.

        This is not the first time researchers have identified a relationship between pollution and crime. [...]

      • 8. US Women Face Prison Sentences for Miscarriages

        One example that Randolph provided is in Alabama, where voters recently passed a measure that “endows fetus’ with ‘personhood’ rights for the first time, potentially making any action that impacts a fetus a criminal behavior with potential for prosecution.” Collectively, laws like Alabama’s have resulted in hundreds of American women facing prosecution for the outcome of their pregnancies.

      • 9. Developing Countries’ Medical Needs Unfulfilled by Big Pharma

        The Access to Medicine Foundation’s 2018 report monitored the availability of medications produced by 20 of the largest pharmaceutical companies to lower- and middle-income countries. Of the 139 drugs, vaccines, and diagnostic tests identified as urgently needed by the World Health Organization (WHO), 91 have not been developed by any of the pharmaceutical firms tracked by the report. Sixteen of WHO’s prioritized diseases have “no projects at all,” the Guardian reported.

      • 12. New 5G Network Spurs Health Concerns

        In an article published in Environmental Research, Cindy Russell wrote that, because this is the first human generation to experience “cradle-to-grave lifespan exposure” to high levels of human-made microwave radiofrequencies, the “true health consequences” of exposure will not be known for years or decades. Her article documented a range of questions regarding the safety of RFR in 2G, 3G, and 4G wireless technologies and it recommended precaution in the rollout of 5G technology.

    • Security (Confidentiality/Integrity/Availabilitiy)

      • Security updates for Wednesday

        Security updates have been issued by Fedora (chromium), openSUSE (rust and sqlite3), SUSE (dnsmasq, firefox, and kubernetes, patchinfo), and Ubuntu (python2.7, python3.5, python3.6, python3.7).

      • Father of Unix Ken Thompson checkmated as his old password has finally been cracked

        Back in 2014, developer Leah Neukirchen found an /etc/passwd file among a file dump from the BSD 3 source tree that included the passwords used by various computer science pioneers, including Dennis Ritchie, Ken Thompson, Brian Kernighan, Steve Bourne, and Bill Joy.

        As she explained in a blog post on Wednesday, she decided at the time to try cracking the password hashes, created using DES-based crypt(3), using various cracking tools like John the Ripper and hashcat.

        When the subject surfaced on the Unix Heritage Society mailing list last week, Neukirchen responded with 20 cracked passwords from the file that's she'd broken five years ago. Five hashed passwords, however, remained elusive, including Thompson's.

      • Ken Thompson's Unix password

        Somewhere around 2014 I found an /etc/passwd file in some dumps of the BSD 3 source tree, containing passwords of all the old timers such as Dennis Ritchie, Ken Thompson, Brian W. Kernighan, Steve Bourne and Bill Joy.

        Since the DES-based crypt(3) algorithm used for these hashes is well known to be weak (and limited to at most 8 characters), I thought it would be an easy target to just crack these passwords for fun.

        Well known tools for this are john and hashcat.

        Quickly, I had cracked a fair deal of these passwords, many of which were very weak. (Curiously, bwk used /.,/.,, which is easy to type on a QWERTY keyboard.)

        However, kens password eluded my cracking endeavor. Even an exhaustive search over all lower-case letters and digits took several days (back in 2014) and yielded no result. Since the algorithm was developed by Ken Thompson and Robert Morris, I wondered what’s up there. I also realized, that, compared to other password hashing schemes (such as NTLM), crypt(3) turns out to be quite a bit slower to crack (and perhaps was also less optimized).

        Did he really use uppercase letters or even special chars? (A 7-bit exhaustive search would still take over 2 years on a modern GPU.)

        The topic came up again earlier this month on The Unix Heritage Society mailing list, and I shared my results and frustration of not being able to break kens password.

      • How my application ran away and called home from Redmond

        I recently found a surprising leak vector in Windows 10 installations. We were porting our Beacon Application to Windows and for easy deployment. The plan was to create just one .exe including everything. However we found out that End Point Protection (EPP) solutions didn’t like that at all and we had to go with the MSI installer option. This is a story what happened during the .exe testing.

        I used my personal malware analysis lab for testing the application. My lab is an isolated network environment which has a whitelist based firewall rules. Whitelist firewall is needed to carefully allow specific updates and downloads. The lab already has Beacon Virtual Machine running and it has found issues in the past. All of them are fixed. So this leak was something new!

        [...]

        I researched a bit more and made educated guesses about why this happened. I managed to narrow it down to Microsoft Defender and the “Automatic sample submission” feature.

        [...]

        Microsoft Windows 10 sends all new unique binaries for further analysis to Microsoft by default. They run the executable in an environment where network connectivity is available. This opens interesting data leak vector for attacker and also includes some privacy concerns. It is quite common that even in isolated environments, many of the Microsoft IP address ranges are whitelisted to make sure systems will stay up to date. This enables adversary to leak data via Microsoft services which is extremely juicy covert channel.

      • Enrico Zini: Fixed XSS issue on debtags.debian.org

        Thanks to Moritz Naumann who found the issues and wrote a very useful report, I fixed a number of Cross Site Scripting vulnerabilities on https://debtags.debian.org.

      • Intimate Details on Healthcare Workers Exposed as Cloud Security Lags

        The database was set to be publicly accessible, and anyone could edit, download or delete data without administrative credentials, he said. That’s worrying given the sensitive nature of the information he found.

        [...]

        Surveying over 3,000 IT and IT security practitioners in Australia, Brazil, France, Germany, India Japan, the United Kingdom and the United States, the data shows that nearly half (48 percent) of organizations have a multi-cloud strategy, with Amazon Web Services (AWS), Microsoft Azure and IBM being the top three. The study found that, on average, organizations use three different cloud service providers, and more than a quarter (28 percent) are using four or more.

        The research also found somewhat schizophrenic attitudes towards security in the cloud. For instance, nearly half of survey respondents (46 percent) believe that storing consumer data in the cloud makes them more of a security risk; and more than half (56 percent) also noted that it poses a compliance risk. However, only 23 percent say security is a factor in selecting a cloud provider.

      • After banning working cryptography and raiding whistleblowers, Australia's spies ban speakers from national infosec conference

        This year, AISA opted to co-organise its annual conference with the Australian Cyber Security Centre, a creature of the same spy agencies that led the crackdown on whistleblowers in June.

        But the ACSC has a very different set of priorities to AISA, which is why it insisted on the cancellation of multiple invited talks at the show, including Thomas Drake, a celebrated NSA whistleblower who was scheduled to give a talk on "the golden age of surveillance, both government and corporate"; and the University of Melbourne's Dr Suelette Dreyfus whose cancelled lecture was on "anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem."

        Both speakers have posted their slides, and Bruce Schneier, who gave a keynote at the conference, opened his talk by reading the URLs aloud.

        But the censorship doesn't stop there: ACSC also demanded that invited speaker Ted Ringrose (partner at the Ringrose Siganto law firm) remove criticism in his speech on Australia's ban on working cryptography, going so far as to edit his slides to remove "bias." (Ringrose refused and was allowed to give his original talk as planned).

      • U.S. and U.K. agencies warn consumers to update VPN technologies from Fortinet, Pulse Secure and Palo Alto Networks.

        State-sponsored advanced persistent threat (APT) groups are using flaws in outdated VPN technologies from Palo Alto Networks, Fortinet and Pulse Secure to carry out cyber attacks on targets in the United States and overseas, warned U.S. and U.K. officials.

    • Defence/Aggression

      • 18. Humanitarian Groups Promote Solutions to Extreme Violence in West Africa

        Peer pressure, community identity, and the impact of trauma and humiliation from security forces play a huge role in recruitment. A United Nations Development Programme study found that the arrest or killing of family members was “the tipping point” in recruitment decisions for 70 percent of jihadists. The power of faith provides a significant motivation for these groups as well, helping, for example, to frame conflict in ways that create a narrative and meaning for militants.

      • Winners and Losers From Trump Throwing Syrian Kurds Under the Bus

        The reasons for which the Washington Establishment is appalled at Trump’s abrupt withdrawal of US special operations troops from northern Syria are not necessarily the right ones. Former special presidential envoy for combating ISIL Brett McGurk wrote, “Trump tonight after one call with a foreign leader provided a gift to Russia, Iran, and ISIS.”

    • Environment

      • What is Extinction Rebellion and what are its demands?

        What is it demanding and from whom?

        Extinction Rebellion has three primary demands of governments, that they:

        Declare a climate and ecological emergency.

        Act immediately to stop the loss of biodiversity and reduce greenhouse gas emissions to net zero by 2025.

        "Create and be led by the decisions of a Citizens' Assembly on climate and ecological justice."

      • 13. Corporate Food Brands Drive Massive Dead Zone in Gulf of Mexico

        As Reynard Loki wrote for Truthout, a study by Mighty Earth, an environmental action group, found that the largest fast food, grocery, and food service companies in the United States are “helping to drive one of the nation’s worst human-made environmental disasters.” In a survey of 23 major brands—including Target, McDonald’s, Subway, Trader Joe’s, and Whole Foods—Mighty Earth found that none have policies requiring “even minimal environmental protections from meat suppliers.” Mighty Earth’s study, “Flunking the Planet,” gave all but one of the companies a failing grade overall for environmental safeguards after considering the sources of animal feed, the processing of animals’ manure, and overall greenhouse gas emissions. (Walmart earned a D-grade, based on its commitment to reducing supply chain emissions through its Project Gigaton initiative.)

      • The Political Realities of Science Work

        In his recent piece “Geo-engineering is a Scam“, Josue De Luna Navarro points out a fact that has always been true of the engineering profession (and also most other highly refined professions) that its students, first seeking education, and then as graduates seeking employment and lengthy careers, are destined to serve monied patrons, the Golden Rule: “those that have the gold make the rules.” Four to five millennia ago those patrons would have been called “Pharaoh,” and later “king,” “caesar,” “emperor” and “queen,” and in more recent centuries “the company” and “the corporation.” Professional expertise, like high art, has a dependency on patronage by the wealthy, without whose largesse professional ambitions would be nearly fruitless (for there are always some successful independent scientists, like Charles Darwin).

      • It’s Not Just Greta: Why are the Developing World’s Inspiring Activists Being Ignored?

        Ridhima Pandey was just nine years old in 2017 when she filed a lawsuit against the Indian government for failing to take action against climate change. Pandey’s fierce, astounding passion for the environment is not accidental. Her mother is a forestry guard and her father an environmental activist; and the whole family was displaced by the Uttarakhand floods of 2013, which claimed hundreds of lives.

      • 7.5 Million Humans Say No to Climate Crisis and Yes to Life

        As one of the 7.5 million who recently put their bodies where their mouth are to visibly say “NO” to an out-of-control global climate crisis, this writer continues to reflect upon what lies behind the futility of so many climate crises, anti-war, pro-human protests of the past, and the even more aggressive protests that will be needed in the future to tackle the forces that continue to crush the planet.

      • 14. FBI Surveilled Peaceful Climate Change Protesters

        As Adam Federman reported for the Guardian, “The FBI is prohibited from investigating groups or individuals solely for their political beliefs but has been criticized in the past for treating non-violent civil disobedience as a form of terrorism.” The subject of the FBI file on Magram, Krystofiak, and Frick is categorized by the FBI as a “Sensitive Investigative Matter,” a label, Federman explained, that often refers to cases involving political organizations which “therefore require a higher level of scrutiny.” One of the FBI documents, catalogued by the agency as part of a related domestic terrorism case and obtained by the Guardian through a Freedom of Information Act lawsuit, stated that “350.org are referenced in multiple investigations and assessments for their planned protests and disruptions.”

      • In European First, Proposed Constitutional Amendment in Sweden Would Enshrine Rights of Nature

        "When we're in the beginning of an ecological and climate collapse," said the lawmaker who introduced the measure, "I hope we can re-think our relationship with Nature."

      • Sowing the Seeds of the Climate Crisis in Odisha

        “Everybody is doing it. So we are too,” said Rupa Pirikaka, somewhat uncertainly.

      • 3. Indigenous Groups from Amazon Propose Creation of Largest Protected Area on Earth

        A report for Common Dreams quoted Tuntiak Katan, the alliance’s vice president, who called the Amazon rainforest “the world’s last great sanctuary for biodiversity” and said, “It is there because we are there. Other places have been destroyed.”

      • 4. US Oil and Gas Industry Set to Unleash 120 Billion Tons of New Carbon Emissions

        Oil Change International’s coverage is based on a study, “Drilling Towards Disaster,” produced in collaboration with 350.org, Amazon Watch, the Center for Biological Diversity, Food & Water Watch, Greenpeace USA, and a dozen other organizations. According to the report, new US oil and gas development could enable 120 billion tons of new carbon pollution, the equivalent to “the lifetime CO2 emissions of nearly 1,000 coal-fired power plants.”

      • Massachusetts Lawmakers Step Up Pressure on Enbridge to Scrap Controversial Gas Compressor Station

        Compressor stations, which propel natural gas through pipelines, emit a variety of pollutants and are usually built in rural€ areas.

      • Penguins in peril as winds change and heat rises

        New weather patterns in the warming Antarctic are leaving thousands of penguins in peril, prompting calls for them to be specially protected.

      • Water stress rises as more wells run dry

        Soon, communities and even nations could be drawing water faster than the skies can replenish it. As the wells run dry, so will the rivers.

      • Energy

        • 16. Underwater Avalanches Heighten Risks of Oil Catastrophes

          As MacDonald reported, one instance of this type of catastrophe has already happened. A well located off the coast of Louisiana owned by Taylor Energy has been leaking oil since 2004. Government regulators and energy companies, MacDonald wrote, “should be doing much more to prevent such catastrophes at other sites.”

      • Wildlife/Nature

        • 20. Scientists Accelerate Coral Reef Regrowth with Electricity

          The technique is currently being used by conservationists with Reef Ecologic to restore sections of coral on Australia’s Great Barrier Reef that were badly affected by mass bleaching events in 2016 and 2017. The same technique has previously proven successful on reefs in the Caribbean, the Indian Ocean, and Southeast Asia, Klein wrote.

        • 15. Trump Administration Threatens Endangered Species Act

          For a little over a decade, according to the Earth Island Journal’s report, conservationists have fought to protect Pacific walruses under the Endangered Species Act. Protection for the walrus under the ESA was first proposed in 2008; in 2011, the US Fish and Wildlife Service (FWS) suggested that the Pacific walrus was threatened and endangered. But in October 2017, the Trump administration concluded that the Pacific walrus did not warrant listing. The FWS under Trump appointees explained that “impacts of the effects of climate change on the Pacific walrus population are based on speculation, rather than reliable prediction,” Pekow reported. The Center for Biological Diversity (CBD) has sued the Trump administration over the decision, and that lawsuit is still pending.

        • Owyhee Ecocide: Anatomy of BLM’s Ancient Juniper Forest Destruction
    • Finance

      • How Trump’s Tariffs Are Creating Jobs — for Canadians

        A few months ago, Elliot Markillie started getting calls about small boxes.

        He works for a logistics company near Vancouver, British Columbia, called a52 that handles distribution for big apparel and footwear brands. The brands source their goods from China and had just been hit with steep tariffs, on top of the duties already applied to clothes and shoes.

      • 17. More Than 25 Percent of Formerly Incarcerated People are Unemployed

        Their study, “Out of Prison & Out of Work,” drew on statistics from the 2008 Bureau of Justice Statistics’s National Former Prisoner Survey data—the most recent available data—and showed that the unemployment rate for the five million formerly incarcerated people living in the United States was more than 27 percent, compared to 5.8 percent for the general population. (“Contemporary unemployment rates may differ,” Couloute and Kopf wrote, “but we are confident that formerly incarcerated people are still substantially disadvantaged compared to the general public.”)

      • 23. New Programs Make School Food Systems More Equitable

        New programs not only connect school children with local farms, they also create jobs in the community, and keep money in the community to support on-campus gardens and farm-fresh meals. A study in Georgia found that for every dollar the program spent, two dollars stayed in the state, instead of leaving to be invested in a large food company, YES! Magazine reported.

      • “Your Transaction Has Been Canceled”: Lessons in Lebanon’s Economy

        I sniffed something was wrong in Lebanon when the central bank governor Riad Salame announced to us all that there were plenty of dollars in the system. No shortages. No tightening of the purse strings. I still have the papers with his announcement on page one.

    • AstroTurf/Lobbying/Politics

      • Ellen DeGeneres and the American Psychopath

        A little over a year ago, I wrote an article for this publication called, “The Liberal Rehabilitation of George W. Bush Is Complete,” and so it’s my regrettable duty to inform Ellen DeGeneres that her palling around with George W. Bush at a Dallas Cowboys game Sunday—and her subsequent sanctimonious defense of such as a gesture of benevolent friendship meant to heal our fractured, angry nation—is too late. Michelle Obama’s Werther’s Original has melted away, and there’s nothing left but dry mouths and hacks.

      • White House Impeachment Letter Sparks Constitutional Crisis

        President Donald Trump and his administration will not participate in the Congressional impeachment inquiry, the White House announced Tuesday, setting up a constitutional crisis in the conflict between two ostensibly co-equal branches of government.

      • Warren calls out Facebook for refusing to remove anti-Biden ad [iophk: more tweets in place of official channels :( ]

        The ad implies Biden sought to fire the prosecutor because he had been investigating the company where Biden's son served as a board member.

        There's no evidence showing Biden sought to fire the prosecutor to protect his son. The Obama administration repeatedly said it sought to oust the prosecutor because of concerns he was not doing enough to root out corruption.

        “Facebook already helped elect Donald Trump once. Now, they're deliberately allowing a candidate to intentionally lie to the American people. This is a serious threat to our democracy,” Warren tweeted Wednesday. “We need transparency and accountability from Facebook.”

      • Republican-led probe finds Russia helped Trump in 2016 election

        A Senate Republican-led investigation said in a report Tuesday that Russia indeed sought to help President Donald Trump in the 2016 election, contradicting persistent White House claims to the contrary.

        The Senate Intelligence Committee's 2016 election investigation report said a sweeping social media manipulation campaign by the St. Petersburg-based Internet Research Agency (IRA) represented "overt support of Russia's favored candidate in the U.S. presidential election."

      • ‘We too love money more than freedom’: South Park creators post sarcastic apology to China

        The cartoon’s creators Trey Parker and Matt Stone posted an “official statement” on Twitter: “Like the NBA, we welcome the Chinese censors into our homes and into our hearts. We too love money more than freedom and democracy. Xi doesn’t look just like Winnie the Pooh at all. Tune into our 300th episode this Wednesday at 10! Long live the Great Communist Party of China! May this autumn’s sorghum harvest be bountiful! We good now China?”

      • The Real Cover-Up: Putting Donald Trump’s Impeachment in Context

        There is blood in the water and frenzied sharks are closing in for the kill. Or so they think.From the time of Donald Trump's election, American elites have hungered for this moment. At long last, they have the 45th president of the United States cornered. In typically ham-handed fashion, Trump has given his adversaries the very means to destroy him politically.

      • To His Wealthy Donors, Trump Is Their Grifter

        To decipher President Donald Trump’s presidency, apply the basic rule of politics: Follow the money.Last month, for example, Trump performed at rallies in North Carolina and in New Mexico. He entertained adoring crowds, clad in Trump’s MAGA caps and T-shirts.The rallies got featured on Fox and other news stations.

      • Portugal's Lesson for the Global Left

        There’s a place in the West where a smattering of anti-austerity, pro-immigration, pro-public-spending left-wing parties are not only in power, but are actually popular. I’m talking about Portugal, the small European country I have witnessed grow into a global political marvel.

      • 'The Tide Has Shifted': New Poll Shows Nearly 60% of Americans Support Trump Impeachment Inquiry

        The Washington Post-Schar School poll also found 49 percent of Americans want the House to call for president's removal from office...

      • Putin gives Order of Courage award to American astronaut who survived Soyuz launch accident

        NASA astronaut Nick Hague has received the Order of Courage following a command from Russian President Vladimir Putin. Putin issued the prestigious state award to Hague for “the courage and high professionalism he demonstrated while fulfilling his duties in high-risk, life-threatening conditions during an emergency situation at the Baikonur Cosmodrome.”

      • The Kremlin has reportedly met in private and determined how it screwed up Moscow's September elections

        The Putin administration has reportedly acknowledged, at two private events, the mistakes made ahead of Moscow’s City Duma elections in September. Sources told the newspaper Vedomosti about two events that were closed to the public: a roundtable organized by the state pollster VTsIOM that included Putin staffers, and a seminar held by the administration itself for the political consultants who worked on regional elections.

      • Guns For Hire: the US Shouldn’t Be Using the Military to Police the Globe

        Eventually, all military empires fall and fail by spreading themselves too thin and spending themselves to death.

      • The Real Venezuela: Dignified, Indivisible and Truthful

        All those wondering who is in charge in Venezuela, should stop reading the biased and confusing corporate media and should look at who represents the country at the United Nations. The UN is not a perfect institution but it is one that is clear on the issue of membership despite powerful attempts at obfuscating that clarity.

      • Polling the Warren Factor

        Morning Consult polling shows no change outside its stated 1% margin of error over the last few weeks of polling. Where Joe Biden stood at 31.8% in crosstabs kindly forwarded to me by Morning Consult’s press officer two weeks ago (field dates September 17-23), Biden has risen slightly to 32.7% as of yesterday’s release (field dates September 30 to October 6). Elizabeth Warren, meanwhile, has risen as well, but also under 1% from 19.9% to 20.7% during the same period. Bernie Sanders’ standing has shown almost no change at all from 19.1% on September 23 to 18.9% in data released yesterday evening.

    • Censorship/Free Speech

      • Freedom from censorship on mailing lists

        One prominent tool used to construct the fake community is the email discussion list.

        When people join a discussion list, they assume and believe that they are being exposed to a wide range of opinions. Therefore, when some opinions or critical information is hidden, ordinary members of the list are deceived. People have not consented to this deception.

        In 2018, FSFE used these tactics to make it appear that nobody supported elections any more. In 2019, rogue elements of the Free Software Foundation (FSF) staff used the same tactics to undermine their own founder, Richard Stallman. FSF is the organization that explains their use of the word Free using the phrase Free as in speech, not free as in beer. When they don't even allow Free Speech on their own LibrePlanet-discuss mailing list, the organization loses all credibility.

      • Speakers Censored at AISA Conference in Melbourne

        Two speakers were censored at the Australian Information Security Association's annual conference this week in Melbourne. Thomas Drake, former NSA employee and whistleblower, was scheduled to give a talk on the golden age of surveillance, both government and corporate. Suelette Dreyfus, lecturer at the University of Melbourne, was scheduled to give a talk on her work -- funded by the EU government -- on anonymous whistleblowing technologies like SecureDrop and how they reduce corruption in countries where that is a problem.

      • The NBA Is Going to Have to Choose

        The NBA reveled in the praise it got for being the pro sports league that welcomes its players’ and employees’ opinions on political and social issues. But the league’s respect for open expression—which supposedly distinguished it from the NFL—suddenly has its limits.

        A posting on Twitter Friday by the Houston Rockets general manager Daryl Morey showing support for the Hong Kong protesters has fractured the relationship between the National Basketball Association and its business partners in China, a country with deep pockets and an insatiable thirst for the sport. The tweet featured an image bearing the caption “Fight for Freedom. Stand with Hong Kong.” It wasn’t up for long, but it was enough to jeopardize the NBA’s growing ties with the Chinese Basketball Association and Chinese corporations.

        Now the NBA is trying desperately to mollify China—which will accept no criticism of its embarrassing human-rights record—while also paying lip service to Morey’s right to express himself. This strategy is working quite miserably.

      • Abrar Fahad killing: Bangladesh student was beaten for four hours

        Torture of public university students by the student wing of the ruling parties is nothing new. New students are often forced to attend meetings and rallies just to be able to stay in the dormitories. Beating and bullying of those who hold different views or defy the order of the leaders is common.

    • Privacy/Surveillance

      • Thailand orders restaurants and internet cafes offering public WiFi to log your internet history

        Thailand has ordered all restaurant and cafe owners who provide WiFi to start storing the internet history of patrons for at least 90 days. This new announcement came at a news conference on the 8th of October. The Thai ministers clarified that this is a new update to a newly passed Computer Crimes Act that also forces Thai internet service providers (ISPs) to log internet history for 90 days. This means that no matter how you’re using the internet in Thailand, your internet history is likely being stored and analyzed. That is to say, Thai internet users need VPN to protect their privacy from the government.

      • Industry appears to think encryption law review is an eyewash

        Dr Renwick issued a media release last week, extending the date for submissions to 1 November and stressing that though there had been numerous submissions to the Parliamentary Joint Committee on Intelligence and Security, he could not treat those as submissions to his inquiry unless they were submitted to him.

        The law, officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, was passed on 6 December 2018, without any amendments with the Labor Party supporting its passage.

        Soon after, a review of the law by the PJCIS was announced with a reporting date of 3 April. But the only thing that this committee did was to put off any decision on amendments, instead asking Dr Renwick to review the law and report back by 1 March 2020.

      • Never Trust a Platform to Put Privacy Ahead of Profit

        A Twitter spokesperson told WIRED that the company doesn't have further comment on what internal issue caused the mix-up. In September 2018, Facebook admitted that it, too, had used phone numbers customers had shared to set up two-factor authentication for marketing and customization. The Federal Trade Commission fined Facebook a record $5 billion in July over numerous instances of user data mishandling.

      • The Data Isn't Yours

        The typical interaction that generates data about an Internet user involves two parties, a client and a server. Both parties know what happened (a link was clicked, a purchase was made, ...). This isn't "my data", it is data shared between the client ("me") and the server. The difference is that the server can aggregate the data from many interactions and, by doing so, create something sufficiently valuable that others will pay for it. The client ("my data") cannot.

      • Taking a ferry to the ATM: which areas face the longest treks to a free cash machine?

        Between January 2018 and May 2019, some 5,334 free machines were either closed or converted to fee-paying.

        When a free machine is lost in a rural area, people have to travel three times further to find an alternative than they would if they lived in a town or city, our analysis revealed.

        Worse still, almost one in eight (12%) rural communities that lost a free ATM now have to travel more than 1km to the nearest machine that doesn’t charge for withdrawals.

      • The DOJ Is Conflating The Content Moderation Debate With The Encryption Debate: Don't Let Them

        As we've detailed a lot over the last week, the DOJ has decided that after years of failing to get backdoors mandated by warning about the "terrorism" bogeyman, it's decided to pick up the FOSTA playbook, and instead start focusing on child porn -- or what "serious people" now refer to as Child Sexual Abuse Material (CSAM). It did this last week with an assist from the NY Times, who published an article with (legitimately) scary stories, but somehow blaming the internet companies... because they actually report it when they find such content on their networks. I've seen more than a few people, even those who generally have been strong voices on the encryption debate and against backdoors, waver a bit on this particular subject, and note that maybe there shouldn't be encryption on social media networks, because it might (as the narrative says) help awful people hide their child porn.

      • To Stop Threat of 'For-Profit Surveillance,' Rights Groups Demand End to Partnerships That Give Cops Access to Amazon Ring Data

        "Our elected officials are supposed to protect us, both from abusive policing practices and corporate overreach. These partnerships are a clear case of both."

      • Civil Rights Groups Ask Government to Stop Amazon Ring Partnership with Police

        There have been many people upset to find that Amazon was partnering with the police, allowing them to use their customers’ Ring Doorbells for surveillance. Many people find it a breach of their privacy. More than 30 civil rights groups find fault with it as well. They signed off on an open letter to elected officials, asking them to end this partnership. Included in these groups are CAIR, United Church of Christ, and United We Dream.

    • Freedom of Information / Freedom of the Press

      • Journalists Who Visited Julian Assange Targeted By Company Spying On CIA’s Behalf

        A Spanish security company was apparently enlisted by the Central Intelligence Agency to compile reports on journalists, attorneys, doctors, and any Russians or Americans who visited WikiLeaks founder Julian Assange while he was living in Ecuador’s embassy in London.

        Undercover Global S.L. operated a security checkpoint. Visitors were instructed to “hand over their bags, computers, electronic devices, and cellphones,” according to Spanish newspaper El País.

      • Telugu journalist Ravi Prakash arrested after refusal to remove online interviews

        Tolivelugu reporter Raghu Ganji told CPJ that on September 30 the news website had carried two interviews on its YouTube channel conducted by him on the ongoing strike by 50,000 employees of a state-run transport corporation demanding pay hike and a freeze on the privatization of public transport. In one interview, transport union leader E Aswathama Reddy accused Chief Minister Kalvakuntla Chandrashekhar Rao and industrialist PV Krishna Reddy of being involved in a multi-million dollar public transport scam. In another interview, opposition leader Mallu Bhatti Vikramarka made allegations of corruption against Rao and Reddy relating to a huge irrigation project in Kaleshwaram, Telangana.

      • CBP Official Refuses To Give Journalist His Passport Until He 'Admits' He Writes 'Propaganda'

        The situation at our borders is getting worse for some American citizens. I mean, all American citizens are likely dealing with more questions, more screening, and more general hassle now that the President has declared immigrants and asylum seekers to be a "national emergency."

    • Civil Rights/Policing

      • Mozambique: Police Linked to Killing of Election Observer

        Mozambique police officers have been implicated in the killing of an election observer in an escalation of violence that threatens national elections scheduled for October 15, 2019.€ 

      • Lebanon No Longer A Safe Haven for Activism

        Lebanon used to be known as a port in a storm for human rights defenders from the Arabic-speaking world – especially those working on gender and sexuality – to organize freely and without censorship.

      • I Am One of Aimee Stephens’s Lawyers, and I Heard Yesterday’s Argument Firsthand

        Yesterday, the Supreme Court heard argument on whether it is legal to fire people for being transgender or for being gay. I represent Aimee Stephens, the woman who lost her job as a funeral director for being transgender, and I was sitting at counsel table during the argument. You can read the argument transcript online.

      • Saudi Arabia is admitting general tourists for the first time. Here are 20 things that could get you arrested or fined, like dabbing, carrying a Bible, or wearing shorts

        While the country is moving toward more a relaxed dress code, recently saying female travelers won't have to wear a long cloak called an abaya, it's best to err on the side of caution.

      • More than two dozen women accuse President Trump of unwanted sexual contact in new book

        In total, the president has been accused by 43 new women of inappropriate behavior in “All the President's Women: Donald Trump and the Making of a Predator.” Of those accusations, 26 include instances of unwanted sexual contact, according to Esquire, which published an excerpt from the book. (As of July, Trump faced at least 17 public allegations of sexual misconduct.)

        Based on more than 100 interviews, "All the President's Women" was written by journalists Barry Levine and Monique El-Faizy. “What emerges from the authors' reporting is a portrait of a predator who hides behind wealth and institutional power to frequently harass and abuse women,” Esquire editor Adrienne Westenfeld wrote.

      • 21. Court Ruling Provides “Blueprint” to Reform Excessive, Discriminatory Policing in Schools

        The California Justice Department’s investigation showed the district had turned thousands of minor student misbehaviors—commonplace in any school—into criminal offenses, disproportionately affecting black, Latino, and disabled students. School police overused handcuffs and restraints on students and conducted random and unannounced searches of students’ belongings using police dogs, while school officials engaged in searches that violated students’ rights to privacy under the Fourth Amendment. In many cases, overreactions by undertrained officers created escalations that led to student arrests.

      • 10. Pentagon Aims to Surveil Social Media to Predict Domestic Protests

        A study titled “Social Network Structure as a Predictor of Social Behavior: The Case of Protest in the 2016 US Presidential Election” examined the use of social media in anti-Trump protests after the 2016 presidential elections. Funded by the US Army Research Laboratory, the study concluded that post-elections protests could have been predicted by analyzing millions of American citizens’ Twitter posts. “Civil unrest is associated with information cascades or activity bursts in social media, and these phenomena may be used to predict protests,” the study concluded. “Failure to predict an unexpected protest may result in injuries or damage.” As Ahmed summarized, “This pivotal finding means that extensive real-time monitoring of American citizens’ social media activity can be used to predict future protests.” However, his report noted that, in its current form, the tracking software used is not entirely accurate.

      • 11. Ukrainian Fascists Trained US White Supremacists

        A federal criminal rioting complaint, filed in Los Angeles in 2018, included an affidavit stating that four American white supremacists from the Rise Above Movement (RAM) trained with Ukraine’s Azov Battalion. The training took place after the white supremacist gang participated in violent riots in Huntington Beach and Berkeley, California, and in Charlottesville, Virginia, in 2017, Max Blumenthal reported for MintPress News.

      • South Sudan/AU: Set Meeting on War Crimes Court

        South Sudan’s government and the African Union should urgently meet to clarify plans to set up a proposed hybrid court for wartime atrocities, Human Rights Watch said in a letter to both the government and the AU that was published today.

      • Bulgaria: Despite Court Order, Australian Still Detained

        Bulgarian authorities should clarify the legal basis for the continued detention of an Australian citizen, Paul “Jock” Palfreeman, or release him immediately.

      • Myanmar: Rohingya Jailed for Traveling

        Myanmar authorities should immediately release 30 Rohingya Muslims detained for attempting to travel from Rakhine State to the city of Yangon.

      • 5. “Modern Slavery” in the United States and around the World

        The Global Slavery Index (GSI) is produced by the Walk Free Foundation, an organization that combines research and direct engagement to influence governments and businesses to address modern slavery as a human rights issue. The GSI draws on national surveys, reports from other agencies, such as the United Nations’s International Labour Organization, and databases of people who have been assisted in trafficking cases.

      • 6. Survivors of Sexual Abuse and Sex Trafficking Criminalized for Self-Defense

        In contrast to the spate of news coverage from establishment outlets, which focused on Brown’s biography and the details of her case, independent news organizations—including the Guardian, Democracy Now!, Rolling Stone, and Mother Jones—stood out by reporting that cases like Brown’s are all too common. Victims of sex trafficking and sexual violence are often prosecuted for acts of self-defense. In a January 2019 interview, Mariame Kaba, the cofounder of Survived and Punished, an organization supporting survivors of violence who have been criminalized for self-defense, told Democracy Now!, “There are thousands of Cyntoia Browns in prison.”

      • 7. Flawed Investigations of Sexual Assaults in Children’s Immigrant Shelters

        ProPublica’s review of hundreds of police reports showed that, “again and again,” police were “quickly—and with little investigation—closing the cases, often within days, or even hours.” The number of cases of sexual assaults of immigrant children in shelters is likely greater than ProPublica could document, as records from shelters in Texas, “where the largest number of immigrant children are held,” could not be obtained due to state laws in Texas that ban child abuse reports from being made public.

      • A Tale of Two Policies: Trump’s Hypocrisy and State Violence in Venezuela and Brazil
      • Violating The Fourth Amendment To Break Up An Underage Drinking Party Means No Qualified Immunity

        How far would a cop go to break up an underage drinking party? Far enough to get sued in federal court.

      • Your Money Or Your Life: Louisville Cops, Prosecutors Dropping Hefty Trafficking Charges In Exchange For Seized Cash

        Law enforcement agencies like to portray asset forfeiture as an important weapon in the Drug War arsenal -- one capable of toppling cartels and kingpins. Every so often, a large amount of cash and drugs is trotted out in front of reporters as evidence of this claim.

    • Internet Policy/Net Neutrality

      • US Court says that states can ignore FCC and pass their own net neutrality laws

        A circuit judge has ruled that States can enact their own net neutrality laws – like California is doing – and that isn’t against the current federal rules on net neutrality. Ever since the Federal Communications Commission (FCC) outlawed net neutrality protections in 2016, the question of whether states could enact their own net neutrality preserving laws loomed large. The FCC, of course, opined that the FCC’s federal ruling would override any state laws existing or future. However, a federal court has now ruled and opined the other way – that states do have the right to pass their own net neutrality laws, that internet service providers (ISPs) need to follow if they wish to do business in said states.

    • Monopolies

      • Teens choose YouTube over Netflix for the first time, according to new survey

        Piper Jaffray found 37% of teens prefer to watch videos on YouTube, narrowly edging out Netflix, which came in at 35%.

      • Mark Zuckerberg to testify before Congress on Facebook's libra cryptocurrency

        Facebook CEO Mark Zuckerberg will testify before the House Financial Services Committee on Oct. 23, the committee announced Wednesday.

        House members had been pushing for Zuckerberg to testify on Facebook's cryptocurrency plans as the committee had been in talks with COO Sheryl Sandberg about testifying as soon as this month.

        Chairwoman Maxine Waters, D-Calif., has previously called for Facebook to postpone its implementation of libra ahead of regulatory measures.

      • Patents and Software Patents

        • Failure To Launch: The Patent Thicket Delay Of US Biosimilars

          Law360 (October 9, 2019, 12:42 PM EDT) -- Biologics originators successfully argued that they required longer exclusivity periods without competition from follow-on products because patents covering the originators’ products would not pose the same barriers to entry that patents provide for small molecule drugs.

          Almost 10 years after enactment of the Biologics Price Competition and Innovation Act, it is clear that originators’ concerns were overstated. Patent thickets remain an important obstacle to launching follow-on biologics and help explain why such launches in the U.S. lag behind those in Europe.

          Patent thickets are providing originators with years of additional exclusivity.

        • Judge Koh denies Continental's anti-anti-antisuit TRO motion against Avanci, Nokia, Sharp, others: complex legal issues require hearing from defendants

          Late Tuesday afternoon by local time, Judge Lucy H. Koh of the United States District Court denied automotive supplier Continental's motion for a temporary restraining order (TRO) against the Avanci patent pool firm and several of its members (Nokia, Sharp, Conversant, Optis). The motion had been brought earlier in the day and sought not only to prevent defendants from pursuing injunctive relief against Continental supplier Daimler but also to bar them, by means of an ex parte TRO, from seeking yet another anti-antisuit-injunction injunction (AAII) in Munich or from another German court.

          [...]

          What Judge Koh's order makes clear is that she wasn't satisfied with how Conti described the situation. She might have missed an affidavit (that word is part of a passage she highlighted when quoting the Federal Rules of Civil Procedure) specifically for the purpose of coherently and compellingly laying out the facts that Conti believes warrant a TRO. Indirectly and implicitly, Conti did; but that wasn't enough.

          What might also have played a role is Conti's footnote that the ten already-pending German Nokia cases were, for the time being (awaiting the outcome of the Munich anti-antisuit appeal) excluded. Those are the cases were the Avanci group of companies is most likely to obtain and enforce a first German SEP injunction against Daimler. But due to the Munich anti-antisuit order, Conti had to exclude them (otherwise a contempt proceeding in Munich would surely have started). So the TRO motion was just about five Sharp cases, one Conversant case, and any future or unknown cases, not to the ten more advanced Nokia cases.

      • Copyrights

        • Full-Time Writing: Five Years In

          No, start by reading The Copyright Handbook. I reread this book every year, and I buy every new edition. It’s that important. Remember, authors don’t sell books: we create and license intellectual property [sic]. This realization, way back in 1999, was key to me becoming a full time writer.

          Wait–you absolutely must read Rusch’s How To Negotiate Anything. It turns the typical authorial introversion into a negotiating advantage. If you can’t negotiate, you don’t have a business.

          Real businesses have multiple income streams, and add additional streams any time they can. If you rely on a single income stream, your business is inherently short-lived. Maybe exclusivity with one business has been good to you, but it puts you at the mercy of that company. I won’t sign on exclusively with Amazon. I won’t put all my nonfiction through No Starch Press, exactly as they would not agree to me becoming their only author. A single source of income is short term thinking. My largest single customer (Amazon) is less than a third of my income. Losing them would suck but I’d survive.

        • Devastating remix of Ellen's lecture on befriending George W. Bush disappears after copyright takedown ... then reappears in force

          Ellen DeGeneres's friendship with ex-President George W. Bush became controversial this week, in light of the progressive values she claims and the 600,000 corpses left by his occupation of Iraq. She delivered a monologue on her show in response, casting their friendship as an example of civility, overcoming political differences, and having "faith in America". So Rafael Shimunov added a simple backdrop of Iraq war scenes to her monolog, in the hopes DeGeneres might better understand the complaints. In response, copyright takedown notices flew and it was removed from the 'net, so it is at least getting under her skin.

        • Ellen DeGeneres’s George W. Bush Debacle Is a Lesson in the Drawbacks of Assimilation Politics

          His presidency was defined early on by September 11 and the invasion of Afghanistan. But it was the March 2003 invasion of Iraq, publicly predicated in part on the false claim that Iraq’s leadership had weapons of mass destruction (WMDs), that gave him a reputation as a president who lied to get into a war that is believed to have killed hundreds of thousands of Iraqi civilians. The invasion and subsequent occupation of Iraq by U.S. military forces have also been criticized as an oil war and resulted in heavy scrutiny of Bush’s ties to the fossil fuel industry, where he launched his career.

        • Back to Piracy For Adobe Users in Venezuela But Most Pirate Anyway
        • Not The First Rodeo: Lil Nas X And Cardi B Hit With Blurred Lines Style Copyright Complaint Over Rodeo

          We've talked quite a bit lately about how the Blurred Lines decision, saying that having a similar "feel" in a song can be copyright infringement even if it's not a direct copy, has truly messed up the recording industry. Artists are afraid to even mention inspirations for fear of it leading to a lawsuit. New lawsuits are freaking out musicians and even have the RIAA complaining that maybe copyright protection has gone too far.

        • File-Sharing and VPN Traffic Grow Explosively


Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day