Bonum Certa Men Certa

Links 28/11/2019: Number of Free Software Jobs Reportedly 'Quadrupled' in 2 Years



  • GNU/Linux

    • You've Come a Long Way, Linux-Baby

      When Linux first emerged from its cocoon in a frenzied Usenet thread, it is doubtful that almost anyone imagined the project would ascend to global prominence.

      Even more astonishingly, its dominance was driven as much, if not more, by its adoption by the private sector -- although it posed an antithesis to its business model -- as by any of its other notable traits.

      It is precisely because its road from obscure curiosity to corporate mainstay was so unlikely that it pays to appreciate how Linux got to where it is today. Here's a look at how far Linux has come over its 28-plus years -- and at the tech titans that helped it get there.

    • Server

      • Cumulus Networks Enhances Linux Based Network Operating System

        Cumulus Networks has been busy building its Cumulus Linux network operating system since at least 2013, when the company emerged from stealth. On Nov. 18 the company announced the latest iteration with the release of Cumulus Linux 4.0.

        Cumulus Linux is purpose built for networking and can run on both whitebox gear as well as hardware that is compliant with the Open Compute Project's (OCP) networking specification, including the Open Network Install Environment (ONIE).

      • FGCI Computing Cluster Launch

        The FGCI is an Academy of Finland funded research infrastructure for scientific computing, which consists of 13 interlinked computing nodes hosted in different research institutes. In Turku, Ã…bo Akademi and University of Turku are members of the consortium and the cluster in Turku has been set up in collaboration.

        In this event we will present the new equipment and invite researchers to use this new resource.

    • Audiocasts/Shows

      • 2019-11-27 | Linux Headlines

        Zorin OS responds to community concerns about data collection, Microsoft's terminal gets a lot more competitive, Kali Linux's clever new feature, and some good news for Mac Users.

      • FLOSS Weekly 557: LSQuic

        LiteSpeed QUIC (LSQUIC) Library is an open-source implementation of QUIC and HTTP/3 functionality for servers and clients. Most of the code in this distribution is used in our own products: LiteSpeed Web Server, LiteSpeed ADC, and OpenLiteSpeed. We think it is free of major problems. Nevertheless, do not hesitate to report bugs back to us. Even better, send us fixes and improvements!

      • Finding Your Community | Choose Linux 23

        A chance to learn some Linux fundamentals in Distrohoppers, and the numerous ways we can all contribute to Linux and open source.

      • Bad Voltage 2×60: Thanks Given
      • Python Bytes: #158 There's a bounty on your open-source bugs!
      • Talk Python to Me: #240 A guided tour of the CPython source code

        You might use Python every day. But how much do you know about what happens under the covers, down at the C level? When you type something like variable = [], what are the byte-codes that accomplish this? How about the class backing the list itself?

        All of these details live at the C-layer of CPython. On this episode, you'll meet Anthony Shaw. He and I take a guided tour of the CPython source code. After this, you won't have to guess what's happening. You can git-clone the CPython source code and see for yourself.

    • Kernel Space

      • Linux 5.5 Staging Changes Land With New WiFi Driver To Improved exFAT Support

        Greg Kroah-Hartman mailed in the staging area changes today for the Linux 5.5 kernel and they have already been pulled into mainline.

        Among the staging activity work this cycle for Linux 5.5 includes:

        - The new WFX WiFi driver for Silicon Labs WF200 ASICs that are focused on low-power IoT hardware use-cases.

      • Graphics Stack

        • AMD's RadeonSI Driver Finally Enables OpenGL 4.6 But You Need To First Enable NIR

          The OpenGL 4.6 extension is nearly two and a half years old while finally the open-source Mesa OpenGL drivers are catching up to this latest OpenGL revision that offers Vulkan/SPIR-V interoperability and other additions.

          Last quarter's Mesa 19.2 release brought OpenGL 4.6 for core Mesa and Intel's i965/Iris drivers while tonight in Mesa 20.0-devel Git is support for RadeonSI! The AMD open-source OpenGL Linux driver can finally have GL 4.6!

        • AMDVLK 2019.Q4.3 Released With New Extensions + Navi 14 Support

          AMD's Vulkan driver team has today volleyed their third open-source "AMDVLK" code drop of the quarter. This AMDVLK 2019.Q4.3 driver comes with new extensions as well as Navi 14 enablement.

          Supported by AMDVLK 2019.Q4.3 is VK_EXT_pipeline_creation_feedback and VK_EXT_shader_demote_to_helper_invocation. EXT_pipeline_creation_feedback provides a feedback loop to the application/engine for use with pipeline caching as the principal benefit while the EXT_shader_demote_to_helper_invocation extension is for allowing behavior similar to Direct3D's HLSL discard instruction.

    • Benchmarks

      • 300+ Benchmarks With AMD Threadripper 3960X vs. Intel Core i9 10980XE

        Complementing our launch-day Intel Core i9 10980XE and AMD Ryzen Threadripper 3960X/3970X Linux benchmarks, here is much more data now that we've had the additional time for carrying out more tests... For your viewing pleasure this US holiday week are more than 330 benchmarks carried out on both the Core i9 10980XE and Threadripper 3960X in the same configuration while running Ubuntu Linux.

        For getting a more diverse idea of where the Core i9 10980XE Cascade Lake X and Ryzen Threadripper 3960X trade blows, I fired up a much broader set of benchmarks for comparison on these HEDT systems. Yes, the Ryzen 9 3950X is priced more comparatively to the i9-10980XE, but I was never sent a review sample of that processor so am using the 3960X for now -- if I get my hands on said processor, I'll certainly have a similar comparison on that front.

      • Intel Nehalem vs. Ice Lake Benchmarks - Including Clock + Power + Thermal Metrics

        As part of the exciting benchmark week and our ongoing tests of Intel Ice Lake on Linux, this next piece has been driven out of curiosity... While recently I posted new benchmark results of Intel Haswell to Ice Lake laptop performance, what about going further back like to the days of Nehalem? Here is that comparison of Core i7 Nehalem to Core i7 Ice Lake including power / performance-per-Watt data, thermal, and performance-per-MHz data too. Enjoy this fun comparison for how the Intel mobile performance on Ubuntu has evolved over the past decade.

        The Nehalem part used is the ten-year-old Core i7 720QM "Clarksfield" processor. This CPU offers four cores / eight threads, 1.6GHz base frequency, 2.8GHz turbo frequency, a 6MB cache, and a 45 Watt TDP. Clarksfield is the mobile variants while Lynnfield made up the desktop side for the 45nm Nehalem microarchitecture.

    • Applications

      • Split or Merge PDFs with PDFsam Basic, an open source program for Windows, Linux and macOS

        PDFs have long been a commonly used format for eBooks, digital manuals or documents thanks to how content is presented regardless of operating system that is used and great support for PDF reading applications (check out Sumatra for an excellent PDF reader).

        Editing PDF documents on the other hand has never been great, especially if you limited your search to free solutions.

        Most free PDF tools are online based, which means you're uploading your document to a third-party server. While that is okay for generic files, it may be an issue for anything else.

      • Musescore 3: Faster, easier to use, yet powerful and more customisable

        Musescore has just announced the latest version of Musescore 3, which includes work by Martin Keary (formerly a designer at Microsoft and a classically trained composer), who joined the team as the Head of Design in November. He has been collaborating with the community and internal team on a design plan to make Musescore faster and more intuitive. This release is the first step towards that goal.

      • Monitoring Linux and Windows hosts with Glances

        mentioned Glances in my article 4 open source tools for Linux system monitoring, but I will delve into it more deeply in this article. If you read my previous article, some of this information may be familiar, but you should also find some new things here.

        Glances is cross-platform because it is written in Python. It can be installed on Windows and other hosts with current versions of Python installed. Most Linux distributions (Fedora in my case) have Glances in their repositories. If not, or if you are using a different operating system (such as Windows), or you just want to get it right from the source, you can find instructions for downloading and installing it in Glances' GitHub repo.

      • 6 Wireless File Sharing Apps for Linux and Android

        If you are looking for effortless and minimum configuration GUI apps to share files between Linux and Android devices over a local wireless network, this article will help you out. While it is possible to share files in Linux using tools like Samba, FTP and SSH, these utilities often require fiddling with terminal commands and there is no GUI in most cases. A lot of people prefer these methods, however this article focuses on easy to use GUI alternatives that provide similar functionality.

      • Best YouTube Apps for Linux

        If you don’t like to use the official YouTube website and looking for some alternative ways to stream Youtube videos, this article has a list for you.

        In this guide I will list all major desktop YouTube players available today for Linux users. While many popular apps like youtube-dl are available for downloading YouTube videos on Linux, this article will mainly focus on those apps that allows you to search and stream videos on a Desktop Linux PC without having to open a browser. In many cases, these apps will provide advanced functionality than official YouTube website where most of the options are hidden behind a login.

      • Cockpit 208

        Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 208.

        [...]

        Cockpit previously sent problem and crash reports directly to ABRT Analytics from the Logs page. Switching to the new “reportd” framework allows Cockpit report to more places, such as Bugzilla, and has improved authentication methods.

    • Instructionals/Technical

    • Desktop Environments/WMs

      • Modernize your Linux desktop with Enlightenment

        One of Linux's many advantages is its ability to install and run on old computers. What Linux can't technically do is make an old computer's hardware magically perform better. After all, the hardware is the same hardware as ever, and sometimes old hardware feels notably slow when processing modern software that tries to take advantage of new hardware features. This means that an old computer running Linux must run a rather basic desktop, because too many effects or animations might use up precious memory and graphics processing, resulting in sluggish performance.

        The Enlightenment desktop wasn't designed to solve this exact problem, but in practice, that's exactly what it does. With its finely crafted foundation and custom libraries, Enlightenment provides an attractive and dynamic environment that runs smoothly on old computers and low-powered systems like the Raspberry Pi. You never have to feel like you're compromising your user experience (UX) just because you're running modest hardware. True to its name, it delivers on the promise of eco-friendly computing and is the first line of defense (or second, if Linux itself is the first) against planned obsolescence.

    • Distributions

      • New Undercover mode lets Kali Linux users pretend to be running Windows

        Kali Linux is a security-focused, Debian-based distro popular with hackers and penetration testers. It can be used to identify, detect, and exploit vulnerabilities uncovered in a target network environment.

        Offensive Security, which maintains the Kali Linux project, has just announced its fourth and final release of the year, and version 2019.4 comes packed with lots of changes and new features, including an intriguing Kali Undercover mode that lets you pretend to be using Windows.

      • Hacker Favourite Kali Linux Swaps Gnome for Xfce, Adds New Tricks

        Kali Linux (a Linux distribution used primarily for penetration testing, network security assessments and other security explorations by hackers of various hat colours) has a new brand new set of tools.

        Kali Linux 2019.4 is the final release of 2019. The hacker favourite comes with some quite significant new features for users. Here’s what’s new…

      • Kali Linux 2019.4 Hacking OS Comes With An Undercover Mode

        With the new version, Kali has made a shift from the GNOME desktop environment to a new theme running on lightweight Xfce desktop environment.

        Kali Linux has been running the GNOME desktop environment for quite some time. While it is a full-fledged desktop environment, it has become problematic for a number of Kali users since “these features come with overhead, often overhead that is not useful for a distribution like Kali,” writes Offensive Security in the blog post.

        Other than that, the team behind Kali Linux believes that it was time to give a “fresh, new, and modern” look to the Linux software.

      • Reviews

        • Ubuntu 19.10: It’s fast, like “make old hardware feel new” fast

          Leaves are turning. Temperatures have dipped. These are sure signs—if you live in the Northern Hemisphere, at least—that Canonical's Autumn release is upon us. Things are a bit different in 2019, however. Not only is Ubuntu 19.10 nicknamed Eoan Ermine (no, I don't know how you pronounce it either), but it's the best non-LTS Ubuntu release Canonical has ever put out.

          I should qualify that statement somewhat, because really, as the newest version, it had damn well better be the best Ubuntu ever. But there's more than recency bias behind the sentiment. I've been reviewing Ubuntu for 10 years now, and I was using and interacting with this distro in some form or another for another three or four years before that. After spending recent weeks with Ubuntu 19.10, I can say confidently it is quite simply the best Ubuntu Canonical has ever released.

          The first reason I like 19.10 so much is that it feels insanely fast. Everyday tasks like opening applications, dragging windows, activating the search interface, and even just moving the cursor around are all noticeably faster than in 19.04. The speed boost is immediately noticeable from the minute you pop in the live CD, and it's even faster once you have 19.10 installed.

      • Fedora Family

        • PHP version 7.4.0 is released!

          A great thanks to all developers who have contributed to this new major and long awaiting version of PHP and thanks to all testers of the RC versions who have allowed us to deliver a good quality version.

          RPM are available in the remi-php76 repository for Fedora ≥ 29 and Enterprise Linux ≥ 7 (RHEL, CentOS) and as Software Collection in the remi-safe repository.

          RPM are also available in the php:remi-7.4 module for Fedora and Enterprise Linux 8.

        • Heroes of Fedora (HoF) – F31 Beta

          Hello everyone, welcome to the Fedora 31 Beta installation of Heroes of Fedora! In this post, we’ll look at the stats concerning the testing of Fedora 31 Beta. The purpose of Heroes of Fedora is to provide a summation of testing activity on each milestone release of Fedora. Without community support, Fedora would not exist, so thank you to all who contributed to this release! Without further ado, let’s get started!

        • Accidental EOL bug closures

          As you’re probably aware, Fedora 29 reached End-of-Life (EOL) status yesterday. The Fedora Program Manager (that’s me!) is responsible for closing any bugs that are still open against that version. Typically, several thousand bugs remain open, so there is a script to do this. This morning, I accidentally closed bugs as EOL that should not have been closed. In the interests of community transparency, I want to share what happened.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • How to bring more designers to open source

        "Most designers don't have a clue about open source," says Eriol Fox of Ushahidi, a non-profit social enterprise that creates humanitarian, open source tech tools. Unfortunately, this means there are few design-related contributions to open source software, and this results in an abundance of poorly designed open source tools.

        Ushahidi learned through its Open Design initiative that "designers are really ready to contribute to things that do good," and this can create a natural alliance with the open source community—once designers are aware of the opportunities.

      • Why I developed my own email newsletter system

        An observant reader contacted me to ask about what he perceived as the automated personalization of the Ctrl blog email newsletter. He had subscribed to the newsletter with two different email addresses and noticed that he received two different versions of it and that they arrived hours apart.

        This reminded me that I haven’t talked about the email newsletter system I developed for Ctrl blog. I’d like to talk about how it works in more detail, and then proceed to address the above observations.

        The email newsletter is managed and delivered by a purpose-built software I developed in October 2018. I wrote it because I wasn’t happy with commercial offerings like MailChimp. I’d also reviewed self-hosted open-source options like phpList and found them lacking.

      • FSF

        • Ethical Tech Giving Guide: Freedom is the gift that keeps on giving

          For many of us, the holiday season is about bringing our loved ones together to celebrate. Most of the time, this includes giving them a neatly wrapped present or two. We go through the buying process carefully, using a friend or family member's likes and dislikes to sift through the Web and find the right item. But when choosing a tech gift, we need to be careful to give them something that doesn't harm them instead.

          This is why we at the Free Software Foundation (FSF) publish our Ethical Tech Giving Guide each year, as a way to help free software supporters choose gifts that won't burden the people they care about with proprietary software or venomous Digital Restrictions Management (DRM). Devices may come and go, but introducing another person to software freedom is the start of a lifelong journey.

          We create resources like the Ethical Tech Giving Guide to let others know that true freedom is dependent on software freedom. Our annual fundraiser is happening right now, and we're looking to bring 600 new associate members into the fold before December 31st. Our membership program is the heart of our work here at the FSF, and we couldn't do it without community support. If you're not already one of our valued members, will you take the next step in your commitment to software freedom and become an associate member today? Beginning at the $120 level of contribution, new and renewing members can choose from a great array of fundraiser premiums, including FSF and GNU patches, an FSF-emblazoned thermos, an FSF backpack, or all at once! We also encourage you to share this Guide, and our message, with friends.

      • Programming/Development

        • Google's Stadia Controller Support Added To SDL2

          The SDL2 library has been seeing a number of additions in recent days to its game controller database by Valve's Sam Lantinga. The latest game controller to be added is for Google's now-shipping Stadia Controller.

          SDL2 maintains a database of game controller mappings and that's what this addition is for with the Stadia Controller. While Google's controller is obviously geared for their cloud gaming service, the Stadia Controller can be used for conventional PC games when connected via USB.

        • Rust 2020 - helping to get rust deployed

          This is my contribution to Rust 2020, where community members put forward ideas on what they thing Rust should aim to achieve in 2020.

          In my view, Rust has had an amazing adoption by developers, and is great if you are in a position to deploy it in your own infrastructure, but we have yet to really see Rust make it to broad low-level components (IE in a linux distro or other infrastructure).

          As someone who works on “enterprise” software (389-ds) and my own IDM project (kanidm), there is a need to have software packaged and distributed. We can not ask our consumers to build and compile these tools. One could view it as a chain, where I develop software in a language, it’s packaged for a company (like SUSE), and then consumed by a customer (could be anyone!) who provides a service to others (indirect users).

          Rust however has always been modeled that there is no “middle” section. You have either a developer who’s intent is to develop for other developers. This is where Rust ideas like crates.io becomes involved. Alternately, you have a larger example in firefox, where developers build a project and can “bundle” everything into a whole unit that is then distributed directly to customers.

          The major difference is that in the intermediate distribution case, we have to take on different responsibilities such as security auditing, building, ensuring dependencies exist etc.

          [...]

          I want to see Rust become a major part of operating systems and how we build computer systems, but I think that we need to pace ourselves, improve our tooling, and have some better ideas around what Rust should look like.

        • Twice and thrice over, as they say, good is it to repeat and review what is good.

          Three years ago I wrote about using the AFL fuzzer to find bugs in several NetSurf libraries. I have repeated this exercise a couple of times since then and thought I would summarise what I found with my latest run.

          I started by downloading the latest version of AFL (2.52b) and compiling it. This went as smoothly as one could hope for and I experienced no issues although having done this several times before probably helps.

        • Lifting some of the mystery around QT_MOC_COMPAT

          When working on adding macros to control warnings by & visibility to the compiler for deprecated API in the KDE Frameworks modules, a certain C++ preprocessor macro has been found in some places in the code: QT_MOC_COMPAT. This macro is found as annotation to signals or slots which are otherwise tagged as deprecated.

        • Using Visual Studio Code for Writing Qt Applications

          Software developers like tools, and in particular tools that make them more productive. So in this blog post, I am going to share with you some of the experiences some of us here at KDAB have had using Visual Studio Code for Qt development.

        • Number of open source jobs 'quadrupled' between 2016-2018

          The number of people working in Europea open source companies may have quadrupled between 2016 and 2018, suggest numbers gathered by Awesome Free Software (AFS), a free software directory first published a year ago. The project, which is still a prototype, combines publicly available data on free and open source software tools and companies.

        • Former Go champion beaten by DeepMind retires after declaring AI invincible

          Lee, who was the world's number one ranked Go player in the late 2000s, initially predicted that he would beat AlphaGo in a "landslide" and was shocked by his losses, going so far as to apologize to the South Korean public. "I failed," he said after the tournament. "I feel sorry that the match is over and it ended like this. I wanted it to end well."

          Despite the outcome, Go experts agreed that the tournament produced outstanding play. AlphaGo surprised the world with its so-called "move 37," which human experts initially thought was a mistake, but which proved decisive in game two. Lee made his own impact with his "hand of God" play (move 78), which flummoxed the AI program and allowed Lee to win a single game. He remains the only human to ever defeat AlphaGo in tournament settings. (During training AlphaGo lost two time-capped games to Go player Fan Hui.)

          Since the tournament, though, DeepMind has only improved its AI Go systems. In 2017, it created AlphaGo Zero, a version of the program which surpassed even AlphaGo.

        • Your amazing Raspberry Pi projects #IUseMyRaspberryPiFor

          Yesterday, we asked you to share your Raspberry Pi builds on social media using the hashtag #IUseMyRaspberryPiFor. The result was amazing, with so many of you sharing some really interesting projects, inspiring both us, and others, to get creative.

        • This resilient Raspberry Pi cyberdeck is made for the end of the world

          This custom Raspberry Pi cyberdeck is just such a device for me. With its rugged waterproof case, retro components switches, and compact ortholinear keyboard, it looks like a computer built for the end of the world -- and I love it.

          It's called the Raspberry Pi Recovery Kit and is the work of Jay Doscher, a maker who shares his projects over at Back7.co. Speaking to The Verge via email, Doscher explains that the apocalyptic theme of the Recovery Kit is as much about aesthetics as functionality.

        • This Week In Rust: This Week in Rust 314

          Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

        • Python

          • Python Anywhere: Python 3.8 now available!

            If you signed up since 26 November, you'll have Python 3.8 available on your account -- you can use it just like any other Python version.

            If you signed up before then, it's a little more complicated, because adding Python 3.8 to your account requires changing your system image. Each account has an associated system image, which determines which Python versions, Python packages, operating system packages, and so on are available. The new image is called "fishnchips" (after the previous system images, "classic", "dangermouse" and "earlgrey").

            What this means is that if we change your system image, the pre-installed Python packages will all get upgraded, which means that any code you have that depends on them might stop working if it's not compatible with the new versions.

          • Python Descriptors: An Introduction

            Descriptors are a specific Python feature that power a lot of the magic hidden under the language’s hood. If you’ve ever thought that Python descriptors are an advanced topic with few practical applications, then this tutorial is the perfect tool to help you understand this powerful feature. You’ll come to understand why Python descriptors are such an interesting topic, and what kind of use cases you can apply them to.

          • Improve Your Python Practices: Debugging, Testing, and Maintenance

            Being a web developer comes with a number of unique challenges. Choosing the right language to build websites and applications which is a lot harder than you may think. For years, developers and programmers have used Python to bring their creations to life.

            In fact, over 8 million developers report using Python on a regular basis. The main concern you should have as an avid user of Python is writing code that is both bug-free. Accomplishing this goal is easy with Python logging and abiding by best practices.

            The following are just some of the things you can do to improve the quality of your Python code.

          • Excellent Free Tutorials to Learn Python

            Python is a high-level, general-purpose, structured, powerful, open source programming language that’s used for a wide variety of programming tasks. It features a fully dynamic type system and automatic memory management, similar to that of Scheme, Ruby, Perl, and Tcl, avoiding many of the complexities and overheads of compiled languages. The language was created by Guido van Rossum in 1991, and continues to grow in popularity, in part because it is easy to learn with a readable syntax. The name Python derives from the sketch comedy group Monty Python, not from the snake.

            Python is a versatile language. It’s frequently used as a scripting language for web applications, embedded in software products, as well as artificial intelligence and system administration tasks. It’s both simple and powerful, perfectly suited for beginners and professional programmers alike.

  • Leftovers

    • The War On Thanksgiving

      Sigh. The Stable Genius has been busy - posting that bonkers Rocky photo, asking why we waited 100 years for a centennial, spending 287 years of presidential salaries on golf, and now making up a red-meat-for-the-masses commie plot to kill Thanksgiving. Cue #WarOnThanksgiving - covfefe running low, send pie, Battle of the Turkey Leg - and #WhatLiberalsCallThanksgiving.

    • Brands Are Bypassing Influencers and Targeting Teens With Memes

      Meme accounts are a way for brands to reach a powerful audience that doesn't consume media in the same way their parents and grandparents did. Gen Z, roughly between the ages of 7 and 22, is the biggest consumer cohort globally, with spending power to the tune of more than $143 billion in the U.S. alone. And while Instagram remains the most popular social platform among teenagers, Dino said meme accounts are one of the fastest growing parts of Instagram.

    • Science

      • How the Quantum Tech Race Puts the World's Data at Risk

        The technology one-upmanship between the United States and China is fast becoming the new space race. There's been a lot of talk in the press about the competition to reach 5G, but little traction outside of the tech community about something more momentous: the dangers of computing in a post-quantum world.

        The recent news from Google about its quantum capabilities is exciting. However, the prospect of supercomputing on this level raises several concerns about data integrity and the overall security threat.

      • The Early History of Usenet, Part VI: The Public Announcement

        Our goal was to announce Usenet at the January, 1980 Usenix meeting. In those days, Usenix met at universities; it was a small, comaparatively informal organization, and didn't require hotel meeting rooms and the like. (I don't know just when Usenix started being a formal academic-style conference; I do know that it was no later than 1984, since I was on the program committee that year for what would later be called the Annual Technical Conference.) This meeting was in Boulder; I wasn't there, but Tom Truscott and Jim Ellis were.

    • Health/Nutrition

      • New York Governor Cuomo Should Ban Chlorpyrifos

        New York Governor Andrew Cuomo should sign a bill to ban the toxic pesticide chlorpyrifos, crucial for protecting public health and the environment in the state.

      • Google Secretly Harvests the Health Data of Millions

        Google has been harvesting the health data of tens of millions of U.S. patients since 2018, unbeknownst to those patients or their doctors, as revealed by a Nov. 11 investigation by the Wall Street Journal. According to the story, Ascension, a private network of some 2,600 hospitals and other health care facilities, had been systematically feeding the medical information to Google’s cloud infrastructure in what amounts to the largest data transfer in the health care field. Google, in turn, plans to “suggest” changes to patients’ care, possibly via machine learning.

      • Why Are Drug Prices Rising So Much? Pharma Exec Admits 'No Other Rationale' But Profit-Making

        "The industry executive said the quiet part out loud," said one outside expert in response. "Price-gouging is central to the industry business model."

    • Integrity/Availability

      • Proprietary

        • TrickBot Evolves to Go After SSH Keys

          TrickBot takes aim at Windows hosts and then downloads different modules to perform various functions. One of these, named pwgrab64, retrieves login credentials stored in a victim's browser cache, and from any installed applications.

        • I'm not burned out, I'm pissed off

          I'm pissed off at the state of information security. I'm pissed off that our tooling is falling behind. I'm pissed off that my clients don't seem to take it seriously, and I'm pissed off that the vendors don't seem to want to help. Let me ask you: is the state of information security really any better today than it was 8 years ago when I started? The easy answer is no. The better answer is, it's worse.

        • Splunk customers should update now to dodge Y2K-style bug

          If you’re a Splunk admin, the company has issued a critical warning regarding a showstopping Y2K-style date bug in one of the platform’s configuration files that needs urgent attention.

          According to this week’s advisory, from 1 January 2020 (00:00 UTC) unpatched instances of Splunk will be unable to extract and recognise timestamps submitted to it in a two-digit date format.

          In effect, it will understand the ‘year’ up to 31 December 2019, but as soon as this rolls over to 1 January 2020, it will mark it as invalid, either defaulting back to a 2019 date or adding its own incorrect “misinterpreted date”.

          In addition, beginning on 13 September 2020 at 12:26:39 PM UTC, unpatched Splunk instances will no longer be able to recognise timestamps for events with dates based on Unix time (which began at 00:00 UTC on 1 January 1970).

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • Grafana focuses on CloudWatch, eases Docker image woes

              Monitoring and observability platform Grafana is now available in version 6.5, adding curated dashboards for a variety of Amazon services, bringing Ubuntu-based Docker images back, and improving server diagnostics configurations as well as Explore UI.

              Most of the changes that made it into the current release turn out to relate to the CloudWatch (CW) data source and were in fact realised in cooperation with the CW team. Users have to be careful though, since some could lead to breakage.

              Starting with Grafana 6.5, the platform uses the GetMetricData API instead of GetMetricStatistics. According to the documentation, the change allows for faster data retrieval, improves support of CloudWatch metric maths, and “enables the use of automatic search expressions”. Those benefits seem to come at a price, however, since GetMetricData calls don’t qualify for the free tier of the CloudWatch API and cost $0.01 per 1,000 metrics requested.

        • Security

          • This week, we give thanks to Fortinet for reminding us what awful crypto with hardcoded keys looks like

            Here's a summary of recent infosec news beyond what we've already covered – earlier than usual because some of us have Thanksgiving to get through in the US. By the way, watch out for hackers taking advantage of IT teams suffering turkey comas.

            Fortinet fsck up: Some Fortinet networking equipment was caught sending customers' sensitive information over the internet to its servers using weak encryption – XOR and a hardcoded static key. The weakness is present in FortiGate and Forticlient products that have the FortiGuard Web Filter, FortiGuard AntiSpam and FortiGuard AntiVirus features.

            Said information potentially includes, depending on your setup, the serial number of the device, full HTTP URLs visited by users (collected for web filtering), email data (for message filtering) and other info.

          • WireGuard secure network tunnel
            WireGuard is a layer 3 secure networking tunnel made specifically for
            the kernel, that aims to be much simpler and easier to audit than IPsec.
            Extensive documentation and description of the protocol and
            considerations, along with formal proofs of the cryptography, are
            available at:
            
            

            * https://www.wireguard.com/ * https://www.wireguard.com/papers/wireguard.pdf

            This commit implements WireGuard as a simple network device driver, accessible in the usual RTNL way used by virtual network drivers. It makes use of the udp_tunnel APIs, GRO, GSO, NAPI, and the usual set of networking subsystem APIs. It has a somewhat novel multicore queueing system designed for maximum throughput and minimal latency of encryption operations, but it is implemented modestly using workqueues and NAPI. Configuration is done via generic Netlink, and following a review from the Netlink maintainer a year ago, several high profile userspace have already implemented the API.

            This commit also comes with several different tests, both in-kernel tests and out-of-kernel tests based on network namespaces, taking profit of the fact that sockets used by WireGuard intentionally stay in the namespace the WireGuard interface was originally created, exactly like the semantics of userspace tun devices. See wireguard.com/netns/ for pictures and examples.

            The source code is fairly short, but rather than combining everything into a single file, WireGuard is developed as cleanly separable files, making auditing and comprehension easier. Things are laid out as follows:

            * noise.[ch], cookie.[ch], messages.h: These implement the bulk of the cryptographic aspects of the protocol, and are mostly data-only in nature, taking in buffers of bytes and spitting out buffers of bytes. They also handle reference counting for their various shared pieces of data, like keys and key lists.

            * ratelimiter.[ch]: Used as an integral part of cookie.[ch] for ratelimiting certain types of cryptographic operations in accordance with particular WireGuard semantics.

            * allowedips.[ch], peerlookup.[ch]: The main lookup structures of WireGuard, the former being trie-like with particular semantics, an integral part of the design of the protocol, and the latter just being nice helper functions around the various hashtables we use.

            * device.[ch]: Implementation of functions for the netdevice and for rtnl, responsible for maintaining the life of a given interface and wiring it up to the rest of WireGuard.

            * peer.[ch]: Each interface has a list of peers, with helper functions available here for creation, destruction, and reference counting.

            * socket.[ch]: Implementation of functions related to udp_socket and the general set of kernel socket APIs, for sending and receiving ciphertext UDP packets, and taking care of WireGuard-specific sticky socket routing semantics for the automatic roaming.

            * netlink.[ch]: Userspace API entry point for configuring WireGuard peers and devices. The API has been implemented by several userspace tools and network management utility, and the WireGuard project distributes the basic wg(8) tool.

            * queueing.[ch]: Shared function on the rx and tx path for handling the various queues used in the multicore algorithms.

            * send.c: Handles encrypting outgoing packets in parallel on multiple cores, before sending them in order on a single core, via workqueues and ring buffers. Also handles sending handshake and cookie messages as part of the protocol, in parallel.

            * receive.c: Handles decrypting incoming packets in parallel on multiple cores, before passing them off in order to be ingested via the rest of the networking subsystem with GRO via the typical NAPI poll function. Also handles receiving handshake and cookie messages as part of the protocol, in parallel.

            * timers.[ch]: Uses the timer wheel to implement protocol particular event timeouts, and gives a set of very simple event-driven entry point functions for callers.

            * main.c, version.h: Initialization and deinitialization of the module.

            * selftest/*.h: Runtime unit tests for some of the most security sensitive functions.

            * tools/testing/selftests/wireguard/netns.sh: Aforementioned testing script using network namespaces.

            This commit aims to be as self-contained as possible, implementing WireGuard as a standalone module not needing much special handling or coordination from the network subsystem. I expect for future optimizations to the network stack to positively improve WireGuard, and vice-versa, but for the time being, this exists as intentionally standalone.

            We introduce a menu option for CONFIG_WIREGUARD, as well as providing a verbose debug log and self-tests via CONFIG_WIREGUARD_DEBUG.

            Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Cc: David Miller <davem@davemloft.net> Cc: Greg KH <gregkh@linuxfoundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org --- Note: This benefits from [1], which is currently in Herbert's tree, but will be in Linus' for 5.5 pretty shortly. In the meanwhile, this code here still does work fine. [1] https://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git/commit/?id=8394bfec51e0e565556101bcc4e2fe7551104cd8
          • WireGuard Could Be Mainlined Before Christmas

            It's been a wild past few weeks for WireGuard as the secure VPN tunnel destined for the mainline Linux kernel and also supported on all other major platforms. It turns out WireGuard could quite well end up in the Linux 5.5 kernel rather than having to wait until Linux 5.6.

            The mainlining excitement grew a few weeks ago after the Linux crypto API adopted some aspects of WireGuard's Zinc crypto code. That unblocked WireGuard for being able to go mainline as the crypto code has been a point of contention for developers in getting this long sought after code merged.

          • Privacy/Surveillance

            • Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

              Two financial industry sources who track payment card fraud and asked to remain anonymous for this story said the four million cards were taken in breaches recently disclosed by restaurant chains Krystal, Moe's, McAlister's Deli and Schlotzsky's. Krystal announced a card breach last month. The other three restaurants are all part of the same parent company and disclosed breaches in August 2019.

            • Apple poses a false dichotomy between "privacy" and "competition"

              Apple continuously gathers and stores its users' location data (and the company has previously been caught lying about this) but companies like Tile (makers of Bluetooth based location tracking stickers for commonly lost items like keys) cannot access this data during setup even if an Iphone owner wishes to share it with them (users can undertake a complex procedure after the app is set up to activate continuous location data access).

              This is particularly worrying, given Apple's history of using App Store data to pick competitors to clone and force out of the market.

            • Twitter is mass-culling accounts with no activity

              Twitter argues that people who don't log in to their account regularly aren't able to accept updates to its terms and conditions and are therefore in violation of the same. It emphasises that it isn't doing this to free up user names, that's just a side-effect.

    • Defence/Aggression

      • US Is Again Complicit in an Illegal Coup, This Time in Bolivia

        Once again, the United States is complicit in an illegal coup d’état in Latin America, this time in Bolivia. On November 10, a right-wing, anti-Indigenous group seized power after the Bolivian military’s removal of President Evo Morales, who had declared victory in the October 20 presidential election.

    • Transparency/Investigative Reporting

      • Dissenter Weekly Update: Whistleblower Concerns Over Trump Gutting Asylum, WikiLeaks Publishes OPCW Whistleblower Email

        This week’s “Dissenter Weekly Update” episode features a story involving whistleblowers at immigration agencies, who object to how President Donald Trump is gutting the asylum process available to immigrants.

        According to a United States Senate report, “Whistleblowers reported that in nearly all cases where asylum officers found that asylum seekers should be allowed to await their hearing within the U.S. for safety reasons, they were overruled by their superiors, with one whistleblower reporting that it would take ‘Herculean efforts’ to get final approval on any recommendation to allow an asylum seeker to wait in the U.S.”

    • Environment

      • 'Bleak' U.N. Report on a Planet in Peril Looms Over New Climate Talks

        "The summary findings are bleak," said the annual assessment, which is produced by the United Nations Environment Program and is formally known as the Emissions Gap Report. Countries have failed to halt the rise of greenhouse gas emissions despite repeated warnings from scientists, with China and the United States, the two biggest polluters, further increasing their emissions last year.

        The result, the authors added, is that "deeper and faster cuts are now required."

      • Environmental protection top priority for EU citizens: survey

        In a survey published by Germany's Bertelsmann Foundation on Wednesday, 40% of respondents from 27 EU member states cited environmental protection as the most pressing issue. Job protection followed with 34% and social security with 23%.

      • 'The Law Is on Our Side': Extinction Rebellion Celebrates Dropped Charges Against 105 Climate Activists

        Ultimately, the environmental movement expects the cases of over 1,000 activists arrested in London last month will be discontinued.

      • We’re Still Waiting for ‘Early and Often’ Climate Debate Questions

        As the Democratic Party prepared for its first presidential primary debates in June, climate activists pushed the DNC to schedule a single-issue debate on the climate crisis, given the urgency of the problem and the lack of attention given to it in previous debates. DNC chair Tom Perez refused, saying he had “the utmost confidence” that climate disruption would be discussed in the debates “early and often” (FAIR.org, 6/18/19).

      • Ecological Genocide: Moscow Attempts to Bury Its People in Garbage
      • Iceland put people first to save melting economy

        Faced in 2008 with a melting economy, Iceland acted fast to avoid total collapse. Icelanders’ own needs were its priority.

      • Energy

      • Wildlife/Nature

        • Holy Moses
        • Indigenous Resistance May Just Save All Our Lives

          Thanksgiving is one of the great foundational myths of the United States, turning a single gathering of indigenous people in Massachusetts with English settler colonists in 1621 into one of the greatest whitewashes of genocide in world history. Even by that time, native people throughout the Western hemisphere had already suffered horrific violence for over a century, at the hands of Christopher Columbus and other European explorers intent on enslaving native people and exploiting the region’s vast resources. Thanksgiving has morphed into an event celebrating family, feasting and football, a day off before the commercial onslaught of holiday shopping (although the “Black Friday” sales frenzy has intruded on Thanksgiving Day as well). On this Thanksgiving holiday, we should reflect on our true history, and on the remarkable, ongoing indigenous resistance to colonization.

        • Feral hogs in Texas attacked and killed a woman outside a home

          Sheriff Brian Hawthorne said in a news conference Monday that "multiple hogs" assaulted Rollins when she arrived at work, likely between 6 and 6:30 a.m., when it was still dark outside.

      • Overpopulation

        • CDC: U.S. Births Fall for Fourth Consecutive Year

          In all, there were 3.79 million births in the U.S. last year, down 2% from 2017 and marking the fourth year in a row the total has fallen after an uptick in 2014, according to a new report from the Centers for Disease Control and Prevention. Birth rates fell for teenagers and women under 35, and rose for women 35 and older.

    • AstroTurf/Lobbying/Politics

      • With New Allegations, Nunes’s Fate Is Tied to Trump in the Ukraine Scandal

        Last week, The Daily Beast reported that House Intelligence Committee Ranking Member Devin Nunes used $63,000 in taxpayer funds to travel to Europe where a central player in the impeachment drama, Lev Parnas, helped to arrange meetings for him. Parnas is the associate of President Trump’s personal attorney, Rudy Giuliani, who’s been indicted for illegal donations to the Trump campaign. Over the weekend, CNN reported that Nunes had gone to Europe to meet with a former Ukrainian prosecutor in order to secure dirt on Joe Biden, according to the lawyer for Parnas. Parnas’s lawyer also said that his client would be willing to testify before the House Intelligence Committee. CNBC built on the story, noting that Nunes wanted to take a different trip to meet with two other Ukrainian officials who claimed to have witnessed corruption by Democratic operatives. But when Nunes realized he’d have to notify House Intelligence Committee Chair Adam Schiff of his travels, he scrapped the trip, and had Parnas set up phone and Skype meetings instead. If the allegations are true, Nunes would be an active part of the very scandal whose investigation he is tasked with overseeing.

      • Bernie Sanders Is the Movement Candidate We Need

        As the executive director of Rights & Democracy (RAD) in Vermont and an organizer based in our state for more than two decades, I have had many opportunities€  to work closely with U.S. Senator and presidential candidate Bernie Sanders.

      • Native Americans Have the Most Difficulty Accessing Clean Water, Report Says

        The nearest water station for Darlene Yazzie is 9 miles away at the Dennehotso Chapter House — or community center — in the Four Corners region. On a recent day, she counted her nickels and dimes to buy water. It costs $1.10, plus gas money, to fill up two 50-gallon barrels, and she’s just learned the price is going up next month.

      • China Furious as Trump Signs Hong Kong Bills
      • Apple alters Maps and Weather to show Crimea as a Russian territory

        This latest change stems from Russia's roundly condemned annexation of Crimea in 2014. It only applies when Crimea is viewed or searched for with Apple Maps inside Russia; elsewhere in the world, Crimea isn't labeled as Russian territory.

      • Apple changes Crimea map to meet Russian demands

        Russian forces annexed Crimea from Ukraine in March 2014, drawing international condemnation.

        The region, which has a Russian-speaking majority, is now shown as Russian territory on Apple Maps and its Weather app, when viewed from Russia.

      • Democrats Don't Need Mike Bloomberg's Kinder, Gentler Plutocracy

        Bloomberg, who unlike the current occupant of the White House is a seriously rich man, entered the Democratic race in business-like fashion--with a Monday-morning brand launch. He's telling us what we already know--that Trump represents an "existential threat to our country and our values"--but he is saying it loud, with a $31.5 million ad buy.

        That kind of spending gets political insiders salivating, especially when they know it's coming out of Bloomberg's very deep well of personal wealth. Ironically, with all that paid media comes lots of free media. As with Trump, Bloomberg's money will get him all the attention that our broken media system's fixation with wealth and power can "buy."

      • How the French Revolution Is Inspiring Today's Online Anti-capitalists

        Rousseau's most enduring contribution to the current revolutionary discourse, though, came via a 1789 speech. As writer Talia Lavin noted in a recent piece on the phrase's origins, his pithy warning -- "When the people shall have nothing more to eat, they will eat the rich" -- has become a rallying cry on social media and at contemporary political protests, where the people's great and terrible anger at the economic predation of the 1% has helped propel a resurgent anti-capitalist movement. The phrase is all over Twitter, TikTok, and various other social media platforms. It has long been immortalized in song thanks to British heavy metal legends Motorhead (who provided the soundtrack for a bloody 1987 movie also named Eat the Rich about a restaurant that serves the meat of its former wealthy patrons), Swiss hard rockers Krokus, and, bizarrely, Aerosmith, whose vocalist Steven Tyler is currently estimated to be worth about $130 million. (Full disclosure: I have eat the rich tattooed on my stomach, which doubles as a tribute to Motorhead and my own political inclinations.)

      • This Thanksgiving, It's Time to Take On Your Conservative Relatives

        You might not like conflict, but if you choose to break bread with Trump supporters and climate change deniers because you happen to be related to them, then conflict is required. Anything less is appeasement, and we've had far too much of that these past few years. So stiffen your spine, rehearse your talking points, and get ready to fry some turkeys in your family with your righteousness.

        Other people will tell you how to avoid fights. I'm going to tell you how to get into them.

    • Freedom of Information / Freedom of the Press

      • The murder of a journalist in 2017 still haunts Malta's government

        The murder victim was a journalist, Daphne Caruana Galizia, killed by a car bomb in 2017. Her blog was the source of many of the corruption allegations. One was that Mr Schembri and Mr Mizzi had Panama-registered companies and trusts in New Zealand which, Ms Caruana Galizia reported and they denied, had received kickbacks from Russians in return for Maltese passports. She also claimed the politicians' firms were due to receive payments from a Dubai-registered company, 17 Black. Ms Caruana Galizia died before discovering who was behind 17 Black, but last year a journalists' collective set up to continue her work reported that the owner was one of Malta's richest men, Yorgen Fenech, who has interests in gaming, property and energy. Mr Mizzi and Mr Schembri deny any connection to him or to 17 Black.

      • Vietnam Arrests Prominent Blogger Pham Chi Dung

        Dung established IJAVN as a "civil society organization," July 4, 2014, and has said that America's Independence Day inspired him to create a platform to advocate for freedom of the press, freedom of expression and democracy.

        "The arrest of Pham Chi Dung is the continuation of an intensified crackdown against political activists and bloggers in Vietnam," freelancer Duong Van Thai, a Vietnamese political asylum seeker in Thailand and a former state-run media reporter in Vietnam, told VOA. "The arrest showed Hanoi's desire to exercise greater control over the freedom of speech."

        Nguyen Tuong Thuy noted that Dung's criticism of the government had intensified of late, likely triggering his arrest.

    • Civil Rights/Policing

      • China: FIFA Broke Own Rules for Club World Cup

        FIFA’s surprise selection of China to host the 2021 Club World Cup disregarded its own human rights commitments in the bidding process, Human Rights Watch said today, releasing correspondence with the global football governing body.€ 

      • UN: States Denounce Egypt’s Rights Record

        United Nations member countries offered strong criticism and scores of recommendations addressing Egypt’s human rights crisis at the Universal Periodic Review (UPR) at the Human Rights Council in Geneva on November 13, 2019, Human Rights Watch said today.

      • Activists Reflect on 20 Years of Indymedia and the Radical Media Movement
      • States Could Soon Be Forced to Fund Religious Education

        In January, the U.S. Supreme Court is set to hear a case that could result in states being required to use taxpayer money to fund religious education.

      • South Korea Shouldn’t Backslide on LGBT Rights

        Conservative lawmakers in South Korea have already blocked the passage of nondiscrimination laws that would protect lesbian, gay, bisexual, and transgender (LGBT) people and other minorities.

      • We Can't Afford to Banish Politics From the Thanksgiving Table

        I’ve got no more patience for pundits and their annual calls to not discuss politics at the Thanksgiving table. Take USA Today’s self-described “civility expert” Steve Petrow, who just gave the nation a comical list of nine ways to avoid “political food fights.” Rule number 7 reads: “No baseball caps at the table…. Especially if they say ‘Make America Great Again’ or ‘Make Racism Wrong Again.’” So, everything is cool if we don’t talk about racism. But let’s be real — being silent when racism is insurgent all around us will not lead to peace, or much to be thankful for next year. Ignoring racism is not civil.

      • Asylum Seekers Are Being Misclassified Under Migrant Protection Protocols

        A lawsuit was filed in a federal court in Brownsville, Texas, last Wednesday on the behalf of a 23-year-old woman who fled Honduras and was returned to the streets of Matamoros, Mexico, by U.S. immigration authorities in late July.

      • 20 Years After Battle of Seattle, Activists Reflect on Historic WTO Protests

        Twenty years ago this week, tens of thousands of activists gathered in Seattle to shut down a ministerial meeting of the World Trade Organization. Grassroots organizers successfully blocked world leaders, government trade ministers and corporate executives from meeting to sign a global trade deal that many called deeply undemocratic, harmful to workers’ rights, the environment and Indigenous people globally. On November 30, 1999, activists formed a human chain around the Seattle convention center and shut down the city’s downtown. Police responded by firing tear gas and rubber bullets into the mostly peaceful crowd. The protests went on for five days and resulted in 600 arrests and in the eventual collapse of the talks, as well as the resignation of Seattle’s police chief. The protests were documented in the film “This is What Democracy Looks Like.” Democracy Now! was in the streets of Seattle 20 years ago. During one live broadcast we spoke to two leading critics of the WTO: Indian physicist and activist Vandana Shiva and Lori Wallach of Public Citizen, who join us on the show today.

      • Iran: Deliberate Coverup of Brutal Crackdown

        Iranian authorities are deliberately covering up the scale of the mass crackdown against protesters, Human Rights Watch said today. The government should immediately announce the number of deaths, arrests, and detentions from the recent protests and permit an independent inquiry into alleged abuses.

      • Ghana: Faith Healers Defy Ban on Chaining

        Faith-based and traditional healing centers in Ghana continue to hold people with real or perceived mental health conditions – psychosocial disabilities – in chains in inhumane conditions despite a 2017 ban on such treatment, Human Rights Watch said today.

      • Protest Song Of The Week: ‘Iraq2Chile (Martyrs of Hope)’ By Lowkey Featuring Mai Khalil

        The following post was originally published at Ongoing History of Protest Songs.

        Lowkey is a rapper and activist of English and Iraqi descent, who recently released “Soundtrack to the Struggle 2,” the long-awaited follow-up to his 2011 album, “Soundtrack to the Struggle.”

      • “If I Could Just Look at Her” - Watch the journey of two separated parents trying to cross the border and reunite with their children.
      • Spot is a Cop

        According to a report by Boston news station WBUR, documents obtained by the American Civil Liberties Union of Massachusetts show that the state's bomb squad had Spot on loan from Boston Dynamics for three months, from August to November this year.

        It's not clear from these documents, or statements made by the department, how the Spot was used in those three months. State police spokesman David Procopio told WBUR that it was used as a "mobile remote observation device," and that Spot is a valuable tool for law enforcement "because of its ability to provide situational awareness of potentially dangerous environments."

      • Yazidi Still Hears Brothers Before IS Kills Them in Iraq

        But Kachi said in a video briefing that he believes he survived, "under a pile of dead bodies ... by God's will, to be a witness to the hideous crimes committed by the terrorist group" against the Yazidis.

        He urged the international community not only to ensure that the perpetrators are prosecuted but to "acknowledge that the crimes committed against the Yazidi community amount to genocide."

      • Firing 4 Google Workers Is 'Illegal Retaliation,' Organizers Say

        Workers who are organizing at Google say Monday's firing of four employees is an act of "illegal retaliation" from the company's management intended to stamp out labor organizing.

        Last week, roughly 200 Google employees protested the suspension of two workers--Rebecca Rivers and Laurence Berland--outside the company's San Francisco offices for allegedly accessing and sharing internal documents, as well as tracking employee calendars, as previously reported by Motherboard. On Monday, Google fired both workers as well as two others who participated in the rally "for clear and repeated violations of... data security policies," according to a memo posted by Google's security and investigations team, first reported by Bloomberg News.

    • Monopolies

      • Uber's London Ban Marks Global Backlash for Ride-Hailing Giants

        London's transport authority banned Uber for a second time on Monday, citing concerns about customer safety after vulnerabilities in the app let drivers fake their identities in thousands of rides.

      • Patents

        • Pharma Tech Solutions, Inc. v. Lifescan, Inc. (Fed. Cir. 2019)

          The Federal Circuit held that both types of estoppel precluded Pharma Tech from a finding of infringement under the doctrine of equivalents. Regarding amendment-based estoppel, the opinion states that, prior to amendment Pharma Tech's claim "was broad enough to cover any bioelectrical blood glucose monitoring system" and afterwards, the claim was limited to systems that converted Cottrell current readings to analyte concentrations that were compared to one another. Accordingly, "[t]he applicants thus presumptively surrendered any bioelectrical blood glucose monitoring systems that do not convert a plurality of current readings into analyte concentration measurements and compare the resulting analyte concentration measurements." The "equivalent" asserted by Pharma Tech to ensnare Lifescan's accused infringing article -- "the functionality of a system that (a) measures current at two different times, (b) compares the current[s] to ensure they are within a prescribed percentage and (c) converts the current readings into a glucose concentration" -- "falls squarely within the territory between the original claim and the amended claim" in the panel's view. In order for Pharma Tech to overcome the presumption that the amendments estopped them from (successfully) asserting this equivalent, its burden was to show that the amendment was only tangentially related to patentability. Pharma Tech failed to make this showing, according to the opinion, because "the inventors clearly and unambiguously distinguished their invention over the prior art based on the converting and comparing limitations added by [their] amendment." The opinion cites the "consistent[] assert[ions]" (expressly cited in the opinion) by the patent applicant that their amendment overcame the asserted prior art in support for their conclusion regarding amendment-based estoppel. And to Pharma Tech's argument that their amendment (under the Court's reading) surrendered more claim scope than necessary to establish patentability, the opinion states that this doesn't establish tangentiality, citing Int'l Rectifier Corp. v. IXYS Corp., 515 F.3d 1353, 1359 (Fed. Cir. 2008) (quoting Schwarz Pharma, Inc. v. Paddock Labs., Inc., 504 F.3d 1371, 1377 (Fed. Cir. 2007)) that "'[t]he fact that the inventors may have thought after the fact that they could have relied on other distinctions in order to defend their claims is irrelevant' to discerning the objective reason for their amendment."

          As for argument-based estoppel, the opinion states that Pharma Tech failed to show that the facts before the panel were sufficiently analogous to cases where the estoppel was not found to absolve these claims from this species of estoppel. Specifically, the opinion rejects Pharma Tech's attempted reliance on Insituform Technologies, Inc. v. CAT Contracting, Inc., 385 F.3d 1360 (Fed. Cir. 2004). In that case, the Federal Circuit was able to find that there was "no indication in the prosecution history of any relationship between the narrowing amendment" and the asserted equivalent. Here, in contrast, the Court found ample evidence that the amendments and arguments had more than a tangential relationship to patentability. Similarly, the panel distinguished these facts from the situations arising in recent Federal Circuit decisions regarding the scope of estoppel, including Eli Lilly & Co. v. Hospira, Inc., 933 F.3d 1320, 1332 (Fed. Cir. 2019) and Ajinomoto Co. v. Int'l Trade Comm'n, 932 F.3d 1342, 1355 (Fed. Cir. 2019).

          The outcome here illustrates the difficulty (if not impossibility) of predicting future design-around efforts by others, and how prudent prosecution practices include maintaining pending applications to give a patentee the flexibility to pursue claims that will be literally infringed by even the most clever competitors.

        • One more way to speedy patents in India approved, EPO launches revamped Espacenet and other patent news

          The Government, last week approved a proposal for adopting the Patent Prosecution Highway (PPH) Program between the Indian Patent Office (IPO) and patent offices of various other interested countries or regions. The PPH Program will first commence between the Japan Patent Office (JPO) and the IPO on a pilot basis for a period of three years. PPH will enable the IPO to receive patent applications in the field of Electrical, Electronics, Computer Science, Information Technology, Physics, Civil, Mechanical, Textiles, Automobiles and Metallurgy, while the JPO will accept applications in all fields of technology.Additionally, Startups and MSME’s will have an opportunity to expedite the examination process and receive a faster grant.

        • Can artificial intelligence systems patent their inventions?

          Throughout history, innovation has been the result of direct human intervention that creates a technical solution to a practical problem. For hundreds of years, nations around the world have sought to incentivize innovation by giving inventors the right to protect their creations with patents. Recently one legal team has pressured patent offices around the world to answer one question: Can patent protections be extended to inventions developed by technology, not humans?

          Late last autumn, patent applications were filed with the UK Intellectual Property Office and the European Patent Office on behalf of an artificial intelligence inventor known as "DABUS," which creates new ideas by altering the interconnections among a set of neural networks in the system. Once those ideas are generated, a second set of neural networks analyzes them to reinforce any that are novel or useful. DABUS is the invention of Dr. Stephen Thaler, President and CEO of the St. Charles, Missouri-based neural networking firm Imagination Engines.

          [...]

          At the origin of the legal team filing the patent applications on DABUS's behalf is Dr. Malte Köllner, Head of Dennemeyer's Frankfurt office. He instigated an international attorney team to submit patent applications on behalf of DABUS in Great Brittain, Germany, Europe, Taiwan, Israel and the US, as well as a PCT application. The idea to file patent applications listing an AI inventor was born in the Frankfurt office following a discussion on the topic with patent attorney Markus Rieck and Ryan Abbott, a professor of law and health sciences at the University of Surrey. Dr. Köllner said that filing these patent applications was the right way to get patent offices to consider how they will address the growing issue of innovation from AI platforms. "If the court finds some solution, that is fine, but it should not simply ignore the fact that machines are inventing," Dr. Köllner said. "We are beginning a debate and inviting both patent offices and courts to decide on how to deal with this issue. This is a question whose time has come."

          [...]

          Over at the EPO, a decision on the fate of the DABUS patent applications is expected on November 25.

          Eventually, patent offices around the world will have to find a solution how to handle this new phenomenon that AI is contributing to inventions. "It is an international discussion, and it will be interesting to see how different countries will come up with different solutions," Dr. Köllner said.

        • New European Patent Office guidelines protect AI and machine learning 'inventions'

          Withers & Rogers Karl Barnfather examines the European Patent Office's 'Guidelines for Examination', which took effect on 1st November

        • Law professor claims top priority for U.S. in trade negotiations with South Korea was Qualcomm antitrust case

          A Korea-based source has just drawn my attention to an article (in Korean, but I received a translation) by Kyungsin Park, Professor of Law, Korea University Law School. Professor Park accuses the Korea Fair Trade Commission (KFTC) of a failure to act forcefully in "the legal case of the century," i.e., the Qualcomm case. As I reported in March, Qualcomm could face criminal charges in Korea over its refusal to license chipset makers, but so far--and more than eight months later, it's apparently still the situation--the KFTC hasn't referred this contempt matter to the Prosecutor General's office.

          Meanwhile, Qualcomm is--according to the article--spending hundreds of millions of dollars on the appeal. What Professor Park explains based on publicly available data is that it's not primarily about the 900 million dollars of fines the KFTC imposed in its late-2016 decision. The professor says it's just about 1% of Qualcomm's Korean revenues over the last 25 years, or 2% of what "Qualcomm generated through its illegal activities in South Korea." Instead, he writes, it's about the KFTC's corrective orders, which are about Qualcomm's business model.

          The article talks about how Samsung ceased to complain about Qualcomm's practices after its new (early 2018) deal. Well, during the course of those Qualcomm antitrust investigations in multiple jurisdictions, Samsung was far from the only company to sign a new chipset purchasing and patent licensing agreement. Apple settled during opening statements at the April 2019 trial in San Diego--as did Korea's LG Electronics a few months later. There's no basis for pointing fingers at those companies: they're in the smartphone business, not in the antitrust enforcement business. But I do agree with the professor that Korea's competition authority (and, needless to say, the courts) have a responsibility here. (As for the companies that settled their formal or informal disputes with Qualcomm, there's plenty of testimony from the time before those deals were struck, and that testimony is still useful, as it was in the U.S. FTC v. Qualcomm case--where Samsung also filed a great amicus curiae brief.)

      • Copyrights

        • Independent Labels Take a Firm Stance Against UMG-Tencent Deal

          Smith's organization believes that the share purchase of UMG by Tencent would hurt independent record companies because of Tencent's footprint in the Chinese digital music market.

          It currently controls 90% of this market while having a considerable presence in nearby Asian markets. It also owns 4 out of the top 5 music apps across the world.

        • Telegram Faces Anti-Piracy Referral to US Over Cryptocurrency Plans

          Russia-based anti-piracy outfit AZAPI is threatening to report Telegram to United States authorities including the SEC if the platform does not introduce fingerprinting technologies. The association says that a crackdown is necessary because Telegram's blockchain project TON will be used to anonymously monetize the spread of copyrighted content.

        • BREIN Wins Court Case Against Prolific Torrent and Usenet Uploader

          Acting on behalf of various copyright holders, Dutch anti-piracy group BREIN has won a court case against an uploader at torrent and Usenet sites. The man, who was also a sysop at the sites, must remove his uploads and provide information on any accomplices. According to BREIN, evidence clearly shows that commercial Usenet companies are involved with the operation of pirate sites.

        • Millions Now Have Access to the CC Certificate in Italian and Arabic!

          In particular, we are proud to highlight the work of CC Network members in Italy and Saudi Arabia. Paola Corti and Lokesh Rajendran have made CC Certificate content translations available in Italian and Arabic. With these translations, over 483 million additional people around the world have access to the course content in their first language.



Recent Techrights' Posts

Open letter to the ACM regarding Codes of Conduct impersonating the Code of Ethics
Reprinted with permission from Daniel Pocock
With 9 Mentions of Azure In Its Latest Blog Post, Canonical is Again Promoting Microsoft and Intel Vendor Lock-in, Surveillance, Back Doors, Considerable Power Waste, and Defects That Cannot be Fixed
Microsoft did not even have to buy Canonical (for Canonical to act like it happened)
Links 28/03/2024: GAFAM Replacing Full-Time Workers With Interns Now
Links for the day
Consent & Debian's illegitimate constitution
Reprinted with permission from Daniel Pocock
The Time Our Server Host Died in a Car Accident
If Debian has internal problems, then they need to be illuminated and then tackled, at the very least in order to ensure we do not end up with "Deadian"
China's New 'IT' Rules Are a Massive Headache for Microsoft
On the issue of China we're neutral except when it comes to human rights issues
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 27, 2024
IRC logs for Wednesday, March 27, 2024
WeMakeFedora.org: harassment decision, victory for volunteers and Fedora Foundations
Reprinted with permission from Daniel Pocock
Links 27/03/2024: Terrorism Grows in Africa, Unemployment in Finland Rose Sharply in a Year, Chinese Aggression Escalates
Links for the day
Links 27/03/2024: Ericsson and Tencent Layoffs
Links for the day
Amid Online Reports of XBox Sales Collapsing, Mass Layoffs in More Teams, and Windows Making Things Worse (Admission of Losses, Rumours About XBox Canceled as a Hardware Unit)...
Windows has loads of issues, also as a gaming platform
Links 27/03/2024: BBC Resorts to CG Cruft, Akamai Blocking Blunders in Piracy Shield
Links for the day
Android Approaches 90% of the Operating Systems Market in Chad (Windows Down From 99.5% 15 Years Ago to Just 2.5% Right Now)
Windows is down to about 2% on the Web-connected client side as measured by statCounter
Sainsbury's: Let Them Eat Yoghurts (and Microsoft Downtimes When They Need Proper Food)
a social control media 'scandal' this week
IRC Proceedings: Tuesday, March 26, 2024
IRC logs for Tuesday, March 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Windows/Client at Microsoft Falling Sharply (Well Over 10% Decline Every Quarter), So For His Next Trick the Ponzi in Chief Merges Units, Spices Everything Up With "AI"
Hiding the steep decline of Windows/Client at Microsoft?
Free technology in housing and construction
Reprinted with permission from Daniel Pocock
We Need Open Standards With Free Software Implementations, Not "Interoperability" Alone
Sadly we're confronting misguided managers and a bunch of clowns trying to herd us all - sometimes without consent - into "clown computing"
Microsoft's Collapse in the Web Server Space Continued This Month
Microsoft is the "2%", just like Windows in some countries
Links 26/03/2024: Inflation Problems, Strikes in Finland
Links for the day
Gemini Links 26/03/2024: Losing Children, Carbon Tax Discussed
Links for the day
Mark Shuttleworth resigns from Debian: volunteer suicide and Albania questions unanswered, mass resignations continue
Reprinted with permission from Daniel Pocock
Links 26/03/2024: 6,000 Layoffs at Dell, Microsoft “XBox is in Real Trouble as a Hardware Manufacturer”
Links for the day
Gemini Links 26/03/2024: Microsofters Still Trying to 'Extend' Gemini Protocol
Links for the day
Look What IBM's Red Hat is Turning CentOS Into
For 17 years our site ran on CentOS. Thankfully we're done with that...
The Julian Paul Assange Verdict: The High Court Has Granted Assange Leave to Appeal Extradition to the United States, Decision Adjourned to May 20th Pending Assurances
The decision is out
The Microsoft and Apple Antitrust Issues Have Some But Not Many Commonalities
gist of the comparison to Microsoft
ZDNet, Sponsored by Microsoft for Paid-for Propaganda (in 'Article' Clothing), Has Added Pop-Up or Overlay to All Pages, Saying "813 Partners Will Store and Access Information on Your Device"
Avoiding ZDNet may become imperative given what it has turned into
Julian Assange Verdict 3 Hours Away
Their decision is due to be published at 1030 GMT
People Who Cover Suicide Aren't Suicidal
Assange didn't just "deteriorate". This deterioration was involuntary and very much imposed upon him.
Overworking Kills
The body usually (but not always) knows best
Former Red Hat Chief (CEO), Who Decided to Leave the Company Earlier This Month, Talks About "Cloud Company Red Hat" to CNBC
shows a lack of foresight and dependence on buzzwords
IRC Proceedings: Monday, March 25, 2024
IRC logs for Monday, March 25, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Discord Does Not Make Money, It's Spying on People and Selling Data/Control (38% is Allegedly Controlled by the Communist Party of China)
a considerable share exists
In At Least Two Nations Windows is Now Measured at 2% "Market Share" (Microsoft Really Does Not Want People to Notice That)
Ignore the mindless "AI"-washing
Internet Relay Chat (IRC) Still Has Hundreds of Thousands of Simultaneously-Online Unique Users
The scale of IRC