EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

12.03.19

Links 3/12/2019: elementary OS 5.1 Hera, Plasma 5.17.4, Firefox 71

Posted in News Roundup at 11:50 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Paul’s 2019 Holiday Gift Guide
    • Meemaw’s 2019 Holiday Gift Guide
    • Mind Your Step #4: Holiday Gift Guide 2019
    • Buying for a Linux Fan? Check Out Our Epic Christmas Gift Guide

      There are just 22 days left until Christmas — already? so soon!! — at the time of writing this, so you’ll need to move fast and buy your gifts now to ensure that they arrive in time to be wrapped, fondled, and stashed under the xmas tree.

      Now, the Linux gift ideas that follow are not based on anything other than my own subjective tastes, i.e. this is stuff I’ve seen and thought: “heh, that looks like something I wouldn’t be annoyed to receive”.

    • Linux and the first-time developer’s journey

      Any electronic design engineer practicing today will be familiar with open source software. Nowadays, it is likely that the question of using an open source operating system is always on the agenda at a new project kick-off meeting.

      Linux is clearly a popular solution. In fact, it has been reported that Linux is used on every supercomputer in the Top500 project. Thanks to its tie-in with Android, it is also one of the most widely deployed general-purpose operating systems. Its open nature means that anyone can take Linux and configure it for use on a particular hardware platform, which has also made it popular for embedded applications.

    • Server

      • Helm Package Manager for Kubernetes Moves Forward

        The official release of version 3.0 of the Helm package manager for Kubernetes is designed to make it easier for IT organizations to discover and securely deploy software on Kubernetes clusters more easily.

        Taylor Thomas, a core contributor to Helm who is also a software developer for Nike, says for the last year the committee that oversees the development of Helm under the auspices of the Cloud Native Computing Foundation (CNCF) has been structuring the package manager to rely more on the application programming interfaces (APIs) that Kubernetes exposes to store records of installation. Helm Charts, which are collections of YAML files describing a related set of Kubernetes resources, now can be rendered on the client, eliminating the need for the Tiller resource management tool resident in the previous release of Helm that ran on the Kubernetes cluster.

        In addition to providing a more secure way to render Helm Charts, Thomas says this approach provides a more streamlined mechanism for packaging software using Helm. Helm 3.0 also updates Helm Charts and associated libraries.
        Additionally, a revamped Helm Go software development kit (SDK) is designed to make Helm more accessible, with the aim of sharing and reusing code the Helm community has open-sourced with the broader Go community, says Thomas.

      • Gardener Project Update

        Last year, we introduced Gardener in the Kubernetes Community Meeting and in a post on the Kubernetes Blog. At SAP, we have been running Gardener for more than two years, and are successfully managing thousands of conformant clusters in various versions on all major hyperscalers as well as in numerous infrastructures and private clouds that typically join an enterprise via acquisitions.

        We are often asked why a handful of dynamically scalable clusters would not suffice. We also started our journey into Kubernetes with a similar mindset. But we realized that applying the architecture and principles of Kubernetes to productive scenarios, our internal and external customers very quickly required the rational separation of concerns and ownership, which in most circumstances led to the use of multiple clusters. Therefore, a scalable and managed Kubernetes as a service solution is often also the basis for adoption. Particularly, when a larger organization runs multiple products on different providers and in different regions, the number of clusters will quickly rise to the hundreds or even thousands.

        Today, we want to give an update on what we have implemented in the past year regarding extensibility and customizability, and what we plan to work on for our next milestone.

      • What is Cloud Native?

        Cloud native is more than just a buzzword, though. It’s an approach used by some of the largest organizations on the planet, including Walmart, Visa, JP Morgan Chase, China Mobile, Verizon and Target, among others. Cloud native is an approach that enable developers and organization to be more agile, providing workload portability and scalability.

      • What is Kata Containers and why should I care?

        Kata Containers can significantly improve the security and isolation of your container workloads. It combines the benefits of using a hypervisor, such as enhanced security, and container orchestration capabilities provided by Kubernetes.

        Together with Eric Erns from Intel, we have recently performed a webinar in which we presented the benefits of using Kata Containers in a Charmed Kubernetes environment. In this blog, we aim to highlight the key outcomes from this webinar.

      • IBM

        • CentOS 8 Stream – the distro streampunk

          CentOS 8 Stream looks like a nice, smart project. Whether it’s going to grant the intended users, i.e. not desktop folks, the necessary levels of flexibility and stability and modernity, well, time shall tell. But it is a sensible idea, because at the moment, the choice is one between austerity and unpredictability.

          I am testing from the desktop angle, so the considerations are definitely different – and the benefits smaller if any. But then, I’m thinking. Could I perhaps commit this to some production or semi-production desktop machine, and see whether it offers long-term value? In general, I don’t like the concept of using third-party repositories on systems used for serious work, but I’m tempted enough to see how well this pans out. Hm, we shall see. The end, cliffhanger style.

        • New Eclipse MicroProfile book provides introduction to enterprise Java microservices

          Fellow Red Hat associates Cesar Saavedra, Pavol Loffay, Jeff Mesnil, Antoine Sabot-Durand, Scott Stark, and I have written a book on Eclipse MicroProfile, called Hands-On Enterprise Java Microservices with Eclipse MicroProfile.

          This 256-page book provides an introduction to microservices and why they are important, and it showcases Eclipse MicroProfile as a way to implement so-called 12-factor apps.

        • APIs as a Product: Get the value out of your APIs

          APIs continue to spread, as seen in this 2019 report from ProgrammableWeb, which shows a 30% increase over last year’s growth rate. More regulations are enforcing the use of APIs to open up companies and foster innovation. Think of the Payment Services Directive version two (PSD2), open banking, and the public sector releasing 0pen data APIs. With such an abundance of APIs, it becomes increasingly crucial to get the value out of your APIs and differentiate yourself from the growing competition. It’s time to design and manage your APIs as a Product.

        • Did you know that Red Hat Enterprise Linux for public clouds has management included?

          To get started with Insights, the first thing you’ll need to do is create a Red Hat customer portal login if you don’t already have one using these instructions. This will give you access to the Red Hat Customer Portal and cloud.redhat.com which includes the Insights dashboard. Next, use the Getting Started page to enable the Insights client.

        • Registration for Red Hat Summit 2020 now open!

          One of the most exciting days of the year is finally here. Registration for Red Hat Summit 2020 is now open!

          We’re heading back to San Francisco and the Moscone Center on April 27-29, 2020, where we expect thousands of customers, partners and technology industry leaders from around the world to come together for a high-energy week of innovation, education and collaboration.

          [...]

          For the past 15 years, Red Hat Summit has delivered inspirational, educational and actionable content, industry-shaping news, and insight into best practices from customers and partners from around the world and across industries. Attendees also have the chance to talk to the teams who produce the technologies they depend on, and learn more about Red Hat’s product roadmap.

        • Data science, orchestration, and more Ansible news

          November’s wander-around-the-web has turned up some interesting Ansible stories. It’s fascinating to explore Ansible development through data, as Greg Sutcliffe does in his blog linked below. On the YouTubes this month, we found a couple of really interesting talks.

        • An idiot’s guide to Kubernetes, low-code developers, and other industry trends

          As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

        • A blueprint for OpenStack and bare metal

          The bare metal cloud is an abstraction layer for the pools of dedicated servers with different capabilities (processing, networking or storage) that can be provisioned and consumed with cloud-like ease and speed. It embraces the orchestration and automation of the cloud and applies them to bare metal workload use cases.

          The benefit to end users is that they get access to the direct hardware processing power of individual servers and are able to provision workloads without the overhead of the virtualization layer—providing the ability to provision environments in an Infrastructure-as-code methodology with separation of tenants and projects.

        • APIs as a Product: Get started in no time

          In the previous article, APIs as a Product: Get the value out of your APIs, we presented a new approach called “APIs as a Product” to maximize the value of your APIs. In this article, we show how to quickly get started with APIs as a Product using the new features of Red Hat 3scale API Management 2.7.

          To showcase the power of 3scale 2.7’s new features, combined with the awesomeness of the open source communities Apicurio and Microcks, we will design two APIs as a Product and show how we can compose both products in 3scale to get the resulting API as a Product.

          Let’s look at the well-known Petstore example. Imagine for a moment that the first steps of the API Design Thinking process led to this rough definition of the customer’s needs:

        • Kubernetes reality check: 3 takeaways from KubeCon

          Well over half the attendees were conference first-timers. On the one hand, lots of new blood is a sign of a healthy community. On the other hand… well, I’ll let one such first-timer, consultant and industry analyst Keith Townsend, speak for himself: “I’m not shy in saying I don’t know what’s going on at this keynote. It’s not aimed at me or people like me for sure. To use a metaphor – it feels like I’ve been dropped in the middle of an industry conference like the American Medical Association. There are some words and concepts I understand, but overall I’m lost. And there are very few IT topics,” he noted on Twitter.

          Enterprise distributions can help to abstract away some of this complexity by making opinionated choices about components and otherwise packaging the cloud-native ecosystem into a more consumable form.

        • Testing in production: From DevTestOops to DevTestOps

          DevNation tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about testing in production from Alex Soto, Red Hat Software Engineer.

          DevOps has grown in popularity in recent years, particularly in software companies that want to reduce lead time to be measured in days/weeks instead of months/years. To make sure your software does the right things and does those things right, you need to test it implacably. Many companies, however, see the testing phase as a bottleneck that slows product release. To change that, we need a new approach — making the release process of an application a testing process and involving QA from the beginning.

        • Red Hat CodeReady Workspaces 2: New tools to speed Kubernetes development

          We are pleased to announce the release of Red Hat CodeReady Workspaces 2.0. Based on Eclipse Che, its upstream project CodeReady Workspaces is a Red Hat OpenShift-native developer environment enabling cloud-native development for developer teams.

        • What we risk when we open up to customers (and why it’s worth it)

          Customer empowerment is one consequence of digital transformation. And as we explained in the first part of this series, it’s a powerful one. Empowering customers can deepen their relationship with your organization—but it won’t work if they don’t trust you.

          In this article, we’ll explain how acting openly can create that foundation of trust—and why it can lead to business success.

        • Blockchain in 2020: 5 trends to watch

          If you’re looking for a one-word summary of corporate blockchain efforts in 2019, try “experimentation.” The hype is subsiding and more businesses are actively trying to figure out how they can actually use the technology to their benefit.

          “2019 has continued what 2018 started – enterprises experimenting,” says George Spasov, blockchain architect and co-founder at LimeChain. “The finger-dipping exercises of the last year have encouraged further experimentation this year, while dragging along new experimenters.”

        • IT burnout: A personal story

          I really didn’t notice it taking a toll on me at the time but, looking back, I started showing symptoms of burnout fairly early. However, it was easy to push aside with the excitement of moving to new roles with increasing responsibility and continuing my aggressive pursuit of learning. Before I knew it, several years had passed and I was officially burnt out.

          “Burnout” isn’t just being bored or tired at your job; it’s a serious issue with real consequences. The Mayo Clinic defines burnout as “a special type of work-related stress — a state of physical or emotional exhaustion that also involves a sense of reduced accomplishment and loss of personal identity.”

          While burnout is not an official medical diagnosis, it goes hand in hand with underlying medical conditions such as depression and anxiety, which could make symptoms worse.

          I wasn’t officially diagnosed with clinical depression until 2012 but I’ve been dealing with it my entire life (and by “dealing with it,” I mean completely ignoring it, which I do not recommend.) It wasn’t until I started taking medication and seeing a therapist that I realized how much burnout was affecting my everyday life.

    • Audiocasts/Shows

      • 2019-12-02 | Linux Headlines 59

        Lutris gets a shot of cash from Epic Games, Django unchains version 3, and the Qt folks have a new marketplace.

      • Kali Linux 2019.4 overview | The Most Advanced Penetration Testing Distribution, Ever.

        In this video, I am going to show an overview of Kali Linux 2019.4 and some of the applications pre-installed.

      • Podcast.__init__: Making Complex Software Fun And Flexible With Plugin Oriented Programming

        Starting a new project is always exciting because the scope is easy to understand and adding new features is fun and easy. As it grows, the rate of change slows down and the amount of communication necessary to introduce new engineers to the code increases along with the complexity. Thomas Hatch, CTO and creator of SaltStack, didn’t want to accept that as an inevitable fact of software, so he created a new paradigm and a proof-of-concept framework to experiment with it. In this episode he shares his thoughts and findings on the topic of plugin oriented programming as a way to build and scale complex projects while keeping them fun and flexible.

      • Pikachu, FOSS Decade, .ORG vs Girl Scouts, Drake, and Perineum Sunning

        TIK TEK TOE, episode 007. Marcel and Evan discuss Ryan Reynold’s continued redemption with Detective Pikachu, martial arts movies, VR arcades, whether a decade starts on a 0 or 1, what kind of decade FOSS has had, or is about to have had, the Internet Society and .ORG vs the Girl Scouts (our money is on the Girls Scouts), on-demand culture, Drake (yeah, that Drake), and perineum sunning.

        Once you’re done listening, or right now for that matter, please (pretty please, even) make sure you share this podcast with your friends, family, neighbours, enemies . . . just share and recommend. Also, if you can spare a few extra keystrokes, be sure to leave us a comment and tell us how we’re doing.

      • Brunch with Brent: Rocco | Jupiter Extras 36

        Brent sits down with Rocco of Big Daddy Linux for a conversation about the origins of Linux Spotlight, some shared behind-the-scenes podcasting perspectives, and just how great we feel about our linux community.

    • Kernel Space

      • XFS For Linux 5.5 Brings Quite A Few Changes

        The XFS file-system is seeing a large number of changes for the in-development Linux 5.5 kernel.

        Darrick Wong characterized the changes for this release as having “changed quite a few things” and indeed the list is much longer than we are used to seeing out of a proven and mature file-system.

      • Linux 5.5 Livepatching Tracks The System State For Better Patch Handling/Compatibility

        With the Linux 5.5 livepatching support comes system state tracking in order to better handle different kernel live patches over time that could potentially clash with one another. Patches altering shadow variables and callbacks could lead to cases where live-patches cannot be reverted easily or not jive with future live-patches, but the system state tracking is designed to track those state changes so there is the ability to revert complex patches later on.

      • Graphics Stack

        • Think Silicon® demonstrates early preview of Industry’s first RISC-V ISA based 3D GPU at the RISC-V Summit

          Think Silicon, recognized for the successful ultra-low power NEMA® GPU-Series for MCU driven SoCs, announced the demonstration of the industry’s first RISC-V ISA based 3D GPU — the NEOX|V™. Attendees at the RISC-V Summit, in San Jose, California, will have the first opportunity to witness this new GPU innovation designed for the rapid deployment of Computer Graphics, Machine Learning and open GPGPU compute framework applications.

          Offering a myriad of flexible possibilities, NEOX|V ™ IP is designed to be easily configured for applications such as computer graphics, machine learning, vision/video processing and general-purpose compute. The new offering provides a platform for implementation in multiple embedded and external devices across many consumer and industrial vertical markets including Graphics, Compute, and AI for IoT/Edge/Compute.

        • NEOX V Announced By Think Silicon As First RISC-V 3D GPU

          While there has been the Libre RISC-V community-driven effort to create a RISC-V graphics processor that basically amounts to a RISC-V core with vector extensions/improvements and running a Vulkan software implementation (though they are now reportedly eyeing POWER instead of RISC-V), Think Silicon has announced the first actual RISC-V ISA based 3D graphics processor.

        • ELCE Lyon: Everything Great About Upstream Graphics

          At ELC Europe in Lyon I held a nice little presentation about the state of upstream graphics drivers, and how absolutely awesome it all is. Of course with a big focus on SoC and embedded drivers. Slides and the video recording

        • Mesa Adds Option For Changing Intel’s OpenGL Driver Default

          While originally Intel planned to transition their OpenGL driver default to the modern “Iris” Gallium3D driver rather than the longstanding “i965″ DRI driver for Mesa 19.3, that was pushed back to Mesa 20.0 for introduction in Q1’2020. In aiming to make that revised milestone a reality, a new option has been added to Mesa 20.0 with the Meson build system for being able to indicate the Intel OpenGL driver preference.

          The plan is for Mesa 20.0 to default to their new Gallium3D driver with Broadwell “Gen8″ graphics and newer, including Icelake “Gen11″. It’s with Tiger Lake “Gen12″ graphics where there is only support being implemented anyhow on this Gallium3D driver and not the older i965 OpenGL driver. As it stands right now when building Mesa, the i965 driver is used by default and then an environment variable allows overriding the driver to load in order to use Iris Gallium3D.

        • Arm’s Mali T720 Now Stable With Panfrost Gallium3D On Mesa 20.0

          The Panfrost Gallium3D driver that is the open-source OpenGL community-led driver for supporting Arm Mali Midgard/Bifrost architectures now has stable support for the T720 GPU.

          The T720 is now enabled in Mesa 20.0-devel with the GPU support being equal to that of the already supported T760 and alongside other Mali GPUs like the T820/T860.

    • Applications

      • HomeBank: How To Add New Categories And Create Split Transactions

        Although I primarily use GnuCash to track my family’s personal finances, I decided to try HomeBank as a secondary program. HomeBank was a pleasant surprise; it is easily configured, has a friendly interface, can generate nice charts and reports, and is accompanied by good documentation. If GnuCash seems too complex or intimidating for your needs, HomeBank just might be the alternative that hits the sweet spot.

        If you are brand new to HomeBank, a good starting point is Meemaw’s article in the March 2012 issue of The PCLinuxOS Magazine, called “Linux Financial Apps: HomeBank”.

        Her tutorial covers what is probably ver. 4.4 of the program. HomeBank’s interface and behavior have not changed drastically since then. However, I should mention that the term “wallet” is no longer used to refer to files.

      • Five best open source Backup utilities for Linux

        Data loss is a common threat we all face these days. Disk failure or other user mistakes might result in data loss. Losing data is more hazardous for a data center which stores tons of information every day. There are so many backup Utilities available in the market which makes it confusing to choose the best one among the numerous options. This article will help you select the most appropriate free backup utility for Linux that might fit your needs.

      • Repo Review: Photo Filmstrip

        PhotoFilmStrip is a nice program for easily creating video slideshows of your photos. It supports audio tracks, panning and zooming, and has a few transition and image effects. The interface is quite well designed, making the program quick and easy to use.

        [...]

        I really like how PhotoFilmStrip makes it very easy to quickly produce a high quality slideshow of your favorite photos. It’s definitely far simpler than doing it all manually in dedicated video editing software. I recommend PhotoFilmStrip to anyone looking for a quick and easy solution to photo slideshows.

      • nbdkit new eval plugin and ip filter

        nbdkit is our flexible toolkit for building block devices. I just added a couple of new features which will appear in the next stable release, nbdkit 1.18.

        Previously I’ve talked on this blog and gave a talk at FOSDEM about how you can write block devices in shell script using nbdkit-sh-plugin. But that requires you to use an extra file for the script. What if opening an extra file is too much work? Well now you can specify the script directly on the nbdkit command line using the new eval plugin.

      • Phoronix Test Suite 9.2 Released For Open-Source, Cross-Platform Benchmarking

        Phoronix Test Suite 9.2-Hurdal is available today as the newest quarterly feature release to the Phoronix Test Suite for automated, cross-platform and open-source benchmarking.

      • VLC 3.2.3 media player update adds new player redesign and more

        VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files, and various streaming protocols this week the latest update in the form of VLC 3.2.3 has started rolling out. Bringing with it a new user interface design for the audio and video player together with an improved TV interface as well as additional keyboard shortcuts within the Chrome OS.

    • Instructionals/Technical

    • Games

      • DXVK 1.4.6 Released With More Game Fixes For Direct3D 10/11 Over Vulkan

        DXVK 1.4.6 has fixes to fix rendering issues and the like with American Truck Simulator, Euro Truck Simulator 2, Final Fantasy XIV, and Warcraft III: Reforged. In the case of Warcraft III: Reforged, DXGI features should now allow DXVK to run the game. DXVK 1.4.6 also has crash fixes for mode changes or when closing a game as well as an issue where CPU-limited performance could degrade over time.

      • Imperator: Rome has a big Livy update released and the free Punic Wars DLC

        What could be a true turning point for Paradox Development Studio and Paradox Interactive with Imperator: Rome, a new update “Livy” is out along with the free Punic Wars DLC.

      • Neverwinter Nights: Enhanced Edition continues advancing, cross-play with consoles now up

        You have to hand it to the developers at Beamdog, they certainly support their revamped RPG classics for a long time. Neverwinter Nights: Enhanced Edition just got a big update too!

        The 1.79 stable patch is live and it comes alongside the launch of Neverwinter Nights: Enhanced Edition on PS4, Xbox One and Nintendo Switch and so Beamdog have enabled PC (Linux, macOS and Windows) online cross-play with Xbox (in January) and Switch (live now) but not the PS4.

      • Vatican priest spins-up ‘less toxic’ Minecraft server

        Father Robert Ballecer, a former tech blogger turned God-lover, decided he wanted to combine his two big passions and asked his Twitter followers (all 23,000 of them) what game he should create a server for. Minecraft won with 64 per cent, and so the server at minecraft.digitaljesuit.com was born.

        Ballecer’s aim is to create something a bit less ‘toxic’ than many of the mainstream servers out there.

      • Build a busy hive and make lots of honey in Hive Time, releasing this month

        A totally scientifically inaccurate depiction of hive dynamics! In Hive Time you’re responsible for growing your hive, making that sweet-sweet honey and producing a Queen before the current one dies.

      • Incredibly clever puzzle-platformer The Pedestrian releasing January 2020 with Linux support

        Skookum Arts have finally given their seriously clever puzzle-platform The Pedestrian a release date, coming to Linux on January 29, 2020.

        After testing an early build this year, which you can still try yourself on itch.io, I was instantly hooked. Such a brilliant idea. You control the person symbol you usually see on signs and you go running from sign to sign, rearranging and reconnecting signs in order to solve puzzles. Honestly, it’s absolutely fantastic with an awesome atmosphere.

      • Kharon’s Crypt – Even Death May Die heads to Early Access with a new trailer

        Kharon’s Crypt – Even Death May Die, a nonlinear dungeon crawler inspired by old Nintendo Game Boy Color games and Zelda is getting closer to an Early Access release and they have a sweet new trailer.

        This is another that was crowdfunded on Kickstarter (listed on our dedicated page) back in October of 2017. Playing as Kharon, you are a being thought to be death itself. Your mission is to escape from your crypt, where you had been sealed by a deranged king that wanted to elude death.

      • Try the free text adventure Kyle is Famous and try not to laugh

        Help Kyle prepare for an important interview with a guest on their hit TV show in Kyle is Famous, a somewhat absurd and free text adventure.

        Full text adventures like this are not something I usually go for personally, however Kyle is Famous ticks a few boxes. It has some truly ridiculous humour that’s hard not to enjoy, it’s also quite short and with multiple endings you can go back and have another quick run to see what happens.

      • Arsenal Demon, a fast-paced arena-survival FPS lands on Linux

        Wall running, long jumping and lots of pew-pew is what you will be doing in Arsenal Demon. It’s a newish arena-survival FPS and it’s now available on Linux too. It launched on Steam in October, with Linux (and macOS) getting support in mid-November.

        Much like an older favourite of mine called Devil Daggers, the overall idea is simple: you’re pushed into an arena and you have to survive as long as possible. Beat your last time, beat everyone else you know too. It’s ridiculously fast, it’s exciting and you get to customize your Arsenal Demon too.

      • Testing Google Stadia on Chromium (vs Chrome) on Linux

        Shortly after I had finished uploading my video where I wanted to see how well Google Stadia would work on Linux, somebody followed up with a question on whether it would work with Chromium, the open source browser on which Chrome is built. I didn’t actually know the answer, but I was willing to test it out, and I did, and I recorded it. :-)

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.17.4

          Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.17.4. Plasma 5.17 was released in October 2019 with many feature refinements and new modules to complete the desktop experience.

        • KDE Plasma 5.17.4 Desktop Environment Released with Nearly 50 Fixes, Update Now

          Highlights of KDE Plasma 5.17.4 include better compilation support with Qt 5.14, removal of deprecated API in KWindowSystem, fix for broken multimedia control on lock screen, the ability for the Folder view to use the selected text color for selected items in full representation, improved default layout for Workspace KCM, several Weather applet improvements, and new DesktopEntry for notifyrc, and disabled systeminfo test on systems without uname in Dr Konqi.

          All users are urged to update their installations as soon as possible to the KDE Plasma 5.17.4 point release, which will soon be available from the stable software repositories of your favorite GNU/Linux distributions. The next and last maintenance update in the KDE Plasma 5.17 desktop environment series will be KDE Plasma 5.17.5, due for release on January 7, 2020.

      • GNOME Desktop/GTK

        • GNOME Shell Hackfest 2019

          This October I attended the GNOME Shell Hackfest 2019 in the Netherlands. It was originally just planned as a small hackfest for core Shell developers, but then us designers decided to crash the party and it became a pretty big thing. In the end we were about 15 people from lots of different companies, including Red Hat, Endless, Purism, and Canonical. The venue was the Revspace hackerspace in Leidschendam, which is somewhere between the Hague and Leiden.

          The venue was very cool, with plenty of hackerspace-y gadgets and a room with couches and a whiteboard, which was perfect for the design team’s planning sessions.

    • Distributions

      • Kali Linux Gets New Desktop Environment & Undercover Theme

        Offensive Security, maintainer of the Kali Linux penetration-testing platform, has released a new version of the widely used open source project.

        Key improvements in Kali Linux 2019.4 include a brand-new default desktop environment, a unified user interface, and an undercover feature that allows security researchers to use the pen-testing tool in a public setting without tipping their hand.

        With the new release, Offensive Security has moved Kali Linux from Gnome to Xfce, a lightweight, open source desktop environment for Linux, BSD, and other Unix-like operating systems. The move is designed to improve performance and the user experience for pen-testers, according to Offensive Security.

      • Hiding The Hidden: Kali Linux 2019.4 Unleashed

        By the way, the update in-place from the previous version (2019.3) works swimmingly. However, the single bug-a-boo that I experienced was the necessity to drop postgresql10 for the latestest iteration of same; but that’s picking nits, now ain’t it guvnor? And, then there’s the Kali Undercover…plus, not to forget – Kali-Docs is now on Markdown. Savoire-Faire is Everywhere!

      • Kali Linux Adds ‘Undercover’ Mode to Impersonate Windows 10

        Kali Linux is popular among ethical hackers and pen testers alike, commonly used by researchers and red teamers to perform security tests. Last week, Kali Linux released version 2019.4 to the public, and the newest version boasts a new ‘undercover’ mode in which users can convert the Linux desktop to look like a Windows 10 device. Kali Linux’s reputation is the driving force behind this ‘undercover’ mode, as it may be suspicious to run Kali Linux in a professional or public setting. The new model solves this issue by offering users the option to make it appear as though they are running Windows rather than Linux.

      • elementary OS

        • Why use the Pantheon desktop for Linux Elementary OS

          Would you pay $20 for a Linux desktop? I would, and in fact, I regularly choose to pay more than that when I download free software! The reason I do this is that open source is worth it. For a copy of Elementary OS, US$ 20 happens to be the default asking price (you can download it for $1 or even $0 if you can’t afford anything more). What you get in return is an excellent and heavily curated distribution that ships with its own Pantheon desktop design.

          You may find Pantheon included in a software repository, as it is open source, but more likely, you’ll have to download and install Elementary Linux to experience it. If you’re not ready to install Elementary on your computer as the main OS, you can install it into a virtual machine, like GNOME Boxes.

          The Pantheon desktop is clean, attractive, and features many of the little things many users want in a desktop but could never quite get from the usual Linux desktops.

        • elementary OS 5.1 ‘Hera’ Linux Distro is Here
        • elementary OS 5.1 ‘Hera’ Linux distro is here

          elementary OS has long been viewed by many as the future of Linux on the PC thanks to its beautiful desktop environment and overall polished experience. Development of the Ubuntu-based operating system has been frustratingly slow, however. This shouldn’t be surprising, really, as the team of developers is rather small, and its resources are likely much less than those of larger distributions such as the IBM-backed Fedora or Canonical’s Ubuntu. And that is what makes elementary OS so remarkable — its developers can make magic on a smaller budget.

          Today, the latest version of the operating system is released. Code-named “Hera,” elementary OS 5.1 is now available for download. Support for Flatpak is now baked in — this is significant, as the developers explain it is “the first non-deb packaging format we’ve supported out of the box.” The Linux kernel now sits at a very modern 5.0. One of the most important aspects of elementary OS, the AppCenter, is now an insane 10 times faster than its predecessor. Wow.

        • elementary OS 5.1 Hera Released, This is What’s New

          This major update to elementary OS carries a wealth of changes and improvements, including native support for Flatpak, a faster App Centre store front, and many thoughtful refinements to the system’s bespoke UI.

          A free update for existing elementary OS users, the Hera uplift also introduces Linux Kernel 5.0 courtesy of Ubuntu’s recent LTS hardware enablement stack update.

          To learn more about what’s new in the elementary OS 5.1 release, and how to download it to try for yourself, keep reading!

          elementary OS 5.1 Hera

          The bulk of the changes being offered in the elementary OS 5.1 update aren’t strictly new as they’ve been iteratively pushed out via software updates to the elementary 5.0 Juno release.

          But the sum total of those updates is enough to create a distinct, separate version number with new .iso images for folks to download. Think of it like an Ubuntu point release, in that sense.

        • elementary OS 5.1 “Hera” Officially Released with Flatpak Support, New Greeter

          The elementary team proudly announced today the official availability of the elementary OS 5.1 “Hera” operating system, a major update that adds many improvements and new features, as well as updated components and fresh new artwork.

          elementary OS 5.1 “Hera” is the culmination of one year of hard work, during which the development team implemented out-of-the-box Flatpak support to make it easier and secure for users to install third-party apps that are not available in the AppCenter, but are essential for their everyday tasks.

          For this, elementary OS 5.1 comes with Sideload, a new, in-house built graphical utility that lets you install Flatpak apps with single click. In addition, elementary OS 5.1 adds Flatpak support to the AppCenter so that users can manage Flatpak apps alongside regular applications from the official repositories.

        • Meet The Linux Desktop That’s More Elegant Than Mac And Windows 10

          It’s no secret I have a distaste for Windows 10. Its telemetry, endless nagging, broken updates and general bloat pushed me to Linux last year. My opinion about macOS is less critical. I still utilize it for the occasional music production tasks, and it respects my privacy far better than Microsoft’s desktop OS. Unfortunately, the macOS experience hasn’t evolved much, and with each new update Apple continues its forced obsolescence of older hardware. But there’s a Linux alternative that exudes pure desktop elegance and runs like a dream on older machines. It emphasizes a clean workflow and thoughtful design in every single pixel. Yea, it’s time to pay attention to elementary OS.

          You’ve probably heard of Ubuntu, one of the most popular Linux distributions out there. Well, elementary OS is based on the stable version of Ubuntu (meaning you’ll get a thoroughly tested kernel and software) but it makes substantial tweaks to its presentation by using a custom Desktop Environment called Pantheon.

          At first blush, elementary OS (and by extension, the Pantheon desktop) may remind you of macOS — it may even comfortably feel like it — but when you start to dig in and use it, the differences become clear. It’s not only easier, but far more elegant.

          Today the developers behind elementary OS introduced version 5.1, which I’ve been testing for the last week. It brings several substantial improvements, and manages to outclass macOS (and every other Linux distribution available) in a few key areas.

      • New Releases

        • CAINE 11.0 “Wormhole” is out!

          CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project
          Currently the project manager is Nanni Bassetti (Bari – Italy).
          CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.

      • Screenshots/Screencasts

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • Mageia 6 End of Life – Time to Upgrade

          As you know, Mageia 7 was released this summer, followed shortly after by Mageia 7.1. It is time to say goodbye to Mageia 6 – updates have stopped, including security updates.
          As usual, before the upgrade, do a backup of your data and documents.

        • [PCLinuxOS] Screenshot Showcase
        • PCLinuxOS Family Member Spotlight: Revoluz

          Why and when did you start using Linux?
          2006 Open-Suse, 6 Months later PCLinuxOS my only distro.

          What specific equipment do currently use with PCLinuxOS?
          Office, Graphics, Multimedia – Jack-Audio, HTML Website build and not so often anymore, 3D CAM

          Do you feel that your use of Linux influences the reactions you receive from your computer peers or family? If so, how?
          Trying to make people curious by talking about it.

          What would you like to see happen within PCLinuxOS that would make it a better place. What are your feelings?
          That Mini Live CD correspond to the Sinn Mini, only for the wide hardware compatibility and peripherals such as printers and scanners.

      • SUSE/OpenSUSE

        • Software Development, Microservices & Container Management – Part III – Why Kubernetes? A Deep Dive into Kubernetes world

          Together with my colleague Bettina Bassermann and SUSE partners, we will be running a series of blogs and webinars from SUSE (Software Development, Microservices & Container Management, a SUSE webinar series on modern Application Development), and try to address the former questions and doubts about K8s and Cloud Native development and how it is not compromising quality and control.

        • Epic Performance with New Tuning Guide – SUSE Linux Enterprise Server on AMD EPYC* 7002 Series Processors

          EPYC is AMD’s flagship mainstream server microprocessors and supports 1-way and 2-way multiprocessing. The first generation was originally announced back in May 2017 and replaced the previous Opteron server family with the introduction of the Zen microarchitecture for the mainstream market.

        • Content Lifecycle Management in SUSE Manager

          Content Lifecycle management is managing how patches flows through your infra in a staged manner. In ideal infra, latest patches will always be applied on development servers. If everything is good there then those patches will be applied to QA servers and lastly to production servers. This enables sysadmins to catch issues if any and hence preventing patching of prod system which may create downtime of live environments.

          SUSE Manager gives you this control via content lifecycle. In this, you create custom channels in SUSE Manager for example dev, qa and prod. Then you register your systems to those channels according to their criticality. Now whenever channels gets the new patches it will be available to respective systems (registered to those channels) to install. So if you control channels you control the patch availability to systems.

          In content lifecycle management, suse manager enables you to push patches to channels manually. Like on first deploy all latest patches will be available to dev channels and hence dev systems. At this stage, if you run update commands (zypper up, yum update) they will show latest patches only on dev servers. QA and prod servers wont show any new patches.

      • Fedora Family

        • Event Report: CCOSS’19

          CCOSS stands for “Cumbre de Contribuidores de Open Source Software” (Contributors Summit in Open Source Software). It is the first event in Mexico dedicated to improving accessibility for latin tech practitioners to contribute to world-leading open source technologies, focusing on delivering content in Spanish & providing hands-on mentoring opportunities.

        • Latinoware 2019

          In its 16th edition, Latinoware started on Wednesday (27) and continued until Friday (29), with a program of over 300 activities. The Latin American Congress of Free Software and Open Technologies at the Rafain Palace Hotel & Convention, in Foz do Iguaçu, attracted over 2700 of participants, including children, students, professionals and even older people, interested in the different topics addressed.

      • Debian Family

        • Sparky 2019.12

          There are new live/install media of Sparky 2019.12 “Po Tolo” available to download, which is based on the testing branch of Debian “Bullseye”.

          Goals:
          • system upgraded from Debian testing “Bullseye” repos as of December 1, 2019
          • Calamares installer 3.2.17
          • Linux kernel 5.3.9 as default (5.4.1 & 5.3.14 in Sparky unstable repos)

          No reinstallation is required if you have Sparky 2019.xx (of the line 6) installed, simply make full system upgrade.

        • Tails Anonymous OS Promises Secure Boot Support and More Robust Upgrades in 2020

          The Tails project, which develops the Debian-based Tails amnesic incognito live operating system, has announced today some of their major plans for 2020 to improve the anonymous OS used by NSA whistle-blower Edward Snowden to stay hidden online.

          In 2020, the Tails project plans to release numerous updates to its Tails anonymous OS, some of which will be major ones implementing big new features like support for Secure Boot to offer better compatibility with more hardware components, thus making it easier to start Tails on PCs and Macs.

          While Secure Boot support is planned for July 2020, when the Tails 4.9 release should hit the streets, the project also aims to deal with the manual upgrades as soon as January 2020. These manual upgrades have been bugging users for a long time now, but Tails wants to make the upgrade process less painful, lighter and more robust.

        • Our plans for 2020

          On October 7, we launched our donation campaign by explaining why supporting Tails is more important than ever. On October 31, we summarized what we did in 2019 to make Tails easier to adopt by new users. Today we pass on to you our plans for 2020.

          But first, we are pleased that the donation campaign has been pretty successful so far. We received around 50 000 € already, which is 69% more than last year. Still, these good results are due to some large donations and fewer people have been donating so far, 16% less than in 2018. We hope that after reading this post many of you will consider donating to Tails.

        • The Debian Janitor

          There are a lot of small changes that can be made to the Debian archive to increase the overall quality. Many of these changes are small and have just minor benefits if they are applied to just a single package. Lintian encourages maintainers to fix these problems by pointing out the common ones.

          Most of these issues are often trivially fixable; they are in general an inefficient use of human time, and it takes a lot of effort to keep up with. This is something that can clearly be automated.

          Several tools (e.g. onovy’s mass tool, and the lintian-brush tool that I’ve been working on) go a step further and (for a subset of the issues reported by lintian) fix the problems for you, where they can. Lintian-brush can currently fix most instances of close to 100 lintian tags.

          Thanks to the Vcs-* fields set by many packages and the APIs provided by hosting platforms like Salsa, it is now possible to proactively attempt to fix these issues.

          The Debian Janitor is a tool that will run lintian-brush across the entire archive, and propose fixes to lintian issues via pull request.

      • Canonical/Ubuntu Family

        • Lubuntu Focal Fossa 20.04 LTS Wallpaper Contest

          The Lubuntu Team is pleased to announce we are running a Focal Fossa wallpaper competition, giving you, our community, the chance to submit, and get your favorite wallpapers included in the Lubuntu 20.04 LTS (Long Term Support) release.

        • Ubuntu Weekly Newsletter Issue 607

          Welcome to the Ubuntu Weekly Newsletter, Issue 607 for the week of November 24 – 30, 2019. The full version of this issue is available here.

        • Ubuntu 19.10 offers ‘integrated’ AI/ML developer experience

          Autumn (or Fall, depending on your level of Americanization) was a busy period… so busy in fact that the Computer Weekly Open Source Insider blog saw a number of milestone advancements go whizzing past.

          Among those news items we’re catching up on as we approach the Christmas silly season is the latest update from Canonical on Ubuntu.

          Canonical is positioning Ubuntu as (in its view) an operating system (OS) of choice for ‘most’ (it was clear not to say all) public cloud workloads, as well as the emerging categories of ‘smart gateways’, self-driving cars and advanced robots.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • OSI

        • October 2019 License-Discuss Summary

          We would like to introduce (and thank!) Amol Meshram, who has joined us here at the OSI to provide monthly summaries of both the License-Discuss and License-Review mailing lists. We hope these reports provide you with a helpful snapshot of the monthly activities on the lists, keeping you up to date with the latest topics, while also providing a reference point for further discussion. Of course all suggestions are welcome as we continue to enhance our reporting. We will try our best to include the feedback from OSI community members to make the summaries as accurate as possible and the discussions lively and fruitful.

        • October 2019 License-Review Summary

          Carlo Piana is not in favour of The Vaccine License and feels it is a trolling exercise. Filli Liberandum suggested to Carlo Paina to read the mailing list code of conduct. In furtherance to it, Filli Liberandum explained why there is a necessity of acknowledging The Vaccine License by OSI board and its members.
          Anand Chowdhary based on his experience of adding privacy compliance under twente open source license pointed out that there are better ways to protect privacy of individuals like local/national/international regulation instead of protecting it through open source license. He is of the opinion that there are better ways to advocate for vaccination and open source license is not the better way to advocate for it.
          Filli Liberandum countered to Anand Chowdhary by citing example of Cryptography Autonomy License of Mr. Lindstrom which ask for some release of data as a condition and head of OSI has publicly accepted this condition. Pamela Chestek brought into notice of Filli Liberandum that OSI did not endorse the view of Simon Phipps (referred head of OSI by Filli) on Cryptography Autonomy License data condition clause. Simon Phipps is member of the board along with others. Simon Phipps views on CAL are personal.
          Filli Liberandum raised a concern with respect to archives as it is stuck in a plaintext mode.
          Simon Phipps suggested to Filli Liberandum to familiarize with License-review process and change the tone of message and requested to leave moderating to the moderators to which Filli agreed and responded that here onwards Filli will directly reach out to concerned members.
          Gil Yehuda responded to Fil that Licenses usually do ask for things in return and appreciated the efforts of Fil in writing The Vaccine License, while considering the OSD. Gil raised an important point of enforceability of The Vaccine License in the real life scenario. Gil is of the opinion that one can right a blog and promote the importance of the idea instead of restricting it with copyright license. To buttress claim, Gil cited article written by Selam G which convinced Gil to support Free Software Movement. The reason behind citing this article is to explore other platforms instead of publishing work under copyright license.

          Carlo Piana responded to Fil that The Vaccine License is discriminatory and non-enforceable in nature. Carlo thinks that vaccination can be achieved through local authorities instead of enforcing it through copyright license. Carlo believes one should provoke reactions rather than genuine attempt of having a license approved.
          Josh Berkus agrees with Carlo on provoking reactions from members on license instead of attempting for approving the license. Josh suggested to take this submission as a use case and put it on opensource.org for future reference.
          Carlo Piana is of the same view that opensource.org should take this submission as a use case for future submissions to avoid duplication of work.
          Bruce Perens is also of the opinion that a direct law on vaccination will be more effective than a license. Similarly, Bruce also wrote two blog posts on the issue of “ethical” licenses wherein Bruce referred the proposed The Vaccine License.
          Grahame Grieve replied to Bruce’s blog post and appreciated the efforts of writing blog post on ethical license and also the basic arguments put forwards by Bruce. But Grahame bothered by the lack of ethics in the Vaccine License, judging vaccine license solely based on enforceability clause. Similarly, Grahame wanted to know whether the lawyers, courts and violators laugh at license and is there any precedent on when someone gives something of value away, on the condition that it not used in a particular way? Bruce Perens replied to all the queries of Graham Grieve. Firstly, Bruce Perens claims blog post argument is based on law instead of license terms. Secondly, Bruce has experience in handling litigation for various reasons and Bruce wants other should not get into litigation for same cause of action. Lastly, Bruce said Lawyers, courts and violators laugh at license and this whole exercise will be term as a ‘‘copyright misuse’’.
          Kevin P. Fleming replied to Graham and pointed that The Vaccine License does not talk about goals instead it focusses on action to be performed which is not in sync with the use of the software. Similarly, Kevin is of the opinion that The Vaccine License violates the OSD 5. To this Grahame Grieve countered by saying if The Vaccine license is applied to health software then in such scenario would Kevin change his opinion.
          Van Lindberg appreciated various aspect of the Vaccine License and efforts put forward by Fil in creating the vaccine license. But Van feels the Vaccine License does not qualify for OSS because it imposes conditions which are logically separate from and wholly unrelated to scope intellectual property rights that are licensed. Similarly, Van attempted to answer the question on what scope of action can be required of a license? Van observed if restrictions are closely related to the exercise of the intellectual property rights granted under license then such restrictions make sense and compatible with OSD.
          Filli Liberandum replied to analysis of Van and requested to reverse engineer the rules from the approved licenses which Fil believe will lead us to conclusion that the Vaccine License attempt is not an accidental in nature.
          Josh Berkus feels that The Vaccine License is very good example for ‘’unrelated conditions’’ license which can be referred in future as a textbook example to differentiate between what kind of licenses OSS supports and what can’t be supported by OSS license.

      • Web Browsers

        • Mozilla

          • Firefox 71 Released with Native MP3 Decoding, Other Changes

            Among them: native MP3 decoding on Linux, Windows and macOS systems. This is a particularly big feature and is made possible by patents on the MP3 technology expiring.

            For Linux users, this changes means that Firefox does not have to rely on third-party packages like gstreamer to play mp3 content (e.g., a podcast) in the browser.

            The Lockwise password manager (requires a Firefox account) gains support for subdomains and makes breach alerts available to those using the browser with a screen reader enabled.

            Another feature in Firefox 71 is the new Kiosk mode aimed at enterprise users. Launching Firefox with the –kiosk flag at the command line will open the app in an immersive fullscreen mode.

          • Firefox 71: A winter arrival

            Another release is upon us: please welcome Firefox 71 to the stage! This time around, we have a plethora of new developer tools features. These include the web socket message inspector, console multi-line editor mode, log on events, and network panel full text search!

            And as if that wasn’t good enough, there are important new web platform features available, like CSS subgrid, column-span, Promise.allSettled, and the Media Session API.

          • Mozilla Firefox 71 Is Now Available to Download for Linux, Windows, and macOS

            The upcoming Firefox 71 web browser is now available to download for all supported platforms, including Linux, Windows, and macOS, ahead of tomorrow’s official launch.
            Firefox 71 has entered development in late October and it promises to introduce a new “–kiosk” command-line parameter that opens the web browser in full-screen mode (a.k.a. kiosk mode), a redesigned about:config internal configuration page, as well as Picture-in-Picture (PiP) support on Windows.

            “Windows users now have the ability to pop out videos on the web into an always-on-top video player using the Picture-in-Picture feature! For most videos, this can be accomplished by hovering the video with the mouse, and clicking on the Picture-in-Picture toggle,” explained Mozilla in the preliminary release notes.

          • TenFourFox FPR17 available

            TenFourFox Feature Parity Release 17 final is now available for testing (downloads, hashes, release notes). Apologies for the delay, but I was visiting family and didn’t return until a few hours ago so I could validate and perform the confidence testing on the builds. There are no other changes in this release other than a minor tweak to the ATSUI font blacklist and outstanding security patches. Assuming all is well, it will go live tomorrow evening Pacific time.

            The FPR18 cycle is the first of the 4-week Mozilla development cycles. It isn’t feasible for me to run multiple branches, so we’ll see how much time this actually gives me for new work. As previously mentioned, FPR18 will be primarily about parity updates to Reader mode, which helps to shore up the browser’s layout deficiencies and is faster to render as well. There will also be some other minor miscellaneous fixes.

          • [Older] Firefox at 15: its rise, fall, and privacy-first renaissance

            There’s a good chance you are reading this in Google’s Chrome web browser, which commands 65% of the global market (and about 50% in the U.S.), according to Statcounter. Only about 4% to 5% of web surfers now go online through Firefox, the open-source browser from the California-based Mozilla foundation. But the web was much different when Firefox launched 15 years ago on November 9, 2004, and the browser began a fast rise to prominence.

            When Firefox hit the scene, Internet Explorer had more than 90% market share, having felled Netscape Navigator. Given that it was the default browser on Windows, which commanded a similar share of the operating system market, its monopoly seemed like it could be permanent. But Firefox quickly caught on, and eventually grew to command about a third of the market at its height in 2009. While it’s unlikely to recapture such former glory, Firefox has been experiencing something of a renaissance, not just by improving speed and features, but by putting user control over privacy front and center.

            Fifteen years on, it’s hard to imagine how radical Firefox was at the time of its debut. Instead of coming from a megacorporation like Microsoft (or today, Google), Firefox was built by volunteers around the world who gave their code away for free. “Open source was well known for developers,” says Mitchell Baker, who cofounded the Mozilla Project back in 1998 and is today the chairwoman of the Mozilla Corporation and Mozilla Foundation. “But the common wisdom of the time was that open source was only for the geeks. You could build [tools] for developers but not consumer products out of it.”

          • Help Test Firefox’s built-in HTML Sanitizer to protect against UXSS bugs

            I recently gave a talk at OWASP Global AppSec in Amsterdam and summarized the presentation in a blog post about how to achieve “critical”-rated code execution vulnerabilities in Firefox with user-interface XSS. The end of that blog posts encourages the reader to participate the bug bounty program, but did not come with proper instructions. This blog post will describe the mitigations Firefox has in place to protect against XSS bugs and how to test them.

            Our about: pages are privileged pages that control the browser (e.g., about:preferences, which contains Firefox settings). A successful XSS exploit has to bypass the Content Security Policy (CSP), which we have recently added but also our built-in XSS sanitizer to gain arbitrary code execution. A bypass of the sanitizer without a CSP bypass is in itself a severe-enough security bug and warrants a bounty, subject to the discretion of the Bounty Committee. See the bounty pages for more information, including how to submit findings.

          • Botond Ballo: Developing Mozilla C++ code with clangd and VSCode

            I’ve long been a fan of smart editors which have a semantic understanding of the code you’re editing, and leverage it to provide semantics-aware features such as accurate code completion (only offering completions for names that are actually in scope), go-to-definition, find references, semantic highlighting, and others.

            When I joined Mozilla six years ago, my choice of editor for C++ code was Eclipse CDT, because based on experience and research, this was the most fully-featured option that was cross-platform and open-source. (Depending on who you ask, Visual Studio, XCode, and CLion have, at various times, been described as matching or exceeding Eclipse CDT in terms of editor capabilities, but the first two of these are single-platform tools, and are three all proprietary.)

            This assessment was probably accurate at that time, and probably even for much of the intervening time, but in recent years Eclipse CDT has not aged well. The main reason for this is that Eclipse CDT has its own C++ parser. (For brevity, I’m using “parsing” here as an umbrella term for lexing, preprocessing, parsing, semantic analysis, and all other tasks that need to be performed to build a semantic model of code from source.) C++ is a very complex language to parse, and thus a C++ parser requires a lot of effort to write and maintain. In the early days of CDT, there was a lot of investment, mostly from commercial vendors that packaged CDT-based IDEs, in building and maintaining CDT’s parser, but over time, the level of investment has faded. Meanwhile, the C++ language has been gaining new features at an increasing rate (and the Mozilla codebase adopting them — we’re on the verge of switching to C++17), and CDT’s parser just hasn’t been able to keep up.

          • 71.0 Firefox Release

            Version 71.0, first offered to Release channel users on December 3, 2019

          • Firefox 71 Available With New Kiosk Mode, New Certificate Viewer

            Today marks the last Mozilla Firefox feature update of 2019 with the release of Firefox 71.0.

            Firefox 71.0 introduces a –kiosk CLI switch for launching Firefox in a full-screen kiosk mode, a redesigned about:config area, a new certificate viewer, new server timing information is exposed via Firefox’s Developer Tools, partial support for the Media Session API, native MP3 encoding is enabled for all desktop platforms, and various other developer enhancements.

          • Mozilla and Google remove Avast extensions from add-on stores

            A month ago I wrote about Avast browser extensions being essentially spyware. While this article only names Avast Online Security and AVG Online Security extensions, the browser extensions Avast SafePrice and AVG SafePrice show the same behavior: they upload detailed browsing profiles of their users to uib.ff.avast.com. The amount of data collected here exceeds by far what would be considered necessary or appropriate even for the security extensions, for the shopping helpers this functionality isn’t justifiable at all.

            [...]

            Spying on your users is clearly a violation of the terms that both Google and Mozilla make extension developers sign. So yesterday I reported these four extensions to Mozilla and Google. Quite surprisingly, as of today all of these extensions are no longer listed on either Mozilla Add-ons website or Chrome Web Store. That was a rather swift action!

            It remains to be seen how this will affect millions of existing extension users. At least Mozilla didn’t add Avast extensions to the blocklist yet, stating that they are still talking to Avast. So the extensions will remain active and keep spying on the users for now. As to Google, I don’t really know where I can see their blocklist, any hints?

          • Multilingual Gecko Status Update 2019

            Welcome to the fourth edition of Multilingual Gecko Status Update!

            In the previous update we covered the work which landed in Firefox 61-64.

            At the time, we were landing Fluent DOM Localization APIs, still adding mozIntl features, and we had close to 800 strings migrated to Fluent.

            I indicated that 2019 should be quieter, and in result I reduced the update frequency to just one this year.

          • Questions About .org

            Last month, the Internet Society (ISOC) announced plans to sell the Public Interest Registry (PIR) — the organization that manages all the dot org domain names in the world — to a private equity firm named Ethos. This caught the attention of Mozilla and other public benefit orgs.

            Many have called for the deal to be stopped. It’s not clear that this kind of sale is inherently bad. It is possible that with the right safeguards a private company could act as a good steward of the dot org ecosystem. However, it is clear that the stakes are high — and that anyone with the power to do so should urgently step in to slow things down and ask some hard questions.

            For example: Is this deal a good thing for orgs that use these domains? Is it structured to ensure that dot org will retain its unique character as a home for non-commercial organizations online? What accountability measures will be put in place?

            In a letter to ISOC, the EFF and others summarize why the stakes are high. Whoever runs the dot org registry has the power to: set (and raise) prices; define rights protection rules; and suspend or take down domains that are unlawful, a standard that varies widely from jurisdiction to jurisdiction. It is critical that whoever runs the dot org registry is a reliable steward who can be held accountable for exercising these powers fairly and effectively.

          • Updates on Firefox Private Network

            We are continuing our beta testing of the Firefox Private Network extension that we released earlier this year. The extension hides your Firefox browsing activity and location. This prevents eavesdroppers on public Wi-Fi from spying on the actions you take online by masking your IP address and routing your traffic through our partner’s secure servers. It also protects you from internet service providers collecting or selling data on your browsing activity. And it hides your locations from websites and data collectors that profile you to target ads.

            There will be no changes for test pilots who have already started using the extension by logging in with their Firefox account. For those who are not yet using the extension, we invite you to join the Test Pilot program and try it out. When you sign up or log in with a Firefox account and become one of our beta testers, you’ll get 12 hours of protected browsing for free this month. We are continuing to explore the best way to deliver browser-level protection to our users and we welcome your feedback and input each step of the way.

          • Mozilla Future Releases Blog: Firefox Preview Beta reaches another milestone, with Enhanced Tracking Protection and several intuitive features for ease and convenience

            In June we made an announcement, that left us — just like many of our users — particularly excited: we introduced Firefox Preview, a publicly available test version of our upcoming best in class browser for Android that will be fueled by GeckoView. GeckoView is Mozilla’s own high-performance mobile browser engine, which enables us to deliver an even better, faster and more private Firefox to Android device owners. Hundreds of thousands of users have downloaded and tested Firefox Preview since it became available.

            Over the past 5 months we’ve been working diligently on improvements to the app. We’ve been listening closely to user feedback and are basing app development on users’ requests and needs; one very recent example is our support for extensions through the WebExtensions API. We will still continue to test Firefox Preview Beta and we’re expecting to launch as a final product in the first half of 2020. Today, we want to provide an update on our progress, and share some of the amazing new features we’ve added to Firefox Preview since the beta release of 1.0.

          • Marco Zehe: 12 years at Mozilla

            Today marks my 12th anniversary working for Mozilla. I started on December 3, 2007, as a contractor, and moved to a full employment 13 months later, in January 2009. So in January this year, I was employed there 10 years.

            I wrote about my work anniversary once before. Some things have changed since then, some have not. I am still working on Firefox accessibility, doing, unfortunately, less blogging than I used to (current series excepted), and am doing more engineering and less evangelism in general.

            To many, especially in Silicon Valley, it is strange, yes even bewildering, for someone to stay in one employment relationship for that long. However, if you look at people with disabilities, the number of long term employments is generally higher than with the rest of the population working in the same field. The answer is quite simple: Regardless of the U.S., Canada or Europe, finding employment as a person with a disability is much harder than if you’re not disabled. As a consequence, we tend to hang on to our jobs much longer, do less job hopping.

          • News from Firefox on Mobile, Private Network and Desktop

            As the year comes to a close, we look back at what we’ve accomplished. As recently noted in the press, this year may be the mark of our privacy-renaissance. We’ve built additional privacy protections in the browser which included blocking third party tracking cookies and cryptomining by default and created an easy-to-view report which shows the trackers that follow you and collect your online browsing habits and interests. To date, we’ve blocked more than 1 Trillion tracking requests that attempt to follow you around the web! Privacy has always been part of our DNA. We’ve always believed our role is and has always been to help give people more control over their online lives.

          • Firefox 71 Officially Released with Native MP3 Decoding on Linux, Windows & Mac

            Mozilla officially released today the Firefox 71 web browser for all supported platforms, including Linux, Windows, and macOS, a release that adds various improvements and new features.
            While we already took an early look at Firefox 71, which our readers could download since yesterday, Mozilla has published more details release notes that highlight a much-improved built-in password manager that can now recognize subdomains and automatically fill domain logins and provide breach alerts from Firefox Monitor for users with screen readers.

            Furthermore, the integrated Enhanced Tracking Protection, which was enabled by default in the Firefox 69 release, now offers users more information about the actions it takes by displaying notifications when Firefox blocks cryptominers, as well as a running tally of blocked trackers in the protection panel, which users can access by clicking the address bar shield.

      • SaaS/Back End/Databases

        • Vendors move away from open source database software licensing

          Database vendors have started to use their own open source style licenses in a bid to stave off cannibalization by large cloud players such as Amazon Web Services.

          The promise of open source database software is that users can freely use the code as they choose. Open source isn’t just a marketing hook, but rather a well-defined set of licenses that have been approved as open source by the Open Source Initiative (OSI) and are compliant with the Open Source Definition.

          Many database vendors have long used an open core model, in which the foundational model is an open source licensed code base, with added enterprise-grade features for reporting, scalability and management available under a proprietary license.

      • BSD

        • First release candidate for NetBSD 9.0 available!
          On behalf of the NetBSD project, it is my pleasure to announce the first
          (and hopefully only) release candidate of NetBSD 9.0.
          
          Many changes have been made since 8.1.  Here are a few highlights:
          
           - Support for Arm AArch64 (64-bit Armv8-A) machines, including
             "Arm ServerReady"  compliant machines (SBBR+SBSA)
           - Enhanced hardware support for Armv7-A
           - Updated GPU drivers (e.g. support for Intel Kabylake)
           - Enhanced virtualization support
           - Support for hardware-accelerated virtualization (NVMM)
           - Support for Performance Monitoring Counters
           - Support for Kernel ASLR
           - Support several kernel sanitizers (KLEAK, KASAN, KUBSAN)
           - Support for userland sanitizers
           - Audit of the network stack
           - Many improvements in NPF
           - Updated ZFS
           - Reworked error handling and NCQ support in the SATA subsystem
           - Support a common framework for USB Ethernet drivers (usbnet)
          
          Since the start of the release process four months ago a lot of improvements
          went into the branch - more than 500 pullups were processed!
          This includes usbnet (a common framework for usb ethernet drivers), aarch64
          stability enhancements and lots of new hardware support, installer/sysinst
          fixes and changes to the NVMM (hardware virtualization) interface.
          
          Binaries of NetBSD 9.0_RC1 are available for download via our Fastly
          CDN:
          
          https://cdn.netbsd.org/pub/NetBSD/NetBSD-9.0_RC1/
          
          (or from ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0_RC1/, or one of
          its mirrors)
          
          Those who prefer to build from source can either use the netbsd-9-0-RC1
          tag or follow the netbsd-9 branch.
          
          Please help us out by testing 9.0_RC1.  We love any and all feedback.
          Report problems through the usual channels (submit a PR or write to the
          appropriate list).  More general feedback is welcome at releng%NetBSD.org@localhost.
          Your input will help us put the finishing touches on what promises to be a
          great release!
          
          Enjoy,
          
          Martin
          
          
        • NetBSD 9.0 RC1 Released With 64-Bit Arm Support, Updated ZFS + Other Improvements

          NetBSD 9.0 is around the corner and finally presenting 64-bit Arm (AArch64) support as well as other long overdue hardware support like Intel Kabylake graphics.

          NetBSD 9.0 is a big step-up for this BSD operating system with better support for modern Arm and x86_64 Intel/AMD hardware. There is also updated ZFS file-system support, the kernel finally supports kernel address space layout randomization, and other kernel features added. Out today is NetBSD 9.0 RC1 as what is expected to be the only release candidate.

      • FSF

        • Mark J. Wielaard: A public discussion about GNU

          There is now a public discussion about GNU governance issues as described in this LWN article: Rethinking the governance of the GNU Project. We have had private discussion about GNU governance issues for the last couple of decades between GNU maintainers, but that never resulted in actual change. And recent events made things a bit more urgent. Since the Chief GNUisance is no longer the president of the FSF. The FSF is now asking for feedback on how their relationship with the GNU project should go forward with respect to fiscal sponsorship, technical infrastructure, promotion, copyright assignment, and volunteer management. So we need to answer a lot of questions.

        • Wielaard: A public discussion about GNU

          Mark Wielaard has posted a summary of the discussion thus far on the governance of the GNU project.

        • FSFE

          • FSFE Resignations and expulsions

            The last two FSFE e.V. members resigned immediately after the 2019 annual meeting decided to pursue a vendetta against the former fellowship representative.

            These resignations don’t reflect any wrongdoing on the part of the members who have departed, they reflect the fact FSFE e.V. itself is being consumed by foolish vendettas.

          • FSFE General Assembly formally adopts Stasi policies to harass a former volunteer

            When we read the (defamation redacted by satire) minutes of the 2019 FSFE annual meeting, we see the same thing: a motion has been passed deciding that the community elected representative has to be blamed for everything that is wrong in the world. The text of the motion is irrelevant: the key point is that bunch of supposedly grown-up German males are getting together to whine about a volunteer who resigned over a year ago. This is no accidental slip of gaslighting: the minutes show that 11 people travelled to Essen on 12 October 2019, meeting at the LinuxHotel and making a formal resolution to continue in the footsteps of the GDR’s secret police. The minutes do not include any positive plans for the next 12 months: just some administrative changes and the resolution to pursue a vendetta. Would Stasi predecessors feel a tingle of pride reading the unredacted version of the document, dripping with character assassination?

            This is even more despicable because the volunteer in question resigned at a time of personal tragedy and asserted that he is grieving for the loss of a family member. Hounding a volunteer who resigned at a time like that shows an utter lack of humanity.

            Corrupt elements of the FSFE management were already running evil campaigns like this in private emails before the Fellowship migrated to the fsfellowship.eu mailing list in May. In a #MeToo moment for Free Software, the former community representative called them out, leaking this quote from Herr Matthias Kirschner, FSFE president.

      • Programming/Development

        • The Qt Marketplace has landed!

          Today marks a very special day for us as we are finally able to present you the Qt Marketplace. We have been working very hard for the past year to build the marketplace and to onboard the first set of fantastic extensions with the help of our great community. Huge thanks for everyone involved in the process! To make this our joint effort for #Qt we would like to invite you for populating it with all the fantastic extensions including Qt Creator Plugins, tools and modules … that has been done with Qt.

        • The Qt Company Launches Qt Marketplace For Free + Paid Qt Extensions / Add-Ons

          While there is the KDE Frameworks that offers a wonderful set of complementary extensions/add-ons to the Qt5 tool-kit, for those looking for more Qt5 extensions, The Qt Company has launched “The Qt Marketplace” as a source for both free and paid extensions.

          Qt Marketplace offers extensions to add additional functionality around the tool-kit, new Qt Creator Plugins, tools, modules, and more. There are 100+ extensions at launch including Felgo that offers additional Qt APIs, Incredibuild as a network-based build system for Qt Creator, Froglogic to help with testing Qt programs, KDAB’s KUESA workflow software, and various KDE add-ons.

        • Properly managing your .gitignore file

          There’s not a single month where I don’t have to explain this. I thought it’d be a good opportunity to write about this .gitignore file so everyone is up to date on this magic file.

        • Introduction To Version Control System

          If you are a programmer or developer and working on software applications or any website, you will definitely require some versioning system to track the changes. Version Control System is also referred as SCM (Source Code Management) tools or RCS (Revision Control System).

          Version control is a method or a category of software tools that helps to keep a track of changes in the code so that if something goes wrong, we can make comparisons in different code versions and can easily revert to previous versions. It is very helpful when multiple developers are continuously working or changing the source code.

        • Sony Spresense 6-core MCU Development Board Now Supports Java
        • Cheat sheet for Java syntax

          No matter how often you write code, though, there’s bound to be something you don’t use often enough to type without a reference. Maybe you can’t remember whether to include or import or how to parse incoming arguments. There are a few ways to bridge such a gap: you can use a robust IDE and let it autocomplete the obvious parts, or you can keep a cheat sheet handy to get a little control over all that dizzying syntax.

          While Java’s too big to be contained on a two-page cheat sheet, whether you’re new to programming or you only dip into Java every once and a while, this cheat sheet gets you up and running. Perhaps most importantly, it provides you with added context for what you’re trying to remember. You don’t have to blindly choose between prompts from your IDE for a private or public method; you can get clarity instead. And let our cheat sheet inspire you to create your own as you go. The next time you stumble over syntax that’s not covered on this cheat sheet, open up a notebook or a text file and jot down the solution. When you get enough good ones, let us know what they are, and who knows? Maybe a sequel can be arranged!

        • Excellent Free Tutorials to Learn C++

          C++ was designed by Bjarne Stroustrup with its first release in 1983. It’s a statically typed, free-form, multi-paradigm, portable, compiled, general-purpose programming language. C++ is regarded as an intermediate-level language, as it has a combination of both high-level and low-level language features. C++ was designed for systems and applications programming, extending the C programming language. Hence the name C++, the increment operator is written as ++.

          C++ remains a popular programming language. For example, it is heavily used in embedded systems, banking, and telecommunications.

          It is a superset of C that retains the efficiency and notational convenience of C, while providing facilities for stronger type checking, multiple inheritance, data abstraction, exception handling operator overloading, generic programming, and object-oriented programming. C++ has influenced many other languages including C#, Java, and the development of C.

        • syscall call-from verification

          The full commit details are well worth reading, as is the manual page for the (new) msyscall(2), and some associated discussion on tech@.

        • Deciding when to collect garbage

          In this article we’ll take a look at the different techniques that can be used to decide when to collect garbage, how to implement such a technique, and what techniques a few programming languages out there use.

        • Remi Collet: Install PHP 7.4 on CentOS, RHEL or Fedora
        • Daniel Stenberg: libcurl video tutorial

          I’ve watched how my thirteen year old son goes about to acquire information about things online. I am astonished how he time and time again deliberately chooses to get it from a video on YouTube rather than trying to find the best written documentation for whatever he’s looking for. I just have to accept that some people, even some descendants in my own family tree, prefer video as a source of information. And I realize he’s not alone.

          So therefore, I bring you, the…

          libcurl video tutorial

          My intent is to record a series of short and fairly independent episodes, each detailing a specific libcurl area. A particular “thing”, feature, option or area of the APIs. Each episode is also thoroughly documented and all the source code seen on the video is available on the site so that viewers can either follow along while viewing, or go back to the code afterward as a reference. Or both!

          I’ve done the four first episodes so far, and they range from five minutes to nineteen minutes a piece. I expect that it might take me a while to just complete the list of episodes I could come up with myself. I also hope and expect that readers and viewers will think of other areas that I could cover so the list of video episodes could easily expand over time.

        • Perl / Raku

          • 2019.48 Released Advent

            Thanks to the tireless efforts of release managers Aleks-Daniel Jakimenko-Aleksejev and Samantha McVey, this week finally saw a new Rakudo Compiler release again: 2019.11. For packagers, this is the first release that is fully relocatable. Kudos to the 65 contributors to this release! And kudos to Claudio Ramirez to immediately supply packages for many Linux distributions that now also support relocatable builds!

        • Python

          • Django 3.0 Released

            You can get Django 3.0 from our downloads page or from the Python Package Index. The PGP key ID used for this release is Carlton Gibson: E17DF5C82B4F9D00.

            With the release of Django 3.0, Django 2.2 has reached the end of mainstream support. The final minor bug fix release (which is also a security release), 2.2.8, was issued today. Django 2.2 is an LTS release and will receive security and data loss fixes until April 2022. All users are encouraged to upgrade before then to continue receiving fixes for security issues.

          • Seems SimpleParse needs work for 3.8

            So as I work through all the OpenGLContext projects to get automatic (or near automatic) releasing, SimpleParse wound up failing on the 3.x branches with a weird xml test failure. But with Python 3.8 the C code just won’t import at all. Seems there was a change in Python 3.8 where it does a load-time test for functions in the module and the hand-coded C module triggers it. So I’ll have to spend some time on that before I can get the whole stack releasing.

          • PyCharm 2019.3 is out now

            Interactive widgets for Jupyter notebooks, MongoDB support, and code assistance for all Python 3.8 features. Download the new version now, or upgrade from within you IDE.

          • Pandas: How to Read and Write Files

            Pandas is a powerful and flexible Python package that allows you to work with labeled and time series data. It also provides statistics methods, enables plotting, and more. One crucial feature of Pandas is its ability to write and read Excel, CSV, and many other types of files. Functions like the Pandas read_csv() method enable you to work with files effectively. You can use them to save the data and labels from Pandas objects to a file and load them later as Pandas Series or DataFrame instances.

          • Casual Python, Part 11
          • Functional programming design pattern: Nested Iterators == Flattening

            This is pretty common in devops world. You might be looking at all repositories of in all github organizations. You might be looking at all keys in all AWS S3 buckets under a specific account. You might be looking at all tables owned by all schemas in a database.

            It’s helpful — for the moment — to stay away from taller tree structures like the file system. Traversing the file system involves recursion, and the pattern is slightly different there. We’ll get to it, but what made this clear to me was a “simpler” walk through a two-layer hierarchy.

            The nested for-statements aren’t really ideal. We can’t apply any itertools techniques here. We can’t trivially change this to a multiprocessing.map().

          • Add scrollable regions with QScrollArea

            When you start building apps that display long documents, large amounts of data or large numbers of widgets, it can be difficult to arrange things within a fixed-size window. Resizing the window beyond the size of the screen isn’t an option, and shrinking widgets to fit can make the information unreadable.

            To illustrate the problem below is a window in which we’ve created a large number of QLabel widgets. These widgets have the size Vertical Policy set to Preferred which automatically resizes the widgets down to fit the available space. The results are unreadable.

          • A Manga Book on CircuitPython and Mu

            Our paths had crossed via Twitter while the book was written and I was rather pleased to see the origin story for the name “Mu” got a mention since I shared it with Mitsuharu in a tweet. As you’ll read below (and in typical fashion for me), there are many layers to my reason for the choice of name.

          • Giving Tuesday 2019

            For the first time the PSF is participating in Giving Tuesday! This event is held annually the Tuesday after Thanksgiving – this year on December 3rd, 2019. The global celebration runs for 24 hours and begins at midnight local time.

      • Standards/Consortia

        • Email authentication: SPF, DKIM and DMARC out in the wild

          Email authentication has had a turbulent history – SMTP did not have a native form of authentication when it was designed, and all modern authentication methods are built on top of that system. This was not a problem in the 1980s because there were simply too few people emailing – the only ones using it were universities and corporations actively involved in building the internet. Since then we’ve got a variety of tools to attempt to verify emails, including SPF, DKIM, and DMARC, and I wanted to explore the actual usage of these authentication methods by the most popular sites and companies in the world – specifically, the top 100 domains and the Fortune 500 companies.

  • Leftovers

    • Science

      • The Early History of Usenet, Part VII: Usenet Growth and B-News

        For quite a while, it looked like my prediction — one to two articles per day — was overly optimistic. By summer, there were only four new sites: Reed College, University of Oklahoma (at least, I think that that’s what uucp node uok is), vax135, another Bell Labs machine — and, cruciallyy, U.C. Berkeley, which had a uucp connection to Bell Labs Research and was on the ARPANET.

        In principle, even a slow rate of exponential growth can eventually take over the world. But that assumes that there are no “deaths” that will drive the growth rate negative. That isn’t a reasaonable assumption, though. If nothing else, Jim Ellis, Tom Truscott, Steve Daniel, and I all planned to graduate. (We all succeeded in that goal.) If Usenet hadn’t shown its worth to our successors by then, they’d have let it wither. For that matter, university faculty or Bell Labs management could have pulled the plug, too. Usenet could easily have died aborning. But the right person at Berkeley did the right thing.

        Mary Horton was then a PhD student there. (After she graduated, she joined Bell Labs; she and I were two of the primary people who brought TCP/IP to the Labs, where it was sometimes known as the “datagram heresy”. The phone network was, of course, circuit-switched…) Known to her but unknown to us, there were two non-technical ARPANET mailing lists that would be of great interest to many potential Usenet users, HUMAN-NETS and SF-LOVERS. She set up a gateway that relayed these mailing lists into Usenet groups; these were at some point moved to the fa (“From ARPANET”) hierarchy. (For a more detailed telling of this part of the story, see Ronda Hauben’s writings.) With an actual traffic source, it was easy to sell folks on the benefits of Usenet. People would have preferred a real ARPANET connection but that was rarely feasible and never something that a student could set up: ARPANET connections were restricted to places that had research contracts with DARPA. The gateway at Berkeley was, eventually, bidirectional for both Usenet and email; this enabled Usenet-style communication between the networks.

    • Hardware

    • Health/Nutrition

      • Insurance Industry Is Clearly ‘Terrified,’ Says Sanders, As Lawmakers Admit Lobbyists Helped Them Write Attacks on Medicare for All

        “We are taking on the big-money interests who have an army of lobbyists trying to defeat Medicare for All.”

      • 80% of adolescents don’t even spend an hour on physical activity, at risk of heart disease: WHO study

        An alarming highlight in the study is the fact that India, along with Bangladesh and the United States (US), ranks the lowest in physical activity among boys, while the Philippines has taken the last place in overall physical activity among teenagers.

      • Top Democratic Consultants Have Worked for Anti-Medicare for All Campaign

        As health insurance, pharmaceutical and hospital companies fight to prevent more politicians from backing Medicare for All, the industry’s front group has turned to top Democratic consulting firms and pro-business nonprofits for help, according to its 2018 tax return. The array of consultants includes presidential candidate Joe Biden’s pollster.

      • United States v. Gilead Sciences, Inc.

        Last month, the United States government, acting on behalf of its Department of Health and Human Services (HHS), filed suit in Delaware against Gilead Sciences, Inc. and Gilead Sciences Ireland UC for infringing four patents covering inventions developed by scientists at the Centers for Disease Control and Prevention. The patents all cover methods for a type of medical regimen known as “pre-exposure prophylaxis” (PrEP) for the prevention of HIV.

        [...]

        Still further, the Complaint goes to significant length to explain that Gilead provided absolutely no support in developing the inventions, aside from providing certain drug compounds under an MTA. Indeed, the Complaint addresses and squarely shoots down Gilead’s public statement claiming credit for the development of the PrEP regimine.

        The Complaint notes the significant benefits achieved by Truvada® and Descovy® for treating established HIV infections, but focuses on the efforts that were being made in the 1990s and 2000s to discover a way to prevent HIV infection from becoming established. In particular, the Complaint provides a great summary of the substantial — yet unsuccessful — R&D that had been and was being undertaken to develop a vaccine and/or post-exposure prophylaxis treatment of HIV prior to the invention, as well as the reasons why PrEP was then-deemed unachievable. In this respect, the Complaint is like a great survey article on the history of HIV treatment research, but the document is written in a much more readable manner than most survey articles.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • OmniOS Community Edition r151032e, r151030ae

              OmniOS Community Edition weekly releases for w/c 2nd of December 2019 are now available.

            • OmniOS Updated With Latest Intel Microcode, Better LX Zones Support For Newer Distros

              OmniOS r151032e ships with the newest Intel CPU microcode in order to address the JCC Erratum issue, there is a fix for supporting USB hard drives greater than 2TB, OpenJDK has been updated, better support for recent Linux distribution releases within LX Zones, ZFS fixes, fixes to the SMB support, and various other fixes. LX Zones is a SmartOS/OmniOS feature for running Linux software in a lighterweight-than-a-VM environment.

            • A picture is worth a thousand base pairs

              Prospective users of these tools can find plentiful educational resources online, including video tutorials. The UCSC Genome Browser has two archived and searchable listservs, or electronic mailing lists: one for website and data questions, the other for queries on setting up and maintaining Genome Browser mirrors. JBrowse users can ask questions on Github or on the software’s open instant-messaging channel, but Holmes suggests contacting the developers directly. “We have some developers who really like getting feedback from users,” he says.

        • Security

          • Even PDF s can contain JavaScript macros! Why? Adobe Why? – how to disable JavaScript in PDF files

            90% of companies DO NOT NEED JavaScript or macros to run in PDF

          • Rendering McAfee web protection ineffective

            Now that I’m done with Kaspersky, it’s time to look at some other antivirus software. Our guest today is McAfee Total Protection 16.0. Let’s say this up front: it’s nowhere near the mess we’ve seen with Kaspersky. It doesn’t break up your encrypted connections, and the web protection component is limited to the McAfee WebAdvisor browser extension. So the attack surface is quite manageable here. The extension also uses native messaging to communicate with the application, so we won’t see websites taking over this communication channel.

            Of course, browser extensions claiming to protect you from online threats have some rather big shoes to fill. They have to be better than the browser’s built-in malware and phishing protection, not an easy task. In fact, McAfee WebAdvisor “blocks” malicious websites after they already started loading, this being not quite optimal but rather typical for this kind of extension. I also found three issues in the way McAfee WebAdvisor 6.0 was implemented which made its protection far less reliable than it should be.

            [...]

            A bug in the way McAfee WebAdvisor deals with malicious frames made it trivial for websites to avoid blocking. Also, I found ways for websites to unblock content programmatically, both for top-level and frame-level blocking.

            In fact, the way unblocking top-level content was implemented, it allowed arbitrary websites to open special pages. Browsers normally prevent websites from opening these pages to avoid phishing attacks or exploitation of potential security vulnerabilities in browser extensions. McAfee WebAdvisor allowed websites to circumvent this security mechanism.

          • A Window into Malicious Advertising – 61% of malvertising targets Windows devices

            Bad ad campaigns are targeting Windows more often than any other operating system. But should we be surprised? Let’s first define a bad ad campaign.

            A bad ad campaign is merely a series of online ads linked to a common threat set, designed to have a malicious effect on the end-user. These campaigns are designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware. Now we are ready to look at the data. Let’s dive in!

            The below chart shows all of the new, uniquely defined bad ad campaigns DEVCON observed from July 11 – November 22, 2019.

          • 61% of malicious ads target Windows users

            Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

          • IPFire on AWS: Update to IPFire 2.23 – Core Update 138

            We are very happy that from week to week, we are gaining more customers for IPFire in the cloud – where you now can manage your network just as you do it in your own data centre.

            In contrast to Amazon’s own features, IPFire is easier to manage, performs just as well, but brings you even more features like standard IPsec VPNs, OpenVPN for on-the-road connectivity to the cloud, Intrusion Prevention for your cloud servers, detailed logging and reporting and many more features.

          • Canonical Releases Major Kernel Security Update for Ubuntu 19.10 and 18.04 LTS

            Canonical released major kernel security updates for all of its supported Ubuntu Linux operating system series to address up to 15 security vulnerabilities.
            The biggest kernel security patch released in December 2019 is for Ubuntu 19.10 (Eoan Ermine) and Ubuntu 18.04 LTS (Bionic Beaver) and fixes 12 vulnerabilities affecting Linux 5.3′s OverlayFS and ShiftFS drivers, the Wi-Fi driver stack, ARM Komeda display driver, VirtualBox guest driver implementation, ADIS16400 IIO IMU driver, and Intel OPA Gen1 Infiniband driver.

            Issues discovered in the AMD Audio CoProcessor driver, Qualcomm FastRPC driver, Cascoda CA8210 SPI 802.15.4 wireless controller driver, AMD Display Engine driver, and Chelsio T4/T5 RDMA driver were also addressed in this new kernel security update. The majority of these flaws could allow a local attacker to cause a denial of service (memory exhaustion or system crash).

          • A bug in Microsoft’s login system put users at risk of account hijacks

            Microsoft has fixed a vulnerability in its login system, which security researchers say could have been used to trick unsuspecting victims into giving over complete access to their online accounts.

            The bug allowed attackers to quietly steal account tokens, which websites and apps use to grant users access to their accounts without requiring them to constantly re-enter their passwords. These tokens are created by an app or a website in place of a username and password after a user logs in. That keeps the user persistently logged into the site, but also allows users to access third-party apps and websites without having to directly hand over their passwords.

            Researchers at Israeli cybersecurity company CyberArk found that Microsoft left open an accidental loophole which, if exploited, could’ve been used to siphon off these account tokens used to access a victim’s account — potentially without ever alerting the user.

          • Privacy/Surveillance

            • Labor says it will fix encryption laws it voted for last year

              This time last year, the Australian Labor Party waved through the government’s encryption Bills, formally known as the Assistance and Access Bill, and threw out the line that it to keep the nation safe.

              “Let’s just make Australians safer over Christmas,” then Labor leader Bill Shorten said at the time.

            • Now even the FBI is warning about your smart TV’s security

              If you just bought a smart TV on Black Friday or plan to buy one for Cyber Monday tomorrow, the FBI wants you to know a few things.

              Smart TVs are like regular television sets but with an internet connection. With the advent and growth of Netflix, Hulu and other streaming services, most saw internet-connected televisions as a cord-cutter’s dream. But like anything that connects to the internet, it opens up smart TVs to security vulnerabilities and hackers. Not only that, many smart TVs come with a camera and a microphone. But as is the case with most other internet-connected devices, manufacturers often don’t put security as a priority.

            • FBI Issues Warning of the Risks of Using Smart TVs

              It was really hard to avoid all the Black Friday and Cyber Monday deals, wasn’t it? You may have even been tempted with some great deals on smart TVs, whether as a gift or as a purchase for yourself.

              Knowing this, it seems the Federal Bureau of Investigation (FBI) picked a curious time to issue a warning to consumers about smart TVs. Just before Black Friday, the bureau posted a warning to its website about the risks and dangers of owning a smart TV.

            • Chinese companies want to help shape global facial recognition standards

              The use of facial recognition technology is continuing to expand, despite concerns about its accuracy and fairness and about how it could be used by governments…

            • Egyptian Government Plans To Track The Movement Of 10 Million Vehicles With Low-Cost RFID Stickers

              Just under three years ago, Techdirt wrote about China’s plan to install satnav tracking devices on vehicles in Xinjiang. That was just one of several early signs of the human rights abuses happening there. Today, people are finally waking up to the fact that the indigenous turkic-speaking Uyghur population is subject to some of the harshest oppression anywhere on the planet. Tracking huge numbers of vehicles might seem to be a typically over-the-top, money-no-object Chinese approach to total surveillance. Unfortunately, there are signs the idea is starting to spread, as this story in RFID Journal explains:

            • Ring Coyness About Adding Facial Recognition Tech To Its Cameras Doesn’t Extend To Its Marketing Materials

              Ring may say it’s not getting into the facial recognition business, but its internal documents say otherwise. The company has a head of facial recognition tech in its Ukraine office. And its answers to Senator Edward Markey’s questions make it clear Ring hasn’t ruled out adding this tech to its doorbell cameras. Specifically, the company said it had no plans at the present but was always looking to “innovate” to meet “customer demand.”

            • Wireless ISP Starry Says It Will Apply California’s Privacy Requirements Nationwide

              Like Microsoft, wireless startup Starry — the brain child of Aereo creator Chet Kanojia — has decided to view the public’s desire for solid privacy rules as a marketing opportunity instead of something to ceaselessly undermine or whine about.

            • EFF Report Exposes, Explains Big Tech’s Personal Data Trackers Lurking on Social Media, Websites, and Apps

              San Francisco—The Electronic Frontier Foundation (EFF) today released a comprehensive report that identifies and explains the hidden technical methods and business practices companies use to collect and track our personal information from the minute we turn on our devices each day.Published on Cyber Monday, when millions of consumers are shopping online, “Behind the One-Way Mirror” takes a deep dive into the technology of corporate surveillance. The report uncovers and exposes the myriad techniques—invisible pixel images, browser fingerprinting, social widgets, mobile tracking, and face

            • Facebook launches tool that transfers your pics to Google Photos

              The Facebook Transfer Tool can be found in the menus of your account, if it is available – but remember right now that only means users in Ireland. A full international roll-out based on feedback from this trial will occur sometime next year.

              Facebook plans to roll out integration with other services in the future, such as Flickr and Apple Photos, giving you a consistent way of shifting your loyalties whilst keeping your memories.

            • Instagram is broken. It also broke us.

              Lately that conversation has gotten louder and more complicated. Influencers, models, and celebrities — the people who Instagram was supposed to work best for — are realizing that they have been made complicit in an app that feeds its users a poison of narcissism and envy and prevents them from ever logging off. They try to reveal what happens outside the camera frame; that no, their lives aren’t perfect either; that Instagram makes them feel bad, too. They share posts about authenticity and honesty and their quiet struggles with mental health that live directly next to posts devoted to toned ab muscles and champagne on yachts, which then makes the whole thing feel fake.

            • Putin signs legislation dramatically raising fines on tech companies that refuse to work with Russian law enforcement

              Vladimir Putin has signed legislation that steeply raises the fines on Internet companies that repeatedly refuse to surrender decryption keys to the Federal Security Service. According to the new law, the Russian state can now fine tech firms between 2 and 6 million rubles ($31,100 and $93,340) for declining to share information that would allow the FSB to read users’ private correspondence.

            • Google Wants Us To Trust It With Our Medical Records We Never Knew They Had

              For all of its faults, you do have to praise Android’s open ecosystem, especially when compared to Apple’s tightly controlled App Store. Virtually anyone with a modicum of programming ability can create an app and upload it to the Google Play store. But that openness makes it especially easy for bad apps to quite regularly find their way into the official Google Play store. Plus, third-party app stores and malicious website can harbor even more nastiness in the form of malware. It is a problem that has plagued the Google Play store, and Android in general, since its inception.

              According to an article from Wired.com, Google has enlisted help from three antivirus firms who have extensively monitored Android malware for years. They are ESET, Lookout and Zimperium. In partnership with Google, they have formed an alliance, called the App Defense Alliance. They will scan new apps in the Google Play store before they go live, in an effort to help prevent malware from ever appearing in the Play store.

              Since each member of the alliance has different methods and approaches for scanning apps, together they should be able to detect trojans, adware, ransomware, banking malware, and phishing attacks before the apps are allowed to go live in the Play store.

              Even though a friendly relationship has existed between Google and the other members of the alliance for over two years, the coordinated effort is just now getting off the ground. So, it remains to be seen how much of a dent can be made in the growing Android malware problem.

              But then, it is a start to taming the wild, wild west that the Google Play store has become.

            • De-Googling Yourself, Part 7

              Android Inc. was founded in Palo Alto, California, in October 2003 by Andy Rubin, Rich Miner, Nick Sears and Chris White. Rubin described the Android project as “tremendous potential in the development of smarter mobile devices, more aware of its owner’s location and preferences.” The company’s first intentions were to develop an advanced operating system for digital cameras, and that was the basis of its April 2004 investor presentation. The company then decided that the camera market was not big enough for its goals, and five months later it had diverted its efforts and was launching Android as an operating system for mobile devices, which would rival Symbian and Microsoft Windows Mobile.

              Rubin struggled to attract investors from the start, and Android, Inc. was facing eviction from its office.

              In July 2005, Google acquired Android Inc. for at least $50 million (US). Its key employees, including Rubin, Miner and White, joined Google as part of the acquisition. Not much was known about the secret Android at the time, with the company providing few details beyond that it was producing mobile software. At Google, the team led by Rubin developed a mobile platform with the Linux kernel. Google, then, marketed the platform to handset makers and carriers with the promise of providing a flexible and upgradeable system. Google had “aligned a number of hardware components providers and software partners and signaled operators that they were open to varying degrees of cooperation.”

              Android is the world’s top selling operating system on smartphones since 2011 and tablets since 2013. As of May 2017, it has more than two billion monthly active users, the largest installed base of any operating system, and by December 2018, the Google Play Store has over 2.6 million apps, indicating the platform’s undisputed success. Thanks to Android’s “open” nature, many other operating systems have been based on it (FireOS, Indus OS, LeWa OS, LineageOS, MIUI, OmniROM, OxygenOS, Paranoid Android, Replicant, and others).

            • A Cartoon Intro To DNS over HTTPS

              Both the browser and the server know the combination to that lock, but no one in between does.

              With this, even if the messages go through multiple routers in between, only you and the web site will actually be able to read the contents.

              This solves a lot of the security issues. But there are still some messages going between your browser and the server that aren’t encrypted. This means people along the way can still pry into what you’re doing.

              One place where data is still exposed is in setting up the connection to the server. When you send your initial message to the server, you send the server name as well (in a field called “Server Name Indication”). This lets server operators run multiple sites on the same machine while still knowing who you are trying to talk to. This initial request is part of setting up encryption, but the initial request itself isn’t encrypted.

              The other place where data is exposed is in DNS. But what is DNS?

            • Why AI will never replace human picture descriptions

              Yes, a bold statement, I know, but this piece by Dr. Elizabeth Fernandez made my conviction even stronger.

              For some years now, there have been advancements in computer-generated image recognition. That recognition nowadays goes far beyond optical character recognition. Face recognition, objects, some scenes are things that software such as the Facebook algorithms, Microsoft’s Seeing AI and Google’s image recognition will cope with. In the case of some celebrities, Microsoft’s offering will, for example, even put names to faces.

              Google’s service now also ties into Chrome,. In the case of a missing alternative text, users can right-click and request that the image be processed by Google’s artificial intelligence. The result will then be filled in so screen readers will pick it up. For the new Chromium-based Edge browser by Microsoft, that service is disabled, but I guess Microsoft will soon put something similar in place using their backend that Seeing AI also uses.

              Especially this browser integration has led to fears that this will make web developers lazy and make them describe their images less. I am convinced that this fear will not be necessary. Some managers or other decision makers may try, but they’ll fail.

    • Defence/Aggression

      • Trump Was Right Before He Was Wrong: NATO Should Be Obsolete

        The three smartest words that Donald Trump uttered during his presidential campaign are “NATO is obsolete.”

      • Negligible and largely useless Why women’s rights advocates in Russia have turned against the draft version of their law against domestic violence

        On November 29, Russia’s Federation Council published the draft text of new legislation that would impose additional penalties on domestic violence. Lawmakers have introduced similar bills in the past, but not a single initiative has survived the parliament’s revisions process. The new legislation was co-authored by State Duma deputy Oksana Pushkina and has support from Federation Council Chairwoman Valentina Matviyenko, State Duma Speaker Vyacheslav Volodin (Pushkina has even called him the draft law’s “protective charm”), and Human Rights Commissioner Tatyana Moskalkova. Several women’s rights organizations also helped develop the legislation. The campaign to impose stricter punishments on violence in the home has provoked opposition from Vladimir Zhirinovsky (the leader of the right-wing political party LDPR) and some conservative movements, like the Christian Orthodox group “Forty Times Forty.” After lawmakers finally submitted the bill to the upper house of Russia’s parliament, women’s rights advocates who helped develop the legislation reported that the text omits several key components they supported. The version ultimately introduced to Russia’s Federation Assembly is largely useless, activists say, and panders to “radical conservative groups.”

      • White Supremacy as “Patriotism” – Validated Independent News

        Thomas Rousseau founded Patriot Front in 2017, when he was age eighteen, and in just two years the group has gained three hundred followers who actively seek to “reclaim America.” Patriot Front quietly discourages mass acts of violence, but instead pushes for members to spread propaganda that promotes American fascism and hate. As Pete Simi, a professor at Chapman University and an expert on white supremacists in the US, told ProPublica, “It is very common for the leadership of these groups to disqualify violence, while doing things that are encouraging violence… It is part of their strategy to avoid liability, while simultaneously promoting hate. When they say they are not violent, this is a lie. They are promoting violence by their goals.”

      • American Exceptionalism Is Killing the Planet

        Ever since 2007, when I first started writing for TomDispatch, I’ve been arguing against America’s forever wars, whether in Afghanistan, Iraq, or elsewhere. Unfortunately, it’s no surprise that, despite my more than 60 articles, American blood is still being spilled in war after war across the Greater Middle East and Africa, even as foreign peoples pay a far higher price in lives lost and cities ruined. And I keep asking myself: Why, in this century, is the distinctive feature of America’s wars that they never end? Why do our leaders persist in such repetitive folly and the seemingly eternal disasters that go with it?

      • Slipknot Cancels Knotfest Mexico City Because of Security Concerns

        Slipknot and Evanescence decided to abruptly cancel Knotfest in Mexico City because of problems with a security barricade. Which turned out to be a very, very bad idea.

      • Woman in India Gang Raped, Murdered

        The 27-year-old veterinarian had called her family to say she was stranded with a flat tire in India’s Hyderabad city, and that a truck driver and his friends had offered to help. Then she stopped answering her phone. Later her family learned she had been gang raped and murdered.

      • Pak violates ceasefire for 2nd consecutive day in Poonch

        The Pakistan army on Saturday targeted forward posts and villages along the Line of Control in Jammu and Kashmir’s Poonch district, violating the ceasefire for the second consecutive day, a defence spokesperson said.

      • Iraqi Assyrians Warn Sweden of ‘Islamist Rule’

        “If Islamists gain power, they will not treat you according to human rights, but according to Sharia law”, she stressed. “Love the Muslims, but be aware. Jesus says we should be cunning as snakes and innocent as doves”, she concluded, urging not to yield to any pressure. Pastor Basil (also a pseudonym), who has met thousands of Yazidis and Christians fleeing from Daesh*, recalled the Muslim concept of taqiya, a precautionary dissimulation or denial of religious belief. According to him, it is frequently utilised by radical Muslims as well to hide their true intent.

        “This means that radicals ‘lie low’ and adapt to a more non-religious society to gain power”, he said, warning of sleeper cells ready for action, while acting to “take over” once a parliamentary majority is in place. According to Islamologist Rickard Lagervall of Lund University and Jönköping University, it is unlikely that Islamists would take over in Sweden any time soon, since they are a minority. Another reason is that Islamists are a divided group that includes not only Daesh sympathisers and jihadists, but also “puritan” Salafists who, he suggested, avoid politics. In addition, “ordinary” Muslims are a fragmented group as well, he stressed.

    • Environment

      • At COP 25 Kickoff, Spain’s Socialist Leader Rips ‘Fanatics’ Like Trump Who Deny Climate Crisis

        Spanish Prime Minister Pedro Sánchez kicked off COP 25 in Madrid, Spain on Monday by condemning the “handful of fanatics” who continue to deny the reality of the climate crisis as it wreaks havoc across the globe and threatens to render large swathes of the planet uninhabitable.

        Sánchez, leader of the Socialist Workers’ Party (PSOE) and proponent of a Green New Deal for Spain, did not condemn any nations or world leaders by name. But Sánchez implored the international community to combat “alternative facts,” an apparent shot at the administration of U.S. President Donald Trump.

      • COP25, Social Movements and Climate Justice

        Social movements were organising their opposition to COP25—in which those most affected by climate violence would be sidelined—even before the popular mobilisation started in Chile and Sebastián Piñera suspended the talks.

      • Green Groups at COP 25 Warn Against Market-Driven Solutions to Climate Emergency

        “Now is not the time to offer an escape route to polluting Northern country governments and big oil.”

      • UN Climate Convention Switch From Chile to Spain May Hinder Climate Justice

        In October, as scientists, policymakers and civil society leaders geared up to travel to Chile for the 25th Conference of the Parties of the U.N. Framework Convention on Climate Change (COP 25), which begins today, the country was making headlines for different reasons.

      • Long-Lived Storm Clobbers Eastern U.S.

        A seemingly endless winter storm that hindered travel across most of the country over the long holiday weekend is delivering a last wallop as it swoops through the Northeast, dumping heavy snow, shuttering hundreds of schools and bedeviling commuters in the region Monday.

      • Condemning Inaction of Rich Nations, Oxfam Unveils Report Showing Climate-Related Disasters Displaced 200 Million People Since 2008

        “People are taking to the streets across the globe to demand urgent climate action. If politicians ignore their pleas, more people will die, more people will go hungry, and more people will be forced from their homes.”

      • Energy

        • Environmental Protection Politics: an Interview with William Ruckelshaus on the Difficulty of Making Public Policy Changes

          U.S. Environmental Agency (EPA) founding administrator William D. Ruckelshaus died Nov. 27, 2019. EPA was created in 1970; Ruckelshaus served as its head until 1973. A decade later he returned briefly to head the agency during the Reagan administration. As part of a series of events celebrating EPA’s 35th anniversary in April 2006, Indiana University’s School of Public and Environmental Affairs hosted Ruckelshaus in Bloomington for a lecture and panel discussion. Prior to those events he met with journalists to answer questions.

        • Turning Point in Climate Activism? Germans Block Coal Mines With Their Bodies

          Deutsche Welle reports that that more than 1,000 green activists made their way past police lines and blocked trains at 3 important coal mines in eastern Germany on Saturday. A few clashes took place between police and protesters. | By Juan Cole

        • China’s Climate Paradox: A Leader in Coal and Clean Energy

          As world leaders gather in Spain to discuss how to slow the warming of the planet, a spotlight falls on China — the top emitter of greenhouse gases.

        • [Old] United States Spend Ten Times More On Fossil Fuel Subsidies Than Education

          The fossil fuel lobby has actively worked in many countries to protect their subsidies and avoid the imposition of carbon taxes. Doing so protects their profits.

          US spent on these subsidies in 2015 is more than the country’s defense budget and 10 times the federal spending for education

        • Years Before Exxon Valdez, Documents Show Exxon’s Imperial Oil Prioritized Public Image Over Spill Impacts

          Nearly two decades before the Exxon Valdez catastrophe in Alaska, the Arrow oil spill became a public relations black eye for Imperial Oil, a Canadian subsidiary of Exxon, and internal company documents published today by DeSmog and the Climate Investigations Center reveal that the company viewed the environmental disaster more in the context of improving its public image than improving safety measures that would reduce these types of environmental risks.

        • New Documents Reveal Exxon-owned Canadian Oil Giant’s Shifting Climate Change PR

          “Public concern regarding environmental problems is being translated into legislation rapidly,” Imperial Oil warned in an annual research planning document dated January of that year. “The present trend in legislation will require substantial expenditures to reduce emissions and waste discharge for all facilities and reduce the impact on the environment of the products we sell.”

        • The Imperial Oil Files: New Collection Adds to Climate and Energy Research Archives On Science and Denial

          These documents add new context to the groundbreaking investigative reporting by Inside Climate News, and the Columbia School of Journalism in partnership with the Los Angeles Times, that revealed the #ExxonKnew conspiracy. Those journalistic efforts exposed the facts that Exxon’s own climate science research had confirmed the role of fossil fuels in driving global warming, and that the company pivoted away from that advanced knowledge, choosing instead to spend tens of millions of dollars funding climate science denial campaigns.

      • Wildlife/Nature

        • U.S. Plan on Killing Birds in New York

          The U.S. Department of Agriculture’s Wildlife Services arm has put together a plan titled “Reducing Bird Damage in the State of New York” which includes a “preferred alternative” that involves continuing its both “nonlethal and lethal bird management techniques.” The “lethal techniques…may include the use of shooting, live capture and euthanasia, avicides” and “nest/egg destruction.”

        • Humanity Is Riding Delusion to Extinction

          Horses sporting gas masks. That, of all things, has been on my mind lately. Bear with me, now. Gaze at the ever-so-cockamamie photo. A horse, wearing a gas mask. Nothing so illustrates the rank absurdity and irrationality of the human condition. It was during World War I—which killed an unheard-of nine million soldiers in just four years—that the armies of Europe still employed horses in an age of machine guns, airplanes (eventually), tanks and poison gas attacks. Rather than call a halt to the inane slaughter in the trenches, the world’s great powers fought that wildly nationalistic war to its macabre conclusion. One result was horses in gas masks. That was only a hundred years ago.

        • When Should We Consider A Species Recovered?
        • Palm Oil in Snack Foods Could Be Destroying the World’s “Orangutan Capital”

          Picture a rhinoceros in the rainforest, add a herd of elephants, families of orangutans swinging through the treetops and tigers prowling the understory, and there is only one place in the world you could be.

        • Conservation pays its way handsomely

          Money does grow on trees. The conservation of a native forest is natural capital, its cash value often reaching trillions of dollars.

      • Overpopulation

        • Some Say Jason Momoa Went Too Far Shaming Humanity And Calling It A Disease At The UN Climate Summit

          Greta Thunberg and her speech has sent ripples of awareness all over the globe. Her message has been heard and it has moved people to come out of their comfort zone and do something for the planet. But it is not only Greta’s speech that has kept the attention of people. Many actors have come out in support of Greta and are trying their bit to influence others to save the planet.

          Jason Momoa aka Aquaman has made a speech in the UN which is quite similar and powerful in an address at the United Nations. He spoke at the Small Islands Event on 27th September and his message coincided with that of Greta – that our world leaders were not using their powers for environmental welfare. However, he did not only blame the politicians. He blamed Humanity as a whole – he called it a disease.

    • Finance

      • What Seattle Has Wrought

        A year after the WTO protests rocked Seattle, Alexander Cockburn and I assessed the damage to global capitalism and its emissaries in the Democratic Party – JSC

      • Bolivia: the Danger of Neoliberalism With Fascist Characteristics

        A relevant article by Thierry Meyssan has been published that reveals the deep historical fascist/catholic links leading up to the coup in Bolivia and the danger that may lie ahead as a result. It is important to be aware of this in order to provide informed solidarity with the people of Bolivia and a sharper analysis of the inevitable US intervention in Latin America.

      • ‘For the Grandparents Who Need Money… For the Struggle!’: Tear-Gassed Kids in Chile Explain Why They Protest

        The gas, said one, “doesn’t allow us to breathe, so we’re only feeling so-so.”

      • What Would It Cost to Buy the 2020 Election?

        Gracie Mansion, the official residence of New York’s mayors since 1942, hosted billionaire Michael Bloomberg for three terms.

      • New Analysis Details ‘Aggressive’ Tax Dodging of Six Silicon Valley Giants—Totaling Over $100 Billion

        Among the tech companies studied, Amazon “stands out as the business with the poorest tax conduct,” according to the U.K.-based Fair Tax Mark.

      • For Banks, Data on Your Spending Habits Could be a Gold Mine

        There’s a powerful new player watching what you buy so it can tailor product offerings for you: the bank behind your credit or debit card.

      • Misuse of Police and Jails to Respond to Medical and Economic Problems – Validated Independent News

        The Prison Policy Initiative study reported that, in 2017, 4.9 million individuals were arrested and booked. Of those, 3.5 million were arrested only once that year, while nearly 930,000 were arrested twice; and nearly 430,000 were arrested three or more times. Those arrested multiple times were, according to the study, disproportionately Black, low-income, less educated, and unemployed. Noting that the vast majority were arrested for non-violent crimes, the study recommended that instead of incarceration, “public investments in employment assistance, education and vocational training, and financial assistance” would better address the conditions that led marginalized individuals to have contact with the police in the first place.

      • Prison Telecom Monopolies Bring Their ‘Innovation’ To Prison Ebooks

        Over the last few decades, companies like Securus have managed to obtain a pretty cozy, government-supported monopoly over prison phone and teleconferencing services. Like any monopoly, this has pretty traditionally resulted in not only sky high rates upwards of $14 per minute for phone calls, but comically poor service as well. Because these folks are in prison, and as we all know everybody in prison is always guilty, drumming up enough sympathy to convert into political momentum has long proven difficult. Recent efforts to do something about it were scuttled by FCC boss Ajit Pai, whose former clients included Securus.

      • UK Election: How Propaganda Props Up Britain’s “Particularly Extreme Form of Capitalism”

        The establishment British media, be it the BBC or the privately-owned Sky News, have marginalized ordinary Britons who are critical of the neoliberalism, known as “capitalism.” They and their allies in the right-wing print media have done so, in large part, by slandering the political representatives of the poor as “Marxist lunatics” and so on. But now, even elements of the establishment are beginning to recognize that the neoliberal system is collapsing itself.

      • Wages Have Risen Due to Minimum Wage Increases and the Fed’s Obama-Era Policies

        There are a lot of things — like high health care costs, unaffordable housing and crushing student loan debt — which are not going right for people right now. However, it is worth noting one important way in which things are going in the right direction. The low current unemployment rate, coupled with minimum wage increases in many states and cities, is leading to real wage gains at the middle and bottom end of the wage ladder.

      • America’s Got Talent Under Investigation Over Gabrielle Union Firing

        In reaction to all the controversy generated by the firing of Gabrielle Union from America’s Got Talent, SAG-AFTRA is now investigating the show.

      • Mayor Pete Is Wrong — Free Public College Could Unite the Country

        A new ad from the Pete Buttigieg campaign reignited a social media debate that first began when Sen. Amy Klobuchar criticized free public college for all in the November Democratic debate. Klobuchar had warned that universal higher education was bad because it could mean “sending rich kids to college for free.” Buttigieg’s ad replicates Klobuchar’s critique, but added that free public higher education for all would “[turn] off half the country.”

      • Bangladesh: Rohingya Children Denied Education

        (Bangkok) – The government of Bangladesh is blocking aid groups from providing any meaningful education to Rohingya children in refugee camps and banning the children from attending schools outside the camps, Human Rights Watch said in a report released today. The government should urgently lift the restrictions that unlawfully deprive almost 400,000 Rohingya refugee children of their right to education.

      • Threat to Our Digital Rights Revealed in US-UK Trade Talks Leak

        eaked documents from trade talks between the UK and US make it clear that our online interactions and digital products will be priorities for the negotiations. The UK grandly declares, “We do not want to just go back to existing [digital] trade texts, no matter how ambitious—we want to go beyond.”

      • New law makes Germany “crypto heaven”

        The German parliament today passed a bill allowing banks to sell and store cryptocurrencies from next year.

        The new legislation will come into force on 1 January 2020, and will require current custody providers and crypto exchanges operating in the country to take steps, before the end of the year, to apply for a German license.

        The law will not only put Germany, the world’s fourth biggest economy, at the forefront of regulation in cryptocurrencies, but heralds a milestone in the adoption of cryptocurrencies.

        “Germany leads the way in crypto regulation, for sure. This leads to institutional investors coming to Germany, as they want security and regulation,” Sven Hildebrandt, partner at German crypto consultancy DLC, told Decrypt. “Germany is well on its way to becoming a crypto-heaven.”

    • AstroTurf/Lobbying/Politics

      • Chris Hedges: Electoralism Won’t Save Us
      • Non-Intervention: an Imperfect Solution to a Terrible Problem

        On November 27, US president Donald Trump signed the Hong Kong Human Rights and Democracy Act.

      • Facebook CEO Zuckerberg Dodges When Pressed About Details of White House Dinner With Trump

        “No better example of Facebook’s power than Zuckerberg being asked here whether Trump lobbied him, rather than whether he lobbied Trump.”

      • The Right Thing To Do

        For the start of another week at the circus, a warm, wise, movingly real moment with Elizabeth Warren to give us hope. At an Iowa event, a high school girl, tremulous with fear and feeling, asked Warren for a moment in her life when she struggled with acceptance; her own voice cracking, Warren told a story about her divorce…

      • From Crying ‘Witch Hunt’ to a Guilty Plea, Calls for Trump Ally Duncan Hunter to Resign Immediately

        The California Republican spent months claiming he was the victim of a “witch hunt” before saying Monday he would plead guilty

      • Deporting Workers Makes America Less Safe

        On Oct. 12, construction worker Delmer Joel Ramirez Palma was working on the Hard Rock Hotel in New Orleans when the structure collapsed, killing three workers and injuring dozens more. He survived a fall of three flights by swinging on a rope, although he sustained serious injuries.

      • Pelosi Frustrates Progressives by Stalling Pro-Labor Bill While Pushing Trump’s Trade Deal

        “Grinding my teeth so hard they snap off at the roots.”

      • Nancy Pelosi Buries Historic Labor Bill to Appease Centrists

        For the first time in decades, the House of Representatives has a rare chance to rewrite American labor laws, in ways that would actually help workers. Among other benefits, a new bill would abolish right-to-work laws that cripple union organizing, create penalties for employers that punish workers for organizing, and set out rules to eliminate delays in negotiating union contracts.

      • Professor Sounds Alarm on Democracy’s Self-Cannibalism – Validated Independent News

        As “the institutions that have traditionally saved people from their most undemocratic impulses” have declined in the era of social media, unconscious biases, selective listening, and irrational behavior cause people to “drift toward the simple solutions right-wing populists worldwide offer: a deadly mix of xenophobia, racism, and authoritarianism,” Shenkman reported. Though Rosenberg’s position was controversial in the conference, the rise of his hypothesis remains a grave concern.

      • Youth-Led Protests Topple Iraqi Prime Minister as Demonstrations Continue
      • Corporate Media’s Mantra Is ‘Anyone But Sanders or Warren’

        Anyone who’s been paying attention should get the picture by now. Overall, in subtle and sledgehammer ways, the mass media of the United States—owned and sponsored by corporate giants—are in the midst of a siege against the two progressive Democratic candidates who have a real chance to be elected president in 2020.

      • Bloomberg’s Baggage
      • WTO Shutdown: ‘Victory Belongs to the People’
      • Ukraine, the New Cold War and the Politics of Impeachment

        In October 2019, with the impeachment of Donald Trump already underway, wealthy ‘centrist’ Democratic Party donors began to fret over the Democrat’s prospects in the 2020 election. Since then Michael Bloomberg and Deval Patrick, both Wall Street Democrats with deep pockets, have entered the race. Meanwhile, the Senate impeachment schedule will keep Bernie Sanders and Elizabeth Warren in Washington— and away from the campaign trail, well into the early state primaries.

      • As Impeachment Enters Endgame, Republicans Will Likely Escalate Ugliness

        House Democrats said they planned to move quickly on impeachment and it appears they really meant it. It’s hard to believe that the process has come this far in just eight weeks, but Nancy Pelosi and the rest of the House leadership seem determined to get this thing over with as soon as possible, so it’s rushing toward completion before we can even catch our breath. (I’m on record disagreeing with that strategy if it means ignoring the gigantic body of evidence pointing to corruption and the obstruction of justice documented in the Mueller report. But nobody asked me my opinion, so…)

      • ‘Getting, But Waiving, Due Process’: Despite Cries of Unfairness, Trump Refuses Impeachment Hearing Invite

        “If he has a defense, we on House Judiciary—along with the American people—are eager to hear it,” said. Rep. Pramila Jayapal.

      • Lisa Page Speaks: ‘There’s No Fathomable Way I Have Committed Any Crime at All’

        “It’s very painful to see to places like the FBI and the Department of Justice that represent so much of what is excellent about this country, not fulfilling the critical obligation that they have to speak truth to power,” she tells me. “The thing about the FBI that is so extraordinary is that it is made up of a group of men and women whose every instinct is to run toward the fight. It’s in the fiber of everybody there. It’s the lifeblood. So it’s particularly devastating to be betrayed by an organization I still care about so deeply. And it’s crushing to see the noble Justice Department, my Justice Department, the place I grew up in, feel like it’s abandoned its principles of truth and independence.”

      • ‘I decided to take my power back’: Ex-FBI lawyer Lisa Page speaks out on Trump’s ‘sickening’ attacks

        But in a rare interview, Page, 39, told The Daily Beast that she could no longer silently stomach the president’s attacks on her. She said “the straw that broke the camel’s back” came when Trump repeatedly called her name at an Oct. 11 rally in Minneapolis in what she described as a “demeaning fake orgasm” while mocking her and Strzok, who were engaged in an extramarital affair.

        “I had stayed quiet for years hoping it would fade away, but instead it got worse,” she says. “It had been so hard not to defend myself, to let people who hate me control the narrative. I decided to take my power back.”

        “I’m done being quiet,” she said Sunday night in a tweet linking to the Daily Beast interview.

      • Facebook’s Mark Zuckerberg says the social network should not be ‘censoring politicians’

        King also asked Zuckerberg about his dinner with President Donald Trump at the White House three weeks ago and whether Trump lobbied him against banning political ads. ” No … I think some of the stuff that people talk about or think is discussed in these discussions are not really how that works,” Zuckerberg said. “I also want to respect that it was also a private discussion.”

      • Ethereum founder Vitalik Buterin supports petition to release arrested dev

        Griffith was arrested by the FBI at Los Angeles International Airport on 28th November after travelling to North Korea, one of the “United States’ foremost adversaries,” to attend and present a paper at the Pyongyang Blockchain and Cryptocurrency Conference.

        The US Department of State denies Griffith had permission for his trip and it’s alleged he formulated plans “to facilitate the exchange of cryptocurrency between the DPRK and South Korea,” in violation of sanctions against the DPRK.

      • Tariq Ali on UK Elections, Jeremy Corbyn and the Rise of the Extreme Right
      • Who owns the news? The 24 companies that control the world’s biggest news outlets

        Our latest study shows the current state of media consolidation in the United States, the U.K., Australia, and the globe.

        We started off by identifying the top 50 most visited news websites in the world as of September 2019, using data from web traffic analysis company Alexa, and market intelligence provider SimilarWeb. We then determined the parent companies behind each of these 50 outlets and identified all of the properties in their online media portfolios to create an accurate picture of the concentration of media around the world.

        In order to map out who owns the news in the United States, in the U.K. and in Australia, we isolated the 20 companies with the most popular websites in each geography and filled in the gaps by adding up-and-coming digital media companies. Once this step was complete, we worked our way backwards to identify all of the web properties in their portfolios and the parent companies behind them.

        For news sites that are owned by investment firms with a majority stake, the CEO or director of the investment firm was listed as the highest-level owner. For news sites that are owned or directly (or indirectly) controlled by the government (as is the case of the BBC, who since 2017 has had its board members selected by the UK government), the head of government was listed as the highest-level owner.

      • Newsweek Reporter Jessica Kwong Fired Over ‘Inaccurate’ Trump Thanksgiving Story

        Jessica Kwong, a reporter for Newsweek, has been fired after her inaccurate reporting of how President Donald Trump spent his Thanksgiving. Wong had reported that Trump was spending his Thanksgiving golfing, but he was actually making an impromptu, surprise trip to Afghanistan to spend time with deployed troops.

        [...]

        Kwong has not sent out a tweet since correcting her false story. It will be interesting to see if she comments on the events that reportedly led to her ousting from the company.

        And on the flip side of things, we know this certainly will fuel Trump’s fake news narrative moving forward.

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

      • Death of crusading journalist topples Malta prime minister

        Hours earlier, nearly 20,000 Maltese protested outside a courthouse in the capital, Valletta, demanding that he step down in the largest such turnout of nearly daily protests in recent weeks. “As prime minister, I promised two years ago that justice would be done in the case of the murder of Daphne Caruana Galizia,” Muscat said, beginning his speech, adding that “today I am here to tell you that I kept my word.”

        But the slain reporter’s family contended Muscat’s departure won’t satisfy those in the nation who are determined that corruption and cronyism between politicians and business figures be rooted out. “People will be out in the streets again tomorrow,” tweeted one of her sons, Matthew Caruana Galizia, who is also a journalist.

      • Inside Belmarsh: John Pilger Visits Julian Assange

        The world’s most famous political prisoner continues to resist, despite a system conceived specifically to break him down. John Pilger reports.

    • Civil Rights/Policing

      • The New ‘Black Codes’

        The police forces in impoverished urban communities, equipped with military-grade weapons and empowered to harass and kill largely at will, along with mass incarceration, are the principal tools for the social control of the poor. There is little pretense of justice and even less of protection and safety.

      • Can Plantations be Redeemed?

        Thomas Jefferson may have written that all men were created equal in the Declaration of Independence. But he, along with so many of his fellow plantation owners, was still complicit in the institution of slavery.

      • Oregon Supreme Court Shuts Down Pretextual Traffic Stops; Says Cops Can’t Ask Questions Unrelated To The Violation

        The Supreme Court’s Rodriguez decision took a lot of fishing line away from law enforcement officers. Thousands of traffic statutes are violated every day. (Or not broken, in some cases.) All an officer needed to do was follow someone around until they violated one and then turn the traffic stop into a Q&A session with an eye on obtaining consent to search drivers, passengers, and vehicles.

      • Virginia Prisons Thwarted Muslim Inmates’ Rights to Observe Ramadan – Validated Independent News

        In one case, Muslim prisoners known to be fasting were not served breakfast before sunrise; in another prison, fasting inmates were forced to wait at least an hour after sunset to receive dinner.

      • Tinder Lets Known Sex Offenders Use the App. It’s Not the Only One.

        Susan Deveau saw Mark Papamechail’s online dating profile on PlentyofFish in late 2016. Scrolling through his pictures, she saw a 54-year-old man, balding and broad, dressed in a T-shirt. Papamechail lived near her home in a suburb of Boston and, like Deveau, was divorced. His dating app profile said he wanted “to find someone to marry.”

        Deveau had used dating websites for years, but she told her adult daughter the men she met were “dorky.” She joked about how she could get “catfished” if a date looked nothing like his picture. Still Deveau, 53, wanted to grow old with someone. The two were — in the popular dating platform’s jargon — “matched.”

      • We Are Investigating Sexual Violence and Dating Apps

        Columbia Journalism Investigations and ProPublica analyzed more than 150 incidents of sexual assault involving dating apps, culled from a decade of news reports, civil lawsuits and criminal records.

      • Russian trans woman sentenced to likely fatal three years in prison for posting manga on social media

        A court in the Russian city of Bryansk has sentenced a local doctor named Michelle to three years in prison, a term experts say is likely to result in her death. Michelle, a 53-year-old transgender woman, was convicted of “distributing pornography depicting minors,” which can carry a term of up to six years in Russia. Maria Chashchilova, an attorney for the Moscow Community Center for LGBT Initiatives (MCC), told Novaya Gazeta about the sentence on November 30.

      • Beyond Prisons: Instead Of Calling The Cops

        In a followup to the last episode, “Stop Hugging Cops,” Beyond Prisons hosts Brian Sonenstein and Kim Wilson share some resources and discuss alternatives to calling the police.

        We talk about the chain reaction that is created by bringing the police to a community or into an individual’s life, and we suggest ways to scrutinize the impulse to call the police. Brian also calls on White people to consider what it means for them to call the police on Black and Brown people and offers some thoughts for how white people can do better in situations that generally don’t require intervention.

      • Read this before you sign your nikah nama

        Hearing these stories, I have to ask: how is it that the majority of women end up scribbling their names thoughtlessly on one of the most momentous civil contracts they’ll ever agree to without so much as reading it?

        And just what is in that nikah nama of yours?

        I sat down with some lawyers to find out.

      • Trump Has Made the Military Safe for War Criminals

        While Spencer’s resistance to Trump’s actions is admirable, it was also rooted more in turf protection than in condemnation of the moral enormity of Trump’s embrace of war criminals. “This was a shocking and unprecedented intervention in a low-level review,” Spencer wrote in The Washington Post after his firing. “It was also a reminder that the president has very little understanding of what it means to be in the military, to fight ethically or to be governed by a uniform set of rules and practices.”

      • Secret Service Report Reveals That School Shootings Are Often Preventable

        The majority of attackers, according to the report, “experienced stressors, exhibited concerning behaviors and made their intentions to attack others known.” “These are not sudden, impulsive acts where a student suddenly gets disgruntled,” said Lina Alathari, the head of the NATC, in an interview with the Associated Press. “The majority of these incidents are preventable.”

      • Plicido Domingo Calls Sexual Harassment Claims a ‘Nightmare’

        In the first full interview he has given since sexual harassment charges partially derailed his career, legendary operatic tenor Plicido Domingo maintained his innocence, calling the accusations a “nightmare.”

      • Infographic: How many complaints about torture in Russian prisons result in criminal cases?
    • Internet Policy/Net Neutrality

      • Take action to save .org and prosecute those who sold out the internet

        If you are familiar with the .org heist, then like me, you’re probably pissed off. Here’s how you can take action: all of these organizations are 501c3 non-profits. The sale of a non-profit to a for-profit entity like this is illegal without very specific conditions being met. Additionally, this kind of behavior is not the sort the IRS likes to see in a tax-exempt organization. Therefore, we can take the following steps to put a stop to this: [...]

    • Monopolies

      • Patents

        • Ninth Circuit schedules oral argument in FTC v. Qualcomm for February 13, 2020 (San Francisco)

          The United States Court of Appeals for the Ninth Circuit will hear oral argument from appellant Qualcomm and appellee the Federal Trade Commission (FTC) in the antitrust matter originating from the Northern District of California on Thursday, February 13, 2020, at 9:30 AM Pacific Time.

          The court’s website does not yet list the circuit judges on the panel. In this case, the composition of the panel will play a far greater role than in most antitrust cases as Qualcomm has managed, through lobbying and PR and with help from its former lawyer and forever-loyal supporter Makan “Macomm” Delrahim (Antitrust Assistant Attorney General), to politicize a case that actually raises business issues without any ideological dimension.

        • Patent case: Crane Payment Innovations Inc. vs. Giesecke+Devrient Currency Technology GmbH, EPO

          Where an expression in a granted claim, taken literally and in isolation, would have the effect of excluding all of the disclosed embodiments from the scope of protection, but where a definition of the expression may be derived from the patent itself which would locate (at least some of) the disclosed embodiments within the ambit of the claim, and provided this definition is not manifestly unreasonable having regard to the normal meaning of the words used in the expression, then in judging compliance with the requirements of Art. 123(3) EPC, the scope of protection should normally be considered to include at least that which would fall within the terms of the claim understood according to this definition.

        • Paris Court Grants Anti-Anti-Suit Injunction in IPCom v. Lenovo

          First, the Paris Court rejected Lenovo’s objection that proceedings on the same subject matter are already pending in California (lis pendens). The case pending in California is an action in chief, while the request in France concerns a preliminary injunction. In addition, the subject matter of the California case are the conditions of a FRAND license, whereas the subject matter of the French proceedings is about “maintaining the patentee’s freedom of action and the exercise of the patentee’s exclusive rights”.

          Second, the Paris Court sets forth that an anti-suit injunction by an EU member state against the courts of another member state would be contrary to public policy (ordre public), because of the “mutual trust in the judicial systems of EU member states” (see CJEU C-159/02 – Turner/Grovit). Conversely, an anti-suit injunction coming from a non-EU jurisdiction can be recognized as valid, but only if its purpose is to enforce a contractual jurisdiction clause or an arbitral clause. In all other cases–

          the anti-suit injunction constitutes an interference in the jurisdiction of the courts and has the effect of indirectly disregarding the exclusive power of each state to freely define the international jurisdictional competence of their courts.

          Given that, in the case at hand, Lenovo and Motorola are not seeking an anti-suit injunction to enforce a jurisdiction clause or an arbitral clause, but to prevent the patentee from exercising its exclusive rights, IPCom has been granted the requested anti-anti-suit-injunction, but such injunction will apply only to the French part of EP268.

          [...]

          It will be worth keeping an eye on the future developments of this case, and not only for IP civil procedure aficionados. It is noteworthy that in the pending US proceedings, the US Department of Justice (Antitrust Division) filed on 25 October 2019 a Statement of Interest (available here) on the antitrust aspects of the anti-suit injunction (arguing that the anti-suit injunction sought by Lenovo and Motorola did not have a basis in antitrust law). Whether this further aspect will now become moot (because Lenovo and Motorola withdraw their respective requests in compliance with the Paris Court’s decision) remains to be seen.

        • Software Patents

          • Conversant v Apple

            On 29 November 2019, the Patents Court of England and Wales handed down it decision revoking Conversant’s UK patent relating to an improved user interface on smartphone devices. Unlike earlier infringement actions brought by Conversant against Huawei and ZTE in the UK, this action brought against Apple (and various of its subsidiaries) concerned a non standards-essential patent.

            Against the backdrop of the early smartphones which required a rather involved process of navigating a sequence of menus to access a desired application, the invention involved the idea of using an “application summary window” on a smartphone to provide a list of several commonly used functions within that application and/or stored data commonly accessed for it. The devices alleged to infringe were various models of Apple’s iPhone running various versions of its IOS operating system (in particular, the functionality called “Widgets” and “Home Screen Quick Action Windows”, which allow users to view summary data or access certain features of applications quickly, was said to infringe). Apple counterclaimed that the patent was invalid on the basis of two items of prior art, AgrEvo-obviousness and added matter. Ultimately, the court held the patent to be infringed but invalid over an early smartphone device called SIMON produced by IBM in 1994 (the AgrEvo-obviousness and added matter attacks were dismissed). The main point which is likely to be of interest to patent practitioners relates to the identity of the skilled person in circumstances where a patentee has applied to amend its patent.

      • Trademarks

        • AG Bobek suggests broadening possibility to submit new arguments and evidence before General Court in trade mark opposition proceedings

          One of many lessons this Kat learned from his mentor at the law firm where he started his career was this: in trade mark opposition proceedings at the European Union Intellectual Property Office (EUIPO), be sure to file all your evidence at the Board of Appeal stage at the very latest. Once proceedings reach the General Court (GC), filing new arguments and evidence is more or less categorically excluded. This rule will be familiar to trade mark practitioners and is indeed reflected in many decisions of the Court of Justice of the European Union (CJEU) and the GC [see e.g. C-29/05 P, par. 54 and T-346/04, par. 19].

          However, the recent Opinion of Advocate General (AG) Bobek in case C-702/18, Primart Marek Łukasiewicz v. EUIPO [here] suggests this rule might be subject to significant exceptions. In short: AG Bobek argues that certain matters of fact or law are inextricably linked to the assessment to be carried out by the EUIPO. It may form an opinion on these matters, even if parties do not present arguments on it. The opinion of AG Bobek suggests that parties may present new arguments and evidence on such matters even before the General Court.

          [...]

          After finding the appeal admissible, the AG began with an analysis of Article 76(1) of Regulation 207/2009, the Community Trade Mark Regulation [now Article 95 of Regulation 2017/1001]. He concluded that this provision ”cannot be read as obliging the Board of Appeal to refrain from examining matters of law or fact that, despite not having been specifically raised by one of the parties, are inextricably linked to those raised by the parties.” [par. 48].

          The AG then turned to Article 188 of the Rules of Procedure of the General Court, which states that the appeal before the GC “may not change the subject matter of the proceedings before the Board of Appeal.” He found that this provision “cannot be interpreted as barring the parties from questioning EUIPO’s assessment with regard to elements of law or fact which that office was required to consider (if need be, of its own motion) and was able to adjudicate upon” [par. 55]. The distinctiveness of the earlier mark is an example of such an element in that it is inextricably linked to the assessment of likelihood of confusion.

          Drawing on the GC’s decision in Hooligan, AG Bobek distinguished two types of arguments that could be made in the context of distinctiveness of an earlier mark. On the one hand, there are arguments that EUIPO cannot assess without evidence from the parties: an example is increased distinctiveness as a result of reputation. If parties do not make these arguments before the EUIPO, it cannot take them into account of its own motion and parties are also barred from making the argument before the GC [par. 63].

        • Are two different whales conceptually identical? Fourth Board of Appeal finds likelihood of confusion despite some visual dissimilarities between marks

          Can simple things become difficult? In a recent decision, the Fourth Board of appeal reaffirmed a basic truth: if your sign has the same concept of another, then there is conceptual identity between these two.

          Having recognized that there are indeed differences between the signs, in this case the Board affirmed that such differences constituted minor elements of secondary importance which the average customer would not be likely to identify or remember.

          [...]

          The earlier EUTM had been registered since 2016 for certain goods in Classes 18, 24 and 25 (clothing for women, men and children, footwear, slippers, pants, underwear, suits, shorts, trousers, shirts, sweaters, jackets, parkas, socks, underwear, swimming costumes, robes, gloves, belts, hats, and caps).

          The Opposition Division found that there was a likelihood of confusion pursuant to Article 8(1)(b) of Regulation 2017/1001 (EU Trade Mark Regulation (EUTMR) in respect of the goods covered by the earlier EUTM. It also held that the signs were visually similar to an above average degree as well as conceptually identical because they both depicted a whale.

        • The implementation in France of the EU Directive relating to trade marks

          The new law will be completed by a Decree that will provide implementing Regulations. The new law will come into force the day after the publication of the Decree, which is currently under examination before the Conseil d’Etat (French Council of State) and, at the latest, on December 15, 2019, with respect to all Articles of the law, except those relating to cancellation actions, which will come into force on April 1st, 2020.

          The new enactment constitutes a substantial transformation of French trade mark law, modernizing the available trade mark protection mechanisms, as part of the implementation of the EU Directive, whose goal is to harmonize EU national trade mark laws.

          [...]

          - invalidation actions based on relative grounds, except for actions based on a design, a copyright, or a right of personality (surname, pseudonym, or image);

          However, the territorially competent IP specialized courts will have jurisdiction when–

          -the cancellation action is based on a design, copyright or right of personality;

          -the cancellation action is a counterclaim as part of ongoing proceeding before the court (for example, an ongoing infringement or unfair competition action);

          -provisional or injunctive measures have been requested from the court; or

          -seizure based on infringement was carried out.

          The above are only what we may consider the main innovations found in the new French Trade Mark Law; however, the new legislation involves many substantial changes to the current practice, to which not only practitioners will have to adapt, but also the Trade Mark Office itself as well as the competent courts through the application and interpretation of the new law.

      • Copyrights

        • Copyright: When the Case Summaries are “Official” Works Authored by the State

          Here, we have “official” annotated code created by Lexis but guided by a mandated state committee. And, as a work-made-for-hire, the State is legally seen as the author for copyright purposes. The crux of the copyright claim here is in the summaries of judicial decisions citing to the Georgia code. Although those summaries do not have the force of law, they are the “official” annotations legally authored by the state.

          [...]

          All this is easy for activities of U.S. judges and legislators because U.S. Gov’t works are not copyrightable under the Statute. In the state law perspective, we get into a difficult line drawing problem with Justice Breyer’s approach understanding when a judge or legislator is acting in “some other abstract capacity” (using the words of Justice Gorsuch).

          In the end, Georgia’s attorney warned the judges not to “blow up” the current system that allows for copyright protection of the official code. Reminds me of an attack on casebooks from a few years ago. WSJ Blog.

        • Pirate Bay Replaced Its Iconic Logo to Get Some Extra Revenue

          The Pirate Bay has delivered some interesting logo changes in recent weeks. The torrent site temporarily swapped the good-old pirate ship to promote a VPN, a file-hosting service, and a blockchain project. While the site hasn’t explained its motives it is, at least in part, an attempt to earn some additional income.

        • Cox Can Use ‘Copyright Alert System’ Evidence in Piracy Case, Court Rules

          The so-called six-strikes anti-piracy scheme in the United States may be dead, but it’s about to be used as prime evidence in the lawsuit between ISP Cox and several music labels. A federal court in Virginia has denied a request from the labels to exclude the matter from trial, during which Cox is expected to argue that its own anti-piracy measures went even further than the industry-approved alternative.

        • Premier League Piracy Case Ends In ‘Record Damages’, Suspended Sentences

          The Premier League says it has secured one of the highest copyright-related damages awards in Thailand’s history after targeting individuals behind a major ‘piracy network’ in Asia. A British man and a Thai national pleaded guilty to infringement, paid the Premier League around GBP

        • Copyright Troll Threatens Criminal Charges In Germany Against Domain Registrar

          I’ve discussed in the past how problematic it is when people don’t recognize the differences between edge providers and infrastructure providers when it comes to internet services. Usually it’s policymakers (or the press) getting these things confused, but we’ve certainly seen our fair share of attempts by copyright maximalists to use this confusion to their advantage. However, this may be the first I recall of seeing a copyright trolling operation trying to effectively do the same.

Laundering the Reputation of Criminals: That’s an Actual Job

Posted in Bill Gates, Deception, Microsoft at 6:59 am by Dr. Roy Schestowitz

Bill Gates and Laundering of Reputation

Summary: An important reminder that the manufactured, paid-for (media is being bribed) image of Bill Gates is the product of the PR industry he enlisted to distract from his endless crimes

‘Priceless’ Tickets to the EPO’s Back End and Team UPC

Posted in Europe, Patents at 5:29 am by Dr. Roy Schestowitz

These tickets don’t even name the price of the workshop

CIPA's ticket

Summary: CIPA’s and the EPO’s event (later this week) is more of the same; the EPO exists not to serve European businesses but a bunch of law firms and their biggest clients (which usually aren’t even European)

THE leak we've just published shows what goes on behind the scenes at the European Patent Office (EPO). The funny thing is, it would not have to be leaked had EPO not worked in the dark. António Campinos is very secretive; how many of his opaque decisions are open to outside scrutiny? Think about it…

“This is no laughing matter because these policies can break (or fail) Europe’s industry, which has lots of SMEs.”The U.S. Patent and Trademark Office (USPTO) does not gamble with its money the way the EPO does. It receives Federal budget and it has reports; it can also be sued (as habitually happens). Opaque selection of venues (like European award ceremonies) and people (like Breton as head jurist for such events) can be confronted by FOIA lawsuits. But not at the EPO.

“Judging by the program (London), it is — as usual from Research and Markets — patent maximalism, complete with the UPC nonsense.”The US is openly debating 35 U.S.C. § 101/Alice (biased debates nonetheless, but the public can see these and scrutinise, accordingly), whereas the EPO rationalises software patents in Europe privately, using false ‘economics’ from people who lack a technical background. This is no laughing matter because these policies can break (or fail) Europe’s industry, which has lots of SMEs.

Yesterday the EPO posted some more tweets about SME something. But we already know, based on leaks, that the EPO is run for (and by) large multinationals. It’s hardly European and patents granted to the US aren’t far behind (in number) Europe’s.

“At the cost of what? It does not say. So I filled in a mock registration (to see what SMEs would need in order to participate).”We’ve just noticed that the Dublin-based Research and Markets does European Patent Office (EPO) indoctrination, under the umbrella of “the European Patent System,” and markets this a year in advance. “This two-day seminar for Administrative Staff in the Patent Profession on how to competently prepare an application for filing before the EPO,” it says. “Providing an introduction to the European patent system and how to proceed with an European patent application an much more.”

“They’re conspiring to violate the EPC and push the UPC.”Judging by the program (London), it is — as usual from Research and Markets — patent maximalism, complete with the UPC nonsense. Suffice to say, that’s very bad for SMEs. Later this week the EPO will be in London alongside CIPA, which is a front group for patent zealots and trolls. They’re worse than hedge funds. The EPO retweeted this yesterday: “Come and join us and the @EPOorg at @TheCIPA in #London on 5 or 6 Dec. We will be providing an update on our latest and upcoming online service developments.”

At the cost of what? It does not say. So I filled in a mock registration (to see what SMEs would need in order to participate). There’s a special relationship between CIPA (major component of Team UPC) and Team Battistelli. Remember this photo op:

CIPA meeting with Stephen Jones
Stephen Jones (former IP Kat chief, after the founder’s retirement) standing next to Battistelli while lobbying for UPC

The above photo op is especially damning considering the context of it. They’re conspiring to violate the EPC and push the UPC. As “Proof of the pudding” put it in IP Kat comments yesterday (in relation to this):

An interesting question.

Article 2(2) EPC provides that “The European patent shall, in each of the Contracting States for which it is granted, have the effect of and be subject to the same conditions as a national patent granted by that State, unless this Convention provides otherwise”.

It seems to me that most EPC Contracting States, including the UK, view “subject to the same conditions” as meaning that the substantive conditions of patentability for an EP patent must be the same as those for a national patent.

There are clearly examples of EPC Contracting States taking different views on the level of harmonisation mandated by the EPC … and not just in connection with the definition of the relevant prior art (ie the grace period). But does that justify the UK ignoring its obligations under the EPC in connection with such a crucial provision as novelty?

I guess that how one answers that question will depend upon how comfortable one is with the EPC becoming a Convention that is honoured more in the breach than the observation… of course bearing in mind that the EPC provides the foundations for the UPC Agreement.

Well, the UPC Agreement (UPCA) is failing because the EPC is routinely being violated. The EPO has become totally shameless about it. As recently as yesterday the EPO bragged about giving illegal patents using “latest trends”. It’s like this almost every day.

“Well, the UPC Agreement (UPCA) is failing because the EPC is routinely being violated.”“Millions of people use Espacenet,” said the EPO in yesterday’s tweet. “How come less than a handful use the forums? They probably just exaggerate/make up the figures,” I responded. These forums are truly pathetic. “Now it’s got new features and functions,” the EPO said, “Haven’t seen them yet?”

We very much doubt MILLIONS of people browse such documents. There aren’t even that many patent lawyers in the whole world. Then again, the EPO regularly lies to everyone. It’s 10:30 here already, so the EPO must have posted some more lying tweets about “SMEs” by now. Gotta run!

IRC Proceedings: Monday, December 02, 2019

Posted in IRC Logs at 2:19 am by Needs Sunlight

GNOME Gedit

GNOME Gedit

#techrights log

#boycottnovell log

GNOME Gedit

GNOME Gedit

#boycottnovell-social log

#techbytes log

Enter the IRC channels now

New EPO Leak Shows That the Rumours and Jokes Are Partly True and We Know Who ‘Runs the Show’

Posted in Europe, Patents at 1:46 am by Dr. Roy Schestowitz

Those remnants of Battistelli

EPO change

Summary: Europe’s second-largest institution is so profoundly dysfunctional, a reprehensible kakistocracy of tribalism, money-grabbing career-climbing autocrats and possibly major fraud; today’s leak looks at what motivated and enabled the formation and latest incarnation of “Team Campinos”

THE European Patent Office (EPO) is work in progress. An experimental neoliberal laboratory of outsourcing, privatisation, union-busting and of course… immunity. “Get back to the factory, you working class pleb,” said the master to the ‘underclass’. Certainly feels like the Renaissance… of feudalism.

Welcome to the future of work (and workplaces).

New organisational structure for the holidays? You bet.

As we noted back in June, the EPO very quickly transformed into something akin to a political party (leader brings family, even literally in the age of Donald Trump and Boris Johnson!)

Team Campinos

That’s “Team Campinos” until October 2019.

Notice there are lots of former colleagues of António Campinos. Here’s one way to put it (Team Campinos nepotism):

Team Campinos nepotism

And here’s Team Campinos from November 2019 onwards:

Team Campinos November 2019

Notice the changes, in particular w.r.t. past associates of Campinos.

Whose decision was it to enable this? Let’s take a look. Spring 2018 (click to enlarge):

EPO Working Group spring 2018

It certainly looks like some kind of organisatinal coup, using procedures — likely in violation of the EPC and its spirit — to gradually oust dissent, as leaks published earlier this year very well showed. Many people are already working at limited time/capacity; they can be ousted without even a firing (or firing a single shot).

Here’s how it was presented to the staff in the EPO intranet (wishy-washy hogwash):

EPO reorg under Campinos 1

EPO reorg under Campinos 2

EPO reorg under Campinos 3

EPO reorg under Campinos 4

“As usual, don’t expect the media (what’s left of it, including blogs of the patent microcosm) to report on any of this.”We’ve been hearing all sorts of things over the past year and a half. A common Office joke goes, Bergot and her husband run the Office. To some insiders it certainly feels or seems like the employer is nowadays run by the supremely under-qualified (wife of Battistelli’s old colleague) Mrs. Bergot rather than Campinos. We’re not saying it’s true (or false), we’re just relaying what the grapevine insinuates. This is insane if true. Bergot’s past makes this almost unbelievable. we have loads of leaks and information about her, but maybe we’ll save those for some other time (those are far from flattering). As usual, don’t expect the media (what’s left of it, including blogs of the patent microcosm) to report on any of this. There’s some kind of deliberate ‘media blackout’ and motivations for it were explained here before. I saw newsrooms spiking EPO stories and even removing them after they had been published (due to machinations behind the scenes). Other situations such as these often involve sexual abuses of very high-profile people and sometimes pedophilia (implicating people in positions of power), as reported in the media in recent years (after years of suppressions). Europe needs to hold its institutions accountable and impose transparency on them; instead it gives them immunity and thus impunity freewill.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts