Bonum Certa Men Certa

Links 7/12/2019: Fedora 31 Elections Results, Lots of Media Drama Over VPN Bug



  • GNU/Linux

    • Desktop/Laptop

      • Goodbye Error 83: You Can Now Stream Disney Plus on Linux Devices

        Prior to Disney+ launching, there was some speculation that the service wouldn’t work on Chromebook or Linux Devices. Those streaming on certain devices during the test in the Netherlands received an Error 83 which meant a “device compatibility issue.” This was a result of how Disney+ handled Widevine DRM and the fact that Disney+ required a higher level of security than other streaming services like Netflix and Hulu.

        While Disney was able to add Chromebook support ahead of launch (which is good because, you get 3 free months when you buy one), some Linux devices still did not support the streaming service. But now, according to many Linux users, earlier this week that changed.

      • Arm Server CPUs: You Can Now Buy Ampere's eMAG in a Workstation

        Avantek offers the system with three optional graphics cards: AMD FirePro W2100, a Radeon Pro WX 5100, and the NVIDIA Quadro GV100. OS options are variants of Linux: Ubuntu, CentOS, SUSE SLES, and openSUSE.

    • Server

      • When you're in the release team, you're family: the Kubernetes 1.16 release interview

        It is a pleasure to co-host the weekly Kubernetes Podcast from Google with Adam Glick. We get to talk to friends old and new from the community, as well as give people a download on the Cloud Native news every week.

        It was also a pleasure to see Lachlan Evenson, the release manager for Kubernetes 1.16, win the CNCF “Top Ambassador” award at KubeCon. We talked with Lachie when 1.16 was released, and as is becoming a tradition, we are delighted to share an abridged version of that interview with the readers of the Kubernetes Blog.

        If you’re paying attention to the release calendar, you’ll see 1.17 is due out soon. Subscribe to our show in your favourite podcast player for another release interview!

      • IBM

        • Containers and Kubernetes can be essential to a hybrid cloud computing strategy

          Hybrid cloud is gaining ground among enterprises that want to expand computing resources with public cloud infrastructure while still using their on-premise, data center environments. Adding public cloud can mean more elasticity, scalability, and even faster time to market. But if you want to improve the chances that your hybrid cloud can deliver on its promise, you need to think about adding containers to the mix.

          Linux containers provide a way to encapsulate application code in a way that makes the code more portable and faster to deploy. More and more organizations are using containers as part of the infrastructure for microservices-based, cloud-native applications.

          Containers can be portable across environments such as Red Hat OpenShift Container Platform and consistent, so they can speed application delivery times and make it easier for teams to collaborate, even if those teams are working in different deployment environments. And they can serve as a bridge between your data center and public cloud environments.

        • Systemd-homed Looks Like It Will Merged Soon For systemd 245

          Announced back in September at the All Systems Go event in Berlin was systemd-homed as a new effort to improve home directory handling. Systemd-homed wants to make it easier to migrate home directories, ensure all user data is self-contained, unify user-password and encryption handling, and provide other modern takes on home/user directory functionality. That code is expected to soon land in systemd.

          Systemd-homed was talked about by Lennart as being ready for versions 244 or 245. Now that systemd 244 shipped at the end of November, systemd-homed is looking like it will soon land in Git.

        • Understanding Red Hat AMQ Streams components for OpenShift and Kubernetes: Part 3

          In the previous articles in this series, we first covered the basics of Red Hat AMQ Streams on OpenShift and then showed how to set up Kafka Connect, a Kafka Bridge, and Kafka Mirror Maker.

        • What personality trait most defines a sysadmin?

          When you think of a system administrator, who do you think of?

          Chances are, most of us have taken a Myers-Briggs Type Indicator (MBTI) test at some point in our careers. For me, my results typically come up as INTJ, and I've always thought the traits associated with that type (introversion, intuition, thinking, judging) have aligned with my interest in technology and the kind of work I enjoy.

          But that doesn't mean that those are the only characteristics that make a good sysadmin. Far from it. A successful team is made up of a diversity of skills, viewpoints, and personal characteristics.

        • How to identify a strong sysadmin job applicant

          When a company looks for new resources with skills in a specific focus area—especially in IT—the challenge is on. Why? Because only a few in the company, if any, have even a vague notion of how to verify the skills they are looking for. The work of a system administrator is a key function, and if it goes wrong, the very existence of the company is at stake (something I’ve been unfortunate to witness when called in on an emergency rescue effort).

    • Audiocasts/Shows

      • 2019-12-06 | Linux Headlines

        The W3C puts forward WebAssembly as an official standard, Azure Sphere gains support for Ubuntu developers, CodeWeek reports back in with this year’s results, and Manjaro has some exciting news for PinePhone backers.

      • Playing "Teeny Titans 2"

        I love "Teen Titans GO," even if I am a grown up adult human male with teenagers. So, when I saw this in my Play Store suggested list, I could not resist. I mean, come on! So, I downloaded it, installed it, and began playing.

      • Destination Linux 150 - Librem 5, Zorin OS, Private Internet Access, UBports, Fedora, Bitwarden

        Topics covered in this episode:

        ZorinOS Privacy Concerns Ubuntu Touch Runs On Raspberry Pi Librem 5 Birch Has Shipped Fedora Users Concerned GNOME Software Proprietary Software Linux Powered Handheld Returns

      • Linux Apps I Use Daily

        In this video, I go over all the Linux distributions and apps that I use every single day. I could not imagine my life without any of this software.

      • 411 DevSecOps: Karthik Gaekwad | Jupiter Extras 37

        Ell and Wes sit down with Karthik Gaekwad to sort through the buzzword bingo and explain what DevSecOps is, what it isn’t, and why security should be part of the full lifecycle of your apps.

      • Imaginary Turkey | User Error 80

        Talking to ourselves, delicious family meals, and the complexities of modern work.

        Plus inexpensive acquisitions, the price we put on security, and popey refusing to answer the simplest of questions.

      • LHS Episode #315: The Weekender XXXVIII

        It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

    • Kernel Space

      • A General Notification Queue Was Pushed Back From Linux 5.5 Introduction

        Red Hat has been working on a "general notification queue" that is built off the Linux kernel's pipe code and will notify the user-space of events like key/keyring changes, block layer events like disk errors, USB attach/remove events, and other notifications without user-space having to continually poll kernel interfaces. This general notification queue was proposed for Linux 5.5 but has been pushed back to at least 5.6.

        This Linux kernel general notification queue builds off a standard pipe and allows user-space applications to efficiently become aware of changes to block devices (disks), keys, USB subsystem happenings, and other possible events. The proposed documentation spells out more of the planned functionality and behavior.

      • Graphics Stack

        • NVIDIA presenting a talk at GTC 2020 about Linux drivers and possibly some open source news

          Both AMD and Intel already have their drivers open, with developers paid to work on them and so perhaps NVIDIA will finally follow along? Stranger things have happened, so I wouldn't completely count NVIDIA out on that, although I'm not expecting them to make such a big shift. What do you think they're planning?

          GTC is being hosted in San Jose, California and runs from March 23 - 26, 2020. The talk doesn't seem to have a set time or date yet.

    • Benchmarks

      • RadeonSI NIR Benchmarks Show Great Progress With Mesa 20.0

        With AMD last week having enabled OpenGL 4.6 for their RadeonSI OpenGL Linux driver when enabling the NIR intermediate representation support, you may be wondering how using NIR is stacking up these days compared to the default TGSI route. Here are some benchmarks on Polaris, Vega, and Navi for comparing this driver option that ultimately allows OpenGL 4.6 to be flipped on.

        NIR is the modern intermediate representation used by a majority of Mesa drivers now in some capacity as an alternative to the likes of TGSI as what had been the default IR for Gallium3D drivers. With RadeonSI they have been transitioning to NIR since that has been the growing trend of these open-source drivers for sharing IR optimizations and the like. As well, NIR is being wired up in order to re-use some code-paths used currently by the "RADV" Radeon Vulkan driver to share some of the SPIR-V work that was needed in order for RadeonSI to have OpenGL 4.6 support. Like on the Intel side when they crossed the OpenGL 4.6 milestone recently, the big blocker to GL 4.6 on these drivers was handling SPIR-V ingestion with GL_ARB_gl_spirv / GL_ARB_spirv_extensions.

    • Applications

      • Terminal File Manager nnn Adds Session Management, Rclone Cloud Storage Integration

        nnn is a very fast file manager created to work seamlessly with desktop environments and GUI utilities. The ncurses based keyboard-driven terminal application should run smoothly on the Raspberry Pi, Termux on Android, Linux, macOS, BSD, Cygwin and WSL.

        Besides basic file manager features (with tabs/contexts, bookmarks, search, and so on), the tool also various handy utilities like a disk usage analyzer (block/apparent), a fuzzy application launcher, batch renamer, and more. It's also extensible via a plugin system, and comes with many built-in plugins. For navigation, nnn supports navigate-as-you-type with directory auto-select. Search-as-you-type is also supported.

        Other features include SSHFS mounts support, support for navigating using the mouse, batch operations on selections, multiple sorting options and a lot more.

      • A 25K commit gift

        The other day we celebrated curl reaching 25,000 commits, and just days later I received the following gift in the mail.

      • curl speaks etag

        That’s a quote from the mozilla ETag documentation. The header is defined in RFC 7232.

        In short, a server can include this header when it responds with a resource, and in subsequent requests when a client wants to get an updated version of that document it sends back the same ETag and says “please give me a new version if it doesn’t match this ETag anymore”. The server will then respond with a 304 if there’s nothing new to return.

        It is a better way than modification time stamp to identify a specific resource version on the server.

    • Instructionals/Technical

    • Wine or Emulation

      • Wine 5.0 Code Freeze To Begin Next Week

        As expected by Wine's annual release cadence, next week Wine 5.0 will enter its code freeze followed by release candidates until this next stable Wine release is ready to ship around early 2020.

        Wine project leader Alexandre Julliard shared that following next week's development release will mark the expected code freeze season for Wine 5.0. Wine 4.22 will be out one week from today and the last point by which Wine developers can land any features they want to see in this annual stable release. Following that will be weekly Wine 5.0 release candidates until the 5.0.0 release is ready to ship, likely in January or February.

    • Games

      • Aquiris Game Studio ending support for their online FPS Ballistic Overkill

        Ballistic Overkill, an easy pick up and play first-person shooter from Aquiris Game Studio is now essentially being killed off.

        In an announcement on Steam, the team noted that "supporting a game like this with frequent updates is no easy task, nor is it something cheap, especially for an independent studio like us" and they're certainly not wrong about that. Keeping a multiplayer game going, with constant updates to keep people interested and fighting against cheaters certainly isn't easy for a smaller team.

      • Roadwarden, an upcoming illustrated text-based exploration fantasy RPG with a Linux demo

        Roadwarden certainly grabs your attention! A game that blends together features from a ton of different genres to create a mix of an RPG, interactive fiction, adventure, exploration and a lot more. It doesn't really fit into any clear genre.

        Somehow, I completely missed it being announced with a demo a good few months ago. Thankfully, I did notice it popping up on Steam just recently and they have a new announcement trailer:

      • Gloomy and surreal adventure game Mosaic from Krillbite Studio is out now

        Krillbite Studio, developer of the creepy Among the Sleep have released Mosaic, a dark and surreal adventure game about life in a cold overpopulated and ever-expanding city. Note: Key provided to us by GOG.com.

        I was a big fan of Among the Sleep, the story telling and the atmosphere they made with it was brilliant and to this day the ending still makes me think. With Mosaic, they've done quite the opposite in terms of the story. Life is hard, it can often be quite dull and Mosaic is showing it all off with a dystopian near-future setting. This is a game about adult life, how it's often monotonous as we go through it just trying to survive. Things get a little weird though, as you expected it to with such a game.

      • The Humble Choice game bundle subscription has launched replacing Humble Monthly

        Humble Bundle have today replaced their Humble Monthly subscription service with Humble Choice, offering subscription tiers and more.

      • The Llama of Wall Street has invaded Tropico 6 in a new DLC out now, plus a free update

        Limbic Entertainment and Kalypso Media today released the first expansion to the humurous city building sim Tropico 6, along with a free update for everyone.

        Firstly, the Seguridad Social update is free for everyone who owns Tropico 6 and adds in a new Warehouse building, a sandbox map 'Rio', and a community-requested Social Security edict, which helps prevent in-game student and retiree NPCs from going broke. There's also quite a healthy amount of bug fixing in this update.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma Pass 1.1.0

          Plasma Pass, a Plasma applet for the Pass password manager version 1.1.0 is out.

          There’s only one bugfix, but an important one - the applet now no longer freezes during filtering, so searching for your passwords is faster and more comfortable. The new release also contains new and updated translations.

        • Plasma Mobile: weekly update: part 9-10

          Calindori, the calendar application, now offers a flat event view which allows to show all events in single card list view. The events are sorted by start date.

      • GNOME Desktop/GTK

        • GNOME 3 won’t unlock

          Every couple days something on my RHEL 7 box goes into a swapstorm and uses up all the memory. I think it’s Firefoxe, but I never figured out why, generally I have four different Firefoxes running with four different profiles, so it’s hard to tell which one’s failing (if it even is that). Anyway, sometimes it makes the screen lock crash or something, and I can’t get in, and I can never remember what process you have to kill to get back in, so here it is: gnome-shell. You have to killall -9 gnome-shell, and it lets you back in. Also killall -STOP firefox and killall -STOP "Web Content" are handy if the swapstorm is still under way.

        • LaTeX or ConTeXt for writing documents

          If I wanted to re-implement GNOME LaTeX, it would target the ConTeXt language instead. If there are any ConTeXt user reading this, I would be interested to know what application you use for writing ConTeXt documents, and what features are important to you.

        • GNOME Outreachy 2019

          The Outreachy program provides internship to work in Free and Open Source Software. This year I've proposed two projects as part of the GNOME project and we've two interns working for three months, so we'll have a lot of improvements in the following months!

          I'll be mentoring these interns, so I will need to spend some time helping them to work on the existing codebase, but it worth it, if this makes more people to collaborate in free software development and if this help us to improve some useful apps.

          These two projects are Fractal and the GNOME translation editor. You can take a look to the list of outreachy interns.

        • Barcelona: LAS 2019

          This November I was in Barcelona for the Linux App Summit 2019. It was awesome \o/. I really liked that the conference was a joint event by GNOME and KDE, I met so many cool new people. During the conference I volunteered to show the “time left” signs to speakers, and helped out at the registration desk.

          Aside from normal conference stuff I also managed to do quite a bit of hacking during the week. I made my first contribution to Gnome Initial Setup, and cleaned up Teleport a bit so I can hopefully get a new release out soon.

          I’m bad at taking pictures, so here’s a picture of a tree in the middle of the stairs on the slopes of Mount Montjuic.

        • Open source case prompts patent troll litigation fears

          The Gnome Foundation, an organisation that aims to develop a desktop platform based on free software, announced in October that it was being sued by NPE Rothschild Patent Imaging (RPI) for developing the Shotwell, an application for managing images.

          RPI filed its action in the Northern District of California over US patent number 9,936,086, which is allegedly infringed by Gnome’s product that, among other things, uses an image-capturing device to perform a method.

          Mike Dolan, vice president of strategic programmes at the Linux Foundation, tells Patent Strategy that open software is becoming a larger component of most software projects and is growing every year.

          Recent open source activity such as RPI suing Gnome over an open source project, he says, points to the level of indifference inherent in the litigious NPE business model.

    • Distributions

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • openSUSE Tumbleweed – Review of the weeks 2019/48 & 49

          Once again I’m spanning two weeks; besides the normal work on getting you openSUSE Tumbleweed updated and timely delivered, the release team has been working together with the build service team to implement/stabilize the OBS-internal staging workflow. There is (should) not be any real noticeable difference for the contributors – except the new used URLs. The Factory Staging dashboard can now be found at https://build.opensuse.org/staging_workflows/1

          During the last two weeks, we have pushed out 10 Tumbleweed Snapshots (1121, 1122, 1123, 1124, 1126, 1127, 1128, 1202, 1203 and 1204) containing those changes...

      • Fedora Family

        • Fedora 31 Elections Results

          The Fedora 31 election cycle has concluded. Here are the results for each election. Congratulations to the winning candidates, and thank you all candidates for running in this election!

          Council

          One Council seat was open this election. A total of 243 ballots were cast, meaning a candidate could accumulate up to 729 votes (243 * 3).

          # votes Candidate 520 Dennis Gilmore 259 Alberto Rodríguez Sánchez 237 John M. Harris, Jr.

          FESCo

          Five FESCo seats were open this election. A total of 273 ballots were cast, meaning a candidate could accumulate up to 2184 votes (273 * 8).

          # votes Candidate 1490 Miro Hrončok 1350 Kevin Fenzi 1115 Zbigniew Jędrzejewski-Szmek 879 Fabio Valentini 877 David Cantrell 868 Justin Forbes 813 Randy Barlow 534 Pete Walter

        • Fedora program update: 2019-49
      • Debian Family

        • Debian Developers Take To Voting Over Init System Diversity

          It's been five years already since the vote to transition to systemd in Debian over Upstart while now there is the new vote that has just commenced for judging the interest in "init system diversity" and just how much Debian developers care (or not) in supporting alternatives to systemd.

          Due to Debian developers having differing opinions on handling non-systemd bugs in 2019 and the interest/commitment to supporting systemd alternatives in the scope of Debian packaging and various related friction points, they've taken to a new general resolution over weighing init system diversity.

      • Canonical/Ubuntu Family

        • Ubuntu Blog: Introducing the Ubuntu AWS Rolling Kernel

          The linux-aws 4.15 based kernel, which is the default kernel in the Ubuntu 18.04 LTS AMIs, is moving to a rolling kernel model.

          [...]

          The Ubuntu rolling kernel model provides the latest upstream bug fixes and performance improvements around task scheduling, I/O scheduling, networking, hypervisor guests and containers to our users. Canonical has been following this model in other cloud environments for some time now, and have found it to be an excellent way to deliver these benefits while continuing to provide LTS level stability.

        • Ubuntu Podcast from the UK LoCo: S12E35 – Feud

          This week we’ve been talking to the BBC about Thinkpads and Ubuntu goes Pro. We round up the news from the Ubuntu community and discuss our picks from the wider tech news.

          It’s Season 12 Episode 35 of the Ubuntu Podcast! Alan Pope and Martin Wimpress are connected and speaking to your brain.

        • The State of Robotics – November 2019

          November, for robotics, was a good month. We’re seeing new things develop, current projects finish and more cute animals in our future. So who can complain? The news we’re covering here are things that have crossed our path and that we’ve found interesting. If you have suggestions for next months post or your own projects you would like us to highlight, don’t hesitate to get in touch. Send an email and a brief summary to robotics.community@canonical.com and we can start the discussion. As ever we want this to be a highlight reel for cool robot stuff because we like cool robot stuff. Happy December everyone.

        • Simplifying hardware management during Linux development

          Every few months we release a Snapcraft update, with improvements to both Linux development, and snap user experience. Last week, we released Snapcraft 3.9, and this blog post will focus on the remote build feature that is now a fully accessible preview.

          Let’s dig deeper into why you need to try remote build, and how you can use it today.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Ardour Digital Audio Workstation Finally Adds Native MP3 Importing Support

        While lossy compression audio formats like MP3 are not recommended for use within professional audio tasks, for those using the open-source Ardour digital audio workstation (DAW) software as of today there is finally native MP3 import support.

        Obviously it's better working with lossless audio formats as source material for Ardour and other digital audio workstation software suites, but given how common MP3 content is, there certainly is relevance to being able to import MP3s into DAWs. But historically due to licensing/patent issues, MP3 support within Ardour hasn't been possible -- thus leading to common complaints/questions by users over the years.

      • Certbot Leaves Beta with the Release of 1.0

        Earlier this week EFF released Certbot 1.0, the latest version of our free, open source tool that helps websites encrypt their traffic. The release of 1.0 is a significant milestone for the project and is the culmination of the work done over the past few years by EFF and hundreds of open source contributors from around the world.

        Certbot was first released in 2015 to automate the process of configuring and maintaining HTTPS encryption for site administrators by obtaining and deploying certificates from Let's Encrypt. Since its initial launch, many features have been added, including beta support for Windows, automatic nginx configuration, and support for over a dozen DNS providers for domain validation.

      • Open Repos provides code metrics on open source projects

        GitClear is offering Open Repos as a free product, though it is not open source. GitClear’s paid product offers many of the same insights and more. Long-term plans include allowing projects to embed an Open Repos view of a project in their site, and “improving data quality before adding features.”

      • Productivity Software/LibreOffice/Calligra

        • Improvements in LibreOffice’s PowerPoint presentation support

          LibreOffice’s native file format is OpenDocument, a fully open and standardised format that’s great for sharing documents and long-term data storage. Of course, LibreOffice does its best to open files made by other office software as well, even if they’re stored in pseudo-“standards” with cryptic and obfuscated contents. Compatibility with PowerPoint PPT(X) presentations is therefore a challenge, but developers are working hard on improvements…

          A few months ago, we announced an initiative to improve the support of PPT and PPTX files in LibreOffice. Lots of great work happened since then and the results are collected below!

      • CMS

        • People of WordPress: Jill Binder

          Jill Binder never meant to become an activist. She insists it was an accident.

          Despite that, Jill has led the Diversity Outreach Speaker Training working group in the WordPress Community team since 2017. This group is dedicated to increasing the number of women and other underrepresented groups who are stepping up to become speakers at WordPress Meetups, WordCamps, and events.

          [...]

          The following year her internship advisor, who had become a client, was creating the first ever BuddyCamp for BuddyPress. He asked Jill to be on his organizing team. At that event she also moderated a panel with Matt Mullenweg. Then, Jill was invited to be on the core organizing team for WordCamp Vancouver.

          Part of this role meant reviewing and selecting speakers. From 40 speaker applications the team had to pick only 14 to speak.

      • FSF

        • GNU Projects

          • GNU Guile 2.9.6 (beta) released

            We are delighted to announce GNU Guile 2.9.6, the sixth beta release in preparation for the upcoming 3.0 stable series. See the release announcement for full details and a download link.

            This release fixes bugs caught by users of the previous 2.9.5 prerelease, and adds some optimizations as well as a guile-3 feature for cond-expand.

          • GCC 10's C++20 "Spaceship Operator" Support Appears To Be In Good Shape

            The C++20 spaceship operator support was merged in early November for GCC 10. The commits this week meanwhile allow the operator to be used with std::pair and std::array, among other related commits in recent weeks.

            See the GCC C++ status page for the state of C++20/C++2A with GCC 10. Most C++20 functionality is already in place even on GCC 8/9 but some pieces remain around atomic compare-and-exchange with padding bits, modules support, coroutines, using enum, and more implicit moves. 14 Comments

      • Programming/Development

        • A beginner's guide to using Vagrant

          Vagrant describes itself as "a tool for building and managing virtual machine environments in a single workflow. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases production parity, and makes the 'works on my machine' excuse a relic of the past."

        • Convert CSV to JSON with miller
        • Android’s commitment to Kotlin

          When we announced Kotlin as a supported language for Android, there was a tremendous amount of excitement among developers. Since then, there has been a steady increase in the number of developers using Kotlin. Today, we’re proud to say nearly 60% of the top 1,000 Android apps contain Kotlin code, with more and more Android developers introducing safer and more concise code using Kotlin.

          During this year’s I/O, we announced that Android development will be Kotlin-first, and we’ve stood by that commitment. This is one of the reasons why Android is the gold partner for this year’s KotlinConf.

        • Google Reaffirms Commitment To Kotlin Programming Language For Android

          Google is continuing to embrace Kotlin programming for Android, making more Android APIs accessible by Kotlin, Jetpack Compose as a UI toolkit catered to Kotlin, and Kotlin extensions for more Google libraries. Google is also working to offer more Kotlin + Android learning material, working with JetBrains on improving the Kotlin code compiler, speeding up the build time of Kotlin code, and other improvements.

        • Python

          • New Project, Who Dis? - Building SaaS #38

            In this episode, we started a brand new project! I had some internet troubles so this “stream” is actually a local recording from my computer. We created a new Django project from scratch and set up Heroku to handle deployments.

            In spite of the streaming trouble, we were able to get a bunch done. We started the project from scratch so we made a repository on GitHub with some .gitignore settings tailored for Python projects.

          • RunSnakeRun for Python3 Out

            So I finally pushed out the Python3/wxPython Pheonix compatible release of RunSnakeRun. The Python3 version has to run Python2 in order to load Python2 pstats dumps, and Meliae doesn't AFAIK support Python3 yet, so I expect I'll just drop support for it eventually. The code is now living on GitHub rather than Launchpad.

          • Angular 9 CRUD Tutorial: Consume a Python/Django CRUD REST API

            This tutorial is designed for developers that want to use Angular 9 to build front-end apps for their back-end REST APIs. You can either use Python & Django as the backend or use JSON-Server to mock the API if you don't want to deal with Python. We'll be showing both ways in this tutorial.

          • Django: Angular 9/8 Tutorial By Example: REST CRUD APIs & HTTP GET Requests with HttpClient

            In this Angular 9 tutorial, we'll learn to build an Angular 9 CRUD example application going through all the required steps from creating/simulating a REST API, scaffolding a new project, setting up the essential APIs, and finally building and deploying your final application to the cloud.

          • Comparing equivalent Python statements

            While teaching one of my Python classes yesterday I noticed a conditional expression which can be written in several ways. All of these are equivalent in their behavior...

          • Serving Files with Python's SimpleHTTPServer Module

            Servers are computer software or hardware that processes requests and deliver data to a client over a network. Various types of servers exist, with the most common ones being web servers, database servers, application servers, and transaction servers.

            Widely used web servers such as Apache, Monkey, and Jigsaw are quite time-consuming to set up when testing out simple projects and a developer's focus is shifted from producing application logic to setting up a server.

            Python's SimpleHTTPServer module is a useful and straightforward tool that developers can use for a number of use-cases, with the main one being that it is a quick way to serve files from a directory.

            It eliminates the laborious process associated with installing and implementing the available cross-platform web servers.

            Note: While SimpleHTTPServer is a great way to easily serve files from a directory, it shouldn't be used in a production environment. According to the official Python docs, it "only implements basic security checks."

      • Standards/Consortia

        • Mint: Late-Stage Adversarial Interoperability Demonstrates What We Had (And What We Lost)

          In 2006, Aaron Patzer founded Mint. Patzer had grown up in the city of Evansville, Indiana—a place he described as "small, without much economic opportunity"—but had created a successful business building websites. He kept up the business through college and grad school and invested his profits in stocks and other assets, leading to a minor obsession with personal finance that saw him devoting hours every Saturday morning to manually tracking every penny he'd spent that week, transcribing his receipts into Microsoft Money and Quicken.

          Patzer was frustrated with the amount of manual work it took to track his finances with these tools, which at the time weren't smart enough to automatically categorize "Chevron" under fuel or "Safeway" under groceries. So he conceived on an ingenious hack: he wrote a program that would automatically look up every business name he entered into the online version of the Yellow Pages—constraining the search using the area code in the business's phone number so it would only consider local merchants—and use the Yellow Pages' own categories to populate the "category" field in his financial tracking tools.

  • Leftovers

    • In memoriam: D. C. Fontana, the creator of Mr. Spock from Star Trek

      Kat readers younger than I will have come to know the original series through broadcast syndication and, later, via internet access. Whatever the medium, for many, one character stood out, Starfleet officer Spock, as portrayed by Leonard Nimoy.

      The son of a human mother and a Vulcan father, Spock embodied the tension between the emotional (his human side) and the analytical (his Vulcan side), a dichotomy that reaches back to the foundations of the Western philosophical tradition, and which sets the tone for the series.

      [...]

      One wonders to what extent her gender influenced the ultimate decision how to credit her contribution. Indeed, her preference for “D.C. Fontana” over “Dorothy” (or “Dorothy Catherine”) might have been a concession to the challenge of being identified as a woman. Also, in the third season, she worked as a freelance scriptwriter and was credited as Michael Richards.

      Fontana went on to have a distinguished career as a script writer in several genres (including westerns), as well as a producer and novelist. In the words of her husband— She was a very, very tough lady. She carried a phaser with her right to the end. But it was for her work on Star Trek and the development of the Spock character that she will likely be best remembered. In doing so, as The New York Times reported, Fontana realized only later to what extent- she had gone where no woman had gone before.

    • Health/Nutrition

      • The Big Deal in Warren’s Prescription Drug Plan

        Earlier this month, Senator Warren put out a set of steps that she would put forward as president as part of a transition to Medicare for All. The items that got the most attention were including everyone over age 50 and under age 18 in Medicare, and providing people of all ages with the option to buy into the program. This buy-in would include large subsidies, and people with incomes of less than 200 percent of the poverty level would be able to enter the Medicare program at no cost.

      • Donald Trump, the US Private Health Giant, and Top NHS Officials—Special Relationships?

        In the UK, we have a simple take on the US healthcare system as a for-profit, private system that fleeces its customers and fails the poor.But here’s the secret: the US has its own ‘mini NHS’. Smaller than the UK’s system, but still a government funded, (mostly) publicly-run system that serves people according to their need.

      • Catholic Ban on Contraception Is Driving Doctors to Fabricate Diagnoses

        “I don’t know how else to put it, except that people lied all the time.”

      • As Abortion Access Dwindles, App Offers Safe and Discreet Options

        Each year, 25 million unsafe abortions are performed around the world. The rate of unsafe abortions is higher where access to skilled providers and effective contraception is limited or unavailable, or where sexual education is lacking.

      • Avicii Tribute Concert to Be Streamed to Raise Mental Health Awareness

        The Avicii tribute concert was live-streamed on YouTube, Facebook, and Instagram. Tickets to the concert sold out instantly, and proceeds will go to raising mental health awareness.

      • Don’t Look, Don’t See: Time for Honest Media Reporting on Impacts of Pesticides

        The UK-based Independent online newspaper recently published an article about a potential link between air pollution from vehicles and glaucoma. It stated that according to a new study air pollution is linked to the eye condition that causes blindness.

      • Trump Administration Considering Reduction in Biologics Exclusivity Period

        On Monday, The Wall Street Journal reported that the Trump administration is considering reducing the 12-year data exclusivity period for biologic drugs set forth in the Biologics Price Competition and Innovation Act (BPCIA) to ten years. According to The Wall Street Journal, the Trump administration is considering the change in order to persuade Democrats to support the U.S.-Mexico-Canada Agreement (USMCA), a replacement for the North American Free Trade Agreement (NAFTA), that the administration negotiated last year. The USMCA would establish at least a 10-year data exclusivity period for biologic drugs, which would double the exclusivity period in Mexico and increase the exclusivity period in Canada by two years.

    • Integrity/Availability

      • Proprietary

        • Former Oracle product manager says he was forced out for refusing to deceive customers. Now he's suing the biz

          A former Oracle employee filed a lawsuit against the database giant on Tuesday claiming that he was forced out for refusing to lie about the functionality of the company's software.

          The civil complaint [PDF], filed on behalf of plaintiff Tayo Daramola in US District Court in San Francisco, contends that Oracle violated whistleblower protections under the Sarbanes-Oxley Act and the Dodd-Frank Act, the RICO Act, and the California Labor Code.

          According to the court filing, Daramola, a resident of Montreal, Canada, worked for Oracle's NetSuite division from November 30, 2016 through October 13, 2017. He served as a project manager for an Oracle cloud service known as the Cloud Campus BookStore initiative and dealt with US customers. Campus bookstores, along with ad agencies, and apparel companies are among the market segments targeted by Oracle and NetSuite.

          Daramola's clients are said to have included the University of Washington, the University of Oregon, the University of Texas at Austin, Brigham Young University and the University of Southern California.

          The problem, according to the complaint, is that Oracle was asking Daramola to sell vaporware – a charge the company denies.

          "Daramola gradually became aware that a large percentage of the major projects to which he was assigned were in 'escalation' status with customers because Oracle had sold his customers software products it could not deliver, and that were not functional," the complaint says.

        • Canonical makes Ubuntu for Windows SubSystem for Linux a priority [Ed: GNU/Linux volunteers worked hard to make an alternative to Windows and now comes Ubuntu helping Microsoft make it just an "app" or a "feature" of Windows, with Windows-only "extensions"]

          Ubuntu was the first Linux supported by WSL on Windows 10. Since then, many other Linux distros have appeared on WSL. These include Debian, Fedora, Kali, openSUSE, and SUSE Linux Enterprise Server (SLES), and the WSL-specific distribution, PengWin. Now, from a recent Canonical job advertisement, we know Ubuntu's founding company wants to be the leading WSL Linux.

        • Still in preview, but look! You can now develop Azure Sphere apps in Linux – if you dare [Ed: Several Microsoft lies packed into one article, even the feature image, and they help googlebomb "Linux" to sell proprietary software of Microsoft]

          Ominously, Microsoft warns that "your success using different distributions may vary", so Ubuntu it is then. This is preview stuff after all.

        • OAS Expands Its Platform Compatibility with Runtime Support for Linux

          Open Automation Software, a well-established IoT Automation Company, has further expanded its platform compatibility with runtime support for Linux. With this recent development, the company aims to offer superior services to customers who have mixed platform environments. Over the years, Open Automation Software has set a benchmark in the field of industrial automation. Now, the company has expanded its platform compatibility for the enterprises that have both Windows and Linux OS servers.

        • Security

          • Hackers Can Hijack VPN Connections Using A New Linux Vulnerability

            Researchers have found a vulnerability on most Linux distros and *NIX devices which allow hackers to hijack the VPN connections and inject malicious data into the TCP stream.

            The security researchers found the vulnerability in most Linux distributions and operating systems such as Linux, FreeBSD, OpenBSD, macOS, iOS, and Android.

          • Linux security flaw could let VPN connections be hacked

            The Breakpointing Bad cybersecurity research team from the University of New Mexico discovered and reported on a security flaw which could allow malicious actors to hack Virtual Private Network (VPN) connections.

            William J. Tolley, Beau Kujath, and Jedidiah R. Crandall said the flaw impacts Linux, Android, macOS and other Unix-based operating systems and could allow attackers to sniff, hijack and tamper with VPN-tunnelled connections. The vulnerability was named CVE-2019-14899, with the researchers claiming it takes advantage of how operating systems handle unexpected network probes.

          • OpenBSD devs patch authentication bypass bug

            One of the internet’s most popular free operating systems allowed attackers to bypass its authentication controls, effectively leaving the keys in the back door, according to an advisory released this week. The developers of the OpenBSD system have already patched the vulnerability.

            OpenBSD allowed people access to its smtpd, ldapd, and radiusd programs – which send mail, allow access to user directories, and allow remote access to the computer system. All an attacker needed to do was enter a specific word prefixed by a hyphen as a username.

            Qualys Research Labs found four bugs in BSD Authentication, which is the code that OpenBSD uses to authenticate users. Three of them were local privilege escalation bugs, while the other, CVE-2019-19521, bypassed the authentication system altogether. According to its security advisory, BSD Authentication supports four authentication styles: password, a one-time password mechanism called S/Key, and Yubico’s YubiKey hardware token.

          • Linux Flaw Allows VPN Hijacking

            A number of Linux distributions, including Ubuntu, Fedora, and Debian, contain a newly discovered vulnerability that an attacker could use to determine whether an individual is using a VPN and then potentially hijack that encrypted connection.

            A research team from the University of New Mexico discovered the vulnerability and developed an attack to exploit it. The attack has some specific requirements and relies on some analysis of the traffic going to and from the target device running the VPN client. The attack is confirmed to work against WireGuard and OpenVPN, but the researchers said that the VPN a victim is using doesn’t really matter. The main prerequisite for the attack to work is for the attacker to be able to send unsolicited packets to the victim’s VPN client.

          • New Linux vulnerability lets attackers to hijack VPN connections

            Three researchers from the University of New Mexico and Breakpointing Bad have identified vulnerability in the way Unix and Linux-based operating systems like the macOS handle the TCIP connections. Researchers believe that vulnerability can specifically affect VPN users by hijacking encrypted traffic.

          • New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

            A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The vulnerability, tracked as CVE-2019-14899, resides in the networking stack of various operating systems and can be exploited against both IPv4 and IPv6 TCP streams. Since the vulnerability does not rely on the VPN technology used, the attack works against widely implemented virtual private network protocols like OpenVPN, WireGuard, IKEv2/IPSec, and more, the researchers confirmed. This vulnerability can be exploited by a network attacker — controlling an access point or connected to the victim's network — just by sending unsolicited network packets to a targeted device and observing replies, even if they are encrypted.

          • VPN Bug Affects “Most” Linux Distros

            A team of security researchers from the University of New Mexico has disclosed a new vulnerability that could allow attackers to probe devices and determine various details about the VPN (Virtual Private Network) connection status of a user.

            The security vulnerability (CVE-2019-14899) appears to affect most GNU/Linux distributions, besides FreeBSD, OpenBSD, Android, iOS and macOS systems. William J. Tolley, one of the security researchers, explained in a post that the vulnerability could let attackers to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and also sniff out whether or not there is an active connection to a given website.

          • VPN hijacking on Linux (and beyond) systems
            Hi all,
            
            

            I am reporting a vulnerability that exists on most Linux distros, and other *nix operating systems which allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website. Additionally, we are able to determine the exact seq and ack numbers by counting encrypted packets and/or examining their size. This allows us to inject data into the TCP stream and hijack connections.

            Most of the Linux distributions we tested were vulnerable, especially Linux distributions that use a version of systemd pulled after November 28th of last year which turned reverse path filtering off. However, we recently discovered that the attack also works against IPv6, so turning reverse path filtering on isn't a reasonable solution, but this was how we discovered that the attack worked on Linux.

            Adding a prerouting rule to drop packets destined for the client's virtual IP address is effective on some systems, but I have only tested this on my machines (Manjaro 5.3.12-1, Ubuntu 19.10 5.3.0-23). This rule was proposed by Jason Donenfeld, and an analagous rule on the output chain was proposed by Ruoyu "Fish" Wang of ASU. We have some concerns that inferences can still be made using slightly different methods, but this suggestion does prevent this particular attack.

            There are other potential solutions being considered by the kernel maintainers, but I can't speak to their current status. I will provide updates as I receive them.

            I have attached the original disclosure I provided to distros@vs.openwall.org and security@kernel.org below, with at least one critical correction: I orignally listed CentOS as being vulnerable to the attack, but this was incorrect, at least regarding IPv4. We didn't know the attack worked against IPv6 at the time we tested CentOS, and I haven't been able to test it yet.

            William J. Tolley Beau Kujath Jedidiah R. Crandall

            Breakpointing Bad & University of New Mexico

            *************************************************

            **General Disclosure:

            We have discovered a vulnerability in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android which allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.

            This vulnerability works against OpenVPN, WireGuard, and IKEv2/IPSec, but has not been thoroughly tested against tor, but we believe it is not vulnerable since it operates in a SOCKS layer and includes authentication and encryption that happens in userspace. It should be noted, however, that the VPN technology used does not seem to matter and we are able to make all of our inferences even though the responses from the victim are encrypted, using the size of the packets and number of packets sent (in the case of challenge ACKs, for example) to determine what kind of packets are being sent through the encrypted VPN tunnel.

            We have already reported a related vulnerability to Android earlier this year related to the issue, which resulted in the assignment of CVE-2019-9461, however, the CVE strictly applies to the fact that the Android devices would respond to unsolicited packets sent to the user’s virtual IP address over the wireless interface, but this does not address the fundamental issue of the attack and did not result in a change of the reverse path settings of Android as of the most recent security update.

            This attack did not work against any Linux distribution we tested until the release of Ubuntu 19.10, and we noticed that the rp_filter settings were set to “loose” mode. We see that the default settings in sysctl.d/50-default.conf in the systemd repository were changed from “strict” to “loose” mode on November 28, 2018, so distributions using a version of systemd without modified configurations after this date are now vulnerable. Most Linux distributions we tested which use other init systems leave the value as 0, the default for the Linux kernel.

            We have described the procedure for reproducing the vulnerability with Linux and included a section illustrating the differences in architecture.

            There are 3 steps to this attack:

            1. Determining the VPN client’s virtual IP address 2. Using the virtual IP address to make inferences about active connections 3. Using the encrypted replies to unsolicited packets to determine the sequence and acknowledgment numbers of the active connection to hijack the TCP session

            There are 4 components to the reproduction:

            1. The Victim Device (connected to AP, 192.168.12.x, 10.8.0.8) 2. AP (controlled by attacker, 192.168.12.1) 3. VPN Server (not controlled by attacker, 10.8.0.1) 4. A Web Server (not controlled by the attacker, public IP in a real- world scenario)

            The victim device connects to the access point, which for most of our testing was a laptop running create_ap. The victim device then establishes a connection with their VPN provider.

            The access point can then determine the virtual IP of the victim by sending SYN-ACK packets to the victim device across the entire virtual IP space (the default for OpenVPN is 10.8.0.0/24). When a SYN-ACK is sent to the correct virtual IP on the victim device, the device responds with a RST; when the SYN-ACK is sent to the incorrect virtual IP, nothing is received by the attacker.

            To quickly demonstrate this difference, we use the nping commands on the AP device running create_ap. The source IP is the gateway of our AP, the destination IP is the virtual IP assigned to the tun interface by the VPN client, ap0 is the interface create_ap created on the attacker device, and the destination MAC is the victim’s wireless MAC address.

            For example:

            The correct address generates a RST from the victim:

            nping --tcp --flags SA --source-ip 192.168.12.1 --dest-ip 10.8.0.8 -- rate 3 -c 3 -e ap0 --dest-mac 08:00:27:9c:53:12

            The incorrect address does not elicit a response from the victim:

            nping --tcp --flags SA --source-ip 192.168.12.1 --dest-ip 10.8.0.9 -- rate 3 -c 3 -e ap0 --dest-mac 08:00:27:9c:53:12

            Similarly, to test if there is an active connection for any given website, such as 64.106.46.56, for example, we send SYN or SYN-ACKs from 64.106.46.56 on port 80 (or 443) to the virtual IP of the victim across the entire ephemeral port space of the victim. The correct four- tuple will elicit no more than 2 challenge ACKs per second from the victim, whereas the victim will respond to the incorrect four-tuple with a RST for each packet sent to it.

            To quickly test this, we suggest creating a netcat connection on the victim device, such as this:

            Netcat 64.106.46.56 80 -p 40404

            The correct four-tuple generates challenge ACKs

            nping --tcp --flags SA --source-ip 64.106.46.56 -g 80 --dest-ip 10.8.0.8 -p 40404 --rate 10 -c 10 -e ap0 --dest-mac 08:00:27:9c:53:12

            The incorrect four-tuple generates a single RST for each packet sent:

            nping --tcp --flags SA --source-ip 64.106.46.56 -g 80 --dest-ip 10.8.0.8 -p 40405 --rate 10 -c 10 -e ap0 --dest-mac 08:00:27:9c:53:12

            Finally, once the attacker determined that the user has an active TCP connection to an external server, we will attempt to infer the exact next sequence number and in-window acknowledgment number needed to inject forged packets into the connection. To find the appropriate sequence and ACK numbers, we will trigger responses from the client in the encrypted connection found in part 2. The attacker will continually spoof reset packets into the inferred connection until it sniffs challenge ACKs. The attacker can reliably determine if the packets flowing from the client to the VPN server are challenge ACKs by looking at the size and timing of the encrypted responses in relation to the attacker's spoofed packets. The victim’s device will trigger a TCP challenge ACK on each reset it receives that has an in-window sequence number for an existing connection. For example, if the client is using OpenVPN to exchange encrypted packets with the VPN server, then the client will always respond with an SSL packet of length 79 when a challenge ACK is triggered.

            The attacker must spoof resets to different blocks across the entire sequence number space until one triggers an encrypted challenge ACK. The size of the spoof block plays a significant role in how long the sequence inference takes, but should be conservative as to not skip over the receive window of the client. In practice, when the attacker thinks it sniffs an encrypted challenge-ACK, it can verify this is true by spoofing X packets with the same sequence number. If there were X encrypted responses with size 79 triggered, then the attacker knows for certain it is triggering challenge ACKs (at most 2 packets of size 79 per second).

            After the attacker has inferred the in-window sequence number for the client's connection, they can quickly determine the exact sequence number and in-window ACK needed to inject. First, they spoof empty push-ACKs with the in-window sequence while guessing in-window ACK numbers. Once the spoofed packets trigger another challenge-ACK, an in- window ACK number is found. Finally, the attacker continually spoofs empty TCP data packets with the in-window ACK and sequence numbers as it decrements the sequence number after each send. The victim will respond with another challenge ACK once the attacker spoofs the exact sequence number minus one. The attacker can now inject arbitrary payloads into the ongoing encrypted connection using the inferred ACK and next sequence number.

            This can be tested by observing the behavior from this sequence of commands, continuing with the same four-tuple:

            Using the four-tuple from the previous steps, we send RSTs in the sequence number range in blocks of 50,000 until we trigger a challenge ACK.

            nping --tcp --flags R --source-ip 64.106.46.56 -g 80 --dest-ip 10.8.0.8 -p 40404 --rate 10 -c 10 -e ap0 --dest-mac 08:00:27:9c:53:12 --seq [SEQ RANGE]

            If the packet lands in-window, the victim will respond with at most 2 challenge ACKs per second. These packets are still encrypted and originate from the virtual interface, unlike with Android, but we can still determine the contents of these packets by their size. The encrypted challenge ACK packets are larger than the encrypted RST packets. You can run tcpdump on the victim machine to accelerate the testing of his process by viewing the actual sequence and acknowledgement numbers.

            After we have found an in-window sequence number, we locate an in- window acknowledgement by spoofing empty PSH-ACKs with the in-window sequence number and guessing the acknowledgement number by dividing the acknowledgement number space into eight blocks. In most instances, seven of these blocks will trigger challenge ACKs, but one of them will not, which allows us to quickly determine which block falls within the acknowledgement window. We are interested in the block that does not respond with a challenge ACK. This behavior can be observed by using an in-window sequence number and an acknowledgement number in the block containing the correct acknowledgement number.

            nping --tcp --flags PA --source-ip 64.106.46.56 -g 80 --dest-ip 10.8.0.8 -p 40404 --rate 10 -c 10 -e ap0 --dest-mac 08:00:27:9c:53:12 -seq 12345678 --ack [ACK RANGE]

            Finally, using the in-window sequence and acknowledgement numbers, we spoof empty PSH-ACKs using the same in-windows acknowledgement number and decrementing the sequence number until we trigger another challenge ACK. This sequence number is one fewer than the next expected sequence number. We can then arbitrarily inject data into the active TCP connection.

            Continuing with our toy example:

            nping --tcp --flags PA --source-ip 64.106.46.56 -g 80 --dest-ip 10.8.0.8 -p 40404 --rate 10 -c 10 -e ap0 --dest-mac 08:00:27:9c:53:12 -seq [EXACT] --ack [IN-WINDOW] --data-string “hello,world.”

            **Operating Systems Affected:

            Here is a list of the operating systems we have tested which are vulnerable to this attack:

            Ubuntu 19.10 (systemd) Fedora (systemd) Debian 10.2 (systemd) Arch 2019.05 (systemd) Manjaro 18.1.1 (systemd)

            Devuan (sysV init) MX Linux 19 (Mepis+antiX) Void Linux (runit)

            Slackware 14.2 (rc.d) Deepin (rc.d) FreeBSD (rc.d) OpenBSD (rc.d)

            This list isn’t exhaustive, and we are continuing to test other distributions, but made usere to cover a variety of init systems to show this is not limited to systemd.

            **Operating System Variations:

            The behavior is slightly different on other operating systems. Here is a summary of the differences:

            Android: In the first phase of the attack, Android responds with unencrypted RSTs to unsolicited SYN-ACKs for the correct port and ICMP packets for the incorrect one. For the second phase, it will respond with RSTs on the correct four-tuple.

            MacOS/iOS: The first phase of the attack does not work as described here, but you can use an open port on the Apple machine to determine the virtual IP address. We use port 5223, which is used for iCloud, iMessage, FaceTime, Game Center, Photo Stream, and push notifications etc.

            We know the phone will communicate with one of the push notification servers on port 5223, and have observed that on MacOS, the port used on the victim device is not the same as the port used to connect to the VPN server, but is very close (in our testing it has always been within 10).

            nping --tcp --flags SA --source-ip 17.57.144.[84-87] -g 5223 --dest-ip 10.8.0.8 -p [X] --rate 3 -c 3 -e ap0 --dest-mac 08:00:27:9c:53:12

            For iOS devices, it does not follow this convention for choosing the client’s source port, but always choose a port between ~48000-50000 (our testing on iOS 13.1 was between 48162-49555).

            FreeBSD: The first two phases work essentially the same as Linux, however, for the last phase, the ACK number is not needed at all, so that piece of phase three can be skipped.

            OpenBSD: OpenBSD responds to spoofed SYN packets to the correct virtual IP with unencrypted RST packets, and the incorrect virtual IP elicits unencrypted NTP packets or nothing at all for the first part of the attack. For the second part, the responses are encrypted, but we can still determine which packets are challenge ACKs from the packet size, as with Linux. Connections can be reset by sending a RST with the correct sequence number.

            **Possible Mitigations:

            1. Turning reverse path filtering on

            Potential problem: Asynchronous routing not reliable on mobile devices, etc. Also, it isn’t clear that this is actually a solution since it appears to work in other OSes with different networking stacks. Also, even with reverse path filtering on strict mode, the first two parts of the attack can be completed, allowing the AP to make inferences about active connections, and we believe it may be possible to carry out the entire attack, but haven’t accomplished this yet.

            2. Bogon filtering

            Potential problem: Local network addresses used for vpns and local networks, and some nations, including Iran, use the reserved private IP space as part of the public space.

            3. Encrypted packet size and timing

            Since the size and number of packets allows the attacker to bypass the encryption provided by the VPN service, perhaps some sort of padding could be added to the encrypted packets to make them the same size. Also, since the challenge ACK per process limit allows us to determine if the encrypted packets are challenge ACKs, allowing the host to respond with equivalent-sized packets after exhausting this limit could prevent the attacker from making this inference.

            We have prepared a paper for publication concerning this vulnerability and the related implications, but intend to keep it embargoed until we have found a satisfactory workaround. Then we will report the vulnerability to oss-security@lists.openwall.com. We are also reporting this vulnerability to the other services affected, which also includes: Systemd, Google, Apple, OpenVPN, and WireGuard, in addition to distros@vs.openwall.org for the operating systems affected.

            Thanks,

            William J. Tolley Beau Kujath Jedidiah R. Crandall

            Breakpointing Bad & University of New Mexico
          • New Linux vulnerability puts VPN connections at risk of hijacking

            Furthermore, the research team also identified the SEQ and ACK numbers from inspecting the encrypted packet size and number and managed to inject data into the TCP steam, which led to the hijacking of the connection. This means VPN technology was ineffective in preventing the attack since even encrypted packets could be assessed.

            After testing on Manjaro 18.1.1, CentOS, and Ubuntu 19, researchers discovered that the exploit was applicable to both IPv4 and IPv6. Other systems that are vulnerable to exploitation include Void Linux, Debian 10.2, Slackware 14.2, Arch 2019.5, MX Linux 19, Deepin, Fedora, Devuan, FreeBSD, and OpenBSD. They will be testing the effectiveness of the exploit against Tor as well.

          • Attackers using Linux Vulnerability to Hijack VPN Connections
          • Linux VPN connections can be hacked

            Insecurity experts at Breakpointing Bad have found aa new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams.

            The security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard. The vulnerability is known to impact most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android.

            A currently incomplete list of vulnerable operating systems and the init systems they came with is available below, with more to be added once they are tested and found to be affected: Ubuntu 19.10 (systemd), Fedora (systemd), Debian 10.2 (systemd), Arch 2019.05 (systemd), Manjaro 18.1.1 (systemd), Devuan (sysV init), MX Linux 19 (Mepis+antiX), Void Linux (runit), Slackware 14.2 (rc.d), Deepin (rc.d), FreeBSD (rc.d), and OpenBSD (rc.d).

          • VPN connections could be hacked due to Linux security flaw

            A new vulnerability that could allow potential attackers to hijack VPN connections on affected NIX devices and inject arbitrary data payloads into IPv4 and Ipv6 TCP streams has been discovered by security researchers.

            The researchers disclosed the security flaw they detected, tracked as CVE-2019-14899, to Linux distro makers, the Linux kernel security team and to others that are impacted including systemd, Google, Apple, OpenVPN and WireGuard.

          • Unix-like Systems Vulnerable to VPN Inferring and Hijacking Attacks

            Three researchers from Breakpointing Bad and the University of New Mexico have discovered a vulnerability that exists in Linux and Unix-like operating systems like Android and macOS. Given the tracking code “CVE-2019-14899”, the flaw resides in the routing table code and the TCP code that is present in these systems. The vulnerability allows an attacker to perform traffic analysis via clever use of encrypted DNS queries in conjunction with error messages, leading to the sniffing of open TCP connection information. The attack was discovered quite a while back, but the researchers disclosed it publicly now, and after they allowed the vendors some time to plug the holes.

          • Researchers say VPN bug affects Linux, Unix systems
          • Linux Bug Opens Most VPNs to Hijacking

            In a coffee-shop scenario, attackers can hijack “secure” VPN sessions of those working remotely, injecting data into their TCP streams.

            A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers.

            According to researchers at University of New Mexico and Breakpointing Bad, the bug (CVE-2019-14899), “allows…an attacker to determine if…a user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website.”

          • New vulnerability lets attackers sniff or hijack VPN connections
          • Researchers find a new Linux vulnerability that allows attackers to sniff or hijack VPN connections

            On Wednesday, security researchers from the University of New Mexico disclosed a vulnerability impacting most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android. This Linux vulnerability can be exploited by an attacker to determine if a user is connected to a VPN and to hijack VPN connections.

            The researchers shared that this security flaw tracked as CVE-2019-14899, “allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website.” Additionally, attackers can determine the exact sequence and acknowledgment numbers by counting encrypted packets or by examining their size. With this information in hand, they can inject arbitrary data payloads into IPv4 and IPv6 TCP streams.

          • Cyber Security Today – An email gift card scam, please stop re-using passwords and more open data found on Amazon storage

            Welcome to Cyber Security Today. It’s Friday December 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

          • NetworkManager Adds Support For Enhanced Open / Opportunistic Wireless Encryption

            Opportunistic Wireless Encryption (OWE) provides a means of encrypting wireless data transfers without having any secret/key. Opportunistic Wireless Encryption is advertised as Wi-Fi Certified Enhanced Open.

            This OWE / "Enhanced Open" standard is now supported by NetworkManager for allowing supported devices connecting to Linux systems to make use of this means of opportunistic encryption. The Wi-Fi CERTIFIED Enhanced Open has been around just since summer of 2018 to better secure open WiFi networks. More details on the standard can be found via Wi-Fi.org.

          • Security updates for Friday

            Security updates have been issued by Debian (libav), Fedora (kernel, libuv, and nodejs), Oracle (firefox), Red Hat (firefox and java-1.7.1-ibm), SUSE (clamav, cloud-init, dnsmasq, dpdk, ffmpeg, munge, opencv, and permissions), and Ubuntu (librabbitmq).

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Hackers Exploit New Linux Vulnerability To Hijack VPN Connections [Ed: Techworm misreporting, as usual. There are no known attacks]

              The attack has been reported to work against several popular VPN solutions, including OpenVPN, IKEv2/IPSec, and WireGuard.

              However, the researchers are still testing their viability against Tor, as it works in a SOCKS layer and implements authentication and encryption that takes place in userspace.

              “It should be noted, however, that the VPN technology used does not seem to matter and we are able to make all of our inferences even though the responses from the victim are encrypted, using the size of the packets and number of packets sent (in the case of challenge ACKs, for example) to determine what kind of packets are being sent through the encrypted VPN tunnel,” clarifies the research team.

          • Privacy/Surveillance

    • Defence/Aggression

      • Envisioning a United World

        Let’s bomb Iowa! Or maybe Texas or Michigan or Nebraska . . .

      • The Hillsborough Soccer Tragedy: Who is Responsible?

        Who was responsible for the deaths of 96 people and the hundreds injured in the collapse of stands at a soccer match in England in 1989? A jury at the Preston Crown Court in England last week exonerated David Duckenfield for responsibility for the Hillsborough tragedy. A 1991 inquiry said it was accidental and not caused by the rush of Liverpool fans; a 2016 inquest said it was disorganization and negligence by the police who ordered one of the exit gates to be opened, and David Duckenfield, the match commander for the local police, was judged not guilty.

      • As Impeachment Looms, 350 Mental Health Professionals Warn Congress That Nuclear-Armed Trump 'A Threat to Safety of Our Nation'

        "We are convinced that, as the time of possible impeachment approaches, Donald Trump has the real potential to become ever more dangerous."

      • Today's Republican Party Preserves US Legacy of Slavery and Imperialism

        On the Thursday of the second week of the House Intelligence Committee’s impeachment hearings, former U.S. Attorney Preet Bharara had a special guest on his weekly podcast, Carl Bernstein. It was Bernstein, with fellow Washington Post journalist Bob Woodward, whose reporting broke open the story of how the Committee to Re-elect the President burglarized Democratic Party headquarters at the Watergate office building in Washington, D.C. That reporting and the impeachment hearings that followed eventually forced President Richard Nixon to resign in disgrace in 1974. Bharara wanted to hear about what differences Bernstein sees between the Nixon impeachment proceedings and Donald Trump’s today.

      • ICC Holds Hearing on Afghanistan War Crimes, Including US Torture

        The International Criminal Court (ICC) opened a three-day hearing in the The Hague, Netherlands on Wednesday at which prosecutors and Afghan torture victims are attempting to convince the court to overturn a previous decision to refuse to investigate war crimes committed by Taliban, Afghan government and US forces.

      • U.S. Considers Sending Several Thousand More Troops to Mideast

        The Pentagon is considering sending several thousand additional troops to the Middle East to help deter Iranian aggression, amid reports of escalating violence in Iran and continued meddling by Tehran in Iraq, Syria and other parts of the region.

      • 'This Isn't How You End the Endless War': Trump Weighs Plan to Send 14,000 More US Troops to Middle East

        "Trump ran on ending these endless wars. But he's sending more troops to the Middle East, making yet another war there more likely."

      • Everyone Should Watch The Report. Take It From a Guantánamo Bay Lawyer

        Here’s a quiz question: how many famous songs, or films, can you name that address the serious contemporary issues of torture and rendition? There aren’t many. When I think of music in connection with our US secret prisons, it is the kind blasted at prisoners at deafening volume, all day and night.

    • Environment

    • Finance

      • 'Victory for the People': Michigan Court Rejects Nestlé's Claim That Privatizing Local Town's Water Provides 'Essential Service'

        "Allowing a corporation to bottle our water just to sell it back to us is hardly an 'essential service.'"

      • The U-Turn That Made America Staggeringly Unequal

        Wealth in America has concentrated — and dramatically so — over the past four decades. Since 1980, note wealth researchers Emmanuel Saez and Gabriel Zucman, the top 0.1 percent share of the nation’s total wealth has more than doubled, from under 10 percent in 1980 to over 20 percent today. In a nation of over 125 million households, just one ten-thousandth of those households — some 12,500 — now control over 10 percent of our wealth.

      • Big Rallies and Big Differences in Germany

        Looking out my window at the wide Karl Marx Allee boulevard below, I have seen many a big May Day parade march by in the old GDR days, and many a passing bicycle race or Marathon. Recently, for the first time, I saw a slow, endless column of green or yellow tractors. I learned later that 5600 of them, after blocking traffic while driving in from North, South, East and West Germany, had converged at the Brandenburg Gate, parked in orderly rows and then voiced their demands: “Fewer or better pesticides, OK! Less or better fertilizers, also OK! We too want to save our planet. But not without consulting with us, who are fighting a bitter battle against monopoly agriculture giants and monopoly retailing giants which are threatening the survival of us family farmers.”

      • Sweden Offers Free Higher Ed, Universal Health Care, Daycare — Why Can't the US?

        Medicare for All and tuition-free universities have been at the core of the 2020 Democratic presidential campaigns, creating a stark division between progressive candidates and their centrist counterparts. Senators Bernie Sanders and Elizabeth Warren have proposed to make Medicare for All and public universities cost-free by taxing massive corporations and the super wealthy, and earlier this year, Sanders introduced legislation that would cancel student loan debt. His plan would be paid for with a new tax on Wall Street, he says. It would also make public universities and community colleges free — a key pillar of Sanders’s 2020 education platform. These proposals are not radical ideas in Sweden, a country that has built one of the world’s most extensive social welfare systems. In Sweden, healthcare costs are largely subsided by the state. Daycare and preschool programs are mostly free. College and university are free. Public transportation is subsidized for many users. To explain how Sweden does it, we speak with Mikael Törnwall, Swedish author and journalist focusing on economic issues at Svenska Dagbladet, a Stockholm daily newspaper. His most recent book is titled Who Should Pay for Welfare?

      • Denouncing Macron's Neoliberal Pension Reforms, Hundreds of Thousands of Striking Workers Bring France to a Halt

        "We have one of the best pension systems in the world, if not the best. Yet the president has decided, purely out of ideology, to wipe it out."

      • 'Flat-Out Corruption': DeVos Accused of Scheming to Stop Next President From Canceling Student Loan Debt

        "Normally the rich are moderately more subtle about rigging the system in their favor. They're scared."

      • Trump's SNAP Cuts
    • AstroTurf/Lobbying/Politics

      • Investigation Uncovers Israel-Based Group Behind Bigoted Facebook Smear Campaign Aimed at US Muslim Congresswomen

        "The goal of these anti-Muslim hate campaigns is clear—they put Muslim lives here and around the world at risk and undermine our country's commitment to religious pluralism."

      • Inside the Battle for Another World

        A succession of social upheavals over the last decade has radically realigned political power throughout the world.€ As a result of these tectonic shifts, what had once been on the furthest fringes of the right has now moved toward the center while the left has been pushed to the margins. “Things fall apart; the centre cannot hold,” poet William Yeats wrote...

      • Protocols of the Elders of the Republican Party

        How do the horrific events of Charlottesville, the shooting at the Tree of Life Synagogue in Pittsburgh, and a similar hate crime in California directly relate to the eye-rolling pronouncements by Devin Nunes, Rudy Giuliani, and other Republicans in defense of President Donald Trump?

      • "It's On": Pelosi Officially Asks Nadler to Prepare Articles of Impeachment

        "The president leaves us no choice but to act."

      • The Most Important Election in British History

        Democracy in Britain has never been particularly strong or vibrant. Yet, for the first time in decades, the British people face a real choice at the ballot box in December. It wasn’t long ago that any possibility of radical change was excluded from the outset.

      • Bernie Sanders Tops New California Poll—But You Wouldn't Have Known It By Reading This LA Times Headline

        In latest #BernieBlackout example, Sanders' deputy campaign manager notes it took major newspaper "three paragraphs to mention who is leading."

      • Kerry Endorses Biden as Ad Cites NATO Leaders Mocking Trump

        John Kerry, the former secretary of state and 2004 Democratic presidential nominee, endorsed Joe Biden for president on Thursday, buoying the former vice president’s argument that his international experience should be a deciding factor for voters in 2020.

      • New York's Other Hopelessly Corrupt Candidate

        For better or worse, New York City has produced some of the biggest names in contemporary U.S. politics. From President Donald Trump and his conspirator-in-corruption Rudy Giuliani, all the way to Rep. Alexandria Ocasio-Cortez and Sen. Bernie Sanders (the latter has spent most of his life in Vermont, of course, but is a New Yorker to the core), politicians from across the political aisle have hailed from the Big Apple.

      • A Playboy Misrules Pakistan

        Unlike Western press practices, Pakistan’s privacy traditions constrain a robust discussion of the private lives of celebrities in electronic or print media. However, hush-hush gossip, group text messages, and social media in Pakistan are as brutal as anywhere else in the world. As such private lives of political leaders, such as Prime Minister Imran Khan (IK), remain shrouded in an unsortable mixture of fabrications and truths. For the most part, the Pakistani public ignores the private lives of favored leaders, including IK.

      • Biden Campaign's "World Is Laughing at Donald Trump" Video Wins Viral Moment

        "They see him for what he really is: dangerously incompetent and incapable of world leadership."

      • Burundi: Elections ‘Levy’ Opens Door to Abuse

        Local officials and members of the widely feared youth wing of€ Burundi’s ruling party have extorted donations for the upcoming 2020 elections, in many cases with threats or force.

      • The Mad Activist Impeaches Western Culture
      • Look Out for the Drift

        In the mid-nineties, after receiving a BA in psychology, psychopathology was on my mind daily. I worked at a group home for psychiatrically diagnosed teens in Queens, New York; later as a psychiatric rehab counselor for adults transitioning from group homes to independent living in the South Bronx. My experiences were disturbing enough to make me leave that counselor career path and drift from one job to another—finally end up as a poet, with society and politics being main interests. How could they not be: my family is from Puerto Rico. If government is, indeed, now just a big business, the tiny defenseless island of Puerto Rico has received a brutally raw deal since its occupation in 1898. It’s difficult to see your mother raped by someone you are supposed to trust—a neighbor you were taught was moral and good.

      • Impeachment of Trump Appears Inevitable in the House

        The House Judiciary Committee convened Wednesday for eight and a half hours of testimony to discuss what the Constitution requires for impeachment. It was an exercise that didn’t reveal any new information on the investigation, but rather laid out the legal justification for Trump’s potential impeachment. The hearing underscored that any eventual impeachment will most likely be partisan. Judiciary Committee Republicans continued the House GOP’s approach of raising procedural complaints and bad-faith attacks on the Democratic witnesses, while the Republican witness argued there isn’t sufficient evidence to justify impeaching Trump. But Democrats made a strong case for the obligation Congress has to impeach, given Trump’s conduct. The three Democratic witnesses all argued that Trump has not only committed impeachable offenses, but that the gravity of the president’s abuse of power made impeachment utterly necessary.

    • Censorship/Free Speech

      • Gen Z and Free Speech

        The Knight Foundation released a study that details the attitudes surrounding free speech in our precious young people today. Generational tension is on the rise as young people confront the richer and more conservative “Boomer” generation. Among the many divides is the attitude towards free speech.

      • TikTok Secretly Hid Content From Fat, Queer, and Disabled Users

        TikTok has admitted it adopted a set of policies to suppress the content of ‘vulnerable’ creators. TikTok says the policy was to prevent cyberbullying but hints at censorship.

      • Russian lawmakers adopt legislation imposing massively higher fines on violations by ‘foreign agent’ news media

        The State Duma has adopted the third and final draft of legislation that imposes fines as high as 5 million rubles ($78,300) for repeated violations of Russia’s media laws pertaining to “foreign agents.”€ 

      • Russia’s Council of Judges advocates new protections for the judiciary against ‘biased journalists’

        Russia’s Council of Judges has developed a new draft concept for the judicial system’s information policies in the next decade, says the newspaper Vedomosti, citing the document. Among other things, the federal agency wants to impose legal liability on mass media outlets and journalists for “pressuring” courts through “negative content published for money.” The council argues that Russia’s judges need additional protection from “biased publications.”

      • [Reposted, different site] We Need To Save .ORG From Arbitrary Censorship By Halting the Private Equity Buy-Out

        The .ORG top-level domain and all of the nonprofit organizations that depend on it are at risk if a private equity firm is allowed to buy control of it. EFF has joined with over 250 respected nonprofits to oppose the sale of Public Interest Registry, the (currently) nonprofit entity that operates the .ORG domain, to Ethos Capital. Internet pioneers including Esther Dyson and Tim Berners-Lee have spoken out against this secretive deal. And 12,000 Internet users and counting have added their voices to the opposition.

        What’s the harm in this $1.135 billion deal? In short, it would give Ethos Capital the power to censor the speech of nonprofit organizations (NGOs) to advance commercial interests, and to extract ever-growing monopoly rents from those same nonprofits. Ethos Capital has a financial incentive to engage in censorship—and, of course, in price increases. And the contracts that .ORG operates under don’t create enough accountability or limits on Ethos’s conduct.

      • ‘Let’s look in the mirror’ A young Russian YouTuber who faces four years in prison for ‘extremism’ delivers a powerful courtroom speech

        On December 4, Moscow’s Kuntsevsky District Court continued hearing the case against 21-year-old Higher School of Economics (HSE) student and libertarian YouTube personality Egor Zhukov. Zhukov stands accused of issuing public calls for extremism: Prosecutors have argued that his videos on nonviolent resistance were motivated by “political hatred and enmity to the constitutional structure extant in the Russian Federation” as well as a desire to destabilize the country’s social and political order.

      • Devin Nunes' Virginia SLAPP Suits Causing Virginia Legislators To Consider A New Anti-SLAPP Law

        We've been covering all the various SLAPP suits filed by Devin Nunes against his critics, journalists, political operatives, and (most famously) a satirical internet cow. As we've noted, despite Nunes being a Representative from California, and despite the fact that many of the people and companies he's targeting are California-based, he's filed most of the suits in Virginia state court. The reasons for this seemed fairly obvious to many commentators. Virginia has a very weak anti-SLAPP law. California has a very robust one.

      • Kyrgyzstan: Blogger Faces Incitement Charges

        A blogger in Kyrgyzstan who wrote about corruption on social media is facing charges of inter-regional incitement, Human Rights Watch said today. The blogger, Aftandil Zhorobekov, was detained on November 24, 2019 by Kyrgyzstan’s State Committee for National Security (GKNB) and held in pretrial detention until being placed under house arrest on December 5, with the charges against him still standing.

      • IP and the controversial “Hate Speech Bill” in Nigeria

        As some readers may be aware, many Nigerians are vehemently opposed to the National Commission for the Prohibition of Hate Speeches Bill, 2019 (SB. 154) (the “Hate Speech Bill”), which recently passed second reading in the Nigerian Senate. There have been complaints that the offences created under the Bill seek to silence criticism and free speech and that the establishment of a Commission to curb hate speech under the Bill is a waste of resources.

        [...]

        IPRs holders may be imprisoned for life or punished with death by hanging where they produce (see section 3 of the Bill for all the verbs) written or visual material that is threatening, abusive or insulting and intended to stir up ethnic hatred against any person or person from an ethnic group in Nigeria. [Death by hanging only applies to where the hate speech leads to the death of another person]. The Bill offers no guidance on how a court may determine what constitutes “threatening, abusive or insulting” material and/or how intention to stir up ethnic hatred may be determined. As opined here, proving the commission of a crime requires that the prosecution show that the accused person(s) is responsible for the actus reus (physical act) and had the mens rea (guilty mind or intention). Proving the intention to stir up ethnic hatred may not be so straightforward. Nigeria has over 250 ethnic groups: would/should the court be invited to consider history of inter-ethnic relations to decide subjects that would stir up ethnic hatred?

        [...]

        However, the powers of the Commission in the case of receiving contravention complaints may in some sense be quasi-judicial. Persons who are directly aggrieved or who claim that the Bill has been contravened may lodge a complaint with the Commission. See sections 37 and 38 of the Bill. The Commission may decline to entertain complaints that are frivolous or lacking in substance or, that may be more appropriately dealt with by the court. See section 39. Under section 45, the Commission must ensure that it attempts conciliation regarding complaints lodged with it. After hearing the representation of the parties to a complaint, the Commission may issue a compliance notice under section 50 of the Bill. Where parties fail to comply with the compliance notice, the Commission needs an order of the Magistrate’s court or other court to compel such compliance. See section 52 of the Bill.

        Given these circumstances, it may be apt to argue the establishment of the Commission is a waste of resources. By and large, the Hate Speech Bill is still going through the legislative process and nothing is cast in stone (yet).

    • Freedom of Information / Freedom of the Press

      • Spying on Assange: the Spanish Case Takes a Turn

        Judge José de la Mata of Spain’s High Court, the Audiencia Nacional, had been facing a good deal of stonewalling on the part of his British colleagues. He is overseeing an investigation into the surveillance activities of a Spanish security firm aimed at WikiLeaks founder, Julian Assange, during his stay at the Ecuadorean embassy in London.

    • Civil Rights/Policing

      • 'Make America 36th Out of 41 Developed Nations Again': Social Justice Index of Developed Nations Puts US Near Bottom

        Meanwhile, the democratic-socialist Nordic countries of Iceland, Norway, Denmark, Finland, and Sweden enjoy the top spots in detailed survey of OECD nations.

      • The Activists Guiding Us Through These Dark Days

        Over 1,000 people packed into the historic Cirkus Arena in downtown Stockholm Wednesday night. It wasn’t for the building’s original purpose, an actual circus, or for a rock concert, which is one of the contemporary uses of the building. What drew this remarkable cross section of Swedish society, as well as people from around the world? Activism. Courage. Passion.

      • US Official Threatens Communities That Don’t ‘Respect’ Police

        On Tuesday, Attorney General of the United States William Barr€ warned€ that if Americans don’t give more “support and respect” to police, “they might find themselves without the police protection they need.”

      • Indonesia Arrests Yet More Indigenous Papuans

        The list of political prisoners in Indonesia’s West Papua and Papua provinces is growing higher, as at least 110 people were arrested for raising the Papuan national flag over the weekend.

      • Edward Snowden: In the US, I Would Likely Die in Prison for Telling the Truth

        The Right Livelihood Awards celebrated their 40th anniversary Wednesday at the historic Cirkus Arena in Stockholm, Sweden, where more than a thousand people gathered to celebrate this year’s four laureates: Swedish climate activist Greta Thunberg; Chinese women’s rights lawyer Guo Jianmei, Brazilian indigenous leader Davi Kopenawa and the organization he co-founded, the Yanomami Hutukara Association; and Sahrawi human rights leader Aminatou Haidar, who has challenged the Moroccan occupation of Western Sahara for decades. The Right Livelihood Award is known as the “Alternative Nobel Prize.” Over the past four decades, it’s been given to grassroots leaders and activists around the globe — among them the world-famous NSA whistleblower Edward Snowden. At Wednesday’s gala, Amy Goodman interviewed Snowden in front of the award ceremony’s live audience via video link from Moscow, where he has lived in exile since leaking a trove of secret documents revealing the U.S. government’s had built an unprecedented mass surveillance system to spy on Americans and people around the world. After sharing the documents with reporters in 2013, Snowden was charged in the U.S. for violating the Espionage Act and other laws. As he attempted to flee from Hong Kong to Latin America, Snowden was stranded in Russia after the U.S. revoked his passport, and he has lived there ever since. Edward Snowden won the Right Livelihood Award in 2014, and accepted the award from Moscow.

      • No Free Pass for North Korea’s Abuses

        The United Nations Security Council has an opportunity this month to refocus attention on€ North Korea’s abysmal human rights record after giving it a pass last year.

      • Inside the Cell Where a Sick 16-Year-Old Boy Died in Border Patrol Care

        Carlos Gregorio Hernandez Vasquez, a 16-year-old Guatemalan migrant, was seriously ill when immigration agents put him in a small South Texas holding cell with another sick boy on the afternoon of May 19.

      • These Cops are Supposed to Protect Rural Villages. They're in the Suburbs Instead.

        WASILLA, Alaska — The man appeared around dinnertime in the parking lot of the city Police Department, asking to see a cop. Another fight with his wife. Nothing violent, he said, but she threatened to carve a word in the paint of his luxury pickup: CHEATER.

        Maybe an officer could go talk to her? A routine request on a routine night for the Police Department of this small suburban city, made famous by former Mayor Sarah Palin. (She lives up the road.)

      • R. Kelly Accused of Bribing a Public Official to Marry Aaliyah at Age 15

        R&B singer R. Kelly is now facing bribery charges for the fake ID he used to marry Aaliyah. The charges were revealed in an unsealed indictment this afternoon.

      • Professor Turley Is Dead Wrong on Impeachment and Here’s Why

        In his opening statement emphasizing the importance of legal standards, George Washington University constitutional law professor Jonathan Turley claimed that impeaching, “a president on this record would expose every future president to the same type of inchoate impeachment” and warned, “I hope you will consider what you will do when the wind blows again..."

      • The Twenty-First-Century Legacies of America's Twin Sins

        On the Thursday of the second week of the House Intelligence Committee’s impeachment hearings, former U.S. Attorney Preet Bharara had a special guest on his€ weekly podcast,€ Carl Bernstein. It was Bernstein, with fellow€ Washington Post€ journalist Bob Woodward, whose reporting broke open the story of how the Committee to Re-elect the President€ burglarized€ Democratic Party headquarters at the Watergate office building in Washington, D.C.€  That reporting and the impeachment hearings that followed eventually forced President Richard Nixon to resign in disgrace in 1974. Bharara wanted to hear about what differences Bernstein sees between the Nixon impeachment proceedings and Donald Trump’s today.

      • Be Best, My Ass

        OK, we are now and truly done with the con man and his vile hooker squatting in the White House. Having stayed silent through endless atrocities - rapes, lies, cruelty, racism, bullying, leaving families hungry, caging 70,000 children and killing six...

      • 'Impeach Trump for This': Video Shows Final Hours of Teen's Horrible Death in US Immigration Detention Center

        Contrary to claims by Border Patrol, "they didn't take him to the hospital. They didn't release him. They didn't even seem to check on him as he was dying on the floor of his cell."

      • Video Shows Teen's Horrible Death in U.S. Immigration Detention Center

        Footage from an immigrant detention center in Texas obtained by€ Pro Publica€ and published online Thursday shows the final hours of 16-year-old Carlos Gregorio Hernandez Vasquez—who died from complications of the flu while in custody—but also strongly indicates the border patrol agents responsible for his care lied about what happened that night.

      • Mexican Immigration Officials Destroy Asylum Seekers' Tents

        Mexican immigration officials arrived at a refugee camp in Matamoros, Mexico early Tuesday morning bearing machetes used to destroy unoccupied tents left behind by Mexican asylum seekers, according to multiple camp residents who witnessed the event.

      • France Drops Plan to Give Boats to Libya

        France’s decision last week to€ withdraw its offer of six boats€ to the Libyan Coast Guard is good news, as Libya could have used this “gift” to subject even more migrants and refugees to serious abuses in Libya.

      • Fred Hampton: "Peace To You...If You're Willing to Fight For It

        It was 50 years ago that Chicago cops executed Black Panther Chairman Fred Hampton as he slept, firing over 90 shots into his apartment for the crimes of feeding hungry kids, opening medical clinics, forming a Rainbow Coalition and championing black self-determination. Targeted by the FBI as a danger who could "electrify the masses," Hampton vowed to fight racism with

      • NYPD Finally Releases A Body Camera Policy That Gives The Department Plenty Of Ways To Withhold Footage

        The NYPD has finally finalized its body-worn camera footage release policy. It's not much better than its initial public offering, which sought public input and then ignored every bit of the public's input to craft an officer-friendly deployment policy that left the act of recording to officer discretion.

      • This Judge Is Married to the Sheriff. Ethics Complaints Have Piled Up.

        Two years ago, the Chester County Sheriff’s Office in South Carolina accused a pair of lower-court judges of unfairly blocking the sheriff’s requests for criminal warrants.

        A top deputy planned to file a complaint with the chief magistrate and the local state senator, who controls the county’s judicial appointments. But before doing so, the deputy turned to an unlikely ally to help craft his appeal: Magistrate Angel Underwood.

      • American WeChat Users Getting Banned For Celebrating Hong Kong Election Results

        The recent election in Hong Kong may have scored some wins for pro-democracy candidates, but supporters of protesters and newly-elected candidates still aren't able to do much celebrating on social media. WeChat, the massively popular messaging app owned by China's Tencent, is apparently censoring posts and shutting down pro-democracy accounts.

      • ALEC-Crafted Laws Could Send Me to Prison for a Decade for My Activism

        This week, corporate executives and legislators from around the country are gathering in Scottsdale, Arizona, for the American Legislative Exchange Council’s (ALEC) annual States and Nation Policy Summit, where they will craft policies to introduce into state legislatures. More than a dozen groups have protested outside the meeting. ALEC is a shadowy group — meeting in secret, hiding its membership, and prohibiting journalists and the public from observing its activities. Various watchdogs have increasingly exposed ALEC’s undemocratic nature. What has received less attention, however, are the policies that emerge from ALEC.

      • Black Back Room Deals Must Not Stifle Right To Die With Dignity: Philip Nitschke

        Culture is crucial to Indigenous Australia, but it doesn’t give a handful of black leaders the right to scuttle laws to assist everyone the right to die with dignity, writes Dr Philip Nitschke.

    • Internet Policy/Net Neutrality

      • AT&T Says The Real Problem With The Internet Is We Pay Too Much Attention To Giant ISPs

        As Silicon Valley giants like Google and Facebook face all manner of (justified) regulatory scrutiny, telecom has been able to somehow remove itself from the conversation, despite engaging in many of the same (if not worse) behaviors over the years. While Congress obsesses about new ways to regulate "big tech," the US government has oddly been busy neutering all oversight of "big telecom". That's at least partially by design; giants like AT&T and Comcast have spent years pushing for the hyper regulation of companies telecom increasingly competes with in the online ad space.

    • Monopolies

      • CJEU rules that "aceto" and "balsamico" are not individually protectable components of PGI "Aceto Balsamico di Modena"

        Yesterday, the Court of Justice of the EU (CJEU) issued its decision in Case C-432/18, Consorzio Tutela Aceto Balsamico di Modena v Balema GmbH [here]. The decision sets important limitations on the scope of protection of the Protected Geographical Indication (PGI) "Aceto Balsamico di Modena" and for PGI's registered in a similar manner, because the Court held that individual components of this PGI are not protected.

        Background to the case

        Balema is a German producer of balsamic vinegar and markets its products as "Balsamico" or "Deutscher Balsamico". The consortium of producers of Modena balsamic vinegar hold the PGI for "Aceto Balsamico di Modena (PGI)", which enjoys protection under Regulation 1151/2012 (the Agricultural Foodstuff Regulation). It was registered under its predecessor and, as is common practice for European geographical indications, on the conditions set forth in the granting regulation, 583/2009. The consortium sued Balema in Germany and the Federal Supreme Court asked the CJEU whether the protection for "Aceto Balsamico di Modena" extends to the use of individual, non-geographical components of this term.

      • One-minute survey: Does judicial recruitment need a shake-up?

        The England and Wales High Court is in need of IP specialist judges. But with the courts facing a wider recruitment issue, filling the gap is not easy.

        Factors including pay and changes to pension arrangements mean there is a lack of candidates who want to become a judge. The UK’s Ministry of Justice has itself cited “very strong evidence” for recruitment difficulties in the High Court.

      • Mandatory mediation in Greece: Odysseus reaches Ithaca

        We have previously reported on Greece’s legislative initiative to introduce mandatory mediation in certain civil and commercial disputes, including trademark infringement disputes.

        The respective law, 4512/2018, had been enacted, but its entry into force was postponed, following reactions of lawyers and bar associations. As a result, the drafting of a new law was commenced. After the conclusion of the public consultation, a final draft was submitted to Parliament, and it was approved by the Plenary on November 28, 2019.

        Published the following day, on November 29, 2019, it is now law no 4640/2019 “Mediation on civil and commercial disputes – Further harmonization of Greek legislation with Directive 2008/52/EC of the European parliament and of the council of 21 May 2008 and other provisions” (the Law).

      • Patents

        • As 9th Circuit Prepares For Argument, Korean Fine Against Qualcomm Upheld

          Qualcomm’s appeal of the FTC’s success in district court continues to move forward, with the second set of amicus briefs (including CCIA’s) filed the week of Thanksgiving. Qualcomm’s reply brief is due by Friday, December 13th, and oral argument is scheduled for February 13th, 2020. Judge Koh found that Qualcomm had abused its dominant position in baseband modems, harming consumers and competitors alike.

          On appeal, Qualcomm has in essence argued that competition law shouldn’t apply to it because of its importance to cellular standards. Many amici, from technology firms to auto companies to former heads of the FTC, repudiated the argument that maintaining Qualcomm’s position in 5G is more important than ensuring healthy competition. We’ll see if that argument flies in the United States—given the strength of the factual determinations and the evidence in the district court, it shouldn’t—but in the meantime, Qualcomm has been handed another setback.

        • Nokia outmaneuvering Daimler with settlement effort that has zero credibility--but Mannheim court confirms hearing date

          One week ago, Reuters' Foo Yun Chee (who's been covering EU competition matters for more than a decade and whom I regard very highly) reported on a statement by Nokia according to which "the Finnish telecoms equipment maker had submitted a proposal for resolving the patent licensing fee row." This relates to the situation between Nokia and Daimler as well as Daimler's suppliers. Nokia brought ten German standard-essential patent (SEP) infringement actions against Daimler earlier this year--several months after Daimler had lodged an antitrust complaint with the European Commission's Directorate-General for Competition (DG COMP) over Nokia's refusal to extend exhaustive SEP licenses on FRAND terms to Daimler's suppliers. At around the same time, four suppliers (Continental, Valeo, Gemalto, and BURY Technologies) also filed complaints against Nokia with DG COMP.

        • Supreme Court Hears Appealability Appeal

          The section 315(b) time bar prohibits institution of a petition “filed more than 1 year after the date on which the petitioner … is served with a complaint alleging infringement of the patent.” Years ago (well before the 1-year date) the patentee Click-to-Call sued Thryv’s predecessor-in-interest for infringement and served the complaint as required under €§ 315(b). That lawsuit, however, was voluntarily dismissed without prejudice. When the defendant later filed its IPR petition, the PTAB found that the dismissal without prejudice effectively nullified the original lawsuit and, as such, did not raise the time-bar. The PTAB then invalidated the claims. On appeal, the Federal Circuit rejected PTAB’s approach — holding that the statute does not allow for any exception to the time-bar for cases dismissed without prejudice. In its petition to the Supreme Court, Thryv asked the court to review both whether (1) the issue is appealable; and (2) the time-bar still applies after a dismissal without prejudice. The Supreme Court granted certiorari, but only as to question 1 – whether the issue is appealable.

        • Another German FRAND Ruling – OLG Karlsruhe, Judgment of 30 October 2019, 6 U 183/16 (Philips v Wiko)

          In its latest ruling on FRAND and the Art. 102 TFEU defense, the OLG (Higher Regional Court) Karlsruhe put an emphasis on the ‘fairness’ of the licensing negotiation procedure and thus on the ‘F’ prong of FRAND. To allow fair and expedient licensing negotiations and avoid a finding of abuse of dominance, the owner of a standard essential patent (SEP) has to explain and substantiate vis-à-vis the willing licensee why its license offer is FRAND in such a way that the implementer can assess the offer and respond with a counter-offer in a meaningful way. Even though both the SEP holder and the implementer may still comply with their ‘negotiation duties’ after filing the complaint, undue pressure by the threat of an injunction has to be avoided, e.g. by suspending the proceedings.

          The case concerned a patent essential for the LTE standard. The OLG Karlsruhe, appeal instance to the Mannheim Regional Court, confirmed patent infringement by defendant’s LTE compatible mobile phones, resulting in a declaration on damages and full claims for information and accounting. However, the defendant’s FRAND/Art. 102 TFEU defense was successful and the court rejected the requests for an injunction, recall and destruction as currently unfounded.

          With this decision, the Karlsruhe court tackles questions on the implementation of the negotiation framework as set out in the landmark decision Huawei v ZTE of the CJEU (case C-170/13) from yet a different angle than the appeal courts in Duesseldorf (with an emphasis on the ‘non-discriminatory’ assessment of the content of the SEP holder’s license offer and stricter requirements on the provision of third party licenses) and the UK (with a focus on the ‘fair and reasonable’ prong of FRAND and a more flexible application of the CJEU negotiation framework; see previous posts here and here). The Karlsruhe court also came to a different conclusion than the Court of Appeal The Hague in the parallel proceedings between the same parties earlier this year. According to public comments, the Dutch court held that the plaintiff was entitled to an injunction as the defendant was not a ‘willing licensee’ prior to the proceedings and had not met its burden to show that the plaintiff’s later license offer was non-compliant with FRAND. In contrast, the OLG Karlsruhe found that the plaintiff had not met its burden to substantiate the FRANDness of its license offer to the defendant. This failure to meet its information and negotiation duties amounts to an abuse of the plaintiff’s dominant position acc. to Art. 102 TFEU.

        • TCL v Ericsson overturned on appeal in US; will go to jury trial

          Readers will remember the news of Christmas 2017: Judge Selna in the Central District of California determined the FRAND royalties that TCL should pay to Ericsson. The decision attracted comment because the rates were very much lower than the findings that Mr Justice Birss had made in relation to Ericsson's portfolio in Unwired Planet, despite similar evidence

          Today the Court of Appeals of the Federal Circuit overturned that decision.

          Ericsson appealed on two grounds: that it had been deprived of its right to a jury trial, and that Judge Selna's calculations contained many errors. Happily for Ericsson, but disappointingly for followers of FRAND, the CAFC agreed with the first of those grounds. That means it did not need to look at the second.

      • Trademarks

        • Fraudulent Trademarks: How They Undermine the Trademark System and Harm American Consumers and Businesses

          Congress is moving on Trademark Legislation with a number of different potential proposals circling.

        • Counterfeit Goods Seizure Act of 2019

          Copyright, trademark, and “trade name” violations are already listed in the statute; patents and trade secrets are not listed. The basic idea here is that it is pretty easy for CPB to stack design patents atop their current system that looks at copyright and trademark. The hope here is that a layman (e.g., CPB official) can quickly and easily determine design patent infringement at a relatively high level of accuracy. This would be much more difficult for utility patents, and wouldn’t work for trade secrets without disclosing the secret to CPB.

        • AG Campos advises CJEU to rule that Amazon might be potentially liable for trade mark infringement

          Subsequently Coty requested Amazon to provide all perfumes stocked on behalf of the seller. 11 of the 30 perfumes delivered by Amazon to Coty had been stocked on behalf of another seller, whose identity Amazon was not able to confirm.

          Coty sued Amazon for trade mark infringement in Germany, but without success. In fact, both at first instance and on appeal, the German courts found that Amazon had not directly used the trade mark or stocked the goods to sell them; rather, it had just stocked them on behalf of third parties and was unaware that the trade mark rights had not been exhausted.

          On appeal to Germany’s Federal Court of Justice (BGH), a question arose: Does a person who, on behalf of a third party, stores goods which infringe trade mark rights, without having knowledge of that infringement, stock those goods for the purpose of offering them or putting them on the market under Article 9(3)(b) EUTMR, if it is not that person himself but rather the third party alone which intends to offer the goods or put them on the market?

          The BGH was unsure, though it was inclined to answer in the negative in light of what happens in Germany in the patent field. The court also excluded that Amazon’s behaviour would amount to a ‘use’ of the trade mark within the meaning of Article 9(2) EUTMR.

          Despite all this, a referral was made to the CJEU.

      • Copyrights

        • When you own an artwork, you don’t own the copyright: Danish artist wins injunction against watchmakers planning to cut up painting

          With thanks to Hanne Kirk and her team at Gorrissen Federspiel (Denmark) for this fascinating post regarding the outer limits of copyright in an artwork:

          On Monday, 2 December 2019, the Danish Maritime and Commercial High Court issued a ruling in a case which explores the fine line between destruction and alteration of existing artwork. The conclusion? Cutting up an existing artwork to repurpose the individual pieces as wristwatch faces constitutes reproduction of the work in an amended form – not destruction followed by the creation of a new, original work.

          [...]

          In its 2 December 2019 ruling, the Danish Maritime and Commercial High Court found in favour of Tal R on all claims, confirming expressly that the insertion of pieces of a painting into wristwatches was, in the view of the Court, not a destruction of the work, but rather a reproduction of the work in an amended form.

          In support of this conclusion, the Court noted that Kanske had itself explained that the very idea of the project was to transform Tal R’s artwork, and had further asked on its website “what happens when you take an original artwork and turn it into something else?” It made no difference in this regard that the artwork, once incorporated into the wristwatches, would no longer be recognizable.

          (This GuestKat finds the last-mentioned statement somehow surprising, given that similarity is a prerequisite for an infringement, and given that similarity calls for a certain recognizability of the original work.)

          The Court further ruled that the project would indeed, as claimed by Tal R, constitute an alteration and making available to the public of Tal R’s artwork “in a manner or in a context which is prejudicial to the author’s literary or artistic reputation or individuality,” thereby violating section 3(2) of the Danish Copyright Act.

          Finally, the Court also agreed that Kanske had violated sections 3(1) and 22(1) of the Danish Marketing Practices Act by marketing and offering for sale the wristwatches, including by making unauthorized use of the “Tal R” brand.

          Overall, the Court dismissed Kanske’s defense that the project was art and should benefit from the protections granted to expressions of artistic freedom.

        • Creative Commons Receives an AWS Imagine Grant to Improve CC Search

          With that in mind, we’re excited and proud to announce that we’ve been awarded an Amazon Web Services (AWS) Imagine Grant—a public grant for non-profit organizations that are “using technology to solve the world’s most pressing challenges.”

        • The Pirate Bay Moves to a Brand New Onion Domain

          The most famous torrent site in the world, The Pirate Bay, has ditched its old and mostly unreadable Onion domain for something more recognizable and potentially more permanent. The switch was reported to TorrentFreak after Pirate Bay proxy sites noticed extended downtime on the old domain.

        • IPTV Service Easily Circumvents First Canadian Piracy Blockade

          Through the Federal Court, Bell, Rogers, and Groupe TVA recently obtained the first Canadian pirate 'site' blocking order. The companies argued that ISP blockades are an effective way to deal with copyright infringing sites and services. While that may be true to a certain degree, the targeted GoldTV service simply switched to a new domain and continues to offer its services.

        • Meet the Guy Behind the Libgen Torrent Seeding Movement

          Libgen and Sci-Hub, regularly referred to as the 'Pirate Bay of Science', are continually under fire. However, if all of the important data is decentralized, almost any eventuality can be dealt with. Today we meet the guy leading a new movement to ensure that Libgen's archives are distributed via the highest quality torrent swarms possible.

        • Why Won't Creative Future's Members Comment About This Hollywood Front Group Smearing A Well Respected Law Professor?

          If you look in the dictionary, the word "projection" has many different definitions. I find it particularly amusing that in Merriam Webster's dictionary, the following two are right next to each other: the attribution of one's own ideas, feelings, or attitudes to other people or to objects; especially : the externalization of blame, guilt, or responsibility as a defense against anxiety the display of motion pictures by projecting an image from them upon a screen This is a story that kind of involves both of those definitions, because it's all about a front group, created and funded by Hollywood, very much "projecting" its own blame, guilt and responsibility onto one of the most respected and thoughtful copyright law professors. And... almost no one wants to comment on the organization's shameful tactics. Perhaps some of you might help in my ongoing efforts to get literally any of Creative Future's members to explain why it still supports the organization after its shameful smear campaign over the past few weeks and months.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day