Links 24/12/2019: Darktable 3.0, Alpine 3.11.2, PyPy 7.3.0

Posted in News Roundup at 2:33 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • 5 Bold Predictions for Linux & Open Source in 2020

      While the past twelve months have, as expected, been a busy one for the open source and Linux communities — a number of my Linux predictions for 2019 even came to pass — next year looks set to be even better.

      Having recapped the best Linux distros of 2019 let us turn to the coming year!

      Read on to discover my Linux predictions for 2020, all served with a pinch of sodium-based seasoning on the side! Happy reading!

    • Unix is turning 50. What does that mean?

      2020 is a significant year for Unix. At the very start of the year, Unix turns 50.

      While some of the early development of Unix predates the official start of its “epoch,” Jan 1, 1970 remains the zero-point in POSIX time and the recognized beginning of all things Unix. Jan 1, 2020 will mark 50 years since that moment.

    • Server

      • IBM/Sysadmins

        • Perception and reality: What my family thinks a sysadmin does

          Over the years while visiting my parents, invariably I am asked the question, “How is work going?” While I want to be specific with my answer, I usually end up giving a vague “good” or “staying busy” type of response. It’s not that I give vague answers because I don’t think they comprehend what I do, it’s that there is not enough time to cover all the different aspects that determine the answer. In fact, I recently posed the question “What do you guys think I do all day for my work?” to my family on the Slack workspace we use to communicate and collaborate on vacations and meetups. While the majority of my family does have a general understanding of what I do, there were a couple of, while not totally inaccurate, comical replies.

          “Eat Cheetos and play World of Warcraft,” was my youngest brother’s humorous response, and while I do enjoy the occasional Cheeto snack, I think that all of us sysadmins would agree that there is not enough time in our day to play games. On a more serious note, it’s understandable that there are those in my family who relate what I do to whatever front-end or publically facing interface the company I work for has. For example, I’ve worked for companies that have a website, so to them, “I build or manage the website.” While there is definite truth to that answer, doing so is a small part of my responsibilities.

          Another accurate interpretation of what my family thinks a sysadmin does is “fix broken computers.’ Again, there is so much truth in this idea, but it is a severe overgeneralization of what we do. Break and fix plays a huge role in being a good sysadmin. “Fixing a broken computer” looks like so many different things, whether that is patching or upgrading operating systems or software, replacing a hardware component, or applying a custom solution to change functionality. Still, fixing things is just a fraction of my day, if at all. Sometimes it’s just a few hours a week.

          When I go out with my wife and we meet someone new, I eventually get asked what I do for work. My wife almost always chimes in with, “He stares at a black screen with white letters all day.” I can’t blame her for that interpretation, because it just so happens that when I am working remotely while she is there, it is usually because I was called for a priority issue that requires me to log into a terminal for troubleshooting.

          Ultimately, the truth of one sysadmin’s day might look completely different from another’s when it comes to our specific tasks, and we are often misunderstood. The biggest commonality I believe we all have as Linux sysadmins is that we are the glue that binds multiple IT teams together. We are the ones that interpret what developers need when they make requests to the networking or security teams. We are sometimes at the beck and call of the database teams. Meanwhile, we’re diligently striving for fast, secure, and reliable operation with our servers while trying to stay under budget.

          So, the next time a stranger asks me what I do for work, maybe I’ll answer with something besides, “I’m in IT.”

        • Top 11 Linux articles from our first year

          Although our first year here at Enable Sysadmin has been a short one—we went live and published our first articles in May of 2019—it has been an awesome year. Some amazing writers contributed articles of all types, and many of those articles are about Linux. Some of these Linux articles focused on commands, ranging from lists of those you need to know to system monitoring and screen sharing. Others concentrated on SSH, troubleshooting, administration, and even managing the /tmp directory.

          We have compiled a list of our top 11 Linux articles from 2019 to give you an opportunity to re-read your favorites, or perhaps find an article or two that you missed. We hope you enjoy these articles but, even more, we hope that they teach you something new.

    • Talks/Audiocasts/Shows

      • Some Interesting Talks from FOSDEM 2020 Schedule

        We wrote about IoT devroom call for proposals for FOSDEM 2020 a little while ago, and as the free open-source developer meetup is getting closer, FOSDEM 2020 organizers released the schedule.

      • Brunch with Brent: Catherine Kretzschmar | Jupiter Extras 42

        Brent sits down with Catherine Kretzschmar, professional music teacher, coding bootcamp enlistee, and humanist celebrant, for an in-person connective chat on the relationship between music and coding, the quality-of-life implications of ever-evolving home automation, an intro to humanist celebrancy, and more.

        Catherine is a good friend of the Jupiter Broadcasting family and wife of Alex Kretzschmar, co-host of Self-Hosted.

        Special Guest: Catherine Kretzcschmar.

      • GNU World Order 13xmas

        Holiday bonus episode. s

    • Kernel Space

      • FSCRYPT’s Inline Encryption Support Updated For Possible Inclusion In Linux 5.6

        Back in October we reported on work done by Google on FSCRYPT inline encryption support for allowing the Linux file-system encryption framework to handle the encrypt/decrypt more optimally for modern mobile SoCs with inline encryption hardware. It’s looking like that work might be ready to go now for Linux 5.6 after missing out on the 5.5 cycle.

      • Intel Tiger Lake + Jasper Lake Power Management Support Prepped For Linux 5.6

        We’ve been covering Intel’s Tiger Lake hardware enablement for Linux since the early patches were posted this summer and that quickly followed with Jasper Lake open-source patches for that future line of Tremont-based Atom SoCs. The Jasper and Tiger Lake enablement is continuing with the Linux 5.6 cycle getting underway around the start of February.

        Already for Linux 5.6 we have noted more Intel Tiger Lake and Jasper Lake graphics driver pieces coming together, mostly on the Tiger Lake side. But other areas of the Linux kernel continue to be wired up. The newest material I am seeing queued ahead of the Linux 5.6 merge window are the power management pieces.

        Among the items coming on the PM side for Jasper/Tiger Lake with Linux 5.6 are adding Jasper Lake support to the existing PowerCap / RAPL driver for power-capping and run-time average power-limiting. The work does reaffirm that Jasper Lake is Tremont based, part of the Atom family, and for mobile platforms.

    • Benchmarks

      • GCC 10 PGO Benchmarks On AMD Ryzen Threadripper 3960X + Ubuntu 19.10

        For those looking for some fresh reference numbers on the impact of using GCC’s Profile Guided Optimizations (PGO), here are some benchmark runs looking at the GCC 10 PGO performance on an Ubuntu 19.10 workstation built around the Ryzen Threadripper 3960X.

        I also have some fresh GCC 10 LTO optimization benchmarks coming in the next few days but using the PGO PTS module I ran some fresh benchmarks with just “-O3 -march=native” and then again after making use of profile guided optimizations for the benchmark runs.

      • AMD Athlon 3000G Linux Performance Benchmarks – The New $50 Processor

        Announced last month was the Athlon 3000G as a ~$49 processor based on Zen and featuring two cores / four threads and Vega 3 graphics. This 35 Watt TDP processor has finally begun appearing at more Internet retailers in stock last week and I was able to pick up one of these budget CPUs for $55 USD. Here are benchmarks of the Athlon 3000G on Ubuntu Linux compared to other low-end and older processors.


        The Athlon 3000G isn’t as exciting as the recent high-end Zen 2 desktop CPUs, but for those looking for a new CPU on a tight budget or just needing a low-end, low-power CPU for a storage box or other lightweight tasks, the Athlon 3000G delivers a ton of value.

      • Blender And V-Ray CPU Rendering: Linux vs. Windows

        Desktop users have always cared about software optimization, and as soon as many-core CPUs began to hit the market, it became immediately clear that not all software is developed alike. In the classic Linux vs. Windows performance debate, another element is thrown in with the fact that software optimizations can differ between OSes, ultimately making it difficult to predict which route would be quicker.

        When AMD released its second-gen Ryzen Threadripper last year, its top-end model offered 32 cores, and 64 threads. At launch, many reviewers encountered performance anomalies, but in some cases, those anomalies proved to be nonexistent in Linux. An explicit example we remember is with 7-zip; its built-in benchmark didn’t scale well with the 2990WX in Windows, but did just fine in Linux.

        Since the release of those (now last-gen) Threadrippers, both Linux and Windows have received updates to improve threading on big CPUs, and improve performance on their respective platforms in general. Windows has clearly needed more polish than Linux, given that it wasn’t until this past summer when AMD could consider its quest for optimal threading complete. That contrasts with our entire Linux suite scaling pretty well from the get-go.

    • Applications

    • Instructionals/Technical

    • Distributions

      • New Releases

        • Alpine 3.11.2 released

          The Alpine Linux project is pleased to announce the immediate availability of version 3.11.2 of its Alpine Linux operating system.

          This is a bugfix release that fixes missing dtbs files for rpi and missing initramfs image for netboot.

          The full lists of changes can be found in the git log and bug tracker.

      • Fedora Family

        • Fedora at Prague Pyvo

          Last month, the Fedora Council had a face-to-face meeting in Prague. While we were there, Miro Hrončok invited us to Prague Pyvo—the local Python meetup. Jona Azizaj, Matthew Miller, and I made the trip across town for what ended up being a Fedora-themed night.

          I gave a talk called “Fedora and the Future of Operating Systems”. The presentation gives a brief introduction to the history of software distribution—from the bad old days of having to compile everything from source to the advent of binary packages and repositories. Operating systems have become reliable (not boring!), so distributions are focusing on solving higher-level problems. The future of Fedora includes new approaches like Fedora Silverblue, Fedora CoreOS, and Fedora IoT, as well as concepts like Fedora Modularity.

          Next up, Matthew did an open floor discussion of the Fedora community generally and what it’s like to lead such a large, complicated project. The audience had a lot of great questions. Some of them were Fedora users and there were also several contributors. Almost everyone was at least passingly familiar with Fedora.

        • From Botched Releases To Exciting New Features, Fedora Saw A Lot Of Changes During The 2010s

          Fedora continued serving at the forefront of many Linux distribution innovations over the past decade and the largely Red Hat driven platform continued contributing their work back upstream from countless GNOME features to hardware improvements/fixes, UEFI “flicker-free boot” crossing the finish line, good hardware firmware updating support, and much more.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Khadas VIM3L: An Open Source HTPC Device

        If you’ve read our list of Raspberry Pi alternatives, you might have come across VIM by Khadas.

        China-based Khadas is becoming increasingly popular for its single board computers (SCB). Apart from the generic do-it-yourself (DIY) VIM series, Khadas also has Tone boards that can be utilized for DJing and Edge boards for AI and other related projects.

        As discussed in Raspberry Pi projects, one of the most popular use of a single board computer is to use it as a media center. You can turn your TV in more than just a smart TV (without being monitored) and play local music, videos, pictures and even games on your TV. You can also watch streaming services through these media center.

        You can always configure VIm (or any other SCB) as a media center. It’s a good DIY exercise but not everyone would like it.

      • Web Browsers

        • Mozilla

          • Cameron Kaiser: TenFourFox FPR18b1 available

            TenFourFox Feature Parity Release 18 beta 1 is now available (downloads, hashes, release notes). As promised, the biggest change in this release is to TenFourFox’s Reader mode. Reader mode uses Mozilla Readability to display a stripped-down version of the page with (hopefully) the salient content, just the salient content, and no crap or cruft. This has obvious advantages for old systems like ours because Reader mode pages are smaller and substantially simpler, don’t run JavaScript, and help to wallpaper over various DOM and layout deficiencies our older patched-up Firefox 45 underpinnings are starting to show a bit more.

            In FPR18, Reader mode has two main changes: first, it is updated to the same release used in current versions of Firefox (I rewrote the glue module in TenFourFox so that current releases could be used unmodified, which helps maintainability), and second, Reader mode is now allowed on most web pages instead of only on ones Readability thinks it can render. By avoiding a page scan this makes the browser a teensy bit faster, but it also means that edge-case web pages that could still usefully display in Reader mode now can do so. When Reader mode can be enabled, a little “open book” icon appears in the address bar. Click that and it will turn orange and the page will switch to Reader mode. Click it again to return to the prior version of the page. Certain sites don’t work well with this approach and are automatically filtered; we use the same list as Firefox. If you want the old method where the browser would scan the page first before offering reader mode, switch tenfourfox.reader.force-enable to false and reload the tab, and please mention what it was doing inappropriately so it can be investigated.

            Reader mode isn’t seamless, and in fairness wasn’t designed to be. The most noticeable discontinuity is if you click a link within a Reader mode page, it renders that link in the regular browser (requiring you to re-enter Reader mode if you want to stay there), which kind of sucks for multipage documents. I’m considering a tweak to it such that you stay in Reader mode in a tab until you exit it but I don’t know how well this would work and it would certainly alter the functionality of many pages. Post your thoughts in the comments. I might consider something like this for FPR19.

      • Funding

        • Here Comes xs:code ‘Monetization Switch’ For Open-Source Projects [Ed: From all one can gather, based on public information, xs:code is just an openwashing facilitator which will help companies push proprietary software with 'trial versions' that are "Open", i.e. more of the old problem of fakes, lock-in, traps. Some people, when speaking about "Open Source Monetization" or ‘Monetization Switch’, actually suggest offering proprietary software and using Open Source as a marketing ploy. This is not what we need.]

          Israel-based start-up xs:code recently launched its monetization platform for open-source projects. Taking a new approach, the company is helping solve the sustainability challenges of open-source software by incentivizing developers to maintain their code by charging companies for using it.

      • FSF

        • Licensing / Legal

          • Realme Releases Android Pie Kernel Sources for the Realme X2

            Chinese tech firms are not known for releasing the kernel sources of their devices in keeping with GNU licensing requirements, but Realme has been a notable exception. Ever since its inception last year, the company has been consistently wooing power users by encouraging third-party development on its devices. Keeping up with the practice, the company has now released the kernel sources of the Realme X2 on Github, enabling developers to start their work on TWRP custom recovery and custom ROMs.


            Coming back to the Realme X2, now that the kernel source codes are on Github, we expect some cool third-party developments for the device, including custom kernels and ROMs. The X2 was only launched in India last week, but has already gained a large following among users looking for an affordable mid-range phone. So if you’re one of those who already snapped up the device or are planning to do so, you will be happy to know that third-party development is probably already in the works.

      • Programming/Development

        • Excellent Free Tutorials to Learn Assembly

          An assembly language is a low-level programming language for a computer, or other programmable device. Assembly language is used by almost all modern desktop and laptop computers. It is as close to writing machine code without writing in pure hexadecimal. It is converted into executable machine code by a utility program referred to as an assembler.

          Assembly language is infrequently used by programmers nowadays, but there are still good reasons to learn the language. It is the most powerful computer programming language available. While assembly language shares very little with high level languages (such as Java, C#, Python etc), and assembly languages for different CPU architectures often have little in common, it gives programmers the insight required to write effective code in high-level languages.

          Assembly language is also used primarily for direct hardware manipulation, access to specialized processor instructions, or to address critical performance issues. Assembly is excellent for speed optimization.

        • Python

          • PyPy 7.3.0 released

            The interpreters are based on much the same codebase, thus the double release.

            We have worked with the python packaging group to support tooling around building third party packages for python, so this release changes the ABI tag for PyPy.

            Based on the great work done in portable-pypy, the linux downloads we provide are now built on top of the manylinux2010 CentOS6 docker image. The tarballs include the needed shared objects to run on any platform that supports manylinux2010 wheels, which should include all supported versions of debian- and RedHat-based distributions (including Ubuntu, CentOS, and Fedora).

            The CFFI backend has been updated to version 1.13.1. We recommend using CFFI rather than c-extensions to interact with C.
            The built-in cppyy module was upgraded to 1.10.6, which provides, among others, better template resolution, stricter enum handling, anonymous struct/unions, cmake fragments for distribution, optimizations for PODs, and faster wrapper calls. We reccomend using cppyy for performant wrapping of C++ code for Python.

            The vendored pyrepl package for interaction inside the REPL was updated.

          • Python Dictionary Iteration: Advanced Tips & Tricks

            Dictionaries are one of the most important and useful data structures in Python. They can help you solve a wide variety of programming problems. This course will take you on a deep dive into how to iterate through a dictionary in Python.

          • metadsl PyData talk

            PyData NYC just ended and I thought it would be good to collect my thoughts on metadsl based on the many conversations I had there surrounding it. This is a rather long post, so if you are just looking for some code here is a Binder link for my talk

          • Why your Python code should be flat and sparse

            The Zen of Python is called that for a reason. It was never supposed to provide easy-to-follow guidelines for programming. The rules are specified tersely and are designed to engage the reader in deep thought.

            In order to properly appreciate the Zen of Python, you must read it and then meditate upon the meanings. If the Zen was designed to be a set of clear rules, it would be a fault that it has rules that contradict each other. However, as a tool to help you meditate on the best solution, contradictions are powerful.


            The easiest way to make something less dense is to introduce nesting. This habit is why the principle of sparseness follows the previous one: after we have reduced nesting as much as possible, we are often left with dense code or data structures. Density, in this sense, is jamming too much information into a small amount of code, making it difficult to decipher when something goes wrong.

            Reducing that denseness requires creative thinking, and there are no simple solutions. The Zen of Python does not offer simple solutions. All it offers are ways to find what can be improved in the code, without always giving guidance for “how.”

            Take a walk. Take a shower. Smell the flowers. Sit in a lotus position and think hard, until finally, inspiration strikes. When you are finally enlightened, it is time to write the code.

          • Top articles for learning Python in 2020

            No matter where you are in your Python programming journey, Opensource.com’s top Python articles from 2019 will help you along the way.

          • Return an even number based on the Nth even number with python

            In this example, we will create a python function that will return an even number based on the Nth even number given.

            Let say when we enter one into that function, the function will return 0 because the first even number is 0. If we enter two into that function, the function will return 2 because the second number of even numbers is 2. Besides that, we will also need to take care of the number that is smaller than 1 which is an invalid entry as one is the very first even number.

          • How to Get the Current Date and Time in Python

            Logging, saving records to the database, and accessing files are all common tasks a programmer works on. In each of those cases, date and time play an important role in preserving the meaning and integrity of the data. Programmers often need to engage with date and time.

            In this article we will learn how to get the current date and time using Python’s builtin datetime module. With that module, we can get all relevant data in one object, or extract the date and time separately.

            We will also learn how to adjust our date and time for different timezones. Finally, we’ll look at converting datetime objects to the popular Unix or Epoch timestamps.

        • Shell/Bash/Zsh/Ksh

          • Remove White Space In Text or String Using Awk and Sed In Linux

            In Linux there are couple of ways to remove white space in text. I will talk mainly about awk, sed and Python CLI tool to manipulate in Linux.

            Lets start with sed.

            sed is a great command line utility in Linux. There is whole bunch of things you can do with sed but for the purpose of this artcile, we would talk sed regex for removing space in strings or text. Checkout online utility to remove whitespace.

      • Standards/Consortia

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Google Chrome 79 crashing on Linux with NOD32 installed, ESET denies responsibility

            Google Chrome and crashing, they go hand in hand! Aw, Snap! error might have hampered your way to doing something important multiple times. With Chrome 78, it expanded massively that users filled the support forum with hundreds of concerns.

            In case you are not aware, the acknowledgement already came out from Mountain View. And, they found out that multiple antivirus applications are raising incompatibility issues on version 78. Moreover, the company is working in collaboration with those software vendors to make things right.


            As you can see in the image given above, it has upset Linux users as well. One would think it is the same issue and disabling the real-time protection of the security software might clear the air. Interestingly, most of the concerned users have NOD32 installed.

            Here comes the interesting part. Despite turning off the protection, people could see Google Chrome crashing over and over again. Have a look at the similar concern coming from an Ubuntu user (another one here).

          • Security updates for Tuesday

            Security updates have been issued by CentOS (freetype, kernel, nss, nss-softokn, nss-util, and thunderbird), Mageia (ghostpcl, libmirage, and spamassassin), Oracle (fribidi), and SUSE (mariadb-100, shibboleth-sp, and slurm).

    • Freedom of Information / Freedom of the Press

      • The Guardian forced to clarify misleading article on Assange and Russia

        The decision on November 14th this year followed a formal complaint by the former Consul of Ecuador Fidel Narvaez, in October 2018, challenging the newspaper to substantiate its assertion, which he described as “false and defamatory”. A correction was published by The Guardian last Friday, December 20th.

        The Review Panel, has determined that the article “Revealed: Russia’s Christmas Eve plot to smuggle Assange out of UK“, breached the “Accuracy” principle of the Code of Conduct of the Press Complaints Commission in England.

        The Review Panel is composed of John Willis, the former Guardian News & Media external ombudsman, Bafta deputy chairman and chief executive of Mentorn Media; Geraldine Proudler, partner at Olswang and board member of the Guardian Foundation; the legal and journalism academic Richard Danbury, and Elinor Goodman, former political editor of Channel 4 News, and one of six panel members at the Leveson inquiry

Links 24/12/2019: Cantor 19.12, antiX 19.1, HyperbolaBSD Roadmap

Posted in News Roundup at 6:08 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Kernel Space

      • Linux kernel preemption and the latency-throughput tradeoff

        Preemption, otherwise known as preemptive scheduling, is an operating system concept that allows running tasks to be forcibly interrupted by the kernel so that other tasks can run. Preemption is essential for fairly scheduling tasks and guaranteeing that progress is made because it prevents tasks from hogging the CPU either unwittingly or intentionally. And because it’s handled by the kernel, it means that tasks don’t have to worry about voluntarily giving up the CPU.

        It can be useful to think of preemption as a way to reduce scheduler latency. But reducing latency usually also affects throughput, so there’s a balance that needs to be maintained between getting a lot of work done (high throughput) and scheduling tasks as soon as they’re ready to run (low latency).

        The Linux kernel supports multiple preemption models so that you can tune the preemption behaviour for your workload.

      • USB4 Support Coming to Linux 5.6 Kernel

        Linux 5.6 will receive support for USB4, Phoronix reported on Sunday. The Linux 5.6 Kernel will likely debut by April.

        USB4’s spec published in September and is based on Thunderbolt 3, with which it is backwards compatible. Intel’s open-source department added the initial patches for USB4 in October.

        The Linux 5.6 kernel will reportedly have both host and device support, as well as source code and a bunch of other features, thanks to leveraging the existing Thunderbolt code. It has also kept the code compact at just 2,000 lines of code.

      • Cavium Octeon’s Ethernet Driver Being Booted From Linux 5.6

        The Ethernet driver for supporting Cavium’s Octeon SoCs is slated for removal in the Linux 5.6 cycle.

        The Octeon Ethernet networking driver has been part of the mainline kernel for a decade but within the “staging” area of the kernel where immature / WIP kernel code is nursed along. But with this driver being stagnate now for several years without any real effort to get it cleaned up, Linux kernel staging maintainer Greg Kroah-Hartman is dropping it from the kernel.

        Greg already removed it in staging-next ahead of Linux 5.6. Dropping the driver lightens the kernel by almost five thousand lines of code.

      • Why Linus Torvalds Doesn’t Use Ubuntu or Debian?

        Linus Torvalds gives a practical reason why he doesn’t use Ubuntu or Debian.

      • Graphics Stack

        • NVIDIA Releases 340.108 Linux Driver Providing Updated Legacy Support For GeForce 8 / 9

          For those still running a GeForce 8 or 9 series graphics card, you really ought to consider upgrading this holiday season. Even the cheapest of recent generation NVIDIA GPUs should deliver better performance and far better efficiency over those older GPUs, but in any case, NVIDIA released the 340.108 Linux driver as part of their legacy maintenance support.

          The NVIDIA 340.108 Linux legacy driver update has better compatibility with the latest kernels through v5.4, various installer fixes, and a variety of other build-related failures to let this legacy driver continuing to run gracefully on the latest Linux distributions as we enter 2020. There are no new features with this being an old legacy branch simply in maintenance mode.

        • Intel Sends Out A Big Christmas Update Of Graphics Driver Changes Aiming For Linux 5.6

          Intel’s open-source graphics driver team responsible for their kernel graphics driver (the i915 Direct Rendering Manager driver) have sent out their first (big) batch of new material to DRM-Next for collection ahead of the Linux 5.6 merge window opening in just over one month’s time.

        • Hybrid graphics and DisplayLink docks create laptop Linux pain

          Not that it is ever likely to happen, but if the fabled Year of the Linux desktop were ever to begin to occur, its momentum would more than likely crash against laptops with hybrid graphics.

          These are devices that pack a discrete GPU, usually Nvidia, and couple it with the standard laptop-style integrated graphics. It’s a best of both worlds approach that relies on the integrated graphics silicon to save power, and the kicking in of the discrete GPU when workloads demand it.

          That’s the theory anyway.

          In recent weeks, a pair of laptops with such display technology landed in ZDNet’s South Pacific outpost, the Gigabyte Aero 15 OLED and the Lenovo ThinkPad X1 Extreme Gen 2.

          Both laptops have 9th generation Intel CPUs, NVMe-based storage, and 15.6-inch screens. But the Gigabyte has a tasty 4K OLED display along with a beefy Nvidia GeForce RTX 2070, and 8GB of RAM, while the ThinkPad has a HD-capable screen with a GeForce GTX 1650, and 16GB of memory.

          With a flashy rainbow-lit keyboard, the Aero comes across as a gaming machine that could get away with a few productivity and creative applications.

        • AMDVLK 2019.Q4.5 Vulkan Driver Adds A Couple More Extensions

          AMD’s official Vulkan driver team has pushed a new code drop of their open-source Linux “AMDVLK” derivative for those wanting to give it a whirl for some holiday gaming.

          The AMDVLK 2019.Q4.5 is the surprise release out this Monday morning, compared to usually doing their code drops later in the week. The AMDVLK 2019.Q4.5 driver now exposes Vulkan 1.1.129 API and adds support for the VK_KHR_shader_float_controls and VK_KHR_separate_depth_stencil_layouts extensions.

    • Benchmarks

      • Linux 5.0 Through Linux 5.4 Benchmarks On AMD EPYC 7642 “Rome” Server

        A month ago I posted benchmarks looking at the performance of Linux 4.16 through Linux 5.4 kernels using an Intel Core i9 workstation. Stemming from that was a request for an AMD EPYC kernel comparison, so I carried out said tests. Due to the Rome support being newer, this round of testing is looking at the EPYC 7642 performance on Linux 5.0 to Linux 5.4.

        The tests were done last month but with the results not being too interesting, publishing them escaped my mind until this week firing up some of the Linux 5.5 kernel benchmarks. Those initial Linux 5.5 numbers for AMD EPYC should be out in the days ahead and should be interesting given some prominent changes with Linux 5.5 and other early performance numbers showing some interesting changes.

    • Instructionals/Technical

    • Games

      • The new Shotgun Farmers limited time Hide & Freeze game mode is hilarious

        The incredibly unique shooter Shotgun Farmers has a really amusing limited-time event going on, with a Hide & Freeze game mode now live.

        Hide & Freeze is like a prop hunt mode, one team are dressed up in identical Snowman skins while the other team of Farmers have to find them hidden amongst a crowd of them. If you’re a Snowman, you have 5 snowballs to throw and freeze a Farmer to make a quick getaway to hide again and it’s hilarious.

    • Linux Mag (Paywall)

    • Desktop Environments/WMs

      • KDE vs XFCE vs Gnome

        Chris Titus recently vlogged about an article showing that KDE 5.17 is now smaller than XFCE 4.14 in memory usage. The article says that in their tests, XFCE actually uses more RAM than KDE. I was very interested in this, but I couldn’t quite believe it and so I ran my own tests.

        First of all, we need to compare apples to apples. I created an OpenSUSE VM using Vagrant with KVM/libvirt. It had 4 cores and 4192MB of RAM. This VM has no graphical interface at all. As soon as I got it up, I took the first “No X” measurement. After patching using zypper dup, I took the second “No X” reading. Every reading in this blog post was using the free -m command. I then shut down the VM and cloned it 3 times so each copy should be completely the same.

        I installed the desktop environments into their respective VMs using the following commands:

        zypper in -t pattern kde

        zypper in -t pattern xfce

        zypper in -t pattern gnome

        After desktop environment was done, I then installed the lightdm display manager. This wasn’t actually necessary with Gnome because it installs gdm as a dependency.

      • Chill out with the Linux Equinox Desktop Environment

        haven’t used the Fast Light Toolkit (FLTK) for anything serious yet, but I’m a fan of the C++ GUI toolkit that’s pretty simple to learn and (in my experience) reliable even across updates. When I found out that there was a desktop environment built with FLTK, I was eager to try it—and I was quickly glad I did. The Equinox Desktop Environment (EDE) is a fast and simple desktop written in C++ and FLTK for Unix desktops. It uses common desktop conventions, so it looks and feels familiar right away, and after only a few days of using it, I found its simplicity provides a minimal elegance that I enjoy.

      • K Desktop Environment/KDE SC/Qt

        • Cantor 19.12

          Recently, the KDE community announced the release 19.12 of KDE applications, inlcuding Cantor. Many highlights of this release are mentioned in the release announcement. Today we’d like to highlight the development done in Cantor for the 19.12 release

          In the previos release 19.08 we mostly concentrated on improving the usability of Cantor and spent quite some effort to stabilize the already available feature set. This release comes with a big new feature, namely the support for Jupyter notebook format.

          Jupyter is a a very popular open-source web-based application that provides an interactive environment for different programming languages. The interactive documents are organized in “notebooks”. This application is widely used in different scientific and educational areas and there is a lot of shared notebooks publically available on the internet. As an example for a collection of such notebooks see this collection.

          For Cantor, which is very similar in spirit to Jupyter, we decided to add the ability to read and save Jupyter’s notebook format in order to benefit from the big amount of available content for Jupyter. The implementation required for this was mainly done by Nikita Sirgienko as part of the Google Summer of Code 2019 project. His series of blog posts contains many examples as well as implementational details that will be omitted here.

      • GNOME Desktop/GTK

        • Marcus Lundblad: Christmas Maps

          To stick to the tradition I thought that I should write a little post about what’s been going on since the stable 3.34 release in September. The main thing that’s come since then for the upcoming 3.36 release is support for getting public transit route/itinerary planning using third-party providers. The basic support for public transit routing, based on OpenTripPlanner has been in place since 2017 with the original plan to find funding/hosting to set up a GNOME-specific instance of OTP fed with a curated set of GTFS feed. But since this plan didn’t come to fruition, I repurposed the existing support so that it can fetch a list of known providers with defined geographical regions. First by utilising the existing OpenTripPlanner implementation (but rewritten to be instanciated per third-party provider). Later I have added plugins for the Swedish Resrobot and Swiss opendata.ch online API. These have yet not been activated in the service file (it’s using the same service file as for tile and search providers). But this will soon be there, so stay tuned.

        • End of the year Update: 2019 edition

          It’s the end of December and it seems that yet another year has gone by, so I figured that I’d write an EOY update to summarize my main work at Igalia as part of our Chromium team, as my humble attempt to make up for the lack of posts in this blog during this year.

          I did quit a few things this year, but for the purpose of this blog post I’ll focus on what I consider the most relevant ones: work on the Servicification and the Blink Onion Soup projects, the migration to the new Mojo APIs and the BrowserInterfaceBroker, as well as a summary of the conferences I attended, both as a regular attendee and a speaker.

    • Distributions

      • New Releases

        • antiX-19.1 bug-fix/upgrade isos available.

          All new isos are bug-fix/upgrades of antiX-19 sysvinit series.

          Only for new users, no need to download if using antiX-19.

          antiX-19.1 is based on Debian Buster and systemd-free.

          As usual we offer the following systemd-free flavours for both 32 and 64 bit architecture.

          antiX-full (c1.1GB) – 4 windows managers – IceWM (default), fluxbox, jwm and herbstluftwm plus full libreoffice suite.

          antiX-base (c700MB so fits on a cd) – 4 windows managers – IceWM (default), fluxbox, jwm and herbstluftwm.

          antiX-core (c350MB) – no X, but should support most wireless.

          antiX-net (c140MB)- no X. Just enough to get you connected (wired) and ready to build.

          The 32 bit version uses a non-pae kernel.

        • EndeavourOS Liftoff for the net-installer!

          We have been able to solve the problems the net-installer was encountering sooner than expected, so without further ado, we are proud to present you the community development release of the combined installer.

          You probably are wondering why we don’t call it a beta release, well with this release we want to engage the entire community to help us improve this combined offline and online-installer on its journey to the stable version. Your feedback plays a vital role in this community development release, so we’re eagerly waiting for your findings to improve it.

          This release has passed several basic tests, so we are convinced the installer works in its most basic function for most hardware out there. We are aware that this version has issues with a particular group of hardware. If you encounter glitches, artefacts or screen tearing, just post the issue on our forum with your hardware specs and some Moderators can guide you through a workaround for most of the plagued hardware.

        • Santa sent us a mirror elf!

          Christmas is just around the corner and yesterday when I opened the emails, a gift in the form of Alpix was waiting for us to be opened.

          Our repo and ISO downloads go through Github and we didn’t have any mirror service to provide these services.

          Alpix is an Open-source enthusiast who also provides his mirror service for Kaos, Manjaro, Deepin, Chakra, CentOS and many more.

          He used to provide his services to Antergos as well.

      • Debian Family

        • Gregor Herrmann: init system GR

          finally – the third call for vote has already gone out – I took the time to cast my vote in the debian init system GR (General Resolution), the vote of debian members about the project’s further course with regard to init systems.

        • european train systems

          now what about the trains? bruxelles is the capital of europe, & laveno-mombello is just approx. 400 km from here (i.e. closer than the capital of my country). still, no train company would sell my a ticket to these destinations.

          no train company? well that’s slightly exaggerated. for one of the destinations (bruxelles), one company (DB) would sell me a ticket, if I trick the web interface into showing me the connection I want by adding some ‘via’ entries with appropriate durations. ÖBB fails because it doesn’t sell thalys tickets, & also no ICE tickets, for the last leg. – so either DB with some trickery, or ÖBB plus either thalys or DB, & hope that there are no delays.
          ÖBB is also very proud of their new nightjet connection to bruxelles (from vienna & innsbruck), starting in january 2020. what they don’t announce widely is that this train goes only 2 times per week. (of course not the days I need.)

          for the trip to laveno-mombello I could either go via verona/milano & buy a ticket from ÖBB until verona & a ticket (actually three) from trenitalia for the rest; or go via switzerland & buy a ticket from ÖBB until bellinzona, a ticket from SBB for the 10+ minutes to cadenazzo, & a ticket from trenord from cadenazzo until laveno-mombello. (that’s already the summary; neither ÖBB nor DB nor SBB nor trenitalia nor trenord would sell me a ticket for the whole journey. trenitalia also doesn’t know cadenazzo, btw. ÖBB would also sell me a ticket to cadenazzo, it’s just roughly 100 EUR more expensive than the sparschiene-ticket to bellinzona.)
          two years ago I did the former; & 8 of the 8 trains were delayed on departure or arrival or both. obviously the trip with its three changes per direction took almost twice the time of just taking the car.
          last year, a friendly soul picked me up with their car after one train trip, & probably we’ll do it the same way again this year.

        • Other Vintage Computer Replication Projects

          A few weeks back, I was showing my PDP-8/e project at the Vintage Computer Festival in Zurich. While I was doing my project, I haven’t really checked if there were other projects like this. At least for the PDP-8 I knew there wasn’t, the only FPGA core I could find was a new implementation of the architecture that is binary compatible but doesn’t attempt to replicate the structure and instruction cycles of any specific PDP-8.
          At this VCFe I found there were two other projects that also aim at recreating computers in FPGAs from original schematics. One is a DEC PDP-6, the other is an IBM System/360 Model 30. The IBM one is also interesting in that it appears to create a live image of the front panel state on its VGA output. At the VCFe however, it was connected to an original front panel, making it much more impressive.
          From talking to the people involved in these projects I gathered that they have some challenges with the lack of a central clock that drives synchronous logic, a design method that is central to modern logic and the kind of hardware that can most efficiently be implemented in FPGAs. Apparently there are many places where logic delays were integral to both the PDP’s and IBM’s logic, and those are not simple to implement especially when the delay is not well documented in the schematics.

        • Romain Perier: My Raspberry PI 4 4GB

          I have received my Raspberry PI 4 4GB that has been funded by the Debian project. I would like to thank the DPL and Gunnar Wolf for this (who vouched for me).

          So today, I have unpacked the board and tested it with the default flashed noobs/raspbian, so I check that everything is working as expected (from the hw point of view, I already had bad suprises in the past with some evaluation boards).

          Interesting topics will come soon, mostly about booting a debian testing/sid on it , adding support to raspi-firmware and the linux kernel for enabling support for the pi 4 and some variants drivers for the bcm2711.

      • Canonical/Ubuntu Family

        • Ubuntu Weekly Newsletter Issue 610

          Welcome to the Ubuntu Weekly Newsletter, Issue 610 for the week of December 15 – 21, 2019. The full version of this issue is available here.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Starting from open (and FOSS)

        As our society becomes increasingly dependent on computing, the importance of security has only risen. From cities hit by ransomware attacks, to companies doing cutting edge research that are the targets of industrial espionage, to individuals attacked because they have a desirable social media handle or are famous – security is vital to all of us.

        When I first got into Linux and FOSS, I have strong memories of the variety of things enabled by the flexibility it enabled. For example, the first year of college in my dorm room with 3 other people, we only had a shared phone line that we could use with a modem (yes, I’m old). A friend of a friend ended up setting up a PC Linux box as a NAT system, and the connection was certainly slow, but it worked. I think it ran Slackware. That left an impression on me. (Though the next year the school deployed Ethernet anyways)

        Fast forward 20+ years, we have the rise of the cloud (and cheap routers and WiFi of course). But something also changed about Linux (and operating systems in general) in that time, and that’s the the topic of this post: “locked down” operating systems, of which the most notable here are iOS, Android and ChromeOS.

      • A Thank You to the Chef Community

        In October of 2014 Nathen Harvey – someone I knew mainly as a fellow Theatre major working as a software engineer – reached out and invited me to attend the Chef Community Summit. I had no idea what to expect – only that I hoped to learn more about writing Chef and understanding this DevOps thing I was hearing so much about. This sometimes surprises people, but I am very much an introvert. When I come to an event or meet a community for the first time I tend to stick to the edges of the room. The Chef Community summit was the first place where I felt both welcomed and drawn into the center of the community immediately. People I knew only from Twitter like Adam Jacob, Chris Webber, Jennifer Davis, Jessica Devita, and many more not only were kind to me, they sought and very clearly valued what I thought of both the technologies and the community they were building. I knew immediately this was a community I wanted to be a part of – and, moreover, Chef was a place I absolutely wanted to work.

      • The Year in Open Source: IBM-Red Hat, SUSE, Microsoft, More

        It was an intriguing and entertaining year for open-source software in 2019, with news headlines that were all over the map. In the biggest news, IBM completed its acquisition of open source market leader Red Hat, bringing the two powerhouses together on a new shared path of making their now-connected futures successfully work out for both.

      • Hugging Face Raises $15 million to Expand its Open Source Software on Conversational AI

        New York-based Hugging Face, a startup known by an app launched in 2017 that allows you to chat with an artificial digital friend, recently open-sourced its library for natural language processing (NLP) framework, called Transformers. I

      • Pentagon wants open-source 5G plan in campaign against Huawei

        The Pentagon is urging US telecoms equipment makers to join forces on 5G technology in a drive to offer a homegrown alternative to China’s Huawei. Lisa Porter, who oversees research and development at the defence department, has asked US companies to develop open-source 5G software — in effect opening up their technology to potential rivals — warning they risk becoming obsolete if they do not.

        Making 5G tech open-source could threaten American companies such as Cisco or Oracle, the biggest American suppliers of telecoms network equipment.

      • Apache Kafka version 2.4 improves streaming data performance

        Apache Kafka version 2.4 became generally available this week, bringing with it a host of new features and improvements for the widely deployed open source distributed streaming data technology.

        The popularity of Kafka has put it at the center of event processing infrastructure, which is used by organizations of all sizes to stream messages and data. Kafka is often used as a technology that brings data into a database or a data lake, where additional processing and analytics occur. Optimizing performance for globally distributed Kafka deployments has long been a challenge, but the new features in Apache Kafka 2.4 could also help to further its popularity, with improved performance and lower latency.

      • Web Browsers

        • Mozilla

          • What’s the point: New Rust, Terraform tweaks, CFEngine revs

            The Rust team have released v1.40.0 of the programming language. The team have flagged up a number of key improvements, including the addition of an attribute, #[non_exhaustive], which when attached to a struct or the variant of an enum, “will prevent code outside of the crate defining it from constructing said struct or variant”. Macros and attributes have been given a general scrub up, and a series of functions and macros have been stabilised and added to the standard library.

          • Async Interview #3: Carl Lerche

            One of the first things we talked about was a kind of overview of the layers of the “tokio-based async stack”.

            We started with the mio crate. mio is meant to be the “lightest possible” non-blocking I/O layer for Rust. It basically exposes the “epoll” interface that is widely used on linux. Windows uses a fundamentally different model, so in that case there is a kind of compatibility layer, and hence the performance isn’t quite as good, but it’s still pretty decent. mio “does the best it can”, as Carl put it.

            The tokio crate builds on mio. It wraps the epoll interface and exposes it via the Future abstraction from std. It also offers other things that people commonly need, such as timers.

            Finally, bulding atop tokio you find tower, which exposes a “request-response” abstraction called Service. tower is similar to things like finagle or rack. This is then used by libraries like hyper and tonic, which implement protocol servers (http for hyper, gRPC for tonic). These protocol servers internally use the tower abstractions as well, so you can tell hyper to execute any Service.

          • Reducing Treeherder’s time to-deploy

            If a regression was to be found on production we would either `git revert` a change out of all merged changes OR use Heroku’s rollback feature to the last known working state (without using Git).

            Using `git revert` to get us back into a good state would be very slow since it would take 15–20 minutes to run through Travis, a Heroku build and a Heroku release.

            On the other hand, Heroku’s rollback feature would be an immediate step as it would skip steps 1 and 2. Rolling back is possible because a previous build of a commit would still be available and only the release step would be needed .

            The procedural change I proposed was to use Heroku’s promotion feature (similar to Heroku’s rollback feature). This would reuse a build from the staging app with the production app. The promotion process is a one-click button event that only executes the release step since steps 1 & 2 had already run on the staging app. Promotions would take less than a minute to be live.

      • FSF

        • Setting the right example: Say no to the Elf on the Shelf

          Many if not most people have come to the conclusion that the song “Every Breath You Take” is creepy and inappropriate: Every step you take / Every move you make / Every bond you break / Every step you take / I’ll be watching you isn’t very reassuring, much less romantic. Yet for many years, we’ve been completely fine with kids learning that Santa Claus sees you when you’re sleeping / He knows when you’re awake / He knows if you’ve been bad or good, so be good for goodness sake.

          As noted by writer Matt Beard in The Guardian, the latest iteration of teaching kids to accept constant surveillance via holiday tradition is the Elf on the Shelf, a cheerful little snitch whom parents hide in different spots every day in the house. The idea is, the Elf watches what kids are up to, and if they call their little sister a name or steal a cookie from the cookie jar, the friendly household spy will tattle to Santa, who will add them to the “naughty” list. Beware! We agree with Beard that this cutesy, innocent-seeming “tradition” (which actually only dates back to 2005!) communicates to children that someone is always watching them, and that moreover, this is a perfectly normal thing. This should give us pause, and cause us to think carefully about what kind of messages we are sending in our behavior at home and with friends.

          This resonates with us not just because surveillance and privacy are obviously important free software issues, but because kids are little sponges who soak up our values from day one, and thus it’s important to communicate clearly. This is why, although it’s extraordinarily difficult to live in complete software freedom, we want to think about every concession to the proprietary world we make, and make sure that kids know that being forced to make those concessions is unfair. When we reject services that try to make us submit to Digital Restrictions Management (DRM) to watch our favorite movies, then we should explain why it’s bad; we can also endeavor to use the services in the Guide to DRM-Free Living instead, and explain why they’re better. At the center of the free software philosophy is a fundamental respect for human dignity and individual rights, as well as our responsibility to our community, and no matter how much we might want to use a shortcut to get kids to behave well, ultimately it sends the message that stomping on their right to privacy is okay today — and will be okay tomorrow when they’re grown up, too.

        • Presenting: ShoeTool — Happy Holidays from the FSF

          ShoeTool is an animated fairy tale about an elf shoemaker who thinks he buys a machine to help him make shoes… only to find out that there are there are strings attached to his “purchase.” Please show your support for free software and this video by promoting it on your social media using the #shoetool hashtag.

          Here’s a short URL you can use: https://u.fsf.org/shoetool

          Software restrictions, analogous to the kinds of restrictions our main character Wendell runs into as a user of the promising ShoeTool, are detrimental to our freedom, creativity, and jobs. We hope watching Wendell’s frustrations will shake things up in many homes and help more people understand.

        • ShoeTool — Happy Holidays from the FSF

          ShoeTool by the Free Software Foundation Copyright © 2019 is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License.

        • FSFE

          • Don’t miss the new software freedom podcast

            Some years ago I myself started to listen to podcasts. Not so much podcasts about technology but rather documentaries, features, and comments about politics. I mainly did that while travelling or if I was not tired but wanted to relax my eyes a bit.

            Earlier this year Katharina Nocun encouraged us to start a podcast for the FSFE ourselves. After some considerations we decided to give it a try and cover topics about software freedom in a monthly podcast.

            In October for the International Day Against digital restriction management (DRM) I was happy that Cory Doctorow, one of my favourite writers agreed to join us as a guest. We talked with him about the difference between books and an e-books with DRM, how authors and artist can make money without DRM, security implications of DRM, regulation of the so called “Internet of Things”, and other questions related to this issue.

            In November we talked with Lydia Pintscher, vice president of KDE, about the development of the KDE community, the different KDE projects, the issues they will be tackling over the next two years, how to maintain long term sustainability in such a large project, and how she balances her long time volunteer commitment with her day job.


            If you are new to podcasts I got the feedback from many that they enjoy listing to podcasts on their mobile with Antennapod which you can install through F-Droid.

        • GNU Projects

          • FSF-Approved Hyperbola GNU/Linux Switching Out The Linux Kernel For Hard Fork Of OpenBSD

            In a rather unusual twist, the Hyperbola GNU/Linux distribution that is approved by the Free Software Foundation for being free software and making use of the Linux-libre kernel has now decided they are going to fork OpenBSD and become a BSD.

            The Hyperbola developers allege that “the Linux kernel rapidly proceeding down an unstable path.” Most readers probably aren’t familiar with Hyperbola but it is GNU-approved for being comprised entirely of free software and using the Linux-libre kernel. It’s based on Arch and Debian while using OpenRC as the init system. But they now are unhappy with the path of the Linux kernel and want to pursue being a BSD platform.

          • Announcing HyperbolaBSD Roadmap

            Due to the Linux kernel rapidly proceeding down an unstable path, we are planning on implementing a completely new OS derived from several BSD implementations.

            This was not an easy decision to make, but we wish to use our time and resources to create a viable alternative to the current operating system trends which are actively seeking to undermine user choice and freedom.

      • Programming/Development

        • Migrating from Enterprise C# to Self Employed Clojure & React

          I’m currently 3 months into an exploratory hiatus from corporate life, and I’ve been enjoying it massively. About 18 months ago, I was a fresh grad from UT Austin and extremely enthused to start my career in software engineering. I had just gotten a job at PwC, and was somewhat clueless as to what software development was, or could be, as a career. I quickly learned C#, which was my daily language in an enterprise that heavily used the Microsoft stack, and quickly felt stagnation in challenge and learning. It wasn’t that things were easy, but for some reason my first year out of the gate was mostly incredibly boring HTML, CSS, and C# copy/paste style coding due to an incredibly mature application (think in the millions of lines of code) that had some hard to grasp domain knowledge caked in.

          Somewhere in that time I organically stumbled upon Paul Graham, then his essays, and eventually, Hacker News. That orange site profoundly changed the way I saw my career trajectory. Likely, I could, like many older developers around me, stay there for 10-20 years and end up making $200,000+ a year in a cheap, major city, or possibly make partner and double or triple that, but life is too short to wait 10-20 years for an abstract possibility, so I began absorbing all content I possibly could from Hacker News.

          Three key elements presented themselves to me while browsing – startups, importance of ownership, and fun programming. In startups, I saw the wonderful ability to not deal with typical corporate BS (I loved PwC, but I really don’t care to watch 40 hours of accounting ethics videos, annually). In ownership, I saw that really having equity in anything, software related or not, is the only way to build wealth that grows non-linearly with time input (thanks Naval Ravikant). In fun programming I found Clojure. With it I realized I can increase the joy of programming, and decrease boilerplate code by a magnitude simply by using it, rather than Java or C#. (Not to mention the magic of LISP!)

        • OpenBSD system-call-origin verification

          A new mechanism to help thwart return-oriented programming (ROP) and similar attacks has recently been added to the OpenBSD kernel. It will block system calls that are not made via the C library (libc) system-call wrappers. Instead of being able to string together some “gadgets” that make a system call directly, an attacker would need to be able to call the wrapper, which is normally at a randomized location.

          Theo de Raadt introduced the feature in a late November posting to the OpenBSD tech mailing list. The idea is to restrict where system calls can come from to the parts of a process’s address space where they are expected to come from. OpenBSD already disallows system calls (and any other code) executing from writable pages with its W^X implementation. Since OpenBSD is largely in control of its user-space applications, it can enforce restrictions that would be difficult to enact in a more loosely coupled system like Linux, however. Even so, the restrictions that have been implemented at this point are less strict than what De Raadt would like to see.

        • Python

          • Top 10 Python Open Source Projects On GitHub: 2019 [Ed: Analytics India Mag continues to perpetuate Microsoft lies; what Microsoft does not control in FOSS does not exist?]

            Python is one of the most favoured languages by data scientists. In fact, over 75% of respondents claim that Python is one of the most important skillsets for a data science practitioner. For the first time ever, Python passed Java as the second-most popular language on GitHub by repository contributors. Also, this year, the use of Jupyter Notebooks has seen more than 100% growth year-over-year for the last three years. Take a look at the top 10 Python open source projects in GitHub in 2019…

          • Python’s Built In IDE Isn’t Just Sitting IDLE


            One of the first challenges that new programmers are faced with is figuring out what editing environment to use. For the past 20 years, Python has had an easy answer to that question in the form of IDLE. In this episode Tal Einat helps us explore its history, the ways it is used, how it was built, and what is in store for its future. Even if you have never used the IDLE editor yourself, it is still an important piece of Python’s strength and history, and this conversation helps to highlight why that is.

          • Ace Python Interviews — a new, free course to help you get a better job

            It’s hard to exaggerate just how hot Python is right now. Lots of companies — from small startups to the Fortune 100 — have realized that Python allows them to do more in less time, and with less code. This means, of course, that companies are scrambling to hire Python developers. There’s tons of demand, and not nearly enough supply.

            In other words: Now is a great time to be a Python developer! There are opportunities in just about every field, from Web development to system administration, devops to machine learning, automated testing to financial calculations.

            If you’re going to get a Python job, you’ll first have to pass a Python job interview. And like everyone else, you’ll likely prepare for the interview by searching online for “Python interview questions,” or the like.

            The good news: There are lots of sites offering Python interview questions and answers.

            The bad news: I’ve looked at a lot of them, and they are terrible. The questions are often superficial, and the answers are often wrong or outdated. Plus, a programming interview isn’t a multiple-choice test, in which getting the right answer is the point. Rather, interviewers use the time with you to evaluate your depth of understanding, your coding process, and your ability to adapt as specifications change.

          • Guide to the Latest Trend in Fintech Area – RegTech

            Here comes RegTech — a new technology field that ensures that companies, especially tech firms, act in accordance with implemented government rules and regulations.

            The first time we came across the term RegTech was when our team was delivering Python development services to Clear Minds — an investment platform that acts as a digital adviser for people who want to make profitable investments in the long run. During the final stages of development, in May 2018, the GDPR came out.

            If you’re lucky enough to have never dealt with GDPR, I will briefly summarize what it is. It’s a regulation created by the EU that forces companies that work with customers’ personal data — in our case, tech companies — to protect the information they capture. Namely, they cannot disclose it to third parties, and must even delete it if a customer asks them to. GDPR is the reason why your email boxes were recently bombarded with new Terms & Conditions and Privacy Policies of all the services you were using or subscribed to.

          • NumPy, SciPy, and Pandas: Correlation With Python

            Correlation coefficients quantify the association between variables or features of a dataset. These statistics are of high importance for science and technology, and Python has great tools that you can use to calculate them. SciPy, NumPy, and Pandas correlation methods are fast, comprehensive, and well-documented.

          • Using a custom domain for Django app hosted on AWS EC2

            We already know how to host a Django app for free on Amazon (AWS) EC2 instance with Gunicorn and Nginx. But we were accessing the application using public IP. IP addresses are hard to remember and are not user-friendly.

            Domain names are easy to remember and gives a unique identity to your web application or website. In this article, we will see how to use a custom domain purchased from GoDaddy to access our Django web application.

            The public IP address assigned to our EC2 instance can be changed if we restart the instance. We need to have an IP address that does not change every time our EC2 instance restarts. Elastic IP comes to rescue here.

          • Python 3.7.5 : About Django REST framework.
          • Python 3.7.5 : Django admin shell by Grzegorz Tężycki.

            Today I tested another python package for Django named django-admin-shell.

          • 10 years of Mopidy

            Ten years ago today, on December 23, 2009, Mopidy was born. While chatting with my friend and then-colleague Johannes Knutsen, we came up with the idea of building an MPD server that could play music from Spotify instead of local files.

            This is the story of the first decade of Mopidy.

            After a brief discussion of how it could work and what we could build upon, Johannes came up with the name “Mopidy.” The name is, maybe quite obviously, a combination of the consonants from “MPD” combined with the vowels from “Spotify.” At the same time, the name is different enough from both of its origins not to be mixed up with them. Even during the first few hours we had some thoughts about maybe adding file playback and support for other backends in the future. Thus we quickly appreciated that the “Mopidy” name would still work, even if Spotify wasn’t always the sole focus of the project.

            Within a couple of hours we had a Git repo with some plans written up. We joined the #mopidy IRC channel on Freenode and we had recruited Thomas Adamcik to the project. Over the next few years, he designed many of our most essential components, including the extension system. Today, ten years later, Thomas is still involved with Mopidy and many of its extensions.

            After a couple of days, it worked! We had built a primitive MPD server in Python that at least worked with the Sonata MPD client. On the backend side, we used the reverse-engineered “despotify” library to interface with Spotify as it already had some Python bindings available. For all three of us, coming mostly from web development and Django, I believe we already had a feeling of achievement and expanding horizons. If we could pull this off, we could build anything.

            The story of Mopidy is a story of thousands of small iterative improvements that, over time, add up to something far greater than the sum of its parts. It was a hack, but a hack with good test coverage from the very start, making changes and iteration safe and joyful.

      • Standards/Consortia

        • The future of the web, isn’t the web

          Your information has to be where your users want to access it. Not where you want to display it. I remember sitting in a housing benefits office, watching someone playing on their PlayStation Portable – or so I thought. On closer inspection, she was browsing the GOV.UK web pages to see what the process was for claiming benefits. Web browsers are everywhere!

          But the future is not a browser. It is a User-Agent. It could be your search engine, smart watch, voice assistant, or something yet to be invented.

  • Leftovers

    • ‘Little Women’ for Millennials

      Whether literary adaptation or historical drama, a period film reveals as much about the era in which it is made as it does the era in which it is set. Case in point: Greta Gerwig’s “Little Women,” the fourth screen version made since 1933 of the Louisa May Alcott novel about the four March sisters. One reason it is remade so often is that, more than a century before Alison Bechdel proposed her “Bechdel test” to confront gender inequity in entertainment, “Little Women” had already gotten it right. It’s fun to see how those who adapt Alcott inevitably project their zeitgeist onto hers.

    • Postal Workers Deliver 20 Million Packages Per Day. What Can We Give Them in Return?

      The White House task force claims that the Postal Service is on an “unstable financial path.” The reality is that Congress manufactured our financial problem—and it could fix it.

    • Back To the Far Side, and Not A Moment Too Soon
    • New York State Contributes $3.75M To Build Universal Hip Hop Museum

      The State of New York will contribute $3.75 million to the Universal Hip Hop Museum. The museum will cost $80 million to build and will open in the Bronx in 2023.

    • A Dirty Woke
    • Science

    • Education

      • A Portrait of Public Libraries

        Since Jim Fallows and I began traveling the country for American Futures and Our Towns nearly seven years ago, there has been one beat that began as a surprise to me and grew into the most heartening story I’ve witnessed of American resilience. That is the story of public libraries and how they have responded to the challenges facing American towns.

    • Hardware

      • Sony Can’t Make Image Sensors Fast Enough to Keep Up With Demand

        For the second straight year, the Japanese company will run its chip factories constantly through the holidays to try and keep up with demand for sensors used in mobile phone cameras, according to Terushi Shimizu, the head of Sony’s semiconductor unit. The electronics giant is more than doubling its capital spending on the business to 280 billion yen ($2.6 billion) this fiscal year and is also building a new plant in Nagasaki that will come online in April 2021.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The Update Framework graduates from the Linux Foundation’s Cloud Native Computing Foundation

                The Update Framework (TUF), an open-source technology that secures software update systems, has become the first specification project to graduate from the Linux Foundation‘s Cloud Native Computing Foundation (CNCF).

                A specification — common examples of which are HTML and HTTP — allows different implementers to create core functionality in a common, precisely defined way to solve a task.

                Justin Cappos, lead of the TUF project and an associate professor of computer science and engineering at NYU Tandon School of Engineering, is also the first academic researcher to lead a project that has graduated from the CNCF.

        • Security

          • Like Voldemort, Ransomware Is Too Scary to Be Named

            On Aug. 21, Lumber Liquidators’ corporate and store-level computer systems began to shut down. Without them, the flooring company’s retail employees couldn’t check product prices or inventories. They had to send in orders to distribution centers by phone or from their personal email accounts and write down customers’ credit card information on paper. Each transaction took up to half an hour. Amid the chaos, sales took a hit. So did morale, since sales factored into employee bonuses.

            “You couldn’t really sell or haggle anything,” said Trevor Sinner, then a store manager in Los Angeles. “You couldn’t see inventory, you couldn’t see cost, you couldn’t see anything.”

          • Nearly 4,000 Ring Credentials Leaked, Including Users’ Time Zones And Device Names

            The eternal flame that is Ring’s dumpster fire of an existence continues to burn. In the past few months, the market leader in home surveillance products has partnered with over 600 law enforcement agencies to…

          • Ring Cameras Suffer Hacking Attacks

            A few years ago, Ring entered the market as a way to keep your home secure. They were one of the first to advertise a service where you can check on your home no matter where you are. However, a recent spike of Ring camera hacks has shown the darker side of entrusting home security to IoT. What Happened? Hackers have cracked the security behind the Ring IoT system. They have used this knowledge to gain access to security systems and spy on people.

          • Threat Lab: Year in Review 2019

            EFF’s Threat Lab Team has only just launched and already has reached some fantastic milestones. This team was created to look deeply into how surveillance technologies are used to target vulnerable communities, activists, and individuals. Here are some of the highlights:

            In the world of misuse of technologies and profiteering from this misuse, there’s a particularly egregious category of tools known as spouseware or stalkerware. These tools can gather someone’s location, calls, messages, photos, turn your camera, and control many other aspects of their phone remotely without them knowing. People typically use these tools to stalk their spouses or others, and companies that profit by selling these tools even market them as such. The team has worked hard to make sure this is more difficult by encouraging security companies to protect the victims by flagging these apps as malicious in antivirus software.

          • Privacy/Surveillance

            • No Surprise: Judge Says US Government Can Take The Proceeds From Snowden’s Book

              Back in the fall, we noted that, even if we thought it was silly, under existing law, it seemed highly likely that the DOJ would win its lawsuit against the publisher for Ed Snowden’s memoir, Permanent Record. As I noted at the time, the government and the intelligence community in particular take the issue of “pre-publication review” incredibly seriously. Basically, if you take a job in the intel community, you sign a lifelong contract that says if you ever publish a book about anything regarding the intelligence community, you have to submit it for pre-publication review. Officially, this is to avoid classified information showing up in a book. Unofficially, it also gives the US government a sneak peek at all these books, and sometimes (it appears) allows them to hide stuff they’d rather not be public.

            • TikTok Banned From All U.S. Navy Government Devices

              The United States Navy has issued a blanket ban on the Chinese-owned social media app, TikTok. Navy officials say the app may present a ‘cybersecurity threat’ to service members.

            • Why Big Data Has Been (Mostly) Good for Music

              Analysts claim it’s not only possible to see who’s blowing up now, but more importantly, who’s going to be blowing up next. Chartmetric says it can shortlist which of the 1.7 million artists it tracks will have a big career break within the next week. Pandora-owned Next Big Sound reports its patented algorithm can predict which of the nearly 1 million artists it tracks are most likely to hit the Billboard 200 chart for the first time within the next year. (You can see its current picks here.)

            • Companies should take California’s new data-privacy law seriously

              In other respects, though, California goes further than the EU. The CCPA adopts a broader definition of personal information (which extends to such things as internet cookies that identify users on websites) and it explicitly forbids discrimination (by offering discounts to those who grant firms access to their data). Companies must enable Californians to opt out of the sale of personal data with a clear “do not sell” link on their home page, rather than through GDPR’s fiddlier process. Michelle Richardson of the Centre for Democracy and Technology, a privacy-advocacy group which is bankrolled in part by big tech companies, calls the CCPA “ground-breaking”.

            • Encryption law: 40% of firms say they have lost sales after passage

              The survey, carried out by the public policy and business innovation website InnovationAus in collaboration with the telecommunications lobby group Communications Alliance, the IT industry lobby group ITPA and StartupAUS, also found that 61% of the respondents had been advised of concerns around the bill by either domestic or international customers.

              Conducted from 5 December to 12 December, the survey received input from a total of 70 respondents. Among these 42% were either founders, chief executives or managing directors, 10% developers and 5% legal staff. Nearly 70% of the companies covered were technology firms headquartered in Australia, while 10% were multinational technology firms.

            • Toys “R” Us Pivots From Teddy Bears to Surveillance

              Instead, new Toys “R” Us owner TruKids has developed the showrooms with a far less playful purpose: rampant consumer surveillance. Via a partnership with a startup dubbed b8ta and another firm by the name of RetailNext, the new stores have embedded ceiling sensors, cameras, and other tech tasked with monitoring your every playful moment in the store.

              RetailNext, which claims to have some 500 retail and mall partners, is part of a growing effort to bring online surveillance to the brick and mortar world. Often aided by phone location data, such firms track and monetize consumer behavior, monitoring everything from the path you walk through a mall, to the amount of time you spend looking at any one particular product.

            • CMS shuts down access to Blue Button 2.0 temporarily due to security glitch

              Essentially, the problem stems from the fact that the system was truncating 128-bit user IDs to 96 bits, which “were not sufficiently random to uniquely identify a single user.”

              CMS contacting affected beneficiaries and third-party applications directly, and have closed access to BB2.0 pending a full review.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • The Most Important Free Press Stories of 2019

        The most important stories of the year for those who care about a free press involve the arrest of Julian Assange from the Ecuadorian embassy at the request of the U.S. government, and the rearrest of the whistleblower Chelsea Manning.

    • Environment

    • Finance

      • Author Of California’s Bill That Effectively Ends Freelancing Finally Open To Making Changes After Freelancers Lose Jobs & Lawsuit Filed

        Back in October, we wrote about the disastrous results (even if there were good intentions behind it) of a California law, AB5, that sought to “protect” so-called “gig” workers by forcing companies to hire them as employees, rather than freelancers/contractors. Supporters of the bill, including its vocal author Lorena Gonazlez, argued that it was necessary to protect these workers from exploitative companies and that it was clarifying what the courts had already decided. However, a big part of the problem was the framing of the bill, which more or less assumed that no one could possibly want to be a freelancer or contractor, that everyone must want to be an employee. That’s not true. Nowhere was this more clear than in the world of freelance journalism, where many freelancers like the flexibility that comes with the role, and the ability to write for many different publications. Gonzalez’s bill, which goes into effect on January 1st, put a ridiculously low yearly “cap” on articles that a freelancer could contribute to a single news site at 35. Any more than that, and the person would need to be reclassified as an employee. Even Gonzalez flat out admitted that the 35 cap was “a little bit arbitrary.” Lots of freelancers contribute way more than 35 articles per year (some do more than that in a month), and they rightly saw that this would likely destroy the ability to be a freelance journalist in California.

      • Latest Bid by France’s Macron to Quell Protests Over Neoliberal Pension Scheme Fails as Strikes Continue

        The French president’s approach has generated a resistance movement with protesters blockading streets and engaging in a general strike. 

      • ‘Cutting Social Security Is Murder’: Flood of Public Outrage Greets Trump Proposal to Slash Benefits for Hundreds of Thousands

        “We cannot let Trump get away with this cruelty. An attack on any part of Social Security is an attack on the entire system.”

      • Our Nightmare Health Care System in One Doctor’s Bill

        Strep throat tests are usually quick and painless. Sure, there are a few seconds of discomfort during the throat swab, but after that, and maybe another related test, you’re out the door. Hopefully, the results offer some relief and peace of mind, two qualities none of us should have to put a price on.

      • It’s a Wonderful Life… For Bankers

        Bernie Sanders and Elizabeth Warren both understand the key economic lesson at the heart of the classic holiday film.

      • Growing Movement Calls Out Elites at Prestigious Cultural Institutions

        A host of recent campaigns aimed at board members of prestigious cultural institutions have exposed how major arts organizations take money from, and award prominent positions to, wealthy elites profiting from mass incarceration, pushing deadly and addictive drugs, poisoning the environment, and pillaging public resources. The most well known of these fights has been the effort that removed Warren Kanders, owner and CEO of the body armor and chemical weapons manufacturer Safariland, from the board of the Whitney Museum.

      • Fighting Water Privatization With “Blue Communities”

        It was 1985 and privatization, deregulation and free trade were in the air. Canadian Prime Minister Brian Mulroney and President Ronald Reagan were negotiating a free trade deal — a precursor to NAFTA. Among the goods it would cover: “Water, including … mineral waters … ice and snow.”

      • How Trump Has Betrayed the Working Class

        This has created a giant political void, and an opportunity. Democrats have an historic chance to do what they should have done years ago: Create a multi-racial coalition of the working class, middle class, and poor, dedicated to reclaiming the economy for the vast majority and making democracy work for all.  

      • Trump Touts Weak Trade Deals That Likely Won’t Benefit US Workers

        As he faced impeachment, Donald Trump touted his trade deals as evidence of the great success of his presidency. Specifically, he touted his revised North American Free Trade Agreement (NAFTA), which the Democratic leadership agreed to, and a first-round trade agreement with China. In both cases, people are more likely to hear Trump’s boasts than to see any economic benefit from these deals.

      • ‘Pretty Brazen Stuff’: Email Shows Top Buttigieg Fundraiser Offering Campaign Influence in Exchange for Donations

        “Pete’s fat-cat mega-donors are telling each other that if you donate big money to his campaign, it gives you access and influence. And of course it does. That’s why they give it. And why it’s a problem.”

      • It’s Corporate Media, ‘Moderate’ Democrats, and the Oligarchy vs. Bernie Sanders and a Movement

        The greatest trick the American oligarchy ever played was convincing the country they didn’t exist.

      • Public Housing Has Been Woefully Underfunded. That Could Change in 2020.

        Public housing has been utterly neglected, underfunded and politically demonized for decades. It’s faced attacks beginning with Richard Nixon and continuing through the Bill Clinton-era, with the creation of the draconian Faircloth Limit.

      • Betsy DeVos’s Vision for an Indebted Future? A Robotic Student Loan Chatbot

        It’s almost 2020, and Secretary of Education Betsy DeVos is still hellbent on keeping student borrowers in debt.

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

    • KSA

    • Civil Rights/Policing

      • Louisiana Officials Urged to Rescind Permission for Petrochemical Plant Over Cancer Dangers and Discovery of Burial Grounds for Enslaved People

        “We continue to fight for our lives against these toxic industries, and now we are fighting for our ancestors too.”

      • Legislative Victories in the States: 2019 Year in Review

        Thanks to your support, this year EFF was able to take a stand in state legislatures across the country to fight well-funded industry efforts to encroach on your data privacy rights, to push back against government use of face surveillance, and to support bills that improve your digital rights. Here are some highlights of our victories in the states—both in California and across the country.

      • This Former Firefighter Has a Criminal Past. Now, He’s on the Board That Advises the State on Its EMS System.

        When Rhode Island lawmakers ousted two state Health Department officials from the board that helps oversee its emergency medical services system, Gov. Gina Raimondo replaced them with a city mayor and this man: Albert F. Peterson III.

        “His decades of experience as a first responder coupled with his recent experience operating a company that trains EMTs made him well qualified to serve on this board,” the governor’s spokeswoman, Jennifer Bogdan, said of Peterson in an email.

      • Qingpu Prison: the ‘cultural exchange’ centre in forced labour scandal

        Shanghai’s Qingpu Prison, the Chinese prison at the centre of a forced labour scandal, describes itself as a “first-class” facility, where inmates can learn about jade sculptures and receive therapy.

        But the jail, which detains both Chinese and foreigners, is now embroiled in a labour outcry after a purported secret message was sent in a Christmas card and discovered by a London schoolgirl.

        The Sunday Times newspaper reported at the weekend that a six-year-old called Florence opened a card from a Tesco’s supermarket in the UK to find a message inside, claiming to be from inmates in China.

      • US Confirms Report Citing Iran Officials as Saying 1,500 Killed in Protests [iophk: tweets (hearsay) in place of official communications :( this is a serious governance problem.]

        In a Monday tweet, the State Department quoted U.S. Special Representative for Iran Brian Hook as saying the Reuters report “underscores the urgency for the international community to punish the perpetrators and isolate the regime for the murder of 1,500 Iranian citizens.”

      • India: Deadly Force Used Against Protesters

        Indians, in large numbers, have been peacefully protesting  against a new citizenship law that they believe threatens India’s secular identity. Bangalore, India, Monday, December 23, 2019.

      • Bozizé Returns to Central African Republic

        Last week, former Central African Republic president Francois Bozizé returned to the country after more than six years in exile. Earlier this month, his party’s spokesman said Bozizé would stand for presidential elections in December 2020.

        Bozizé fled the Central African Republic in March 2013 as the Seleka, a mostly Muslim rebel coalition from the northeast, took control of the country amid widespread abuse. The Seleka gave rise to local militias, called anti-balaka, who in turn targeted Muslim civilians and displaced hundreds of thousands of people.

      • US: Mexican Asylum Seekers Ordered to Wait

        (El Paso, Texas) – US Customs and Border Protection (CBP) agents have denied entry to the United States to Mexican asylum seekers, exposing thousands, including families and children, to danger in Mexican border cities, which is in violation of international refugee law, Human Rights Watch said today.

        Several dozen Mexican asylum seekers in Ciudad Juárez, Mexico told Human Rights Watch in November 2019 that they had been turned back after attempting to seek asylum at a US port of entry. Some had been waiting for months on a self-organized handwritten list defining when it would be their turn to present themselves at the port of entry.

    • Internet Policy/Net Neutrality

      • Russian government begins Internet isolation exercises

        Russian government agencies have begun a series of exercises designed under the country’s recent “Internet sovereignty” law, Deputy Communications Minister Alexey Sokolov told RIA Novosti. The exercises, which must take place at least once a year, are intended to enable Russian Internet traffic to be contained within Russian territory in case of a threat to the Russian segment of the World Wide Web.

      • Spectrum Customers Stuck With Thousands In Home Security Gear They Can’t Use

        For the better part of the decade, ISPs like Comcast and Spectrum have been desperately trying to carve out a niche in the home security and automation space. But despite their best efforts those projects haven’t gone particularly well, to the point where big ISPs try to hide how many subscribers have signed up for such service in earnings reports. Historically, users already feel they pay their cable TV and broadband provider too much money, and only a few folks feel it’s worth paying them even more for home security and automation products they can find elsewhere, usually for less.

    • Digital Restrictions (DRM)

      • No, Spotify, you shouldn’t have sent mysterious USB drives to journalists

        Last week, Spotify sent a number of USB drives to reporters with a note: “Play me.”

        It’s not uncommon for reporters to receive USB drives in the post. Companies distribute USB drives all the time, including at tech conferences, often containing promotional materials or large files, such as videos that would otherwise be difficult to get into as many hands as possible.

        But anyone with basic security training under their hat — which here at TechCrunch we have — will know to never plug in a USB drive without taking some precautions first.

        Concerned but undeterred, we safely examined the contents of the Spotify drive using a disposable version of Ubuntu Linux (using a live CD) on a spare computer. It was benign and contained a single audio file. “This is Alex Goldman, and you’ve just been hacked,” the file played.

    • Monopolies

      • Inside Documents Show How Amazon Chose Speed Over Safety in Building Its Delivery Network

        As they prepared for last year’s holiday rush, managers at Amazon unveiled a plan to make the company’s sprawling delivery network the safest in the world.

        Amazon, which ships millions of packages a day to homes and businesses across America, had seen a string of fatal crashes involving vans making those deliveries over the previous few years. Improving safety, the plan said, was “Amazon’s Greatest Opportunity.”

      • Amazon executive was killed after colliding with a van delivering the company’s packages, report reveals
      • Patents

        • USPTO, DoJ, and NIST Issue FRAND/SEP Policy Statement

          Last week, the U.S. Patent and Trademark Office, U.S. Department of Justice, and National Institute of Standards and Technology issued a joint statement on standard-essential patents (SEPs). The statement clarifies the agencies’ position on an earlier 2013 statement made by USPTO and DoJ while completing the process of formally withdrawing from that statement.

          In essence, the clarification states that SEPs are not categorically different from other patents and that they should be judged under the same rules as other patents—for example, injunctions are available for SEPs when the eBay test favors an injunction. Similarly, the damages analysis applies in the same way for an SEP as for any other patent. This isn’t, on its face, a significant departure from the 2013 statement, which similarly acknowledged that injunctions may be permissible in SEP cases, even if they might not be favored. But the devil’s in the details—or in this case, in a couple footnotes.


          That’s the real question. If all of this was just to clarify the 2013 statement and DoJ, the PTO, and NIST see the 2013 statement as fundamentally accurate, why withdraw from it? Why not just issue a clarification?

          It appears to be because, fundamentally, the agencies involved are trying to suggest that the 2013 statement wasn’t right. That patentees should have a right to hold-up innovators and product makers with the threat of an injunction. That holdout is a real problem and hold-up is not.

          While taking a facially neutral position that FRAND patents don’t get special rules, it’s clear that some policymakers in DoJ and PTO think that the concerns of patent owners are more real than the concerns of companies in the business of actually making products and providing services. Perhaps unsurprising, coming from a DoJ Antitrust division that defended Qualcomm’s patent licensing strategies despite a mountain of evidence regarding Qualcomm’s anti-competitive conduct. And perhaps also unsurprising from a PTO director that has called patent trolls a “myth” despite the fact that they constitute a majority of patent litigation.

        • Qualcomm’s reply brief in appeal of FTC antitrust win makes misleading citation in attempt to discredit customer testimony

          The United States Court of Appeal for the Ninth Circuit recently scheduled oral argument in this appeal for February 13, 2020. In the post I just linked to, you can find links to numerous amicus curiae briefs supporting the FTC, and subsequently I commented on a couple of submissions from the automotive industry.

          The FTC clearly got more (in qualitative and quantitative terms) support from amici than Qualcomm did. And a Korean court affirmed an antitrust ruling by the Korea Fair Trade Commission (KFTC). Qualcomm tries to focus on what has recently gone well for the chipmaker: the FTC didn’t even make an attempt to defend Judge Lucy H. Koh’s reasoning on chipset licensing, presenting a right-for-the-wrong-reasons theory instead.

          Qualcomm seeks to leverage that fact to discredit Judge Koh’s ruling as a whole, and in this context reminds the appeals court of FTC commissioner Wilson’s dissent, and support for Qualcomm from the DOJ Antitrust Division (which is run by a lawyer who previously represented Qualcomm). However, all of that is meta-level: it’s not about law, facts, or policy in the slightest, just about raising doubts.

          Intel’s Frankenstein analogy (the dissected monster is innocuous)–a funny way of encouraging the appeals court to see the forest among the trees–applies not only to Qualcomm’s opening brief but also to the reply brief. The outcome of the appeal will hinge on whether the appeals court looks at the aggregate effect of a web of interrelated and mutually-reinforcing practices–or gets bogged down somewhere along the way.

        • Not-So-Safe Harbor for Hospira’s Erythropoietin Biosimilar

          This week the Federal Circuit affirmed Amgen’s win against Hospira with respect to Hospira’s erythropoietin (“EPO”) biosimilar—a drug used to increase red blood cell number—in a Delaware trial where Amgen’s U.S. Patent No. 5,856,298 was found to be infringed and not invalid and Amgen was found to be entitled to $70 million for damages associated with its EPO drug Epogen®. Part of the appeal was also dedicated to examining the so-called Safe Harbor provision of 35 U.S.C. § 271(e)(1), where the Federal Circuit agreed with Amgen that Hospira manufactured at least 14 batches of the drug that were not protected by this provision. The Court’s decision provides lessons in how companies should be careful to avoid stretching the bounds of the Safe Harbor provision.

        • Federal Circuit affirms Safe Harbor ruling and $70 million award in Amgen Inc. v. Hospira, Inc.

          On December 16, 2019, the Court of Appeals for the Federal Circuit issued an opinion that fully upheld the District of Delaware’s denial of Hospira, Inc.’s motion for judgment as a matter of law (JMOL), or alternative motion for new trial, in Amgen Inc. v. Hospira, Inc., Nos. 2019-1067, 2019-1102. The ruling maintained the jury’s verdict that: (1) Hospira infringed one of Amgen Inc.’s two asserted patents, (2) fourteen batches of drug substance for Hospira’s biosimilar was not covered by the Safe Harbor provision of 35 U.S.C. § 271(e)(10), and (3) Amgen was entitled to $70 million in damages.

          In 2014, Hospira submitted a Biologics License Application (BLA) to the FDA, seeking approval for a biosimilar to Amgen’s Epogen product, a recombinant human erythropoietin (EPO). EPO is a glycoprotein that regulates red blood cell maturation and production. Amgen sued Hospira for infringement of two patents related to forms of EPO and aspects of their production, U.S. Patent No. 5,856,298 (the ’298 patent) and U.S. Patent No. 5,756,349 (the ’349 patent). After a trial in 2017, the jury found the asserted claims of the ’298 patent not invalid and infringed, the asserted claims of the ’349 patent not invalid and not infringed, and further concluded that fourteen batches out of twenty-one manufactured by Hospira were not entitled to the Safe Harbor defense. The jury awarded Amgen $70 million in damages. Both Hospira and Amgen moved post-trial to vacate the jury’s verdict. Both motions were denied by the district court.

        • Huawei patents phone with rotating camera module

          Chinese smartphone maker Huawei has reportedly filed a patent for a smartphone with flip camera design. According to a report by LetsGoDigital, the patent was published by the World Intellectual Property Office on December 17, 2019. In the shared images, one can see triple camera aligned horizontally which will work as both rear and front camera when flipped. It must be noted here that once the selfie mode is switched on,
          The camera setup with Huawei’s upcoming phone is said to feature an ultra-wide angle lens. This means that users will be able to click ultra-wide selfies with the phone. It is yet not clear whether the company will include this camera design with its flagship Huawei P40 or other smartphone.

        • Syngenta Crop Protection, LLC v. Willowood, LLC (Fed. Cir. 2019)

          The Federal Circuit had the opportunity to interpret the extent to which the provisions of 35 U.S.C. § 271(g) require the practice of the patented method that produces a product whose importation imposes infringement liability under the statute to be practiced by a single entity (it does not) in rendering its decision recently in Syngenta Crop Protection, LLC v. Willowood, LLC.

          The case involved accused infringement of U.S. Patent Nos. 5,602,076 (expired February 11, 2014); 5,633,256 (expired February 11, 2014); 5,847,138 (expired December 8, 2015); and 8,124,761 (will not expire until April 15, 2029), directed to fungicides, pesticides, plant growth regulators, comprising pyrimidinyloxy-phenyl acrylates and derivatives, and in particular azoxystrobin. The ’076 and ’256 patents are directed to compounds, while the ’138 and ’761 patents are directed to methods for producing these compounds.

          Syngenta brought suit for patent infringement and copyright infringement against the Willowood defendants for importation of fungicide formulations comprising azoxystrobin; the copyright infringement assertions were made with regard to Syngenta’s label related to “directions for use, storage, and disposal, as well as first-aid instructions and environmental, physical, and chemical hazard warnings.” Importantly for the issues in this case, one defendant, Willowood China, produced the accused infringing fungicide in Hong Kong and sold it to Willowood USA, its American affiliate. Willowood USA and another defendant, Willowood LLC then contracted to have third parties formulate the azoxystrobin fungicide and thereafter marketed and sold the product in the U.S. Syngenta alleged infringement of claims 1–4 and 12–14 of the ’076 patent, claims 1–3, 5, and 7 of the ’256 patent, claims 6 and 12–14 of the ’138 patent, and claims 1, 3–5, and 9–10 of the ’761 patent. Both parties filed summary judgment motions, upon which the District Court ruled as follows. First, the District Court granted Syngenta’s summary judgment motion that Willowood literally infringed claims of the ’076 and ’256 patents, and that Willowood induced infringement by the LLC affiliate. The District Court denied Syngenta’s summary judgment motion that Willowood China literally infringed the ’076 and ’256 patents, based on the existence of a genuine issues of material fact regarding whether sale occurred in the U.S. or China. The District Court also denied summary judgment of the ’138 patent, on the grounds that infringement under 35 U.S.C. § 271(g) required that all steps of a claimed process must be performed by a single infringer (facts regarding this were in dispute). Finally, the District Court denied Syngenta’s summary judgment motion regarding infringement of the ’761 patent, due to disputed facts on the details of the synthetic methods used by Willowood China. But the District Court granted Syngenta’s motion shifting the burden of proof on this issue to Willowood under 35 U.S.C. § 295.


          The panel also relied for its reasoning that the infringing act implicated in § 271(g) was not practice of the claimed method abroad but importation of the product of the patented process. The opinion also found support for its interpretation in the legislative history. Finally, the opinion cited the increased evidentiary burden Willowood’s interpretation of the statute would impose on patentees, where manufacture occurs abroad.

          Accordingly, the Federal Circuit reversed the District Court’s judgment that Willowood USA (whose importation of the accused infringing azoxystrobin was undisputed) did not infringe the ’138 patent under § 271(g) and vacated (as not being considered by the District Court) Willowood LLC’s infringement liability and remanded. Otherwise, the panel affirmed the District Court in all other respects.

        • Special Rights for Inventor Owned Patents

          Rep. Danny Davis (D-Il) and Paul Gosar (R-Az) have introduced the Inventor Rights Act. H.R.5478 that creates a set of rights and privileges associated with inventor-owned patents. These are patents owned by their respective inventors or owned by an entities controlled by the inventors. In addition to ownership, the inventor must hold “all substantial rights.”


          Currently, only a rather small fraction of patents would qualify as “inventor-owned patents” under the statute. However, the Bill would tend to both (1) encourage individual inventorship and (2) encourage patent holding situations that take advantage of the inventor-owner rights. Tech company founders would likely keep ownership of their patents, although I suspect that large companies would remain wary of allowing regular employees to retain “all substantial rights” in the patent.

      • Trademarks

        • EU General Court considers sign referring to cannabis contrary to public policy

          In an interesting decision issued earlier this month, the General Court (GC) confirmed that a sign that comprises of and depicts cannabis and weed leaves is contrary to public policy. The decision is relevant from many perspectives, including that of the growing cannabis industry and CBD-related products. The decision confirms the general principle that signs are not registrable if they might be perceived as encouraging the purchase of illegal goods or trivialising their consumption.

      • Copyrights

        • Paris Court of Appeal confirms that Koons’s ‘Naked’ sculpture infringes copyright in ‘Enfants’ photograph, rejecting freedom of the arts and parody defences

          In 1970, Bauret realized a black-and-white photograph titled ‘Enfants’. No print of the photograph was sold, but in 1975 the photographer authorized the making of postcards carrying the image of the work.

          In 2014, the Bauret estate found out that Jeff Koons had realized a porcelain sculpture, ‘Naked’, which was similar to the ‘Enfants’ photograph. Koons’s work had been made in 1988 in 4 copies as part of the Banality series, a readymade collection of artworks that contains a mix of pop art and kitsch.

          The sculpture was never exhibited in France, though in 2015 it should have been on display in an exhibition at the Centre Pompidou in Paris.

          The Bauret estate sent a warning letter to both Koons and the museum. For reasons linked to damage during transportation, ‘Naked’ was not included in the exhibition in the end. The museum subsequently also removed the image of the sculpture from the exhibition catalogue.

          A lawsuit followed and, in 2017, the TGI Paris partly ruled in favour of the photographer’s estate. Both parties appealed.

          Aside from issues concerning the personal liability of Koons, the judgment is particularly interesting as far as substantive issues of copyright subsistence and infringement are concerned.


          The defendant had also raised an argument that the use at issue could qualify as parody. The court referred to the 2014 CJEU Deckmyn decision [Katposts here] and the requirements that, for a work to be considered a parody, first, it must evoke an existing work while being noticeably different from it and, second, it must constitute an expression of humour or mockery.

          The court considered that neither requirement would be fulfilled in the case at issue.

        • Cox Communications hit with $1 billion verdict over music piracy
        • Indonesian Government Continues Whac-A-Mole Against Local Streaming Piracy Giant

          Indonesia’s Information and Communications Ministry continues to crack down on pirate sites. The Government body has blocked more than 1,000 domain names since July with streaming giant ‘IndoXX1′ as the main target. The authorities hope to decrease local piracy rates but, thus far, the streaming service keeps coming back.

        • Russia Convicts a Pirate Site Operator for the Very First Time

          A court in Russia has convicted the operator of several pirate sites, a first for the country. Three main streaming domains were supported by a dozen mirror platforms, all of which were fed with content by the now-defunct ‘pirate’ CDN platform known as Moonwalk. The verdict, which is being touted as a judicial precedent in Russia, resulted in a two-year suspended sentence.

        • Jake Paul Faces Copyright Infringement Lawsuit Over Christmas Track

          A group of music producers are suing YouTube star Jake Paul, claiming that Paul’s “Litmas” song infringes on a song that they wrote in 2015 called “Bad Santa.”

        • Welcoming 2020 With Gratitude

          As Chair of the Creative Commons Board of Directors, I am ending 2019 with a special sense of gratitude for the CC community. This has been a year full of challenges and opportunities for CC. Our staff has risen to the occasion with remarkable energy, collegiality, and grace. Interim CEO Cable Green deserves special recognition for taking on new responsibilities with his typical insight, steadiness, and dedication. He is backed by an outstanding team that includes the rest of the CC staff, our Board of Directors, and the Advisory Council. The CC community also includes the CC Global Network and the millions of educators, librarians, technologists, creators, and activists who use our tools to help grow the global commons. And of course, it includes the generous donors—including visionary foundations and individual CC community members—who make our work possible. (Not a donor yet? Please contribute here!)

        • Why Is Juice WRLD Still Being Sued for $15 Million?

          Juice WRLD is dead — so why is he still getting sued for copyright infringement, exactly?

EPO Throws DABUS Under the Bus… But for the Wrong Reasons

Posted in Europe, Patents at 5:49 am by Dr. Roy Schestowitz

Not the applicant is the problem

DABUS meme

Summary: The hype and ‘hot air’ (or various buzzwords) surrounding algorithms which do “something clever” (not a new thing!) persist; DABUS is being rejected only because it’s non-human, which means that a human can reapply with the same so-called ‘invention’

THE European Patent Office (EPO) abandoned patent quality quite some time ago and this became rather obvious when Team Campinos/Battistelli — a nonscientific bunch with ex-military officers — took control of the Office, promoting things they haven’t a clue about. They simply lack background and qualifications. Today’s (or yesterday’s) EPO examiners are far more suitable for management jobs than existing managers, who are handpicked for connections (nepotism). As the old saying goes, it’s not about what you know but who you know…

The news about DABUS was covered here quickly (when the EPO came out with the statement). It’s related to the issue of the EPO granting software patents in Europe under the guise of “HEY HI” (AI), albeit not so directly. In Europe, “HEY HI” is routinely used as an excuse for granting illegal patents. Less than 2 months ago this was even integrated into examination guidelines (in effect since). The same semantic nonsense had been leveraged to bypass 35 U.S.C. § 101 at the U.S. Patent and Trademark Office (USPTO) — another issue we covered here several times this year.

Since real journalism about patents is virtually dead the DABUS announcement was covered only by patent maximalists and their outlets. We know this for a fact because we’ve looked carefully until this morning. Who covered it and how?

“Since real journalism about patents is virtually dead the DABUS announcement was covered only by patent maximalists and their outlets.”Well, the EPO mouthpiece IAM said (Joff Wild): “Whatever was decided once the first patent applications began to be assessed in which machines were specifically identified as inventors was going to matter, so in and of itself the EPO’s ruling is noteworthy. [...] Artificial intelligence is not going away, neither is invention by machine. Answers to the many IP questions this raises will have to be found – at legal, regulatory and strategic levels. And, of course, the subject is not confined to Europe, it is worldwide. If ever there was something for the major patent issuing authorities to be working on together, perhaps in concert with a WIPO expert group, this is it.”

Sarah Morgan at World Intellectual Property Review wrote:

Late last week, the European Patent Office (EPO) refused two patent applications that list an artificial intelligence (AI) application as the sole inventor.

After hearing the arguments of the applicant, the EPO refused the European patent applications as they don’t meet the requirement that an inventor designated in the application has to be a human being, not a machine.

Dabus, the AI application that is named as inventor on both of the patents, is said to have designed a type of plastic food container and a flashing beacon light.

Law360, another outlet of patent maximalists, wrote this:

The European Patent Office announced Friday that it had rejected two patent applications that claimed the inventions at issue were created by artificial intelligence, ruling that under Europe’s patent laws, an inventor must be a human being.

The applications, which attracted worldwide attention when they were filed over the summer, marked the first-ever attempts to secure patent protection for inventions said to be entirely the work of artificial intelligence with no human involvement.

The EPO issued a brief statement announcing that it had refused the applications, which cover a beverage container and a flashing device to be used in search-and-rescue missions…

We loved this comment from “Do not pull my leg” — an anonymous commenter who wrote that “artificial intelligence does appear no more than a hype, which will most probably end up like a deflated balloon. There is nothing intelligent in those machines whatever the applicant of both applications may say.”

Here’s the full comment:

Independently of the discussion relating to inventorship, it does not seem that the machine was so “intelligent” as the search in both cases has revealed very relevant documents.

In the case of the can, the mere connection of cans through their external profile is known. The only difference is that in the case of the application, the surface is a fractal surface. Whether this is inventive remains to be seen. As the application has been refused by the Receiving Section, we might never know.

As far as the light beacon is concerned, the whole invention seems entirely based on studies of the applicant himself. I would say if only the theory on which the applicant bases its application is proven that one could start believing what is going on. It would interesting if the applicant provides more than a “paper” invention and would show a real device working according to the claimed invention. To me this invention is nearing a substantial lack of sufficiency. As the application has been refused by the Receiving Section, we might never know.

What is striking as well, is that in both cases the notion of fractals come up. I do not think this is innocent.

When reading the explanations given about the way the invention was allegedly created, it is difficult to follow that “the machine was not trained on any special data relevant to present invention”, but a few lines higher is said that the machine. Either one or the other, but not both at the same time. The whole. A quick look at the references allegedly explaining the working of DABUS, at least US 5659666 has never crossed the Atlantic and US 7454388 has not led to a European Patent due to problems with Art 123(2). For the EP application corresponding to US 2015/0379394 summons to OP have been issued. Art 84 (if not Art 83) seems to be a major problem, so that we might also end up with problems under Art 123(2).

On the other hand, artificial intelligence does appear no more than a hype, which will most probably end up like a deflated balloon. There is nothing intelligent in those machines whatever the applicant of both applications may say.

They are only doing what they are told and if some self-perturbation of connection weights between neurons, like alleged in DABUS should all bring the desired result, this needs a bit more explanation.

This was posted in reply to a post from Rose Hughes of AstraZeneca, who filed this under “AI hype”. So even patent maximalists realise it’s nothing but marketing nonsense?

To Hughes’ credit, she noted how (and where) they left a loophole:

It seems that the EPO can therefore neatly dismiss any need for detailed discussions on the morality of AI inventorship, so long as the AI inventor is not also claimed to be the owner of its creations. It has always been this Kat’s view that the whole exercise of the AI inventor applications is slightly irrelevant given that what primarily matters from a legal standpoint is who owns an invention, and who should therefore be awarded the patent.


If Dr Thaler’s appeal of the Receiving Office decision does indeed go ahead, IPKat will await the Statement of Grounds with interest (deadline for filing the appeal will be early 2020). Based on their submissions to the Receiving Office, it seems that the AI inventor team are lacking the legal arguments to overturn the decision. Moral and social arguments are unlikely to convince the Boards of Appeal. A request for a referral to the Enlarged Board can probably also be expected, but is similarly unlikely to be granted. None-the-less, the team have undoubtedly been successful in one goal, bringing attention to Dr Thaler and the team. Notably, we are only able to see the file history because early publication of the applications was requested. However, in this Kat’s humble view, the whole argument surrounding AI inventorship is premature until the existence of an AI truly capable of a inventive act has been proved.

Appeal or no appeal, the person received plenty of publicity and could reapply with a real person’s name. Maybe the whole thing was a premeditated publicity stunt all along.

What’s at stake here isn’t software patents, not directly anyway. When they use “HEY HI” to justify software patents it is a real issue however; sometimes not even that is necessary as massive corruption at EPO and an attack on the judges have both facilitated the granting of illegal patents such as patents on algorithms and only lawyers are happy, the litigation ‘industry’. James Prankerd Smith (GJE) has just mentioned a European Patent pertaining to “algorithm [...] implemented on a computer” — one that we named in passing before. The judges in this case aren’t autonomous, so a real legal test would have to be outside the EPO:

This decision is certainly worth reading if you deal with inventive step objections of the form “abstract algorithm implemented on a generic computer” or the like. The Board of Appeal provides a helpful review of case law, and pushes back the frequent assumption that improved algorithms cannot give a technical effect. This decision could well be worth referencing when formulating a response to this type of objection.

The application relates to SQL database management, and claims a method of updating values in a data structure in a relational database system. This is a fairly classic case of an algorithm which could conceivably be abstract, but which is implemented on a computer in any modern industrial application.

The examining division originally refused the application under Article 52 EPC on the ground that it is directed to a purely abstract method. The Board of Appeal dismissed this ground, confirming the well-established low bar for patent-eligible subject-matter, with even “database system” being enough to give a technical element to the claim.

However, the examining division also sensibly set out an assessment of inventive step for an assumed computer-implemented version of the claimed method, in the expectation that the first hurdle of Article 52 EPC could potentially be overcome.


Although this was not a point discussed in the decision, it seems likely that it may be difficult to prove during prosecution that a particular feature has been motivated by technical considerations.

However, this can be significantly helped by identifying technical intentions and motivations at the drafting stage. In particular, by associating specific features with specific expected technical advantages in the specification as originally filed, the burden can be transferred onto the examiner to show that the feature lacks technical character.

For those who are in central Europe, this coming weekend there’s a talk of interest. Benjamin Henrion has just mentioned “Discussion on Unitary Software Patents at 36C3 this Saturday” and the abstract says:

The Unitary Patent is the third attempt to impose software patents in Europe. Software patents are a threat to small- and medium-sized software companies that cannot defend themselves. The UPC (Unified Patent Court) is an international court made outside of the European Union (EU), which would have the last word over the question of software patenting. The Court would favour “patent trolls” which steal our jobs and extort money.

He recently organised a protest against this. We’ve seen no press reports however; does press coverage regarding patents still exist? Hardly. Many of the so-called ‘articles’ are composed by law firms directly or indirectly (the likes of Joff, their megaphone whom they pay to lobby).

IRC Proceedings: Monday, December 23, 2019

Posted in IRC Logs at 2:16 am by Needs Sunlight



#techrights log

#boycottnovell log



#boycottnovell-social log

#techbytes log

Enter the IRC channels now

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts