Links 10/1/2020: New GNOME and Mesa 19.3.2 Release, Rust Foundation Foreseen, Firefox 72.0.1 (Bugfix)

Posted in News Roundup at 10:46 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • LWN’s 2020 vision

      January 1, 2020 marks the beginning of a new year and a new decade. Many things will doubtless change over the course of this year in the free-software community and beyond, while others will remain the same. One thing that will certainly hold true is LWN’s tradition of starting the new year with some ill-advised predictions about what may be in store. Your editor has no special vision, but neither does he fear being proved badly wrong in a public setting — it’s all in a day’s work.
      The Python community will continue to chart its post-Guido course. One relatively unnoticed development in the Python project’s 2020 steering-council election was the quiet withdrawal of project founder Guido van Rossum’s nomination. While he will still participate, he no longer wants a leadership role in the project. Increasingly, Python will have to find its way without the developer who has guided it since the beginning.

      Similarly, the GNU Project will have to decide what it will be in the 2020s. This project’s founder, Richard Stallman, retains his post as its leader, and it’s possible that he will still be there at the end of the year. But there is ongoing restlessness in the project that brings a desire for new leadership and new directions. After all these years, it still sometimes seems like GNU is stuck trying to reproduce the Unix workstations of the 1980s, leaving much of the current computing environment to systems that are half-free at best. We need a GNU project for mobile devices, private clouds, home systems, embedded applications, and more. Stallman once famously said “I’m not really concerned with what’s running inside my microwave oven.” The time has long since come to be concerned about such things; wouldn’t it be a great thing if a newly reinvigorated GNU project were to take on this challenge?

      There is a common theme to those last two items that may not really arise in 2020, but will certainly come about in the 2020s: many of our leaders in the free-software community got their start in the 1980s and 1990s. In talking with those people, your editor increasingly gets the sense that many of them are thinking they have done this sort of work for just about long enough. Retirements will increase in the coming years, and we will lose much of the skill and experience that has gotten us this far. There are plenty of skilled and motivated younger developers who can certainly pick up where these folks leave off, but the transitions will go more smoothly if they are properly planned for.

      The presence of highly experienced developers is perhaps felt most strongly in the kernel project. This is a good thing in a setting where mistakes can be catastrophic on a large scale, but it also partially explains why kernel developers have a distinctly old-school workflow. This is, remember, the project that only started using a source-code management system in 2002. Change is afoot, though, and the kernel workflow efforts will begin to bear fruit in 2020. We’ll still be sending patches over email at the end of the year, but we’ll have an improved understanding of what a better solution that can work at the kernel project’s scale will look like. As part of this effort, the kernel’s testing tools will also continue to improve at a rapid rate.


      Expect perturbations in the employment market as various economic realities catch up with us. Both the dotcom crash and the 2008 crisis impacted the development community; the next downturn will do the same. As in the past, Linux and free software as a whole will not be significantly hurt when this happens, but the same cannot be said for individual developers, at least in the short term.

      Finally, though this is perhaps more of a wishlist item than a prediction: the free-software community has to think more deeply about what it is creating and how that will affect the world. At many levels free software has won; the world’s computing infrastructure is built on the code we have created. We have much more control over our computing environments than we would have believed all those years ago; it’s a great success.

    • Desktop/Laptop

      • Dell Puts Its New Ubuntu Laptop Center Stage at CES 2020

        Announced earlier this month, the new 10th generation version of the Dell XPS Developer Edition sports a thinner design, smaller screen bezels, and much faster internals.

        Heck, it even has a fingerprint scanner that, Dell say, will work in Ubuntu 18.04 LTS (which comes pre-loaded).

        But while most of us know that Dell make and sell a range of Ubuntu laptops (not just the XPS Developer Edition, though that’s the focus here) the company doesn’t often “show them off” at mainstream technology conventions.

      • Tuning Up the Linux Laptop for 2020 [Ed: Site has blocked the whole EU, so here’s an alternative URL]

        Between increased caregiving responsibilities for my mother, looking for freelance work, and the holidays, my Linux-powered HP laptop went by the wayside. (It’s not my only laptop, thankfully, but the keyboard is great for writing). However, the past few months have seen me slowly repair and upgrade the laptop to the point where my Linux laptop is working very efficiently and becoming my go-to writing computer. It’s a good argument for adopting open-source computing, and my Linux-powered HP 8530p Elitebook laptop is a great example of reusing and repurposing technology. (I’m writing this post on the HP laptop)


        Dependability – Both Linux Mint and MX Linux are distros that work well once installed with a minimum of tweaking. (We’ll talk about that in a later point). With the diverse range of Linux distros available (as well as a site where you can test Linux distros online), there is a Linux distro for anyone that works well out of the box, and that provides excellent performance especially in older hardware.

        Adaptability – Not only can a user customize the appearance and functionality of the Linux distro to their specification (the desktop screenshot was a photo from a Beverly-area restaurant), but Linux provides multiple open-source software options for a variety of computing needs. By integrating LibreOffice, GIMP, Calibre, and Scribus, I have easily configured my Linux laptop to become a production machine for blogging, creative writing, editing, and self-publishing. (Many distros integrate a package manager/software center that makes it easy for users to download software). With privacy and data issues around Windows 10, Linux has some edge in that many distros do not share user data.

    • Server

      • IBM

        • Huawei’s openEuler Now Available For Download

          Remember Huawei announced its open source openEuler server operating system in September last year? Well, the Chinese vendor has now released the source code of openEuler.

          The openEuler has two open-source sub-projects: A-Tune and iSula. While A-Tune is an intelligent performance optimization system software, iSula is a cloud-native solution that can meet the multiple needs of the ICT field.

          The source code is available at Gitee (GitHub’s Chinese alternative). There are two separate repositories, one for the source code and the other as a package source to store software packages that help to build the OS.

        • Announcing Oracle Linux 7 Update 8 Beta Release

          We are pleased to announce the availability of the Oracle Linux 7 Update 8 Beta release for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms. Oracle Linux 7 Update 8 Beta is an updated release that include bug fixes, security fixes and enhancements.

        • ‘API First’ paves the way for agile integration

          Sameer Parulkar: We started talking about agile integration at Red Hat Summit in 2017. We were looking at the integration space and the capabilities that we offer as well as some of the challenges from the customer perspective of adopting these integration capabilities, as well as providing faster and competitive solutions. And then we spoke with a lot of our customers and there was consensus that integration should be more agile and align with DevOps. One of our key motivations with agile integration was to essentially position integration as a key business capability, enabling differentiated services for customers.

        • Triangle Business Journal – Sneak Peek: Inside Red Hat’s new ‘open studio’

          Red Hat’s Chief People Officer DeLisa Alexander describes [the space] as Red Hat’s in-house “marketing agency.” And the new space – 9,000 square feet directly adjacent to its lobby – is designed for them to collaborate, and publicly.

        • Using IBM POWER9 PowerVM Virtual Persistent Memory for SAP HANA with SUSE Linux

          SAP HANA uses in-memory database technology that allows much faster access to data than was ever possible with hard disk technology on a conventional database – access times of 5 nanoseconds versus 5 milliseconds. SAP HANA customers can also use the same database for real-time analysis and decision-making that is used for transaction processing.

          The combination of faster access speeds and better access for analytics has resulted in strong customer demand for SAP HANA. There are already more than 1600 customers using SAP HANA on Power since it became available in 2015.

        • OpenShift Authentication Integration with ArgoCD

          GitOps is a pattern that has gained a fair share of popularity in recent times as it emphasizes declaratively expressing infrastructure and application configuration within Git repositories. When using Kubernetes, the concepts that GitOps employs aligns well as each of the resources (Deployments, Services, ConfigMaps) that comprise not only an application, but the platform itself can be stored in Git. While the management of these resources can be handled manually, a number of tools have emerged to not only aid in the GitOps space, but specifically with the integration with Kubernetes.

          ArgoCD is one such tool that emphasizes Continuous Delivery (CD) practices to repeatedly deliver changes to Kubernetes environments.

          Note: ArgoCD has recently joined forces with Flux, a Cloud Native Computing Foundation (CNCF) sandbox project, to create gitops-engine as the solution that will combine the benefits of each standalone project.

          ArgoCD accomplishes CD methodologies by using Git repositories as a source of truth for Kubernetes manifests that can be specified in a number of ways including plan yaml files, kustomize applications, as well as Helm Charts, and applies them to targeted clusters. When working with multiple teams and, in particular, enterprise organizations, it is imperative that each individual using the tool is authorized to do so in line with the principle of least privilege. ArgoCD features a fully functional Role Based Access Control (RBAC) system that can be used to implement this requirement.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.4.10

        I’m announcing the release of the 5.4.10 kernel.

        Only powerpc users need to update from 5.4.9, there was a missing patch

        in that release that is in here. Sorry for the confusion.

        The updated 5.4.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y

        and can be browsed at the normal kernel.org git web browser:


      • Linux 5.4.9
      • Linux 4.19.94
      • Linux 4.14.163
      • Intel Rolls Out Linux Media Driver for Tiger Lake, Jasper Lake, Elkhart Lake

        Intel quietly released its quarterly Intel Media Driver update for Linux in December. Phoronix reported on Wednesday that the new driver brings GPU-accelerated encode and decode support for the company’s Tiger Lake, Jasper Lake and Elkhart Lake processors, showing that they continue to be on track for a 2020 release.

        Tiger Lake is the successor to Ice Lake that was launched during the holidays with Xe graphics. Both Jasper Lake and Elkhart Lake are based on the 10nm Atom Tremont architecture and Gen11 graphics and are rumored to replace Gemini Lake Refresh in the second half of 2020.

      • Linus Torvalds Doesn’t Recommend Using ZFS On Linux

        Linux kernel creator Linus Torvalds doesn’t recommend using ZFS On Linux at least until Oracle were to re-license the code to make it friendly for mainline inclusion. But even then he doesn’t seem turned on by the ZFS features or general performance.

        Derailed from the recent mailing list discussion over Torvalds’ thoughts on the Linux kernel scheduler, he responded to a post of a user complaining about the Linux kernel recently breaking the out-of-tree ZFS module.

      • Cloning into a control group

        The Linux control-group mechanism was designed to make it easy to assign processes to groups or move them around; it is a simple matter of writing a process ID to the appropriate cgroup.procs file in the control-group filesystem hierarchy. That only works for processes that actually exist, though. Adding the ability to place a new process into a control group at birth is the subject of this patch set from Christian Brauner.
        Before getting into the details, one might naturally ask why this capability is needed, given that Linux has done without it since control groups were first created. The answer is that current kernels present a bit of a race condition for process managers using control groups. A manager can create a process, and it can assign it to a group, but it has little control over what happens between those two actions. That means, for example, that a process might run briefly before being placed into a group where its resource usage can be accounted for properly. The amount of error introduced is likely to be small, but people who are into accounting tend to be intensely irritated by such things.

        Placing a process into its intended control group at birth avoids that kind of messiness. It also enables actions like creating a process in a frozen group, ensuring that it will start in a frozen state and not run at all until the process manager allows it to. Finally, as Brauner notes, this feature “simplifies container creation and exec logic quite a bit”.

      • Graphics Stack

        • mesa 19.3.2
          Hi list,
          Following the long break for Christmas and New Years (in the Gregorian
          calendar), I'd like to announce the availability of 19.3.2.
          In general this release looks pretty reasonable given the length of time and the
          number of people celebrating (or not working) over the holidays.
          Intel and AMD drivers make up the bulk of the changes, with a bit of nir and
          glsl, plus a sprinkling of other stuff in there.
          Andrii Simiklit (3):
                glsl: fix an incorrect max_array_access after optimization of ssbo/ubo
                glsl: fix a binding points assignment for ssbo/ubo arrays
                glsl/nir: do not change an element index to have correct block name
          Bas Nieuwenhuizen (7):
                radv: Limit workgroup size to 1024.
                radv: Expose all sample counts for integer formats as well.
                amd/common: Handle alignment of 96-bit formats.
                nir: Add clone/hash/serialize support for non-uniform tex instructions.
                spirv: Fix glsl type assert in spir2nir.
                radv: Only use the gfx mipmap level offset/pitch for linear textures.
                radv: Emit a BATCH_BREAK when changing pixel shaders or CB_TARGET_MASK.
          Caio Marcelo de Oliveira Filho (4):
                intel/fs: Lower 64-bit MOVs after lower_load_payload()
                intel/fs: Fix lowering of dword multiplication by 16-bit constant
                intel/vec4: Fix lowering of multiplication by 16-bit constant
                anv: Ignore some CreateInfo structs when rasterization is disabled
          Christian Gmeiner (1):
                etnaviv: update resource status after flushing
          Dylan Baker (4):
                dcos: add releanse notes for 19.3.1
                cherry-ignore: update for 19.3.2
                docs: Add release notes for 19.3.2
                VERSION: bump for 19.3.2
          Eric Engestrom (4):
                util/format: remove left-over util_format_description_table declaration
                amd: fix empty-body issues
                nine: fix empty-body-issues
                mesa: avoid returning a value in a void function
          Gert Wollny (1):
                r600: Fix maximum line width
          Jason Ekstrand (2):
                anv: Properly advertise sampledImageIntegerSampleCounts
                intel/nir: Add a memory barrier before barrier()
          Lionel Landwerlin (2):
                loader: fix close on uninitialized file descriptor value
                anv: don't close invalid syncfd semaphore
          Marek Olšák (2):
                winsys/radeon: initialize pte_fragment_size
                radeonsi: disable SDMA on gfx8 to fix corruption on RX 580
          Pierre-Eric Pelloux-Prayer (2):
                radeon/vcn2: enable rate control for hevc encoding
                radeonsi: check ctx->sdma_cs before using it
          Samuel Pitoiset (2):
                radv/gfx10: fix the out-of-bounds check for vertex descriptors
                radv: return the correct pitch for linear mipmaps on GFX10
          Timur Kristóf (1):
                aco: Fix uniform i2i64.
          Yevhenii Kolesnikov (2):
                meta: Cleanup function for DrawTex
                main: allow external textures for BindImageTexture
          git tag: mesa-19.3.2
        • Mesa 19.3.2 Released With All The Intel + AMD Driver Fixes From Over The Holidays

          There hasn’t been a new Mesa stable release in a number of weeks due to the Christmas and New Year’s holidays but that changed today with Mesa 19.3.2 as the first significant point release of Mesa 19.3.

          As usual, the Mesa 19.3.2 release is dominated by fixes to the Intel and AMD Radeon OpenGL/Vulkan drivers but also fixes to some common areas of Mesa and the smaller drivers.

        • AMDGPU Linux Driver Adding Support For The AMD Pollock

          AMD “Pollock” is a new chip similar to Dali and looking like it may be used for some Ryzen embedded purposes. AMD Pollock was plumbed into the Linux driver yesterday and was the first time we’ve heard this codename.

          AMD sent out a patch for the AMDGPU DRM driver adding support for Pollock. The Pollock enablement for this Linux kernel graphics driver primarily comes down to adding the new IDs and updating some conditional statements to basically take the same driver code-paths as Dali.

    • Applications

      • Thirteen Useful Tools for Working with Text on the Command Line

        GNU/Linux distributions include a wealth of programs for handling text, most of which are provided by the GNU core utilities. There’s somewhat of a learning curve, but these utilities can prove very useful and efficient when used correctly.

      • Live Forensics Tools

        Deft/Deft Zero live forensic tool: is an Ubuntu based Linux distribution oriented to computer forensics and evidence harvesting which allows to block writing permissions on hard disks to prevent their modification in the process of recovering evidence. It is open source and live, so there is no need to install it. In the main menu you can access disks utilities from which you can see the storage devices connected.
        DEFT contains over 1 GB of free and open source software to afford incidents in Microsoft Windows systems. You can get Deft Zero from http://na.mirror.garr.it/mirrors/deft/zero/.

        Santoku live forensic tool: Santoku is a Linux distribution which, additionally to security features includes mobile forensics tools such as firmware flashing, ram, media cards and NAND imaging tools, brute forcing Android encryption, analysing Iphone backups and more. It auto detects connected mobile devices. You can run Santoku live also from a virtual machine with VMware or Virtualbox. Santoku is among the best tools for mobile forensics. You can download Santoku Linux at https://santoku-linux.com, from Lubuntu installations you can run the script https://santoku-linux.com/wp-content/uploads/build.sh_.txt to add Santoku features to your current system.

        CAINE live forensic tool: CAINE is another computer forensics Linux live distro, it is among the most popular tools in computer forensics and includes top level forensics tools such as Autopsy, Dcfldd, dc3dd, Ddrescue, Dvdisaster, Exif, Foremost, FileInfo, FiWalk, Fundl 2.0, FKLook, Fod, Fatback, GCalcTool, Geany, Gparted,gtk-recordmydesktop, Galleta, Gtkhash, Guymager, HDSentinel, Hex Editor (Ghex), HFSutils, Libewf, Lnk-parse, lnk.sh, Log2Timeline, liveusb, mork.pl, MC, MD5deep, md5sum, Nautilus Scripts, NBTempo, ntfs-3g, Offset_Brute_Force, Pasco, Photorec, Read_open_xm, Reglookup, Rifiuti, Rifiuti2, Readpst, Scalpel, SQLJuicer, SFDumper 2.2 , SSDeep, Stegbreak, Smartmontools, Shred and more tools.

    • Instructionals/Technical

    • Wine or Emulation

      • DXVK 1.5.1 Released With D3D9 Performance Improvements, Many Game Fixes

        DXVK 1.5.1 is out today as the latest feature update for this project implementing Direct3D 9/10/11 over Vulkan for faster Wine/Proton Linux gaming performance. This is the first update since the big DXVK 1.5 release that integrated D9VK for D3D9 support.

        Highlights of DXVK 1.5.1 include:

        - Direct3D 9 performance improvements as well as improved depth bias support, which should fix rendering issues in many games. There is also Direct3D 9 crash fixes and other improvements.

      • The first DXVK release of 2020 is here with plenty of D3D9 improvements

        DXVK, the project that (since D9VK was merged) has turned into a massive translating unit of Direct 3D 9/10/11 to Vulkan has the first 2020 release available.

        What is it again? Let’s do a quick refresher! DXVK when fused together with Wine translates calls from D3D9/10/11 into Vulkan, usually giving you much better performance than standard Wine for playing Windows-only games on Linux.

        Version 1.5.1 went up today and it includes a bunch of performance improvements for D3D9, an improved depth bias implementation in D3D9 fixing rendering issues (like missing shadows) in lots of titles, plus multiple other D3D9 bug fixes.

        The number of threads used for pipeline compilation was tweaked this time too, hopefully reducing the performance impact on those with 6/8 core CPUs while also allowing CPUs with more than 12 cores to scale it up a bit. You can customize it with the dxvk.numCompilerThreads option.

    • Games

      • Supernatural post-apocalypse strategic RPG ‘Graywalkers: Purgatory’ landing on Linux in February

        February seems to be a popular month recently with LUNA The Shadow Dust, Dwarrows and now the great looking spooky XCOM-like Graywalkers: Purgatory also coming to Linux then.

        Here though, it’s not quite a simple story. It’s actually launching in Early Access this month on Jan 15, with Linux (and macOS) delayed until February. Speaking on Kickstarter, they said they just haven’t given it the testing it needs yet, so they’re going to sort the starting issues out on then move onto putting it up for Linux.

      • Crytivo (The Universim) to donate a bunch of their profits to help with Australian wildfires

        If you’ve seen any news lately, you’ve probably heard about what a terrible and frightening state Australia is currently in with the devastation from the wildfires.

        Crytivo who are currently developing The Universim (which I quite like!), will be donating some of their profits to help support “rebuilding lost homes, firefighters working overtime and environmental cleanup”. On Steam they will be giving away 30% net revenue and from their own store (which has multiple Linux games) they will send 100% from this month and next.

      • The Level Editor and Steam Workshop support for the crazy Streets of Rogue is now live

        Streets of Rogue, my personal pick for 2019 just expanded with a new update now out. This makes the Level Editor and Steam Workshop support fully live for everyone.

        Now you can download entirely new characters, “chunk” packs which are basically room layouts that it will add into your run through to make it even more varied and full campaigns where people can come up with a crazy story for you to follow.

      • Lenna’s Inception, the Zelda-inspired adventure with a glitched world arrives January 17

        Bytten Studio, a tiny team made up of two former Chucklefish developers who previously worked on titles like Stardew Valley, Starbound and Wargroove have announced their debut title the Zelda-inspired Lenna’s Inception is releasing on January 17.

        “I’ve been working on Lenna’s Inception for 8 years,” says Tom Coxon, the lead developer of Lenna’s Inception. “That’s most of my adult life! It began as a spare-time experiment with procedural generation, mutated into game that helped start my career in the games industry, and has finally grown into something I’m proud to release to the world. I’ve been very lucky to be able to turn this dream into a reality.”

        This isn’t your usual retro-looking adventure, with glitches being not just a feature but part of the story.

      • The Humble Store Winter Sale is live, another FREE game is going too

        Another sale, time to pick up some cheap games if you missed some during other big sales last month. This time Humble Store have a big selection up and a free game to grab.

        The free game is Headsnatchers, a hectic local/online party game. No official Linux support but it does seem to run in Steam Play Proton. You have about 72 hours to claim it, or until all their keys run out. I personally tried it in the latest Proton, worked fine with two gamepads in local multiplayer.

        For the Winter Sale, there’s absolutely tons currently on discount plenty big and small to suit all tastes. Multiple publishers also have dedicated winter sales on including: Paradox Interactive, Take-Two Interactive (2K), Codemasters, SQUARE ENIX and more.

      • LUNA The Shadow Dust, the fantastic looking hand-animated adventure has a confirmed launch date

        LUNA The Shadow Dust, developed by Lantern Studio with Application Systems Heidelberg giving them a publishing hand with the Western release have now announced the launch date.

        This is after the time consuming process they spoke about before, where they had to get a permit to release the game as they’re an all-Chinese studio. They said at the time it would release in February and now today it’s been confirmed as February 13. Even better, is that the Linux version is releasing with same-day support.

      • 3rd person adventure and town-building game ‘Dwarrows’ launches in February

        Lithic Entertainment are crafting a 3rd person adventure and town-building game, Dwarrows, which they’ve now given a release date with same-day Linux support expected.

        Announced on Twitter by co-founder Andy Wood, it’s going to release on February 28 and I’m pretty darn excited about this one. Not seen it before?

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE’s January 2020 Apps Update

          The long-awaited modernized version of KTimeTracker is finally released.
          The application is a personal time tracker for busy people which is now available on Linux, FreeBSD and Windows. Over the course of 2019 it had been ported to Qt5 and KDE Frameworks after being unmaintained since around 2013.

          The new version is also polished and slightly modernised with the most noticeable new features being the new Task Time Editing dialog and live preview in the Export dialog as seen in the picture below.

        • KDE Ships January 2020 Applications Update with FlatHub Support, Improvements

          After releasing the fifth and last point release to its KDE Plasma 5.17 desktop environment, the KDE Project released today KDE Applications 19.12.1, the first maintenance update to its KDE Applications 19.12 software suite adding improvements and new features to various apps like the KTimeTracker personal time tracker, which was ported to KDE Frameworks 5 and received a new Task Time Editing dialog.

          KStars 3.3.9 astronomy program is included as well in this release with new features like support for viewing the faintest of stars and alternative constellations from the Western Sky Culture. KNewStuff received a redesigned UI and filters for comments, Elisa got improved file indexing, and Kdenlive has many improvements and fixes in timeline and preview handling. Also included are KDevelop 5.4.6 and Latte Dock 0.9.7.

        • KDE Wants to Help Windows 7 Refugees Upgrade to Linux and the Plasma Desktop

          The KDE community has shared details on how they want to help people using the Windows 7 operating system to migrate to Linux and the Plasma desktop before it becomes obsolete on January 14th, 2020.

          Next week, on January 14, Microsoft will no longer provide updates or security patches to Windows 7 users, which means that their beloved OS will soon start to become the target of hackers and all sort of threats if they don’t upgrade to Windows 10 or another operating system, such as macOS or a GNU/Linux distribution.

          As such, the KDE community encourages Windows 7 users who don’t want to upgrade their computers to Windows 10 to give Linux a try and install a distribution that features the Plasma desktop environment, which can be easily transformed to look and behave like a Windows 7 desktop with a special theme. In addition, you’ll also take advantage of Linux’s security and stability features.

        • KDE Plasma Welcomes Windows 7 Refugees to the Linux Side

          The KDE Community wants Windows 7 users to migrate to the Plasma desktop environment after Microsoft’s 10-year-old OS will reach end of support next week and stops receiving security and bug fixes.

          “The specific end of support day for Windows 7 will be January 14, 2020,” Microsoft says. “After that, technical assistance and software updates from Windows Update that help protect your PC will no longer be available for the product.”

          “Therefore, it’s important that you upgrade to a modern operating system such as Windows 10, which can provide the latest security updates to help keep you and your data safer.”

      • GNOME Desktop/GTK

        • GNOME 3.34.3 Release
          GNOME 3.34.3 is now available. This is a stable release containing
          seven weeks worth of bugfixes since the 3.34.2 release. Since it only
          contains bugfixes, all distributions shipping 3.34.2 should upgrade.
          Note the GNOME flatpak runtime has been updated as well
          There will be releases through out this cycle and most likely the next
          one as well.
          Next stable release is scheduled for the middle of February, see
          If you want to compile GNOME 3.34.3, you can use the official
          BuildStream project snapshot:
          The list of updated modules and changes is available here:
          The source packages are available here:
          Enjoy the new release,
          Javier Jardon
          GNOME Release Team
        • GNOME 3.34.3 Released To Offer Up More Fixes Ahead Of GNOME 3.36

          GNOME has continued its recent trend of offering more point releases to existing stable series for filling the void between the six-month feature releases. Out today is GNOME 3.34.3 with all of the latest fixes, many of which were back-ported from the currently under development GNOME 3.36.

        • GNOME 3.34.3 in Fedora 31 updates-testing

          Just a quick heads up that GNOME 3.34.3 just hit Fedora 31 updates-testing repo. It’s a fairly small update; mostly just gnome-shell/mutter fixes and translation updates to leaf applications.

    • Distributions

      • SUSE/OpenSUSE

        • AppImageLauncher | AppImage Manager on openSUSE

          Right of the cuff, I should note that this will work on other Linux distros too, I am just focusing on openSUSE because, that is my jam. I have been using this on openSUSE Tumbleweed as of Snapshot 20200103. It should also work on Leap as of 42 and newer (that means Leap 15.x is good to go, in case there was any question).

          The reason this application excites me so is that I use several AppImages on my system. Which ones you may ask? I’ll tell you, xLights, which I use for my Christmas Light display, VirtScreen that I use when I am remote and need to turn my laptop or phone into a second display. This is super handy as it will not only create links in my menu to the AppImages, it will also copy the *.AppImage file into a designated folder, in my case ~/Applicaitons which is the default. At first, I wasn’t sure about it but after noodling it around a bit, I am totally good with it.

      • Arch Family

        • 6 Most-Used AUR Helpers For Arch Linux

          One of the most important things about Arch Linux is the AUR (Arch User Repository). It is a community-driven software repository for Arch Linux users which contains PKGBUILDs, allowing users to compile and build their own packages that do not exist in the official repository from the source.

          Many new packages start in AUR before entering in the official repository and users can also contribute packages that they have developed to this repo. More importantly, Users can search and download PKGBUILDs from here, build them and install. But some users prefer to use AUR helpers that make it easy to install PKGBUILDs other than the method above.

          In this article, we shall look at some of the best AUR helpers that users can rely on to easily install PKGBUILDs all of which are using the Arch user repo as source.

      • Fedora Family

        • Copr: review of 2019 and vote for features in 2020

          I want to sum up what happened in Copr during 2019. At the end of this post, you can see our TODO list and cast your vote on what we should focus on in 2020.

        • Fedora and fstrim

          A proposal to periodically run the fstrim command on Fedora 32 systems was discussed recently on the Fedora devel mailing list. fstrim is used to cause a filesystem to inform the underlying storage of unused blocks, which can help SSDs and other types of block devices perform better. There were a number of questions and concerns raised, including whether to change the behavior of earlier versions of the distribution when they get upgraded and if the kernel should be responsible for handling the whole problem.

          The proposal for a Fedora 32 system-wide change to “enable fstrim.timer by default” was posted by program manager Ben Cotton on behalf of its owner, Chris Murphy. The fstrim.timer systemd unit file simply runs fstrim.service (which runs fstrim) weekly on mounted filesystems.

        • Remi Collet: PHP version 7.3.14RC1 and 7.4.2RC1

          Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

          RPM of PHP version 74.2RC1 are available as SCL in remi-test repository and as base packages in the remi-php74-test repository for Fedora 29-31 and Enterprise Linux 7-8.

          RPM of PHP version 7.3.13RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

      • Debian Family

        • Q4OS Linux Distro Is Now Based on Debian GNU/Linux 10.2 “Buster”

          The Q4OS development team informs Softpedia about the general availability of a new maintenance update to their latest Q4OS 3 “Centaurus” stable LTS operating system series.

          Based on the latest Debian GNU/Linux 10.2 “Buster” operating system, the Q4OS 3.10 release appears to bring important changes for both the Trinity Desktop Environment (TDE) and KDE Plasma desktop environments, which they’re now much more independent on each other as Plasma no longer requires Trinity to be present.

          This change alone could significantly reduce the size of the KDE Plasma installation media in future releases. Q4OS 3.10 also introduces a dedicated hardware reporting tool that’s available on both the KDE Plasma and Trinity Desktop Environment desktops, and improves the screen scaling tool for Trinity desktop.

          Plasma Debonaire improvements, updated components

          Also improved in the Q4OS 3.10 release is the Plasma Debonaire theme for the KDE Plasma desktop environment, which has been polished to look a bit darker. Apart from the aforementioned changes, Q4OS 3.10 brings updates to numerous core components and apps from the Debian Buster repositories, as well as many other tweaks, bug fixes, and security patches.

        • Qt 4 removed from Debian bullseye (current testing)

          Today Qt 4 (aka src:qt4-x11) has been removed from Debian bullseye, what as of today we know as “testing”. We plan to remove it from unstable pretty soon.

      • Canonical/Ubuntu Family

        • Ubuntu 19.04 (Disco Dingo) Will Reach End of Life on January 23, 2020

          Released nine months ago on April 18th, 2019, Ubuntu 19.04 was dubbed by Canonical as the “Disco Dingo” and was the first Ubuntu release to ship with a Linux 5.x kernel. Ubuntu 19.04 also included the GNOME 3.32 desktop environment, a new icon theme, and various desktop refinements and updated components.

          Ubuntu 19.04 was a release for bleeding-edge users, which means that Canonical only offered nine months of support. Starting January 23rd, Canonical will no longer release software updates and security patches for Ubuntu 19.04, which means that users will have to consider upgrading to Ubuntu 19.10 (Eoan Ermine).

        • “MaaS. What number would you like?”

          my own phone line when I was about thirteen years old, thanks to my first job in a grocery. My friend, Evan, could tell you all about the sounds that happen before the called party’s phone starts to ring. He could tell you the routing, the set-up delay, and even warn you when the Jane Barbe intercept message was coming. He could also tell you, most of the time, what kind of equipment had routed it (e.g., Crossbar). I traded a lot of pizza for just a little of his learning, a very handy skill to pick up.

          With the upcoming release of MaaS 2.7, Metal-as-a-Service has basically gained that skill, to your benefit. One of the big features of MaaS 2.7 is network testing that identifies broken and slow network links when you try to commission machines. In this release, we offer specific link tests, as well as the ability to test networking in a configurable way, even using your own scripts.

          First, MaaS tests whether links are connected or disconnected. Previously, when commissioning, you couldn’t detect unplugged cables. Now you can, sort of like knowing the telephone line noise change when you’re about to hear that “your call did not go through.”You do have to take a couple of steps: First you have to upgrade to 2.7, then run commissioning again to see if a link is disconnected. But you no longer have to puzzle over what’s broken when this happens.

          Second, MaaS makes sure you’re getting the most out of your link speed. As servers and hardware get faster — 10G, 40G, even 100G NICS — the chances increase that you might plug your 10G NIC into a 1G switch, for example. Just like when I would call my grandmother long-distance, and I had some idea how long till the the “ring” happened, just from call set-up noises.

          Previously, with MaaS, you’d be stuck with the speed of the slowest link, but there wasn’t a way to verify your link speed without recommissioning. Depending on your physical hardware, that might still be an issue, but the MaaS UI can now warn you if your interface is connected to a link slower than what the interface supports. And all information shown in the UI is available via the API, as well. You can still replace a slow switch without recommissioning.

          Third, MaaS allows you to configure network connectivity testing in a number of ways. If you can’t connect to the rack controller, deployment can’t complete, the same way that Evan sometimes knew right away that a call wouldn’t go through (I never mastered that one). Now MaaS can check connectivity to the rack controller and warn you if there’s no link, long before you have to puzzle over it.

          If you can’t connect to your gateway controller, traffic can’t leave your network. It’s a little like trying to call long-distance without dropping a dime: you can dial, but the call won’t go through. MaaS can now check this link and recognize that there’s no connectivity, which alleviates a lot of annoying (and sometimes hard-to-detect) network issues.

          Fourth, Internet connectivity testing has been greatly expanded. Previously, MaaS gave a yes/no link check during network testing, like the ANI numbers that would read you back your phone number: nice to know, but it’s not a great revelation. Now you can give a list of URLs or IP addresses to check.

        • Ubuntu Needs to Make it Easier to Enable Dark Mode

          Changing theme in Ubuntu is harder than it should be and, call me a revolutionary, but I think that needs to change.

          See, once upon a time it was easy to change the look and feel of your Ubuntu desktop. You popped open the “Appearance” tool, selected something attractive from the gallery of theme thumbnails before you, and bam: applied.

          That all changed with the introduction of the Unity in 2011. User control over theming vanished overnight, and Ubuntu hasn’t had an “user friendly” way to change GTK theme since then.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • What is Open Source Software?What is Open Source Software?

        In 1985, a man named Richard Stallman, who didn’t like the current situation, created what’s known as the Free Software Foundation (FSF), which promoted the alternative of free software (free as in freedom, not as in free coffee). He drafted 4 criteria for a software to be considered free:

        The freedom to run the program as you wish, for any purpose.
        The freedom to study how the program works, and change it so it does your computing as you wish. Access to the source code is a precondition for this.
        The freedom to redistribute copies so you can help your neighbor.
        The freedom to distribute copies of your modified versions to others. By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

        All of this without requiring a pre-given handwritten permission from the program author to the user. By just seeing the license, and knowing that it is a free software license, you can do all the 4 things stated above, and that is what refer to as free software.

        Today, there are tens of free software licenses that software developer use to put their program under. The most famous one for that is the GPL (GNU Public License), which was initially released in 1989. There are millions of free software around the world today.

      • Events

        • What to Talk About at ChefConf 2020 – Chef Infra

          Hello ChefFriends! Are you thinking about submitting to the ChefConf 2020 Call for Presentations? We hope you are! If you’re searching for some topic suggestions, here’s a few for folks working with Chef Infra!

          For all of our past ChefConf talks, check out our YouTube Channel for recordings. Let’s look at some topics from ChefConf 2019 around Chef Infra.


          Attendees at ChefConf 2020 will be from a wide range of industries and have different levels of knowledge about Chef Infra. Maybe you’re deep in the weeds on something like OHAI. Dan-Joe Lopez and Juan Martinez Sr. from SAP gave us some insight into working with “Custom OHAI Plugins at Enterprise Scale”. While it seems really niche, another attendee told me he was going to use their project almost immediately after ChefConf. You just never know where the kindred spirits are.

          Maybe you’ve been using Chef Infra for a long time. Some of our users have been working on Chef for years and share their stories about maintaining and improving their Chef installations to help their organizations. Capital One has shared their evolution story with us. They started in 2018 with “Capital One’s Fully Automated, Scalable & Regionally Fault-tolerant Chef Platform” and returned in 2019 to give us an update, “Evolution of Capital One’s Enterprise Chef Platform”. Maybe you’ve seen them at a Chef Meetup, too. What have you learned about using Chef Infra over the years that might be interesting to others? Maybe there have been some surprises about automating your platforms, or some intriguing lessons learned.

        • Libre Graphics Meeting Call for Proposals

          The Libre Graphics Meeting (LGM) is the annual international convention for the discussion and development of free and open source graphics software.

          This year it will happen in Rennes, France, from May 26th to 29th. We are welcoming all relevant projects to submit a proposal for a talk and/or a workshop. We already expect Krita and Kdenlive teams to be present. The Krita sprint will be held after the meeting and Kdenlive are planning to have a sprint around that time too. It would be awesome to also see some people from Plasma team working on graphics tablet support and color management, or any other topic of interest for developers and users of graphics creation application.

          LGM are now asking for talks, workshops, BoF meetings and lightning talks for the conference. Please don’t be shy and submit your proposal.

      • Web Browsers

        • Mozilla

          • Introducing CRLite: All of the Web PKI’s revocations, compressed

            CRLite is a technology proposed by a group of researchers at the IEEE Symposium on Security and Privacy 2017 that compresses revocation information so effectively that 300 megabytes of revocation data can become 1 megabyte. It accomplishes this by combining Certificate Transparency data and Internet scan results with cascading Bloom filters, building a data structure that is reliable, easy to verify, and easy to update.

            Since December, Firefox Nightly has been shipping with with CRLite, collecting telemetry on its effectiveness and speed. As can be imagined, replacing a network round-trip with local lookups makes for a substantial performance improvement. Mozilla currently updates the CRLite dataset four times per day, although not all updates are currently delivered to clients.

          • The End-to-End Design of CRLite

            CRLite is a technology to efficiently compress revocation information for the whole Web PKI into a format easily delivered to Web users. It addresses the performance and privacy pitfalls of the Online Certificate Status Protocol (OCSP) while avoiding a need for some administrative decisions on the relative value of one revocation versus another. For details on the background of CRLite, see our first post, Introducing CRLite: All of the Web PKI’s revocations, compressed.

            To discuss CRLite’s design, let’s first discuss the input data, and from that we can discuss how the system is made reliable.

      • Productivity Software/LibreOffice/Calligra

        • Problem with LibreOffice installed with SiGUI

          Some days ago I got a crash in current developer build (future LibreOffice 6.5) that was installed with SiGUI. Nobody could repro that crash, but I got it every time. Deleting of user profile have not help. I always installed LibreOffice for testing into the same directory on top of old version. It was a reason for my problem! A crash disappeared only after LibreOffice installing to another clean directory.

      • CMS

        • What’s new for accessibility in Gutenberg 7.2

          When editing a block, the tab order has been adjusted. Rather than tabbing to the next block, for example from one paragraph to the next, pressing tab will now put focus into the side bar for the active block. Further tabbing will move through the controls of said side bar. Shift+Tab will go in the opposite direction.

          Likewise, when in the main contents area of a block, Shift+Tab will now move focus to the toolbar consistently and through its controls. It will also skip the drag handle for a block, because this is not keyboard operable. Tab will stop on the items to move the block up or down within the current set of blocks.

          This makes the keyboard focus much more consistent and alleviates the need to use the custom keyboard shortcuts for the side bar and toolbar. These do still work, so if you have memorized them, you can continue using them. But you do not need to, tab and shift+tab will now also take you to expected places consistently.

      • FSF

        • GNU Projects

          • It Looks Like GCC’s Long-Awaited Git Conversion Could Happen This Weekend

            The long in development process of converting GCC’s SVN repository to Git for using this modern distributed revision control system for developing the GNU Compiler Collection in the 2020s may finally be complete in the days ahead.

            Joseph Myers of CodeSourcery and one of the GCC steering committee members announced that Eric S Raymond’s Reposurgeon utility should now be up to the task of converting GCC’s SVN repository to Git and doing so the best following a number of last minute improvements.

          • Proposal for the transition timetable for the move to GIT
            On Wed, 8 Jan 2020, Eric S. Raymond wrote:
            > They use your feedback to find places where their comment-processing
            > scripts could be improved; we've used it learn what additional
            > oddities in ChangeLogs we need to be able to handle automatically.
            I've used comparisons of authors in the two conversions - in cases where 
            they get different human identities for the author, not just different 
            email addresses or name variants - to identify cases for manual review, 
            since ChangeLog parsing is the most subjective part of doing a conversion 
            and cases where different heuristics produce different results indicate 
            those worthy of manual review.
            Apart from about 1600 with no changes to ChangeLog files but a ChangeLog 
            entry in the commit message, which I reviewed mostly automatically to make 
            sure I agreed with Maxim's author extraction with only limited manual 
            checks on those that looked like suspect cases, that involved reviewing 
            around 3000 commits manually; I've now completed that review.  Some of 
            those are also subjective cases even after review (for example, where the 
            commit involved one person backporting another person's patch).
            In the set of around 1200 commits with both ChangeLog and non-ChangeLog 
            files being changed, which did not look like backports, for example, I 
            arrived at around 400 author improvements from this review (not all of 
            them the same authors as in Maxim's conversion), while for around 800 
            commits I concluded the reposurgeon author was preferable.  (The typical 
            case where reposurgeon does better is where successive commits add new 
            ChangeLog entries under an existing ChangeLog header.  The typical case 
            where I added fixes was where a commit made nonsubstantive changes under 
            an existing header, as well as adding new entries, which is hard to 
            distinguish automatically from a multi-author commit so reposurgeon 
            conservatively treats as a multi-author commit.)
            In the case of ChangeLog-only commits, where reposurgeon assumes they are 
            likely to be fixing typos or similar and so does not extract an 
            attribution from ChangeLog files in such commits, manual review identified 
            many cases (especially in the earlier parts of the history) where the 
            ChangeLog was committed separately from the substantive parts of the patch 
            and so a better attribution could be assigned to those substantive 
            I consider the reposurgeon-based conversion machinery to be in essentially 
            its final state now; I don't have any further authors to review, Richard 
            doesn't have any further Bugzilla-based commit summaries to review and we 
            don't know of any relevant reposurgeon bugs or missing features.  I'm 
            running a conversion now to verify both the current state of the fixups 
            and the Makefile integration of the conversion and subsequent automated 
            validation, and will make that converted repository available for final 
            checks if this succeeds.  Compared to the previous converted repository, 
            this one has many author fixups, a fix for a bug in the author fixups 
            where they broke commit dates, and reposurgeon improvements to avoid 
            producing unidiomatic empty git commits in the converted repository for 
            things such as branch and tag creation.
            This converted repository uses the ref rearrangements along the lines 
            proposed by Richard (so dead branches and vendor branches are available 
            but not fetched by default); the objects from the existing git mirror will 
            also be included in the repository (so existing gitweb links to such 
            objects in list archives continue to work, for example, as long as they 
            aren't links to objects that were made unreachable at some point in the 
            mirror's history), but again under ref names that are not fetched by 
            As noted on overseers, once Saturday's DATESTAMP update has run at 00:16 
            UTC on Saturday, I intend to add a README.MOVED_TO_GIT file on SVN trunk 
            and change the SVN hooks to make SVN readonly, then disable gccadmin's 
            cron jobs that build snapshots and update online documentation until they 
            are ready to run with the git repository.  Once the existing git mirror 
            has picked up the last changes I'll make that read-only and disable that 
            cron job as well, and start the conversion process with a view to having 
            the converted repository in place this weekend (it could either be made 
            writable as soon as I think it's ready, or left read-only until people 
            have had time to do any final checks on Monday).  Before then, I'll work 
            on hooks, documentation and maintainer-scripts updates.
            As well as having objects from the existing git mirror available under 
            refs that are not fetched by default, that mirror will remain available 
            read-only at git://gcc.gnu.org/git/gcc-old.git (which already exists, 
            currently a symlink to the mirror).
      • Programming/Development

        • Russ Allbery: DocKnot 3.02

          DocKnot is my set of tools for generating package documentation and releases. The long-term goal is for it to subsume the various tools and ad hoc scripts that I use to manage my free software releases and web site.

          This release includes various improvements to docknot dist for generating a new distribution tarball: xz-compressed tarballs are created automatically if necessary, docknot dist now checks that the distribution tarball contains all of the expected files, and it correctly handles cleaning the staging directory when regenerating distribution tarballs. This release also removes make warnings when testing C++ builds since my current Autoconf machinery in rra-c-util doesn’t properly exclude options that aren’t supported by C++

        • This Week in Rust 320

          Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

        • Niko Matsakis: Towards a Rust foundation

          So let’s talk a bit more about the two goals that I set forth for a Rust foundation. The first was to clarify Rust’s status as an independent project. In some sense, this is nothing new. Mozilla has from the get-go attempted to create an independent governance structure and to solicit involvement from other companies, because we know this makes Rust a better language for everyone.

          Unfortunately, there is sometimes a lingering perception that Mozilla “owns” Rust, which can discourage companies from getting invested, or create the perception that there is no need to support Rust since Mozilla is footing the bill. Establishing a foundation will make official what has been true in practice for a long time: that Rust is an independent project.

          We have also heard a few times from companies, large and small, who would like to support Rust financially, but right now there is no clear way to do that. Creating a foundation creates a place where that support can be directed.

        • I am broot: The Reg chats to French dev about Rust tool that aims to improve directory navigation

          Rust developer Denys Séguret, from Lyon, France, wanted a better way to view and search directories, so he coded his own, sparking interest from others with similar frustrations.

          Broot is a command-line utility for listing and manipulating files and directories – basic functionality that you would have thought could hardly be improved, 50 years since the invention of Unix.

          Séguret found that was not the case, particularly when it came to navigating source code that can have thousands of files in a single project. “I deal with many many projects, more than what my brain can memorise. So I always have to look a little to know how a project works,” he told The Register.

        • Perl / Raku

          • No more rhyming and I k-means it!

            “… anybody wanna peanut?” – Fezzik, TPB

            When last we saw our heroes, they had just applied PDL::Stats::Kmeans to a CSV file of car data with no thought regarding their own well-being.

            In today’s episode, we see them slice through data to identify clusters of cars, only to find they know less than they did before!

            Read on, true believers!

        • Python

          • Serverless Python And Why You Should Try It Out

            At the January 2020 Python Frederick event, Patrick Pierson showed the group how you can use Python in different serverless services on AWS and GCP. He also showed a couple of serverless frameworks like Serverless and Chalice.

          • Convert Strings to Numbers and Numbers to Strings in Python

            Python allows you to convert strings, integers, and floats interchangeably in a few different ways. The simplest way to do this is using the basic str(), int(), and float() functions. On top of this, there are a couple of other ways as well.

            Before we get in to converting strings to numbers, and converting numbers to strings, let’s first see a bit about how strings and numbers are represented in Python.

            Note: For simplicity of running and showing these examples we’ll be using the Python interpreter.

          • Python first()

            Python prides itself on being a newbie-friendly language; its developers have gone out of their way to try to ensure that easy tasks are straightforward to program. A recent discussion on the python-ideas mailing list looked at a use case that is common, but often implemented in an inefficient, incorrect fashion, with an eye toward making it easier to do correctly. Finding the first match for a regular expression in a body of text is where the conversation started, but it went in some other interesting directions as well.

          • Learn PyQt: Build GUI layouts with Qt Designer for PyQt5 apps

            When laying out your Qt GUIs it can be quite a tricky task to place every widget in the right position on your forms. Fortunately, Qt offers a set of layout managers that simplify the process of widget positioning and will allow you to easily create any kind of layout. To lay out the widget in a form, you can create everything in code, or you can create your layout with Qt Designer. In this tutorial, you’ll learn how to use Qt’s layouts with Qt Designer to build complex GUIs for your applications.

            Additionally, we’ll create a dialog example using several widgets with a coherent layout to reinforce your knowledge and put everything together into a fully functional dialog just like you would create in a real-world application.

  • Leftovers

    • Science

      • [Older] Happy 50th Birthday To All You Epoch Birthers

        Good morning everyone, and what a lovely start to the new year it is, because it’s your birthday! Happy birthday, it’s your 50th! What’s that you say, you aren’t 50 today? (Looks…) That’s what all these internet databases say, because you’ve spent the last decade or so putting 1970-01-01 as your birth date into every online form that doesn’t really need to know it!

        It’s been a staple for a subset of our community for years, to put the UNIX epoch, January 1st 1970, into web forms as a birth date. There are even rumours that some sites now won’t accept that date as a birthday, such is the volume of false entries they have with that date. It’s worth taking a minute though to consider UNIX time, some of its history and how its storage has changed over the years.

    • Integrity/Availability

      • Proprietary

        • Opera 66 Makes it Easier for Users to Reopen Closed Tabs and Access Add-Ons

          Opera Software kicked off 2020 with a new stable release of its cross-platform, Chromium-based Opera web browser for GNU/Linux, macOS, and Windows platforms.

          Opera 66 has been released earlier this week as the latest and greatest version of this Chromium-based web browser, adding various enhancements to the user interface to make it easier for users to access sidebar extensions, as well as to help them more quickly reopen tabs that were closed by accident.

          “We have an easy solution for this, one that doesn’t require going to the full history section. When you click the clock icon that takes you to history, your browser will ask if you would like to reopen your recently closed tabs. If you click yes, they will come back as if you had never closed them in the first place,” said Opera Software’s Joanna Czajka.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Falco Incubated at CNCF | What does it mean for the project, community and Sysdig?

                Falco, the open source cloud-native runtime security project originally created by Sysdig, has been accepted as a Cloud Native Computing Foundation (CNCF) Incubation-level project. We sat down with Kris Nova, Chief Open Source Advocate at Sysdig and Loris Degioanni, CTO and Founder of Sysdig to understand the evolution of the project.

        • Security

          • Firefox 72.0.1 released

            There is another Firefox release out there; this advisory suggests that updating quickly would be a good idea: “Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw.”

          • The U.S. government says you need to update Firefox right now

            If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer.

            The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.

            “Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads.

          • Firefox gets patch for critical 0-day that’s being actively exploited

            Mozilla has released a new version of Firefox that fixes an actively exploited zero-day that could allow attackers to take control of users’ computers.

            In an advisory, Mozilla rated the vulnerability critical and said it was “aware of targeted attacks in the wild abusing this flaw.” The US Cybersecurity and Infrastructure Security Agency said one or more exploits were “detected in the wild” and warned that attacks could be exploited to “take control of an affected system.” The Mozilla advisory credited researchers at China-based Qihoo 360 with reporting the flaw.

            No other details about the attacks were immediately available. Neither Mozilla nor Qihoo 360 responded to emails asking for more information.

            CVE-2019-17026, as the vulnerability is indexed, is a type confusion, a potentially critical error that can result in data being written to, or read from, memory locations that are normally off-limits. These out-of-bounds reads may allow attackers to discover memory locations where malicious code is stored so that protections such as address space layout randomization can be bypassed. Out-of-bounds reads can also cause crashes.

          • Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!

            Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems?

            If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla’s website.

            Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing software that an undisclosed group of hackers is actively exploiting in the wild.

            Tracked as ‘CVE-2019-17026,’ the bug is a critical ‘type confusion vulnerability’ that resides in the IonMonkey just-in-time (JIT) compiler of the Mozilla’s JavaScript engine SpiderMonkey.

          • The year of encryption is upon us

            1969 will forever be known as the year humans walked on the moon. Gary Ross Dahl rocked the world again in 1975 with the introduction of the Pet Rock. And MTV celebrated the moon landing and popular culture – and changed the music world – when it launched in 1981.

            The world remembers 1989 as the year the Berlin Wall fell, opening the door to a unified Germany. It’s hard to forget 2008, the year the financial crisis hit. And 2015 was the year of the millennial, when this group surpassed baby boomers as the biggest U.S. generation.

            Each year has its defining moments and trends. And 2020 will be the Year of Encryption.

            Here’s why: Encryption is a key technology in protecting sensitive information such as social security numbers, government IDs and financial data. It is also an important part of personal data privacy – a key consumer and compliance concern. Given the importance of encryption it is also a subject of debate at the U.S. state and federal level and elsewhere in the world.

          • KRSI — the other BPF security module

            One of the first uses of the BPF virtual machine outside of networking was to implement access-control policies for the seccomp() system call. Since then, though, the role of BPF in the security area has not changed much in the mainline kernel, even though BPF has evolved considerably from the “classic” variant still used with seccomp() to the “extended” BPF now supported by the kernel. That has not been for a lack of trying, though. The out-of-tree Landlock security module was covered here over three years ago. We also looked at the kernel runtime security instrumentation (KRSI) patch set in September. KP Singh has posted a new KRSI series, so the time seems right for a closer look.
            While KRSI is implemented as a Linux security module and is able to make access-control decisions, access control does not appear to be the core goal behind this work. Instead, KRSI exists to keep an eye on system behavior overall in order to detect attacks. It is, in a sense, better thought of as an extension of the kernel’s audit mechanism that uses BPF to provide a higher level of configurability beyond what the audit subsystem can do.

            The concept behind KRSI is simple enough: it allows a suitably privileged user to attach a BPF program to any of the hundreds of hooks provided by the Linux security module subsystem. To make this attachment easy, KRSI exports a new filesystem hierarchy under /sys/kernel/security/bpf, with one file for each hook. The bpf() system call can be used to attach a BPF program (of the new type BPF_PROG_TYPE_LSM) to any of these hooks; there can be more than one program attached to any given hook. Whenever a security hook is called, all attached BPF programs will be called in turn; if any BPF program returns an error status, then the requested action will be denied.

          • Security updates for Thursday

            Security updates have been issued by Debian (firefox-esr), Fedora (firefox), Oracle (kernel), Slackware (firefox and kernel), SUSE (apache2-mod_perl, git, java-1_7_0-ibm, java-1_7_1-ibm, log4j, mariadb, and nodejs8), and Ubuntu (gnutls28, graphicsmagick, and nss).

          • What Is a Rootkit and How Does It Work?

            Here’s everything you need to know about the most dangerous breed of security threats

            The cyber security industry might not have perfected the techniques to thwart security threats completely, but it has definitely mastered the art of naming security threats. Names like trojans, worms, viruses, malware, ransomware are a testament to this. But today, we’re going to talk about another threat that might not have as original a name as others but definitely trumps all of them when it comes to destroying your privacy and security: rootkits.

            What is a rootkit and what does it mean for you in terms of data security and privacy?

            Today, we’re going to explore this pernicious threat — one that might be lurking on your computer right now.

            Let’s hash it out.

          • Securing Ubuntu with AppArmor
    • Defence/Aggression

      • Video in apparent Epstein suicide attempt is lost, US says
      • A new cold war

        As American and Iranian forces stand down in the middle East, the next confrontation will take place in a very different environment.

        Junior athletes from around the world, including America and Iran, will come face to face on the slopes of the Swiss alps just days after their adult leaders went to the brink of war. Will these young athletes, aged 15 to 18 years, demonstrate more maturity than the man running a superpower?

        On my tour of the Lausanne 2020 Olympic Village I was lucky to meet teams from Ireland, Australia and a host of other countries.

    • Environment

    • Civil Rights/Policing

      • Coventry to host UK’s first-ever pan-African cultural festival

        The UK’s first annual African cultural festival is set to be held in the West Midlands this summer.

        Described as a “jamboree of all things Africa”, Ubuntu Pride will celebrate a fusion of African culture through traditional music, arts, dance and food.

        The event is expected to take place outdoors in Coventry on August Bank Holiday weekend, as organisers continue to plan for the inaugural event.

    • Digital Restrictions (DRM)

      • Maddock: The End of Indie Web Browsers

        Samuel Maddock writes that the adoption of the “encrypted media extensions” by the World Wide Web Consortium has had just the sort of effect that people were worried about four years ago. “No longer is it possible to build your own web browser capable of consuming some of the most popular content on the web. Websites like Netflix, Hulu, HBO, and others require copyright content protection which is only accessible through browser vendors who have license agreements with large corporations.”

    • Monopolies

      • Skyroam attacks uCloudlink over trade secret theft
      • Patents

        • Amgen Inc. v. Amneal Pharmaceuticals LLC (Fed. Cir. 2020)


          The Federal Circuit also vacated the District Court’s finding that Amneal’s formulation, comprising Opadry, did not satisfy the claim limitation that an infringing formula comprise HPMC, holding that on remand the District Court should determine whether the amount of Opadry in Amneal’s formulation comprises 1% to 5% by weight of HPMC.

          Regarding Piramal’s product, the question before the Court was whether Amgen was precluded by prosecution history estoppel from a finding that this formulation infringed under the doctrine of equivalents. The District Court found, and the Federal Circuit affirmed, that Amgen had narrowed the claims for “reasons related to patentability” by accepting the Examiner’s amendment that inserted Markush language regarding the binder and disintegrant limitations. Thus, Amgen was estopped from asserting that the Piramal formulation’s pregelatinized starch was an equivalent to the expressly recited povidone in its claims (despite a paper submitted on the record during prosecution after the Examiner issued a Notice of Allowance that “[t]hese amendments have not been made in response to a prior art rejection but rather to place the claims in proper format and to better define the claimed subject matter, including equivalents”). And the panel also found unavailing Amgen’s argument that these amendments were tangential to patentability because they were made to avoid the prior art.

          Finally, with regard to Zydus’s product, the Federal Circuit affirmed the District Court’s finding that its product would infringe Amgen’s claims. In this case, Zydus’s product comprised starch as a diluent, a component expressly recited amongst the Markush group of diluents in Amgen’s claims. The panel did not find credible Amgen’s expert testimony (proffered with regard to Piramal’s product and asserted by Zydus against Amgen’s infringement contentions) that starch was a binder and not a diluent (on the ground that the expert proffered inconsistent testimony, changing it somewhat three times). The panel held that the District Court did not err in it infringement finding and affirmed that Zydus’s ANDA formulation literally infringed Amgen’s asserted claims.

        • A Different Analysis for Manufacturing Method Patents under the 35 U.S.C. § 271 (e)(1) Safe Harbor Provision?

          On December 16, 2019, the Federal Circuit affirmed a Delaware jury verdict finding that Hospira infringed Amgen’s method of manufacturing patent on erythropoietin (EPO) and that Amgen was entitled to $70 million in damages because most of the drug substance batches that Hospira made during the pre-approval period were not exempt under the Safe Harbor provision. The case arises from Hospira’s December 2014 submission of a Biologics License Application (BLA) to the FDA for approval to market a biosimilar to Amgen’s EPO product, Epogen.

          Amgen sued Hospira at the Delaware District Court in September 2015 for infringement of U.S. Patent No. 5,856,298 (the ’298 patent) under 35 U.S.C. §§ 271 (a) and 271 (e)(2)(C), and for infringement of U.S. Patent No. 5,756,349 (the ’349 patent) under U.S.C. §§ 271 (a). A jury trial was held in September 2017. At the time of the jury trial, Hospira’s BLA had not obtained FDA approval even though Hospira had been marketing a biosimilar of Epogen in Europe since 2007 and had expected to receive FDA approval in 2015. Instead, the FDA issued a Complete Response Letter (CRL) rejecting Hospira’s BLA in October 2015. Hospira did not receive its BLA approval until May 2018.

        • How Safe Is The Safe Harbor For Methods Of Manufacturing Biosimilar Products—It Depends On Why Each Batch Is Made

          In Amgen, Inc. v. Hospira, Inc., the Federal Circuit explained the application of 35 U.S.C. § 271(e)(1)’s safe harbor exemption to methods of manufacturing drug products. Specifically, the court held the exemption applies as long as there is a reasonable basis for believing that each act of manufacture was for uses reasonably related to a Food and Drug Administration (FDA) submission. Moreover, each accused activity or act of manufacture must be evaluated separately to determine whether the exemption applies.

        • Federal Circuit Clarifies Limits of Safe Harbor Defense in Amgen v. Hospira

          In a case brought in the District of Delaware, Amgen alleged that Hospira infringed several patent claims over methods of manufacturing erythropoietin (EPO), a biologic drug used to treat anemia. Following a trial, a jury issued a $70 million verdict for Amgen, which was based in part on the jury’s conclusion that fourteen batches of drug substance for Hospira’s EPO biosimilar product were not covered by the Safe Harbor provision of 35 U.S.C. § 271(e)(1). After the district court denied Hospira’s motion for judgment as a matter of law or alternatively for a new trial, Hospira appealed on a number of issues, including the jury instructions and jury findings on its Safe Harbor defense.[2]

        • Abstract Patents

          • Single-Point-Of-Novelty Innovations and the Obvious-To-Try Analysis

            So far there are still no precedential opinions issued in 2020, and this is the first non-precedential patent related decision.

            Philips’ patent RE44,913 (“text entry method”) claims a 2001 filing date. At that time, a key focus of mobile-device development was on how to facilitate typing on these small devices with relatively imprecise touchpads. The basic idea behind the invention can be seen in the two figures below. On the left is a “default” keypad with showing “primary characters.”; holding down the “5” key will then switch the display to the keypad on the rights that has more available options (“secondary characters”). After selecting one of those options, they keypad returns to the default state.


            Slip Op. In the end, the appellate panel did not appear to directly fault the Board’s factual conclusions but rather Board’s legal analysis — in particular the meaning of “obvious-to-try” and its impact on the ultimate (legal) conclusion of obviousness.

      • Copyrights

        • New Year, Same Creative Authorship Requirement in US Copyright

          As 2019 faded and 2020 rose, the US Copyright Office Review Board affirmed two registration refusals; both concerned the attempted registration of layouts used in digital platforms. One regarded a mobile app to monitor energy usage, the other concerned the form of a web application displaying the various procedures performed by a specific doctor. Both were refused due to lack of creative authorship, thus serving as reminders of the minimal yet genuine requirement of “some creative authorship.”


          Although concerning distinct works, these refusals to register affirmed two key principles of creative authorship under US copyright. First, although only a mere “modicum of creativity” is required for copyright protection, there is a de minimis threshold, whereby short words and phrases, common shapes and designs, and basic forms are elements ineligible for copyright protection individually. Second, although such elements may be eligible for copyright protection when arranged, selected, and coordinated with creative authorship, arrangement by standard means, such as alphabetization, or “selection” by provision of an exhaustive list do not constitute creative choices. Decisions that are germane to the work at hand or are dictated by function are not eligible for protection; so says the Copyright Office in two separate decades.

Unintended Effect of DRM in GNU/Linux

Posted in DRM, GNU/Linux, Google at 11:54 am by Dr. Roy Schestowitz

Recent: Can We Quit Celebrating DRM in GNU/Linux?

We need Disney+ to support Linux!!!! Okay, move to Chrome now

Summary: Browser monopolies are being cemented due to DRM, which the DRM giants nowadays label ‘cross-platform’

Unitary Patent (UPC) Has Just Been Shot Again, But Team UPC is Unlikely to Talk About It

Posted in Deception, Europe, Patents at 11:04 am by Dr. Roy Schestowitz

Fake rockSummary: Downing Street (London) confirms that UPC is untenable; but don’t expect Team UPC to have much to say about it, except pretend that Milan can magically be renamed “London”

EARLIER this week we wrote about rumours that we believe to be very credible (supported by evidence); they’re about ‘Mrs. UPC’ of the European Patent Office (EPO) retiring, or having quietly retired some time back. We’ve long suspected something to that effect and merely waited for an official confirmation. António Campinos is unlikely to talk about it; this lady was to Battistelli the ‘right hand liar’ who trotted around the world seeding lies in the media.

“…it’s all about UPC lies and EPO corruption; those topics also attracted the most comments, many of which hostile towards the UPC and EPO management.”Kluwer Patent Blog, a longtime booster of the UPC, has just disclosed some reading statistics, revealing as usual that it’s all about the EPO; it’s all about UPC lies and EPO corruption; those topics also attracted the most comments, many of which hostile towards the UPC and EPO management. Friends of the EPO examiners have just taken note of it [1, 2] and we’re seeing similar trends in Managing IP (patent maximalists, UPC boosters, EPO apologists).

“And suffice to say, no UK participation means no UPC.”But here’s the “big news” this week (not likely to be regarded as big by those who are stressed by the message and want it to just “go away”); sporting a screenshot of text (yes, social control media is really that bad; with images as ‘hacks’ for too long a text), Joff and the 'IAM boys' (UPC boosters who came to accept they had promoted a dud for Battistelli cash) admit: “A statement issued by Downing Street this afternoon on the UK’s future relationship with the EU rules out any ECJ jurisdiction in the UK. That would seem to kill off hopes that the UK might be a member of any future Unified Patent Court system.”

And suffice to say, no UK participation means no UPC. No, they can’t just magically shoehorn Milan where London used to be (it’s in the text; they’d have to start all over again from scratch!).

“CJEU will have jurisdiction for biotech patents at least,” Benjamin Henrion noted. “The same patents that are supposed that were supposed to be litigated in London :-)” (and he separately told me that “if you want annoy GSK and the UPC boosters, you ask a parliamentary question about the CJEU supremacy over biotech patents :-)”).

“They’ve long been silent. Just like Team UPC in recent months. It’s like they went into hiding.”Poor Team UPC. Over one decade of endless nonsense and lies. And now they all look like a bunch of mugs. There may be software patents in Europe (granted by the EPO), but courts would typically cast these aside. “Back in 2004,” Henrion has just recalled, “the Irish presidency was pushing for software patents while being sponsored by Microsoft.”

Remember Charlie McCreevy and fellow proponents of software patents and UPC? They’ve long been silent. Just like Team UPC in recent months. It’s like they went into hiding.

As for Berlin, it already said it would watch what London does, not ratifying irrespective of the FCC’s determination.

Links 9/1/2020: Cockpit 210, UEK Release 6

Posted in News Roundup at 9:20 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • The best Linux laptop [Ed: Link for EU readers (blocked by this site)]

        While Linux is definitely not the most well-known operating system for a computer, it’s one worth considering. Linux uses open source programming, meaning dedicated user groups write and edit the code themselves. Laptops with Linux preinstalled on them are not easy to find, but they will give you a good level of performance and good value.
        To learn more, keep reading our buying guide, which includes reviews of a few of our favorites at the end. Our top choice is the Lenovo Business 330S Laptop, which has outstanding power and performance along with a full HD resolution display screen.

      • Dell’s super XPS 13 gets even better

        I’ve carried a 2018 XPS 13 to more meetings and conferences than I want to remember. Not because I didn’t have any other choice, but because the XPS 13 was (is) lightweight, ran for a day so I didn’t have to tote a charger or backup battery, has fast face recognition log in (the thing I hate the most THE MOST is passwords), and has two kinds of holes in it: HDMI and USB-C. My only complaint was the screen resolution. The screen itself is plenty bright and sharp. We pass down computers we get to test, the 2018 XPS 13 will be one of the last ones, it’s that good.

        Well, now I may be willing to let it go. Dell has come out with a new and improved version.

      • Messed up laptop: Linux recovery

        Remember, I told you about a messed up laptop? Well, let’s elaborate, shall we. I was doing some testing with imaging & recovery software, and once I was done, I wanted to see how well the process had gone. Not well, it turned out. GRUB was there, but no entry in the menu worked initially. Once I had that promptly fixed, I saw that Windows 10 wouldn’t boot, and wouldn’t auto-repair, and half the distros on the system (out of the total eight) in the multi-boot setup wouldn’t start either, going into emergency mode. We’re talking the full share of distros, take your pick.

        Now, the GRUB recovery was quite tricky – none of the methods I could think of worked, and I ended up installing a test distro just to get the bootloader configured properly. Then, I started one of the distros that DID work, and noticed there was no data loss. Everything was there, all the partitions were sane and whole, and the files were in their right place, Linux and Windows included. In this article, I’d like to show you how I went about this problem, and how I fixed it – and in the sequel, we shall do the same for Windows 10. A useful exercise. Follow me.

      • Best Linux Distribution For Windows Users In 2020

        Recently, we published an article on the list of Linux operating systems for the computer with low specs or old computers and laptops. Today, we are writing about an article for the Windows users who are planning to use Linux for the first time in 2020.

    • Server

      • Cumulus’s Linux to Run Networks for Large HPE Storage Clusters
      • Software Development, Microservices & Container Management – Part IV – About making Choices – CaaSP 4 as SUSE’s empowering of Kubernetes

        Together with my colleague Bettina Bassermann and SUSE partners, we will be running a series of blogs and webinars from SUSE (Software Development, Microservices & Container Management, a SUSE webinar series on modern Application Development), and try to address the former questions and doubts about K8s and Cloud Native development and how it is not compromising quality and control.

      • IBM

        • Huawei Releases openEuler, A CentOS-Based Linux Distribution

          Huawei has released the source code of openEuler, a CentOS-based Linux distribution. Enterprise edition of openEuler called EulerOS is already available, and now Huawei has released its community edition. However, as many would expect, the source code of openEuler is not available on Github, it’s published on Gitee, a Chinese Github alternative.

          When you visit the source code of openEuler Linux distribution, you’ll find two components…

        • Huawei Unveils OpenEuler, CentOS-Based Linux Distribution

          Huawei has released the source code of openEuler, its distribution of Linux based on CentOS. The operating system was formally launched by Huawei in September 2019 in response to U.S. sanctions, which had briefly affected the company’s access to Windows and Android operating systems. The source code has now been published on Gitee, the Chinese version of Github.

          OpenEuler comprises two organizations on Gitee, one for source code and one for package sources. The openEuler organization was keen to highlight two particular packages, iSulad and A-Tune, among the openEuler source code. “iSulad is a lightweight gRPC service-based container runtime. Compared to runc, iSulad is written in C, but all interfaces are compatible with OCI. A-Tune is a system software to auto-optimize the system adaptively to multiple scenarios with embedded AI-engine.” The announcement continues: “You will also see several infrastructure-supported projects that set up the community’s operating systems… these systems are built on the Huawei Cloud through script automation.”

        • Huawei unveils openEuler, CentOS-based Linux distribution

          Huawei has released the source code of openEuler, its distribution of Linux based on CentOS. However, in the spirit of the age, it has published the source code of its Linux distribution on Gitee, rather than Github.

          The operating system was formally launched by Huawei in September 2019 in response to US sanctions, which had briefly affected the company’s access to Windows and Android operating systems.

          The company is still running under its second three-month extension exempting it from the full provisions of the US government’s Entity List, which ordinarily requires a US company to apply for and receive a licence to trade with a named ‘entity’.

        • Satellite Host Configuration with RHEL System Roles Powered by Ansible

          Most of the Red Hat Enterprise Linux (RHEL) system administrators I talk to are looking for ways to further automate tasks in order to save time and make their systems more consistent?this can lead to better reliability and improve security in the environment.

          RHEL System Roles Powered by Ansible is a feature introduced in RHEL 7.4 as a technology preview, and became a supported feature in RHEL 7.6. These system roles allow you to configure several aspects of RHEL: SELinux, kdump, network configuration, and time synchronization. As of RHEL 7.7, a Postfix system role is also available as a technology preview.

          Using RHEL System Roles Powered by Ansible allows you to automate these configurations across your environment. In addition, system roles provide a consistent configuration interface across major RHEL versions. You can use the same system roles to automate the configuration on RHEL 6.10 or later, RHEL 7 and RHEL 8 systems, even when the underlying technologies change between versions.

          For example, for time synchronization, rather than having to learn how to configure ntp on RHEL 6 and how to configure chrony on RHEL 7 and RHEL 8, you just need to know how to use the time synchronization system role. The system role will automatically translate that configuration to ntp on RHEL 6 and chrony on RHEL 7 and 8. This makes management easier and saves time, especially in environments with a mixture of RHEL 6, RHEL 7, and RHEL 8.

        • 6 requirements of cloud-native software

          For many years, monolithic applications were the standard enterprise architecture for achieving business requirements. But that changed significantly once cloud infrastructure began treating business acceleration at scale and speed. Application architectures have also transformed to fit into the cloud-native applications and the microservices, serverless, and event-driven services that are running on immutable infrastructures across hybrid and multi-cloud platforms.

        • Debugging applications within Red Hat OpenShift containers

          There are debugging tools that can be used within containers but are not preinstalled in container base images. Tools such as strace or Valgrind must be included in a container during the container image build process.

          In order to add a debugging tool to a container, the container image build process must be configured to perform additional package installation commands. Whether or not package installation is permitted during the image build process depends on the method being used to build the container image. OpenShift provides several methods of building container images. These methods are called build strategies. Currently, OpenShift supports the Dockerfile, Source-to-Image (S2I), Pipeline, and Custom build strategies. Not all build strategies allow package installation: Of the most commonly-used strategies, the Dockerfile strategy permits package installation but the S2I strategy does not, because an S2I build process builds the container image in an unprivileged environment. A build process within an unprivileged environment lacks the ability to invoke package installation commands.

    • Audiocasts/Shows

      • 2020-01-08 | Linux Headlines

        Tails has a new trick to keep you secure, Google?s Project Zero is making a change, and OpenMandriva ups its package game. Plus the KDE Community?s well-timed new campaign.

      • FLOSS Weekly 561: Titan

        Titan is an open-source project for developers to manage their data like code. Titan makes it easy to run your favorite database in a docker container on your laptop or in Kubernetes, but with the power of versioning the underlying data. Titan’s git-like CLI enables developers to clone, commit, checkout, push, and pull data just like code, making it easy to rollback to a previous state, build a test data library, or share a structured dataset with collaborators.

      • 2×62: Hey Eckhardt

        Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which what will happen in 2020 is laid out for your consideration with perfect precision. Yes, it’s the predictions episode!

      • Explaining Linux and Open Source as Concepts | Choose Linux 26

        Trying to explain what Linux and open source are can be tricky. We discuss our various approaches, and how they differ depending on the experience of who we are explaining them to.

      • The Linux Link Tech Show Episode 839

        the new year, data modeling, upgrades, fun stuff

    • Kernel Space

      • EXT4 Gets More Direct I/O Optimizations – Can Help Some Database Workloads Around ~140%+

        A few days ago I wrote about a big improvement to write performance for EXT4′s Direct I/O code path but that is not the only DIO optimization coming for Linux 5.6. Thanks to IBM, another big EXT4 DIO boost can be found for database workloads.

        Other EXT4 development work currently in its queue ahead of the Linux 5.6 cycle is helping the inode lock scalability for Direct I/O mixed read/write workloads. The issue was pointed out by an Alibaba engineer last summer in a significant performance regression with EXT4′s DIO performance under mixed read/write scenarios. The Alibaba engineer bisected the issue to a mainline kernel commit from 2016 when the performance became worse. The problem was quite noticeable with an Intel P3600 NVMe solid-state drive.

      • Intel Media Driver Q4-19 Brings Tiger Lake, Jasper Lake, Better Encode/Decode

        Quietly released over the holidays was Intel’s quarterly update to the Intel Media Driver that serves as their modern open-source GPU-accelerated video encode/decode solution for Linux systems.

        This “Intel Media Driver” is their new VA-API solution they began back in 2017 to succeed their earlier Intel VA-API Linux drivers. The open-source Media Driver still uses the Video Acceleration API (VA-API) and remains focused on Broadwell through Ice Lake and now Tiger Lake / Jasper Lake / Elkhart Lake graphics hardware.

      • Intel Working On “Virtual Bus” As Generic Way Of Exchanging Data Between Devices/Driver

        In addition to Intel IGC network driver performance-boosting TSO support, also queued within Intel’s next-queue tree of networking changes is a new software bus called Virtual Bus.

        Virtual Bus “Virtbus” is a software-based bus devised by Intel for generic virtbus_devices and virtbus_drivers. Virtbus is lightweight and intended for dealing with the generic devices/drivers wanting to pass chunks of data to other virtbus_device-using devices.

      • Linux 5.6 To Make Use Of Intel Ice Lake’s Fast Short REP MOV For Faster memmove()

        While Intel has offered good Ice Lake support since before the CPUs were shipping (sans taking a bit longer for the Thunderbolt support as a key lone exception, since resolved), a feature that’s been publicly known since 2017 is the Fast Short REP MOV behavior and finally with Linux 5.6 that is being made use of for faster memory movements.

        The Fast Short REP MOV with Icelake allows for faster moves of data from one location to another. With the upcoming Linux 5.6 cycle the Fast Short REP MOV (FSRM) is finally being added to the CPU features (X86_FEATURE_FSRM) for easily detecting its presence on supported CPUs. Intel’s Tony Luck who added the patch explained, “Beginning with processors based on Ice Lake Client microarchitecture, REP MOVSB performance of short operations is enhanced. The enhancement applies to string lengths between 1 and 128 bytes long.”

      • 2019 at Bootlin, a year in review

        First of all, the entire team at Bootlin wishes you a Happy New Year, and best wishes for 2020 in your personal and professional life. The beginning of the new year is a good time to look back and see the achievements of the past year, which is why we review the 2019 year in terms of Bootlin news and activity.

      • Bootlin Wraps Up Feature Development On The Allwinner Cedrus VPU Driver

        While the Allwinner VPU “Cedrus” video decode driver is a wonderful success of open-source third-party work expanding Linux’s multimedia hardware acceleration capabilities, consulting firm Bootlin who spearheaded this driver is for now at least is ending feature development on this driver.

        The talented folks at Bootlin who specialize in embedded Linux development had been working on this Linux kernel driver developed independent of Allwinner but for their VPU hardware. This was made possible via crowd-funding for improving the hardware-accelerated video decoding potential in particular for Allwinner SoCs.

      • UEK Release 6 Developer Preview available for Oracle Linux 7 and Oracle Linux 8

        The Unbreakable Enterprise Kernel (UEK), included as part of Oracle Linux, provides the latest open source innovations, optimizations and security for enterprise cloud workloads. The UEK Release 5, based on the upstream kernel 4.14, is the current UEK release that powers the production workloads on Oracle Linux 7 in the cloud or on-premises.

        Linux 5.4 is the Latest Stable Kernel release, and it is the mainline kernel that the UEK Release 6 tracks. You can experiment the UEK Release 6 preview today with Oracle Linux 7 and Oracle Linux 8 on both x86_64 and aarch64 platforms.

        The example below is using an Oracle Linux 8 x86_64 instance on Oracle Cloud Infrastructure. The kernel was upgraded to the UEK Release 6 preview within a few minutes. The same upgrade procedures apply to an Oracle Linux 7 or Oracle Linux 8 instance running on-premises.

      • Oracle’s Unbreakable Enterprise Kernel 6 Is Tracking Linux 5.4

        Oracle has released a developer preview of their forthcoming Unbreakable Enterprise Kernel 6 to Oracle Linux users, the company’s spin of Red Hat Enterprise Linux. With Oracle UEK 6, Linux 5.4 serves as the new base.

        The current UEK Release 5 series has been tracking the aging Linux 4.14 LTS series with Oracle Linux 7. Meanwhile the new Unbreakable Enterprise Kernel Release 6 series will be tracking Linux 5.4 upstream.

      • Graphics Stack

        • NVIDIA have a new Vulkan Beta driver out, adds a fix for DXVK

          NVIDIA continue advancing their special Vulkan Beta driver, the one that gets all the upcoming features that need a little extra time to brew.

          Released today, the NVIDIA 440.43.02 driver includes a fix for those of you playing with DXVK, the D3D9/10/11 to Vulkan layer. Sometimes games might endlessly loop during shader compilation if no “OpSource instruction was present” which should now be sorted. Edit: From what I’ve now been told, this was specifically when using vkBasalt with DXVK.

        • AMDGPU Linux 5.5 Fixes 8K / 4K120 Output, Hits Sync Object Timeline Support For Vulkan

          While on the back-half of the Linux 5.5 kernel cycle, sent in on Wednesday were an interesting batch of AMDGPU driver fixes that are quite notable.

          First up, the reverting of the retry faults behavior is part of this pull request. This code revert is about helping the stability of recent AMD APUs that for some Linux users has meant frequent hangs unless this functionality was disabled. The alternative to try this workaround is booting the kernel with amdgpu.noretry=0 to achieve the same effect on existing kernel releases.

    • Benchmarks

      • Chrome 79 Is Running Past Firefox 72 Performance On Linux

        While no major performance improvements were noted as part of the release notes, given this week’s Firefox 72 release here are some fresh benchmarks of Firefox 70/71/72 on Ubuntu Linux benchmarked with and without WebRender being enabled. As well, these numbers show how Firefox on Linux is currently stacking up against Google Chrome 79 as its latest stable release.

      • Benchmarks Of Clear Linux’s Native Kernel Against Current/Mainline/Preempt-RT Kernels

        Given the recent discussions over the default performance of the Linux scheduler, the Liquorix patches to the Linux kernel, and other recent forum discussions over different kernel configurations and flavors, here are some reference benchmarks looking at the performance of some of the kernel options available to Clear Linux users.

        Besides the default “native” kernel option for bare metal Clear Linux installs, there are also current/mainline options that more closely follow the upstream state compared to the default Clear kernel configuration that generally carries a number of patches (their current kernel patches listed here). There is also a preempt-rt kernel option for those wanting a real-time kernel. More details on the various kernel flavors can be found via the ClearLinux.org bundle search.

    • Applications

      • Cockpit 210 and Cockpit-podman 12

        Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 210.

      • curl 7.68.0 with etags and BearSSL

        We ship a new TLS backend: BearSSL. The 14th.

        We ship two new command line options for ETags.

        We provide a new API call to wakeup “sleeping” libcurl poll calls.

        We changed the default handling in libcurl with OpenSSL for verifying certificates. We now allow “partial chains” by default, meaning that you can use an intermediate cert to verify the server cert, not necessarily the whole chain to the root, like you did before. This brings the OpenSSL backend to work more similar to the other TLS backends, and we offer a new option for applications to switch back on the old behavior (CURLSSLOPT_NO_PARTIALCHAIN).

        The progress callback has a new feature: if you return CURL_PROGRESSFUNC_CONTINUE from the callback, it will continue and call the internal progress meter.

        The new command line option –parallel-immediate is added, and if used will make curl do parallel transfers like before 7.68.0. Starting with 7.68.0, curl will default to defer new connections and rather try to multiplex new transfer over an existing connection if more than one transfer is specified to be done from the same host name.

      • Introducing gtherm

        Continuous temperature monitoring from the kernel’s /sys/class/thermal/ in an application can be cumbersome. gtherm aims to make that simpler by providing a daemon (gthd) that exports thermal zones and cooling cells over DBus and providing a small library libgtherm (and GObject introspection bindings). gthcli is a simple command line client that displays the currently found values…

      • Kaidan for the Masses: Our Upcoming 9-seconds-registration

        What’s XMPP’s biggest problem? – Accessibility!

        Sure, it is accessible for the people who are really interested in XMPP or want to be more secure, but the normal user doesn’t want to study XMPP before they know what to do.

        That’s why we work on an easy-to-use registration, which makes all decisions for a new user, but still ensures the highest possible security and decentralization. This means that even the password is randomly generated (it is changeable later on). In the end it only takes a few clicks to get to your new account, which is hosted by an automatically chosen public server which supports all of Kaidan’s features.

        The user may choose to use the suggested server, username and password or to use own values. So, now switching from your old messenger to Kaidan (or other XMPP-based clients) is much easier. Therefore, you can invite your friends to XMPP and instantly start chatting with them.

      • 20 years of FAI and a new release

        Besides that, a lot of other things happened in the FAI project. Apart from the first report, we got more than 300 detailed reports containing positive feedback. We had several FAI developers meetings and I did more than 40 talks about FAI all over the world. We had a discussion about an alleged GPL violation of FAI in the past, I did several attempts to get a logo for FAI, but we still do not have one. We moved from subversion to git, which was very demanding for me. The FAI.me service for customized installation and cloud images was used more than 5000 times. The Debian Cloud team now uses FAI to build the official Debian cloud images.

        I’m very happy with the outcome of this project and I like to thank all people who contributed to FAI in the past 20 years!

      • The 15 Earth Science or Geoscience Software for Linux

        Geoscience or earth science is not only about boring theories. There are many practical implementations of the knowledge of geoscience in real life. And, there are some computer programs which will help you to simulate the ideas of this important field of science. Normally, students and academicians of geoscience use these tools.

      • auto-cpufreq Is A New CPU Speed And Power Optimizer For Linux

        auto-cpufreq is a new automatic CPU speed and power optimization tool for Linux laptops using Intel CPUs, which aims to “improve battery life without making any compromises”.

        The tool changes the CPU frequency scaling, governor (switches between performance and powersave, these being the only 2 modes supported by the default intel_pstate scaling driver) and turbo boost status based on the battery state, CPU usage and system load. It can also show some basic system information, monitor the CPU frequency and temperature for each core, system load, and battery state.

    • Instructionals/Technical

    • Games

      • Open-ended tower-defense mining game Mindustry is just awesome

        When you get hooked on a game like Mindustry, it’s hard to put it down and play anything else so please send help. A free and open source game that looks like a retro Factorio, with a heavy emphasis on tower defense that keeps expanding with updates and I can’t stop playing it.

        Mindustry is all about building a smooth supply chain. Right from the raw resources, spreading across the map with conveyor belts feeding into turrets holding back waves of enemies. It’s so ridiculously easy to get into and play for a little bit at a time, it’s become quite the regular in my own personal list. So much so, that I’ve now gone and personally purchased it on Steam after spending far too many hours with it on itch.

      • Steam getting expanded support for Soundtracks with a Sale Event on January 20

        Valve have announced that they’re going to be giving Soundtracks their own special section on Steam instead of them being a generic DLC listing.

        In the Steamworks Development post, Valve said that all this will properly launch on January 20 with a sale event. However, they’ve already begun pushing some of the changes out there in public.

        Currently, if you want the soundtrack to a game you have to own the game, and download it as a DLC with the game to access it through the Steam client. Not exactly ideal, in fact the whole way it was done was a bit rubbish. With a new dedicated Soundtrack “app type” you will be able to purchase a soundtrack you like completely independent from the actual game and download it. On top of that, you can have a dedicated music folder to store it all in so you don’t have to hunt across Steam for all the files.

    • Distributions

      • Reviews

        • Kdenlive 19.12 on openSUSE | Review

          Making videos is not exactly my strong suit but it doesn’t have to be to enjoy it. Lately, I have been dipping my toes into the world of video content creation. Yes, most of it is into making videos as I haven’t really had the need. Recently, a need popped up for doing some video editing and I decided to give Kdenlive a try. You have to start somewhere and since many of the independently created shows out there use it, it is part of the KDE project and there are a LOT of tutorials on YouTube.

          Keep in mind, I have some very basic needs, simply, chaining clips together, title screen and a little background music. These are extremely minimal requirements. The nice thing about Kdenlive is, it is easy enough to get going with it, but brimming with features to keep you dinking around with it continually and even if you have come to learn every feature the Kdenlive Project will come along and bring you an update.


          Kdenlive is a great application with a lot more features than I know how to even use. I don’t do any complex video editing. I don’t have good video equipment so I don’t have a real high level of motivation to create a lot of video content at this time. You can only polish a turd so much and I am often not happy with the video I shoot. I am happy, however, with what I can do with the video in Kdenlive. It does make turning the lack-luster video into barely acceptable video content. Editing with Kdenlive is easy to use and is enjoyable to turn the mess I start with into something more usable. I would like to make more excuses to do more video content because the great user experience Kdenlive provides.

          I have heard of people complain that Kdenlive isn’t stable, well, that is a bunch of hooey. Kdenlive on openSUSE Tumbleweed works fantastically well without any crashing. I am very thankful for fantastic packaging and QA process from the openSUSE Project and I am very grateful for every programmer that has had a hand in every piece of this, from the Linux kernel to the Plasma desktop to the application itself. Thank you for all your time and efforts.

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Tumbleweed Provides Some Stability to 2020

          The year of 2020, at least in the openSUSE world, is starting out to be pretty stable. In little more than a week into the new year, there have been five openSUSE Tumbleweed snapshots released.

          The releases, with the exception of one, are either posting a stable rating or are trending at a stable rating, according to the Tumbleweed snapshot reviewer.

          With the release of snapshot 20200107, more OpenGL and Vulkan driver features and improvements came in the update of the Mesa 19.3.1 package. The newer version update also provides better AMD Radeon Accelerated Processing Unit (APU) performance.

          The bluez-tools package that is a set of tools to manage Bluetooth devices for Linux had a minor update from the previous three-year-old package included in Tumbleweed. GNOME’s web browser package epiphany provided some security AdBlocker preferences in the version. Message transfer agent exim reduced the start up process initialization with version and fixed more than a half dozen bugs. KDE’s kdevelop5 5.4.6 version fixed some wrong text in the license. Network detector, packet sniffer, and intrusion detection system package for wireless network kismet updated to its December release in the snapshot. One package update that stands out in the snapshot is the release of the finger reader package for Linux devices libfprint 1.0; this first major release provides better documentation and bug fixes related to restarting a failed verification immediately.The osc 0.167.2 package fixed regression in osc chroot. Other packages updated in the snapshot were rubygem-parser and tigervnc 1.10.0 among others.

        • SUSE Manager 4 Content Lifecycle Management Deep Dive

          SUSE® Manager 4 is a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity for lifecycle management of Linux systems in large, complex and dynamic IT landscapes. You can use SUSE Manager to configure, deploy and administer thousands of Linux systems running on hypervisors, as containers, on bare metal systems, IoT devices and third-party cloud platforms. SUSE Manager also allows you to manage virtual machines.

        • Transformation – Simplify First

          While a bit of a stretch, there is some similarity to the dilemma that many companies are facing in this rapidly changing business environment. In my last blog, I talked about how companies are looking at the digital transformation of their business in order to stay competitive in a rapidly changing world. In a 2019 report by 451 Research commissioned by SUSE, 89% of survey respondents are considering, evaluating or executing their digital transformation strategy.

      • Fedora Family

        • Peter Czanik: Keeping syslog-ng portable

          I define syslog-ng, as an “Enhanced logging daemon with a focus on portability and high-performance central log collection”. One of the original goals of syslog-ng was portability: running the same application on a wide variety of architectures and operating systems. After one of my talks mentioning syslog-ng, I was asked how we ensure that syslog-ng stays portable when all the CI infrastructure focus on 64bit x86 architecture and Linux.


          Not this often, but I also test syslog-ng git snapshots on FreeBSD. Mostly on AMD64, but sometimes also on Aarch64. Just to make sure that one more operating system outside of Linux and OS X is regularly tested. Why FreeBSD? First of all, I keep using FreeBSD almost from the day it was born, even a few months earlier before I started to use Linux. And it is also the largest platform outside Linux where syslog-ng is used, including some appliances built around FreeBSD.

          Travis announced support for ARM just recently: https://blog.travis-ci.com/2019-10-07-multi-cpu-architecture-support. It needed some extra work on the syslog-ng side, but now each pull request is also tested on ARM before merging. This is not just a simple compile test – as I do most of the time – but it includes unit tests as well.

          Does this approach work? Yes, it seems to work. For example, syslog-ng compiles on all architectures supported by Debian. That also includes MIPS that I only tested with syslog-ng once. And I learned about a new architecture just by checking on which CPU architecture the BMW i3 is using to run syslog-ng :) It is the SuperH.

        • Fedora 33 To Finally Kill Off Python 2.6 Support

          Python 2.6 has been end-of-life all the way back to late 2013. However, Python 2.6 packaging for Fedora has kept upt in order to maintain some compatibility with RHEL/EPEL 6 having Python 2.6. But now with EPEL 6 reaching end-of-life as the extra packages for Red Hat Enterprise Linux 6 / CentOS 6, Fedora will gut its Python 2.6 support should anyone still be using it outside of the EPEL building/testing use-case. EPEL 6 is being retired in November 2020, similar to the expected release of Fedora 33.

      • Debian Family

        • Debian revisits systemd vote, relaxes things a bit
        • Debian vs Ubuntu Comparison

          Today the differences between Debian and Ubuntu are minimal for medium to advanced users, except for users in need of up to date software probably only users who aren’t previously familiarized with LInux can appreciate differences or advantages on Ubuntu represented by graphical assistants or methods like the Packages Manager which isn’t part of Debian, yet both distributions share the dpkg packages manager including their front ends like apt or aptitude.

          In brief, the history shows Debian used to lead the market after Red Hat becoming the most chosen distribution for advanced users throwing Gentoo or Slackware almost out of the market. Yet Debian had an issue for users who wanted to keep a stable system with the last software.

        • Privacy-Focused Tails OS 4.2 Improves Automatic Upgrades, Adds Tor Browser 9.0.3

          Tails, the amnesic incognito live system based on Debian GNU/Linux, which focuses on delivering online privacy to those who need a portable operating system, has been updated to version 4.2.

          Both a feature and bugfix release, Tails 4.2 is here to improve and optimize the automatic upgrade feature to use less memory and allow users to upgrade from any previous version to the latest release and do as many automatic upgrades as possible. Manual upgrades will only be required when upgrading to a major release, such as Tails 5.0.

          “Until now, if your version of Tails was several months old, you sometimes had to do 2 or more automatic upgrades in a row. For example, to upgrade from Tails 3.12 to Tails 3.16, you first had to upgrade to Tails 3.14,” explain the devs. “Starting with 4.2, direct automatic upgrades will be available from all prior versions to the latest version.”

        • GStreamer-VAAPI 1.16 and libva 2.6 in Debian

          Also, Debian testing has imported that iHD driver with two flavors: intel-media-driver and intel-media-driver-non-free. So basically iHD driver is now the main VAAPI driver for Intel platforms, though it only supports the new chips, the old ones still require i965-va-driver.

          Sadly, for current GStreamer-VAAPI stable, the iHD driver is not included in its driver white list. And this will pose a problem for users that have installed either of the intel-media-driver packages, because, by default, such driver is ignored and the VAAPI GStreamer elements won’t be registered.

        • Russ Allbery: C TAP Harness 4.6

          C TAP Harness is my test framework for C software packages.

          This release is mostly a release for my own convenience to pick up the reformatting of the code using clang-format, as mentioned in my previous release of rra-c-util. There are no other user-visible changes in this release.

          I did do one more bit of housekeeping, namely added proper valgrind testing support to the test infrastructure. I now run the test suite under valgrind as part of the release process to look for any memory leaks or other errors in the harness or in the C TAP library.

        • Steve Kemp: I won’t write another email client

          Once upon a time I wrote an email client, in a combination of C++ and Lua.

          Later I realized it was flawed, and because I hadn’t realized that writing email clients is hard I decided to write it anew (again in C++ and Lua).

          Nowadays I do realize how hard writing email clients is, so I’m not going to do that again. But still .. but still ..

      • Canonical/Ubuntu Family

        • NitroPad: Secure Laptop With Unique Tamper Detection

          NitroPad ships with a preinstalled Ubuntu Linux 18.04 LTS with full-disk encryption. Ubuntu is one of the most popular, stable and easiest to use Linux distributions, so that Ubuntu facilitates switching from Windows to Linux.

        • Ubuntu 20.04 LTS Could Better Support Scanners Compliant With Apple AirScan

          Apple AirScan is akin to their AirPrint technology for supporting various printers from Apple devices without the need for specialized drivers. Multi-function printers compliant with AirPrint also need to implement AirScan for scanner functionality, thus opening up most of today’s multi-function printers to supporting this scanning standard. Ubuntu 20.04 LTS could end up supporting AirScan nicely thanks to new SANE back-ends.

          Till Kamppeter who is manager of OpenPrinting and has been working under contract for Canonical on Ubuntu printer/scanner functionality appears to be aiming for enabling this AirScan support.

        • Data Ops at petabyte scale

          Deploying Apache Spark in production is complex. Should you deploy Kubernetes? Should that Kubernetes cluster be backed by Ceph? Perhaps stick with a traditional Hadoop/HBase stack? Learn how Juju and model-driven operations have enabled one data engineering team to evaluate several options and come to an ideal solution.

          This article is an interview between Tim McNamara, Developer Advocate at Canonical and James Beedy of OmniVector Solutions. James has spent years refining his approach for packaging Apache Spark and managing large-scale deployments. With data volumes into the petabyte range and current operations to maintain, he has used Juju to create purpose-built solutions for his team and their customers.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • flexiWAN Open Source SD-WAN Platform Hits GA

        flexiWAN launched the first stable release of its open-source SD-WAN platform, which is available through one of the company’s hardware partners: Advantech, Lanner, and Silicom.

        “This release is a major milestone for flexiWAN and our community as it is the world’s first production-ready open and community-driven SD-WAN solution,” said Amir Zmora, CEO and co-founder of flexiWAN, in a statement. “Our innovation and openness doesn’t stop at the technical level. By offering our services as a freemium business model, along with publicly sharing our pricing and source code with the community, we strive to lead the industry to more openness.”

      • 11 top open-source API testing tools: What your team needs to know

        How do you find the right open-source API testing tool for your needs? Since my last roundup of the best candidates, a few more tools have appeared that warrant consideration—and there’s a new technique that’s all the buzz in AI automation circles that you need to know about.

        While most vendors are talking up the benefits of AI- and UI-based testing tools in general, AI- and machine learning-based applications that help with API testing have arrived.

        Before you begin API testing, however, make sure you understand test automation basics and know how to avoid the most common test automation mistakes.

      • Enterprise Networking Planet Predictions for 2020

        With 2020 now ramping up there’s a lot to look forward to in the networking space this new year. Some of the trends have been going on for years, some are newer, but these are the areas where we expect to see big things in 2020


        Simply put, all major networking efforts in 2020 will have some form of open source component. Whether its via code, participation in an Linux Foundation collaboration project or otherwise, the reach of open source is inescapable.

      • Events

        • Daniel Stenberg: webinar: Why everyone is using curl and you should too

          I’m please to invite you to our live webinar, “Why everyone is using curl and you should too!”, hosted by wolfSSL. Daniel Stenberg (me!), founder and Chief Architect of curl, will be live and talking about why everyone is using curl and you should too!

          This is planned to last roughly 20-30 minutes with a following 10 minutes Q&A.

      • Web Browsers

        • Mozilla

          • How to pick up a project with an audit

            When I was younger, I’d wander around a project and figure it out as I went along. That takes a long time during which I don’t really know what I’m doing, I don’t feel good about it, and I’m learning too many things from dealing with nasty surprises. I neither enjoy that nor does it make me look good.

            These days, I take a methodical approach to picking up a project. I spend a week or so working through a set of questions. I find this approach makes for a good survey of the project and the problem domain it exists in. Further, it surfaces the grime that I should clean up thus avoiding nasty surprises.

            The primary audience for the audit is me–I’m using the process as a way to come up to speed on something. I’m a software engineer so I’m focused on software development and maintenance aspects of the project. I’m concerned about security and data policies, uptime and reliability, impact on stake-holders, costs, budgets, infrastructure complexity, and ongoing maintenance work.

          • The new Overbite Android (works with Firefox Android too): Gopherspace on your mobile Android device

            Since this blog is syndicated to Planet Mozilla and I periodically post Mozilla- and Firefox-relevant posts, here is another: if you still dwell in Gopherspace and use OverbiteWX and OverbiteNX on desktop Firefox, Overbite Android has been updated to full Android Q compatibility so you can use it with Android Firefox as well. Instead of an add-on, just sideload the .apk, and whenever you tap a Gopher URL in Firefox it will automatically load in Overbite Android so you can seamlessly jump back and forth. (Or Chrome, I guess, but who uses that?)


            Overbite Android is offered to you under the BSD license and supports 4.0 (Ice Cream Sandwich) through 10 (Q). You can get it, the Android Studio project and source code, and all the rest of the Overbite gopher client family from the Overbite website or directly from Gopherspace.

          • Expanding Mozilla’s Boards in 2020

            Mozilla is a global community that is building an open and healthy internet. We do so by building products that improve internet life, giving people more privacy, security and control over the experiences they have online. We are also helping to grow the movement of people and organizations around the world committed to making the digital world healthier.

            As we grow our ambitions for this work, we are seeking new members for the Mozilla Foundation Board of Directors. The Foundation’s programs focus on the movement building side of our work and complement the products and technology developed by Mozilla Corporation.

          • Expanding Mozilla’s Boards in 2020

            I’ve written in the past about the role of the Board of Directors at Mozilla.

            At Mozilla, our board members join more than just a board, they join the greater team and the whole movement for internet health. We invite our board members to build relationships with management, employees and volunteers. The conventional thinking is that these types of relationships make it hard for the Executive Director to do his or her job. I wrote in my previous post that “We feel differently”. This is still true today. We have open flows of information in multiple channels. Part of building the world we want is to have built transparency and shared understandings.

            It’s worth noting that Mozilla is an unusual organization. We’re a technology powerhouse with broad internet openness and empowerment at its core. We feel like a product organization to those from the nonprofit world; we feel like a non-profit organization to those from the technology industry.

            It’s important that our board members understand the full breadth of Mozilla’s mission. It’s important that Mozilla Foundation Board members understand why we build consumer products, why it happens in the subsidiary and why they cannot micro-manage this work. It is equally important that Mozilla Corporation Board members understand why we engage in the open internet activities of the Mozilla Foundation and why we seek to develop complementary programs and shared goals.


            Finding the right people who match these criteria and who have the skills we need takes time. We hope to have extensive discussions with a wide range of people. Board candidates will meet the existing board members, members of the management team, individual contributors and volunteers. We see this as a good way to get to know how someone thinks and works within the framework of the Mozilla mission. It also helps us feel comfortable including someone at this senior level of stewardship.

          • Firefox 72: Floating videos, blocking fingerprints, and defeating notification pop-ups

            Mozilla has aired a bunch of new features aimed at making web 2020 a little less unpleasant in its release of Firefox 72.

            “Picture in picture” is a way to play videos, introduced in Firefox 71 for Windows only, but now available on macOS and Linux. Start a video playing and a blue button appears. Click it, and the video plays in a floating, chromeless window, small by default but resizable. Mozilla says it is ideal for, um, multitasking, like when you are hard at work but want to keep an eye on the score at a big game. Perhaps it could work for those dull keynote streams when there might be a big announcement.

          • The Talospace Project: Firefox 72 on POWER

            Firefox 72 builds out of the box and uneventfully on OpenPOWER. The marquee feature this time around is picture-in-picture, which is now supported in Linux and works just fine for playing Trooper Clerks (“salsa shark! we’re gonna need a bigger boat!”). The blocking of fingerprinting scripts should also be very helpful since it will reduce the amount of useless snitchy JavaScript that gets executed. The irony of that statement on a Blogger site is not lost on me, by the way.


            The debug and opt configurations are, again, otherwise unchanged from Firefox 67.

      • Funding

        • Odoo Raises $90M To Advance Open Source ERP

          Odoo brings in new funds as it aims to further expand its enterprise resource planning platform.

          Enterprise Resource Planning (ERP) software has long been dominated by established proprietary vendors, but that’s not to say there isn’t open source competition in the market.

          Odoo, a company formerly known as OpenERP, develops a suite of open source ERP tools and built a solid user base of over 4.5 million users. The core open source Odoo community version is complemented with the Odoo enterprise edition that adds proprietary features that can be useful for larger organizations.

          In December 2019, Odoo got a strong vote of confidence, with an investment of $90 million, led by Summit Partners, with the participation of existing investor SRIW and its affiliate Noshaq. Total funding to date for Odoo is approximately $104 million.

      • FSF

        • Bring the planet to LibrePlanet by sponsoring an attendee

          LibrePlanet 2020: Free the Future is only ten weeks away! On March 14 and 15, we will welcome free software enthusiasts and experts to Boston for the Free Software Foundation’s (FSF) annual conference on technology and social justice.

          We’re hard at work creating an event with engaging talks with speakers from all over the world, and without spoiling any future announcements, we’re very excited about the program we have so far. It is promising to be a year filled with talks about interesting and successful projects. Anticipated talks will expose the fascinating parallels between social movements in free software, dig into community-related subjects, and as always, explore the latest issues in licensing, security, education, and government adoption of free software with experts from these fields.

          The FSF is proud of the fact that the LibrePlanet audience and speakers come from a diverse range of backgrounds, countries, and cultures. We believe that anyone who wants to attend or speak at the conference should not be held back by financial burdens, so if you have a few dollars to spare, why not make a donation in support of the LibrePlanet Scholarship Fund? You’ll be supporting a robust, diverse free software community by helping to reduce the financial barrier for those who need the help.


          On top of all the free software work we fund and do year-round, with your financial support, we can invite speakers who can enlighten us with their knowledge and experience. Your donations will also help free software enthusiasts attend who otherwise would not have the means to do so. Your contribution, even if it’s only a couple dollars, can be the difference between someone attending or not.

        • GNU Projects

          • libredwg-0.10 released
            Some minor API changes and bugfixes, mostly stabilization. 
            API breaking changes: 
              * added a new int *isnewp argument to all dynapi utf8text getters, 
                if the returned string is freshly malloced or not. 
              * removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and UNKNOWN_ENT 
                left, with common_entity_data. 
              * renamed BLOCK_HEADER.preview_data to preview, preview_data_size to preview_size 
              * renamed SHAPE.shape_no to style_id 
              * renamed CLASS.wasazombie to is_zombie 
            Major bugfixes: 
              * Improved building the perl5 binding, proper dependencies. 
                Set proper -I and -L paths, create LibreDWG.c not swig_perl.c 
              * Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c (#134). 
                Slimmed the .so size by 260Kb. Still untested though. 
              * Fixed encoding of added r2000 AUXHEADER address (broken since 0.9) 
              * Fixed EED encoding from dwgrewrite (a dxf2dwg regression from 0.9) (#180) 
            Minor bugfixes: 
              * Many fuzzing and static analyzer fixes for dwg2dxf, dxf2dwg, dwgrewrite, 
                including a stack-overflow on outdxf cquote. (#172-174, #178, #179). 
                dwgrewrite and indxf are pretty robust now, but still highly experimental, 
                as many dxf2dwg import and DWG validity tests are missing. 
                indxf still has many asserts on many structural DXF errors. 
              * Protect indxf from many NULL ptr, overflows and truncation. 
              * Fixed most indxf and encode leaks. (#151) 
              * More section decoders protections from invalid (fuzzed) values. 
              * Stabilized the ASAN leak tests for make check. 
              * Fix MULTILEADER.ctx.lline handles <r2010 
              * Fix indxf color.alpha; at DXF 440 
              * Fixed most important make scan-build warnings, the rest are mostly bogus. 
            Other newsworthy changes: 
              * Added LIBREDWG_VERSION et al to include/dwg.h 
              * Added support for AcDb3dSolid history_id (r2007+) 
              * Improved the indxf speed in new_object. Do a proper linear search, and 
                break on first found type. 
              * Rename the ./dxf helper to ./dwg, and added a ./dxf test helper. 
              * dxf2dwg got a new experimental --force-free option to check for leaks and 
                UAF or double-free's. 
              * Allow -o /dev/null sinks for dxf2dwg and dwg2dxf, for faster fuzzing. 
              * Harmonized *.spec formatting and adjusted gen-dynapi.pl 
              * Harmonized out_dxfb with out_dxf, e.g. the new mspace improvements (#173). 
            Here are the compressed sources: 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.gz   (10.9MB) 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.xz   (4.5MB) 
            Here are the GPG detached signatures[*]: 
            Use a mirror for higher download bandwidth: 
            Here are more binaries: 
            Here are the SHA256 checksums: 
            e890b4d3ab8071c78c4eb36e6f7ecd30e7f54630b0e2f051b3fe51395395d5f7  libredwg-0.10.tar.gz 
            8c37c4ef985e4135e3d2020c502c887b6115cdbbab2148b2e730875d5659cd66  libredwg-0.10.tar.xz 
            [*] Use a .sig file to verify that the corresponding file (without the 
            .sig suffix) is intact.  First, be sure to download both the .sig file 
            and the corresponding tarball.  Then, run a command like this: 
              gpg --verify libredwg-0.10.tar.gz.sig 
            If that command fails because you don't have the required public key, 
            then run this command to import it: 
              gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414 
            and rerun the 'gpg --verify' command. 
      • Programming/Development

        • Automating the creation of research artifacts

          In my work as a programming language researcher, I need to create artifacts that are easy to understand and well-documented. To make my work easier, I found a simple way to automate generating source code documentation, creating HTML and PDF versions of user documentation, compiling a technical (research) document to PDF, generating the bibliography, and provisioning of virtual machines with the software artefact installed for ease of reproducibility of my research.

        • Parallel Programming: December 2019 Update

          There is a new release of Is Parallel Programming Hard, And, If So, What Can You Do About It?.

          This release features a number of formatting and build-system improvements by the indefatigible Akira Yokosawa. On the formatting side, we have listings automatically generated from source code, clever references, selective PDF hyperlink highlighting, and finally settling the old after-period one-space/two-space debate by mandating newline. On the build side, we improved checks for incompatible packages, SyncTeX database file generation (instigated by Balbir Singh), better identification of PDFs, build notes for recent Fedora releases, fixes for some multiple-figure page issues, and improved font handling, and workarounds for ever-troublesome a2ping. In addition, the .bib file format was dragged kicking and screaming out of the 1980s, as suggested by Stamatis Karnouskos. The new format is said to be more compatible with modern bib-file tooling.

        • BH 1.72.0-3 on CRAN

          The BH 1.72.0-1 release of BH required one update 1.72.0-2 when I botched a hand-edited path (to comply with the old-school path-length-inside-tar limit).

          Turns out another issue needed a fix. This release improved on prior ones by starting from a pristine directory. But as a side effect, Boost Accumulators ended up incomplete with only the dependented-upon-by-others files included (by virtue of the bcp tool). So now we declared Boost Accumulators a full-fledged part of BH ensuring that bcp copies it “whole”. If you encounter issues with another incomplete part, please file an issue ticket at the GitHub repo.

          No other changes were made.

        • Flang Fortran Compiler Set To Land Next Week For LLVM 10.0

          As reported last month, Flang is expected to land in the LLVM 10.0 source tree ahead of the feature freeze for the v10.0 release due out in February. That landing is now scheduled to take place next week.

          The plan is to merge the Flang Fortran compiler front-end into the LLVM mono repository on Monday, 13 January. That allows Flang to be integrated prior to the upcoming LLVM 10.0 branching / feature freeze.

          Details on the plans for merging Flang into the LLVM source tree can be found on the development list.

        • Are you ready to work remotely?

          Here is a one question test for anyone considering remote work. You can ask yourself this question and if the answer is yes, a remote position will likely work well for you. If the answer is no, then I think you’d be happier with an onsite position. By the way, some people are never going to want to work remotely for a variety of reasons, and that is no big deal.

          That question is: “Are you comfortable asking a dumb question in public?”

        • Create temp file in Bash using mktemp and trap

          When working on Linux Bash, sometimes there is need to create temporary file. A common way of creating temp file on Linux is creating some file in /tmp directory. However there is security risk when creating temp file in /tmp directory. This post will show how to securely create temp file in Linux Bash.

        • Create demo project templates with one script

          When you’re standing on a stage or doing a live demo in an online session, getting your project into a perfect-looking state may appear easy. But a lot of work goes on behind the scenes to create working, easy to use, and repeatable demo projects.

          When you’re doing a demo, the technology in a project must support your bigger story about the project without failing. My fellow JBoss technology evangelists and I often have to set up different technologies, so it became necessary for us to tune some sort of generic framework or template to put these demo projects into.

        • Perl / Raku

          • Perl Weekly Challenge 42: Octal Numbers and Balanced Parentheses

            These are some answers to the Week 42 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

            Spoiler Alert: This weekly challenge deadline is due in a couple of days (January 12, 2020). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

          • Paws XXXXVI (The game she is over)

            Well I left off on form my last post with this Moose error;

            Attribute (Items) does not pass the type constraint because: Validation failed for ‘ArrayRef[Str|Undef]‘ with value [ { Method: ARRAY(0x5184cf0) } ] at /wwwveh/lib/x86_64-linux-thread-multi/Moose/Object.pm line 24

            but before I tackle that on I wanted to have a closer look at my changes I did to the callresult_class.tt template; I wanted to clean that up nicely and then my plan is to see if my changes have Borden anything else.

            So in cleaning it up I found what might be a bug.

          • Excellent Free Tutorials to Learn Perl

            Programming is about solving problems and good communication. But before code is written, you need to know how to solve the problem. Breaking the problem into component parts assists in the process. And being able to model the problem so that it’s easy to implement and test also helps. Combine this with a solid understanding of the programming language itself – a good programming book contributes to all aspects of problem solving. Perl has the virtue it can solve a problems in a few lines of code. Perl programmers solve problems and get things done.

            The popularity of a book is influenced by personal feelings, tastes, and opinions. Programming books accord to this general rule. There is a wide range of Perl books. As Perl is an open source programming language, with an eclectic heritage written by Larry Wall with thousands of contributors, it is welcome some authors have released their Perl books under a freely distributable license.

            Perl is a high-level, general-purpose, interpreted, scripting, dynamic programming language released under the GPL or Artistic license. Perl’s syntax has its roots in shell scripting tools, borrowing features from other languages including C, shell script (sh), AWK, and sed. It is available for most operating systems. Perl is implemented as an interpreted (not compiled) language. It is procedural, with variables, expressions, assignment statements, control structures, blocks and subroutines.

        • Python

          • Checking sphinx code blocks

            I’m too lazy to manually check code blocks in autogenerated sphinx documentation to see if they are valid and reasonably up to date. Doing it automatically feels much more interesting to me: here’s how I did it.

          • From Browser To Dj

            Maybe you have heard about Django and that it can help you build websites. You might be new to Python, new to web development, or new to programming as a whole.

            This new series, Understand Django, will show you what Django is all about. Throughout this series, I hope to reveal how Django is a powerful tool that can unlock the potential of anyone interested in making applications on the internet.

            We’re going to take a high level approach to learning. Rather than starting at the bottom with all the pieces of Django, I’ll give you the big picture, then explore each layer more and more to reveal how much Django does for developers under the hood.

            Let’s get started from the very top of a user’s internet experience: at the web browser.

          • Letting Users Change a wx.ComboBox’s Contents in wxPython

            This week I came across someone who was wondering if there was a way to allow the user to edit the contents of a wx.ComboBox. By editing the contents, I mean change the names of the pre-existing choices that the ComboBox contains, not adding new items to the widget.

            While editing the contents of the selected item in a ComboBox works out of the box, the widget will not save those edits automatically. So if you edit something and then choose a different option in the ComboBox, the edited item will revert back to whatever it was previously and your changes will be lost.

          • Python 2 series to be retired by April 2020

            The CPython core development community is urging users to migrate to Python 3 as it will be the only version that will be updated for bugs and security vulnerabilities.

            After nearly 20 years of development on the Python 2 series, the last major version 2.7 will be released in April 2020, and then all development will cease for Python 2. Users are urged to migrate to Python 3 to benefit from its many improvements, as well as to avoid potential security vulnerabilities in Python 2.x after April 2020. This move will free limited resources for the CPthyon core developer community for other important work.

            The final Python 2.7 maintenance release was originally planned for 2015. However, it was delayed 5 years to give people adequate time to migrate and to work closely with vendors and redistributors to ensure that supported Python 3 migration options were available. Part of the reason for this delay was because the stricter text model in Python 3 was forcing the resolution of non-trivial Unicode handling issues in the reference interpreter and standard library, and in migrated libraries and applications

            Python 3 is a noticeable improvement to Python. There is ground-up support for Unicode and internationalization. It better expresses common idioms and patterns, which in code makes it easier to read and reason about. Improvements in concurrency, fault handling, testing, and debugging provide developers with the opportunity to create more robust and secure applications.

          • Exploring HTTPS With Python

            Have you ever wondered why it’s okay for you to send your credit card information over the Internet? You may have noticed the https:// on URLs in your browser, but what is it, and how does it keep your information safe? Or perhaps you want to create a Python HTTPS application, but you’re not exactly sure what that means. How can you be sure that your web application is safe?

            It may surprise you to know that you don’t have to be an expert in security to answer these questions! In this tutorial, you’ll get a working knowledge of the various factors that combine to keep communications over the Internet safe. You’ll see concrete examples of how a Python HTTPS application keeps information secure.

          • Deploying Django Applications to AWS EC2 with Docker

            In the fast-paced field of web applications, containerization has become not only common but the preferred mode of packaging and delivering web applications. Containers allow us to package our applications and deploy them anywhere without having to reconfigure or adapt our applications to the deployment platform.

            At the forefront of containerization is Docker, which is a tool that is used to package and run applications in containers that are platform agnostic. Serverless technology is also flourishing in this era of containerization and is proving to be the go-to option for developers when deploying their applications with more and more providers allowing users to deploy containerized software.

            While building an application is important, making it available to the end-users is also a crucial part of the product. In this post, we will package a Django application using Docker and deploy it to Amazon’s EC2.

        • Shell/Bash/Zsh/Ksh

  • Leftovers

    • Science

      • Trump EPA’s Proposed “Secret Science” Rule Directly Threatens Children’s Health

        The Trump administration is working to weaken U.S. environmental regulations in many areas, from water and air pollution to energy development and land conservation. One of its most controversial proposals is known as the “secret science” rule because it would require scientists to disclose all of their raw data, including confidential medical records, in order for their findings to be considered in shaping regulations.

      • Y2K20 – The Infamous Millennium Bug Strikes Back 20 Years Later

        The new millennium presented the coders of the 90s with a unique problem know as the Y2K bug. Many computers of the time counted years by the last two digits, and they were about to roll back to 00. Come January 1st, a lot of systems were going to jump back to 1900, instead of 2000.

        Y2K was a coding complication that added to the plethora of scares surrounding the mysterious year 2000. Some people feared supernatural entities or extraterrestrial creatures would roam the earth. Others worried that every nuclear weapon in the world would misfire all at once as a result of the bug. In actuality, banking errors were among the worst things to come out of it.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • The Hidden Cost of Ransomware: Wholesale Password Theft

          Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.

        • Pseudo-Open Source

          • Openwashing

            • The open source licence debate: dead project walking & incentive models

              Open source grew, it proliferated… and it became something that many previously proprietary-only software vendors embraced as a key means of development.

              If you don’t accept the options offered by the community contribution model of development, then you risk becoming a Proprietary 2.0 behemoth… or so the T-shirt slogan might go.

              But the issue of how open source software is licenced is still the stuff of some debate.

          • Entrapment (Microsoft GitHub)

            • Uber open-sources Manifold, a visual tool for debugging AI models

              Debugging machine learning (ML) models isn’t a walk in the woods. Just ask the data scientists and engineers at Uber, some of whom have the unenviable task of digging into algorithms to diagnose the causes of their performance issues.

              To lighten the workload, Uber internally developed Manifold, a model-agnostic visual tool that surfaces the differences in distributions of features (i.e., the measurable properties of the phenomena being observed). It’s a part of the ride-hailing company’s Michelangelo ML platform, where it’s helped various product teams analyze countless AI models. And as of today, it’s available in open source on GitHub.

        • Security

          • Security updates for Wednesday

            Security updates have been issued by Arch Linux (firefox), Debian (python-django and wordpress), Fedora (dovecot), Mageia (opensc, radare2, and varnish), Red Hat (rh-java-common-apache-commons-beanutils), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, java-1_8_0-ibm, java-1_8_0-openjdk, libzypp, openssl-1_0_0, sysstat, and tomcat), and Ubuntu (clamav, linux-azure, and linux-lts-xenial, linux-aws).

          • How AppArmor can protect your Linux system

            AppArmor is a useful Linux security module that can restrict the file-system paths used by an application.

            It works differently than Security-Enhanced Linux (SELinux) and cannot run on at the same time on the same system with SELinux, which comes installed on some Linux distributions.
            The question is when to use AppArmor and what it can do to protect your system.

            This 2-Minute Linux Tip video below is an introduction to AppArmor and how to get starting using it.

          • IPFire 2.23 – Core Update 139 released

            It is time for the first release of the year, IPFire 2.23 – Core Update 139. It is packed with improvements, software updates, and many many bug fixes.

          • What’s HTTPS for secure computing?

            Over the past few years, it’s become difficult to find a website that is just “http://…” This is because the industry has finally realised that security on the web is “a thing,” and also because it has become easy for both servers and clients to set up and use HTTPS connections. A similar shift may be on its way in computing across cloud, edge, Internet of Things, blockchain, artificial intelligence, machine learning, and beyond. We’ve known for a long time that we should encrypt data at rest (in storage) and in transit (on the network), but encrypting it in use (while processing) has been difficult and expensive. Confidential computing—providing this type of protection for data and algorithms in use using hardware capabilities such as trusted execution environments (TEEs)—protects data on hosted systems or vulnerable environments.

            I’ve written several times about TEEs and, of course, the Enarx project of which I’m a co-founder with Nathaniel McCallum (see Enarx for everyone (a quest) and Enarx goes multi-platform for examples). Enarx uses TEEs and provides a platform- and language-independent deployment platform to allow you safely to deploy sensitive applications or components (such as microservices) onto hosts that you don’t trust. Enarx is, of course, completely open source (we’re using the Apache 2.0 licence, for those with an interest).

          • TenFourFox not vulnerable to CVE-2019-17026

            After doing some analysis late last night and today to determine if we need a chemspill build, I have concluded that TenFourFox is not vulnerable to CVE-2019-17026, or at least not to any of the PoCs or test cases available to me. This is the 0-day that was fixed in Firefox 72.0.1 and 68.4.1. Though a portion of the affected code exists in the TenFourFox code base, there doesn’t seem to be a way to trigger the exploit due to various other missing optimizations and the oddities of our JIT. (Firefox 45-based browsers using our patches as upstream should bear in mind this may not be true for other architectures, however.) Absent evidence to the contrary it will be nevertheless patched as part of the standard security fixes in FPR19.

          • Privacy/Surveillance

            • Federal Agents Are Using A Reverse Warrant To Track Down Arson Suspects

              Reverse warrants have been deployed again. And, again, Wisconsin law enforcement agencies are involved. The feds used a reverse warrant to track down robbers who hit a bank at a strip mall just outside of Milwaukee earlier this year.

            • European Law Enforcement Officials Upset Facebook Is Warning Users Their Devices May Have Been Hacked

              Oh boy. Facebook has just added fuel to the anti-encryption fire. And by doing nothing more than something it should be doing: notifying users that their device may have been compromised by malware.

            • Did Twitter Help Stop War With Iran? [iophk: federal communications filtered through a foreign-owned private company]

              Neither Trump nor Zarif tweeted again all night. After weeks of frenetic activity on Twitter by the president, a hundred or more a day sometimes, Trump’s 13-hour silence on Twitter by the time he took the stage at the White House Wednesday morning marked one of his longest periods of online calm since the start of the Ukraine scandal in the fall.

              In those remarks, Trump underscored the message of the previous night’s tweets: Tensions with Iran would remain high. Sanctions would increase. But for now, there will be no war.

            • Confidentiality

              • TikTok Security Flaws May Have Exposed User Videos to [Attackers]

                Check Point Software Technologies Ltd. outlined in a report a series of vulnerabilities that cyber-attackers could exploit to manipulate user accounts and information, from revealing personal data and deleting videos to sending text messages on behalf of TikTok. The research firm said it informed TikTok — owned by Chinese giant ByteDance Inc. — which deployed fixes. TikTok confirmed the patches and said it was committed to protecting user data, and encouraged researchers to privately disclose flaws.

    • Defence/Aggression

      • Is This the End of U.S. Interference in West Asia?

        Major General Hossein Salami, the chief of the Islamic Revolutionary Guard Corps (IRGC) of Iran, said on January 4 that his country would take “strategic revenge” against the United States for the assassination of Lieutenant General Qassem Soleimani. The assassination of Soleimani, Salami said, will be later seen as a “turning point” in U.S. interference in West Asia.

      • Bernie Sanders, Elizabeth Warren, Ro Khanna, and Barbara Lee to Join 12,000 Activists on No War With Iran Strategy Call

        The call, in advance of Thursday’s planned anti-war marches, begins at 8pm EST.

      • US Jingoism Promotes Mindless Support for War with Iran

        This is not an article intended to praise Qassem Suleimani, the Commander of Iran’s military who was whacked by President Trump with several Hellfire Missiles fired from a US drone at his vehicle outside the Baghdad Airport.

      • Will the US Always Be This Hungry for War and Carnage?

        The people do not want war, but right now we have almost no say in the matter.

      • Two-Thirds of People Around the World Say Trump Can’t Be Trusted to Make Right Choice on Foreign Policy

        Low confidence in Trump was expressed even before the president escalated tensions with Iran with the assassination of Qasem Soleimani.

      • Congress: War Profiteering Is Real. We Need to End It.

        Surging stock prices for military contractors gave several CEOs an early payday after Trump’s Iran aggression.

      • Trump’s Iran War is a Tragedy Foretold

        Here we go again. We lived through George Bush Senior’s war, then George Bush Junior’s war and now we have Donald Trump’s war. Our leaders don’t learn from our mistakes very well. True, the curtain is just rising on Act Three, and the players are just now entering the stage; no one in the audience knows how it’s going to end or who and how many are going to die. Everyone is on the edge of their seats: the in-your-face, heart-stopping suspense is palpable, which is just the sort of thing Donald Trump, the showman, thrives on and what makes his enthusiastic fans shout with delight.

      • Opposing War With Iran: Three Reasons

        The U.S. stands at the precipice of war. President Trump’s rhetorical efforts to sell himself as the “anti-war” president have been exposed as a fraud via his assault on Iran. Most Orwellian of all is Trump’s claim that the assassination of Iranian General Qassam Soleimani was necessary to avert war, following the New Year’s Eve attack on the U.S. embassy in Baghdad. In reality the U.S. hit on Soleimani represents a criminal escalation of the conflict between these two countries. The general’s assassination was rightly seen as an act of war, so the claim that the strike is a step toward peace is absurd on its face. We should be perfectly clear about the fundamental threat to peace posed by the Trump administration. Iran has already promised “harsh retaliation” following the assassination, and announced it is pulling out of the 2015 multi-national agreement prohibiting the nation from developing nuclear weapons. Trump’s escalation has dramatically increased the threat of all-out war. Recognizing this threat, I sketch out an argument here based on my initial thoughts of this conflict, providing three reasons for why Americans need to oppose war.

      • Just Get the Hell Out

        The reason there is unrest in Iraq is simple. It is because the United States has used the territory and people of Iraq both as bait and as targets in their ongoing battle to secure the Middle East. Beginning with the January 1991 attack on Baghdad, US forces and their client armies have waged a twenty-nine-year war on that nation. A once thriving land has been subjected to economic sanctions and sabotage, massive bombing, military invasion, sectarian warfare, and the theft of its resources; and that’s just the tip of it. Hundreds of thousands of its residents have died from this relentless destruction and millions more remain impoverished and with minimal hope for a better future. The ongoing occupation by the United States is both a reminder and the cause of the situation the Iraqi people are rebelling against.

      • Now We Know for Certain Trump Will Do Anything to Win in 2020—Even Start a War

        Though a failed realtor, Trump was a successful reality show star. And he knows how to entertain people with fake conflict.

      • The U.S. Military Should Take the Iraqi Parliament’s Advice and Leave

        The on-going presence of American troops in the region does not enhance U.S. or regional security; it makes Americans more vulnerable to attack and further mired in endless wars in the region.

      • Trump Has Conducted a War on Iran for 19 Months; Iran Finally Hit Back

        Trump’s blockade on Iran has not the slightest legitimacy. If you blockade a country and prevent its trade with naval ships, that is an act of war in international law.

      • Congress Must Forcibly Limit Trump’s Power to Attack Iran

        The unlawful and provocative assassination of Iran’s top general, Qassim Suleimani, has already given rise to an escalating spiral of lethal events. The greatest risks are to stumble into a devastating war in the Middle East with grave consequences for the peoples of Iran and Iraq and likely across the region. Such a war would have disastrous effects for this country, for the region and the world. It is certain to do further harm to the reputation of the United States, which already is perceived in much of the world as an irresponsible and criminal political actor in the region, using military force in ways that have made already difficult situations catastrophic by taking various dangerous military, economic and quasi-diplomatic initiatives misleadingly presented as “maximum pressure.”

      • After Biden Offers ‘No Comment’ Response to Middle East Escalation, Critics Suggest: How About ‘No War With Iran’

        “If your candidate right now is saying anything other than ‘the US cannot go to war with Iran and should de-escalate immediately,’ they shouldn’t be your candidate.”

      • ‘Stop Escalation’: World Leaders Call on Trump to End Warmongering and Resume Diplomacy With Iran

        “Unless real diplomacy begins, the risk for confrontation will not dissipate for real.”

      • A War on Iran Would be Different From Iraq, and Far, Far Worse

        Since President Trump’s assassination of Iranian general Qasem Soleimani, widespread alarm has centered on whether he is again dragging us into another war like Iraq, to detract from his impeachment. The bad news is that the situation is even more potentially disastrous.

      • Trump’s Actions in Iraq Could Plunge the Country Into Crisis Once Again, Leaving Iran as Strong as Ever

        The assassination of Qassem Soleimani has capsized Iraqi politics in the most dangerous of ways, making it possible that the country will be plunged once again into a state of permanent crisis and war from which it has escaped in the last two years.

      • The Dubious Moral Justification for a Nuclear Second Strike

        The aim of presenting the case for the continued possession of these terrifying weapons that hold the potential to destroy all life on earth this way seems to be to convince citizens that nuclear weapons are morally justifiable and thus somehow ‘acceptable.’

      • Trump Has Been at War With Iran for More Than a Year
      • Iran’s Unlawful Reprisal (and Ours)

        Given the abject failure of unilateral force to achieve anything of lasting value, collective security measures seem worth trying. Exchanging armed reprisals can only lead to ruin.

      • Iran Sanctions Are Economic Warfare, and Trump Just Vowed to Increase Them

        The U.S. assassination of Iranian General Qassim Suleimani opened a pandora’s box in the Middle East. Iran’s initial response has come in the form of a direct missile attack on the Ain al-Assad U.S. military base in Iraq. While this morning President Trump ruled out an immediate military escalation given that there were no U.S. casualties, he did announce that there would be heightened sanctions on the country. Trump’s approach to Iran ensures direct conflict unless he leans off his so-called “maximum pressure” policy, which has always included punishing sanctions that harm the Iranian people.  

      • Who Benefits From Escalation With Iran? Defense Contractors.

        Last night, Iran launched retaliatory missile strikes on U.S. bases in Iraq. Over the past year, even when diplomatic engagement and de-escalation seem to be the obvious choices, the U.S. has continued its spiral toward war with Iran. In the face of these absurd policy and military decisions, more Americans are becoming furious at the inability of the U.S. government to stay out of conflict, and to end unnecessary U.S. violence abroad. We must ask: Who benefits from these endless wars?

      • CEOs Are Already Raking in Millions From Iran Tensions

        The prospect of war with Iran is terrifying.

      • ‘Kicking the Can to Next Week Is Irresponsible’: Progressives Rebuke Pelosi for Delaying Iran War Powers Vote

        “Every day we wait is a message from Congress to Trump to continue this march to war.”

      • American Empire Completes Three Decades of Futility

        Thirty years ago this month, President George H.W. Bush appeared before a joint session of Congress to deliver his first State of the Union Address, the first post-Cold War observance of this annual ritual. Just weeks before, the Berlin Wall had fallen. That event, the president declared, “marks the beginning of a new era in the world’s affairs.” The Cold War, that “long twilight struggle” (as President John F. Kennedy so famously described it), had just come to an abrupt end. A new day was dawning. President Bush seized the opportunity to explain just what that dawning signified.

      • Because Trump Acting Like ‘Both an Arsonist and a Fireman’ on Iran, Congress Must Act, Say House Progressives

        “Congress must reassert our Constitutional authority by passing a strong War Powers Resolution to ensure Congressional authorization for any military action.”

      • The Soleimani Assassination: Worse Than a Crime, a Mistake

        In March of 1804, French dragoons secretly crossed the Rhine into the German Margraviate of Baden. Acting on orders from Napoleon himself, they kidnapped Louis Antoine de Bourbon, Duke of Enghien. After a hastily convened court-martial on charges of bearing arms against France, the duke was shot.

      • More Than 180 Events Planned Across US to Protest Trump’s March to War With Iran

        After Iran’s retaliation for the killing of Gen. Qasem Soleimani intensified fears of another catastrophic Middle East war, a coalition of progressive advocacy groups Tuesday reiterated their call for massive demonstrations across the U.S. to protest President Donald Trump’s “military brinksmanship” and demand immediate de-escalation of tensions.

      • ‘We Need Everyone in the Streets’: More Than 180 Events Planned Across US to Protest Trump’s March to War With Iran

        “America, this is an emergency. If we spiral into war with Iran, millions could die. We have a short window of time to stop it. We need a massive protest.”

      • ‘Strike of Choice’: US Lawmakers Decry ‘Utterly Unconvincing’ Trump Briefing on Soleimani Assassination

        Not just Democrats, Sen. Mike Lee of Utah said what Trump officials presented was “the worst briefing I’ve had on a military issue in my nine years” serving in the Senate.

      • A Window for Peace

        There is this morning a chink of light to avoid yet more devastation in the Middle East. Iran’s missile strikes last night were calibrated to satisfy honour while avoiding damage that would trigger automatically the next round. The missiles appear to have been fitted out with very light warhead payloads indeed – their purpose was to look good in the dark going up into the night sky. There is every reason to believe the apparent lack of US casualties was deliberate.

      • Iran under pressure to explain Tehran plane crash after 176 killed in Ukrainian jet disaster

        Iran dismissed speculation that the aircraft had been downed by a missile but said it would not hand over the black boxes from the aircraft to Boeing, in an unusual move likely prompted by high tensions with the United States.

      • Will This Billionaire-Funded Think Tank Get Its War With Iran?

        As it happens, this is exactly what the pro-Israel think tank the Foundation for the Defense of Democracies (FDD) reportedly achieved in an arrangement brokered by former Trump national security adviser John Bolton.

        The FDD senior adviser on the National Security Council was Richard Goldberg. And the think tank, the FDD, funded by prominent American billionaires such as the financier Paul Singer and Home Depot magnate Bernard Marcus, has relentlessly pushed for a recklessly militaristic US policy against Iran and in the Middle East generally.

    • Transparency/Investigative Reporting

      • Teen Vogue apologizes for ‘confusion’ after deleting controversial article about Facebook

        Teen Vogue is apologizing for creating “confusion” after what it says were a “series of errors” in the handling of a post on Facebook’s efforts to combat false information in the 2020 election.

        The article, titled “How Facebook Is Helping Ensure the Integrity of the 2020 Election,” presented an uncritical look at the company’s purported efforts to quash election interference. Screenshots of the story show it was initially published without a byline and was comprised of several interviews with Facebook employees, speaking positively about their company’s efforts to stop disinformation on the platform.

        The piece attracted attention online, with many questioning whether it was in fact a paid advertisement from the social media giant. Facebook has drawn criticism for failing to address the spread of fake accounts and disinformation on its site leading up to the 2016 election.

    • Environment

      • Deadly Earthquakes Rock Puerto Rico, Causing Mass Power Outages

        A 6.4 magnitude earthquake rocked Puerto Rico early Tuesday, killing at least one person and plunging nearly the entire population into darkness in a mass power outage. It is the largest earthquake to hit the island in more than 100 years and follows a series of strong quakes that have rattled the island in recent days. A 5.8 magnitude quake struck on Monday, damaging the coastal town of Guánica. Damage from the earthquakes has left nearly 350 people homeless and at least 300,000 without drinking water. Governor Wanda Vázquez declared a state of emergency Tuesday. The devastation comes as Puerto Rico continues to reckon with the fallout from Hurricane Maria in 2017, which killed at least 3,000 and left Puerto Rico in the dark for months in the longest blackout in U.S. history — and the second-longest blackout in world history. We speak with Yarimar Bonilla, a political anthropologist at the City University of New York, co-editor of the anthology “Aftershocks of Disaster: Puerto Rico Before and After the Storm” and the founder of Puerto Rico Syllabus, a guide for understanding the economic crisis in Puerto Rico. She says the word “aftershock” takes on a new meaning as delays in infrastructure repairs and electricity revival continue. The “infrastructural aftershocks … are not just about the earth shaking, but really about a lack of preparedness on the part of the government,” Bonilla says.

      • Aviation chief criticises Greta Thunberg and ‘flight-shaming’ movement

        The aviation industry is planning a pushback against the “flight-shaming” movement and Greta Thunberg, according to the head of the International Air Transport Association (IATA).

        IATA chief executive Alexandre de Juniac said Thunberg has pushed the environmental impact of flying up the agenda, but he argued that she unfairly singles out aviation, which emits more than 2 per cent of global CO2 emissions.

        “We are not the only polluter on this planet, and we have taken the subject frontly, directly and massively,” he told New Scientist. He said her message will lead to a world where people will be unable to connect. “Everybody would stay in his own small village, behind his walls,” he said. “It’s a move backwards, almost a century ago.”

        De Juniac said he would like to meet Thunberg, saying she is too pessimistic about the industry’s ability to find solutions. “I would like to tell her that what we are targeting is to fly more and pollute less,” he said. A representative for Thunberg said she wouldn’t be able to respond to de Juniac’s remarks.

        IATA, the trade body that represents the world’s airlines, will join forces with others in the aviation industry to launch a campaign in 2020 in a bid to reassure people who fly but are wavering because of climate concerns.

        There are already signs that the Flygskam (flight-shaming) movement that began in Sweden may have started to reduce flights in Sweden and the Netherlands, with aviation emissions in both countries falling between January and June.

      • An Australian Bushfire Benefit Concert Is In the Works

        Sound Relief Australia has announced that it will be staging a concert this year to benefit those affected by the country’s bushfires.

      • The Devastating Figures Behind Australia’s Bushfires

        The new decade has opened with a sobering and scary climate change reality. The state of New South Wales is in a designated state of emergency because of fires. At least 25 people have died as a result of those fires. Thousands of people have been displaced. Wildfires have destroyed more than 12 million acres of land across the Australian continent—an area almost seven times the size of the 2018 California wildfires (the worst in state history). And in the time it took to write this article, the estimated number of animals killed has jumped from a conservative 480 million to a full 1 billion.

      • As the World Burns, the Powerful Go on Holiday

        Like so many these past few days, I have been stunned by the devastation across Australia. The photographs and videos of the fires sweeping through the countryside and surrounding towns and even the city of Sydney show a nation literally on fire. Terrified people clung to the bottoms of boat docks, neck deep in water to escape the flames. Thousands crowded on to beaches while the skies above became a Mars like hue.  At the time of my writing this at least 18 people are confirmed to have died, over 14 million acres scorched, and a half billion wild animals have perished. These numbers will almost certainly rise. Indeed, it has made even the most stoic of climate scientists tremble. The fires are unprecedented in scale, bigger than the fires in California or even the Amazon in 2019. And they are particularly alarming as this is only the beginning of summer in the southern hemisphere.

      • Australia’s Big Burn and Scotty From Marketing

        I was in Australia a month ago, experiencing some of the effects of the huge wildfires that had been burning there since August.

      • Debunked Australian Bushfire Conspiracy Theories Were Pushed by Alex Jones, Murdoch Media

        Two of the main conspiracies about the fires are based on the false ideas that they are caused by a spate of arson and they have been worsened by the Green Party’s supposed efforts to stop controlled burns as a fire management and reduction measure.

      • With 14 ‘Billion-Dollar Disasters’ and Record-Breaking Heat in Alaska and Across South, 2019 Was a Year of Climate Extremes for US

        “Americans are put at risk by the serious consequences of the climate crisis.”

      • Time Is Running Out to Save Greenland

        It’s still possible, but it’s far from certain: stopping Greenland’s melting can be done, but it must be done soon.

      • Energy

      • Wildlife/Nature

    • Finance

    • AstroTurf/Lobbying/Politics

      • The Spotted Trump Hoax, and Other Mythical Creatures

        By conjuring these illusions, Donald Trump dodges responsibility.

      • Prince Harry and Meghan to ‘Step Back’ as Senior British Royals

        Prince Harry and his wife, Meghan, say they plan “to step back” as senior members of Britain’s royal family, a stunning announcement that underscores the couple’s wish to forge a new path for royals in the modern world.

      • Listen to Jared Kushner’s Family Saga

        In 1996, an 83-year-old Holocaust survivor and refugee to America sat down with an interviewer from the USC Shoah Foundation to recount what she had experienced. The woman, Rae Kushner, was part of the Holocaust remembrance movement.

        “If we’re not going to tell now, in 20 years I don’t know who’s going to be to tell,” Rae Kushner said in her Yiddish-accented English. “And now we have still the strength and we have the power to do this and to warn the rest of the world to be careful who is coming up on top of your government.”

      • Democratic Party Backs ALEC Alumnus Congressman Against Progressive Challenger

        Democratic Rep. Tom O’Halleran of Arizona’s First Congressional District is affiliated with an organization that promotes conservative legislation across the country, yet top House Democrats and Democratic Party groups are backing him against a primary challenge from his left.

      • ‘This is the land of our ancestors’ How plans to put Moscow’s trash in the Komi Republic’s taiga united environmental, indigenous, and Communist activists into a new opposition movement

        Since the fall of 2018, waves of protests have continuously swept through Russia’s north, both in the Arkhangelsk region and in the Komi Republic. The protesters are attempting to stop the construction of a new landfill near the Shiyes train station, which is located on the border between the two regions. The project appears to have little to do with local demand; instead, its purpose is to deal with the ever-escalating production of waste in Moscow. Arkhangelsk and Komi residents, even if they live hundreds of miles from Shiyes, believe the dump will devastate the natural environment around them.

      • Paradise Lost Political as Talmudic Such the Sigh.

        Early 21st C. (well, second Decade entered, so it goes) under Cultural Hegemony the dimensionality of moral contemplation context of Politics as ‘moral economics’ all but destroyed?

      • We Need a Strong Anti-War Movement—Yesterday

        As we spiral toward a confrontation between the U.S. and Iran, it’s worth reflecting on the failures to rein in U.S. aggression along the way.

      • The Return of the Antiwar Movement: Memories and Intimations

        The turnout in Madison, Wisconsin, for an antiwar rally on Jan.4, was not bad, considering the students are out of town, many local Bernie devotees are busy canvassing in Iowa, and the weather was about as forbidding as usual in the Winter (it could always be worse). Somehow, the icy wind always sweeps off Lake Mendota toward us assembled at the Capitol.

      • With McConnell-Led GOP Cover-Up for Trump Looming, Voters Urged to Call Senators to Demand Fair Trial

        “If Donald Trump’s Republican defenders in the Senate truly believe that the president has done nothing wrong, then they should welcome the opportunity to hear public testimony from Trump administration officials who witnessed firsthand the events in question.”

      • Wake Up, Democrats. Bomb-‘Em-All Bolton Won’t Help Impeachment

        Would Bolton, a leading advocate of bombing Iran, suddenly decide to help bring Trump down, at the very moment when Trump is taking action that could lead to the fulfillment of Bolton’s greatest aspiration, a regime-change war with Iran? 

      • Democracy in America: Six Lessons to Live By in 2020

        The start of a new year and a new decade is normally an occasion for reflection, but there is nothing normal about 2020.  America will decide whether or not to give Donald Trump four more years in the White House.  The choice voters make will be historic.  Quite possibly a tipping point.  What follows are some lessons, a kind of short course in civics that could make the difference between a desirable outcome and a disastrous one.

      • Deceased GOP Strategist’s Daughter Makes Files Public That Republicans Wanted Sealed

        Republican state lawmakers in North Carolina fought in court to keep copies of these maps, spreadsheets and other documents from entering the public record. But some files have already come to light in recent months through court filings and news reports.

        They have been cited as evidence of gerrymandering that got political maps thrown out in North Carolina, and they have raised questions about Hofeller’s role in the Trump administration’s failed push for a census citizenship question.

        Now more of the files are available online through a website called The Hofeller Files, where Hofeller’s daughter, Stephanie Hofeller, published a link to her copy of the files on Sunday after first announcing her plans in a tweet last month.

        “These are matters that concern the people and their franchise and their access to resources. This is, therefore, the property of the people,” Hofeller told NPR. “I won’t be satisfied that we the people have found everything until we the people have had a look at it in its entirety.”

      • British monarchy rocked by Instagram post [iophk: official communications filtered via a foreign-owned corporation]

        This is close to the logic that has led to American celebrities using social media — the chance to speak directly to an audience, without the intermediary of a reporter, who may write something the celebrity doesn’t like, or get the story wrong. Meghan has said that adjusting to royal life has been “hard” and that the British tabloids’ treatment of her has been difficult to bear. “I never thought that this would be easy, but I thought it would be fair and that’s the part that’s really hard to reconcile,” she said in an interview with ITV’s Tom Brady.

      • Labour rules out unity government plan to block no-deal Brexit

        The rainbow coalition of anti-no-dealers, including a swelling tribe of Liberal Democrat MPs, has tried repeatedly to find a suitable candidate to lead a caretaker government in a bid to dethrone Boris Johnson and force an extension to Article 50.


        The job change – which sees her swapping the leader’s office for Labour HQ – follows the resignation of Andrew Fisher, the party’s head of policy, in the middle of the Labour conference in Brighton last month.

        Labour is seeking a meeting with key civil servants ahead of a general election, with a view to going to the polls once an extension to Article 50 is secured.

    • Censorship/Free Speech

    • Civil Rights/Policing

      • Lawmakers Refused to Increase an Infamous Prison’s Funding. Then, Chaos Erupted.

        One prisoner strangled another to death while other inmates cheered the killing. Two convicts escaped a dilapidated building by walking out an open door. Maximum-security detainees freely roamed hallways, beating and threatening others.

        Violence has roiled the Mississippi prison system for more than a week, with state corrections officials imposing a statewide lockdown and a county coroner declaring that gangs in the prisons have launched an all-out war against one another.

      • After a String of Antisemitic Attacks, a Choice Confronts all Jews

        A surge of antisemitism has left us wondering where we can turn, to induce the feeling that rather than exercising solidarity, we should turn inward.

      • All In This Together
      • Millions Flood Streets Across India as General Strike Takes Aim at Modi Government

        “The attitude of the government is that of contempt towards labour.”

      • $71 Million for More Cops; Not A Dime for Jobs and Healthcare
      • Immigration and the Prison Industrial Complex

        In the past year, the struggle over immigration rights continued along a broad array of fronts. There were significant setbacks, such as the implementation of the “Remain in Mexico” policy that made asylum nearly impossible to attain. But there were also victories, such as a federal judge’s ruling in November that required the government to provide health services to thousands of parents and children traumatized by the family separations carried out in accordance with the Trump administration’s “zero-tolerance” policy.

      • Bangladesh: Online Surveillance, Control


        Bangladeshi photojournalists and journalists form a human chain infront of National Press Club protesting the attacks on them during the students’ ongoing protest demanding safe roads, in Dhaka, Bangladesh on August 7, 2018.

      • Border Patrol Detains Iranian Americans at US-Canada Border as Xenophobia Rises

        In the midst of escalating U.S.-Iran tensions, Border Patrol has been detaining Iranian Americans at the U.S.-Canada border. At least 100 people were delayed at ports of entry along the border over the weekend, following the U.S. assassination of Qassem Soleimani on January 3. For response, we speak with Anna Eskamani, Florida Democratic state representative of Orlando. She is the first Iranian American to be elected to any public office in Florida. “The reality is that when we see the potential war rise in countries like Iran … we’ll see xenophobia rise right here locally” in the U.S., Eskamani says.

      • Russia: Escalating Persecution of Jehovah’s Witnesses

        Law enforcement authorities across Russia have dramatically escalated the nationwide persecution of Jehovah’s Witnesses in the past 12 months, Human Rights Watch said today. One year after President Vladimir Putin said that the crackdown against them should be “looked into,” the numbers of house raids and people under criminal investigation have more than doubled, and 32 Jehovah’s Witnesses worshipers are behind bars for peacefully practicing their faith.

        At least 313 people are facing charges, are on trial, or have been convicted of criminal “extremism” for engaging in Jehovah’s Witnesses’ activities, or are suspects in such cases. About two-thirds of them found out about their status as suspect or accused in 2019. Authorities have carried out at least 780 house raids since 2017 in more than 70 towns and cities across Russia, more than half of them in 2019. Courts convicted 18 people in 2019, nine of whom received prison sentences ranging from two to six years, for such activities as leading or participating in prayer meetings. Verdicts are expected in several cases later in January.

      • Trump Administration’s Proposed Rule Attempts to Starve Out Asylum Seekers

        The Trump administration is attacking the right to seek asylum in the United States. From separating asylum seekers from their children, to legally barring people from applying for protection and forcing them to remain in harsh conditions in Mexico, the administration has used every tactic it can think of to deny rights to refugees. Its most recent approach is a cruel attempt to starve out those who have lawfully applied for asylum in the U.S. by denying them the right to work while their case is pending. The administration’s new proposed regulation will not stop people from applying for asylum, but will force asylum seekers and their families into poverty or into the underground economy while their cases pend for years in an increasingly backlogged immigration court.

      • Kazakhstan: Improper Prosecution of Asylum Seekers from China

        (Berlin) – Kazakhstan should not forcibly return two Chinese citizens fleeing ill-treatment in Xinjiang or prosecute them for illegal border crossing while their asylum claims are pending, Human Rights Watch said today.

        On January 6, 2020, court hearings against the two ethnic Kazakh men, Kaster Musakhanuly and Murager Alimuly, on charges of illegal border crossing began in the remote eastern town of Zaysan. The hearing was adjourned after only two hours, although dozens of witnesses and supporters had traveled there to testify on their behalf, and the case was postponed to January 21. If returned to China, the men would almost certainly face detention and a real risk of torture.

      • Illinois Comptroller Is Opting The State Out Of Collecting Red Light Camera Fees

        We’ve discussed red light cameras many times in the past, most often to point out how they really aren’t great at providing any benefit in vehicle safety, but are quite good at filling up the coffers of local governments on the backs of motorists. Given that these are essentially profit centers run by governments that aren’t well suited to maximizing profits, the contracts for these red light cameras are typically outsourced to private interests. And if that seems like a recipe for rampant corruption… well… yeah. Everyone from judges to my beloved home city of Chicago has found themselves being investigated, and sometimes charged, with wild corruption as part of these red light camera contracts. Contracts that, again, don’t make anyone any safer.

      • Defiant Fugitive Ex-Nissan Boss Vows Fight to Clear His Name
      • Does the US have a problem with topless women?

        Women fed up with being forced to cover up their breasts and nipples are challenging American laws about nudity and sparking a debate about the country’s attitude to the naked female form.

    • Internet Policy/Net Neutrality

      • There’s A Recurring Theme With 5G, And It’s Disappointment

        Buried beneath the unrelenting hype surrounding fifth-generation (5G) wireless is a quiet but growing consensus: the technology is being over-hyped, and early incarnations were rushed to market in a way that prioritized marketing over substance. That’s not to say that 5G won’t be a good thing when it arrives at scale several years from now, but early offerings have been almost comical in their shortcomings. AT&T has repeatedly lied about 5G availability by pretending its 4G network is 5G. Verizon has repeatedly hyped early non-standard launches that, when reviewers actually got to take a look, were found to be barely available.

      • .blog vs .com TLD performance

        BunnyCDN shared some interesting performance benchmarks of the name servers responsible for some generic top-level domains (gTLD). They measured from 50 locations around the world.

        I’m using a .blog domain for this website. Unfortunately, this gTLD is placed near the bottom of the list. Ouch.

        I recreated a smaller version of their experiment for the .blog and .com TLDs. I don’t have a content distribution (CDN) network with 50 points of presences around the globe to test from.

        However, I do have a RIPE Atlas test probe. It enables me to run a quick test like this from 11 000 locations around the world. I settled for recreating BunnyCDN’s tests from 300 locations, however. You can see the results from my test in the footer and the graph at the top of this article.

    • Digital Restrictions (DRM)

      • Disappointing: Apple The Latest To Abuse DMCA 1201 To Try To Stifle Competition, Security Research, Jailbreaking And More

        Back in August, Apple kicked off an already questionable lawsuit against Corellium, makers of virtualization software that would let users create and interact with “virtual” iOS devices. It is a useful tool for a variety of reasons, including (importantly) for security researchers trying to hunt down bugs on a virtual iPhone. Over the last few months, security researchers in particular have been raising the alarm about this lawsuit. Then, just before the New Year, Apple made things much, much worse, with its amended complaint, that takes Section 1201 of the DMCA to new and even more ridiculous heights.

    • Monopolies

      • The End of Indie Web Browsers: You Can (Not) Compete

        No longer is it possible to build your own web browser capable of consuming some of the most popular content on the web. Websites like Netflix, Hulu, HBO, and others require copyright content protection which is only accessible through browser vendors who have license agreements with large corporations.

        During development of Metastream⁠—a browser-based side project of mine⁠—I ran into a roadblock when Google Widevine rejected my application to use their software that allows playback of encrypted media. The same problems I faced are affecting other developers with no known solutions in-sight.

        These roadblocks were primarily introduced to appease the media industry.

      • Patents

        • Software Patents

          • Another Velos Media patent challenged as likely unpatentable

            On January 2, 2020, Unified filed a petition (with WilmerHale serving as lead counsel) for inter partes review (IPR) against U.S. Patent 9,414,066, owned by Velos Media, LLC (Velos), as part of Unified’s ongoing efforts in its SEP Video Codec Zone.

            The ‘066 patent and its corresponding extended patent family is one of the largest families known to be owned by Velos, representing nearly 5% of Velos’ total U.S. patent grants. Including this petition, Unified has now challenged patents representing over 42% of Velos’ total known U.S. assets.

      • Trademarks

        • FICPI-Turkey Roundtable On The Similarity Of Trade Marks And Its Application

          Christian explained how opposition matters are handled at the European Patent Office (EPO) and how the Opposition Divisions and the Technical Boards of Appeal are composed. Specific emphasis was given to the fact that technically qualified examiners or members of the Boards will always be part of an Opposition Division or the competent Board of Appeal. He also explained the meaning of “technically qualified” as being technically qualified with relevant background in the respective technical field.

          Serkan then explained the new oppositions procedure, which is now codified in Turkish Patent Law, where the opposition proceedings (post-grant patent opposition) implemented in Turkey are more or less submission statements (i.e. purely paper-based with no hearing), which will not be exchanged among the parties and will not be implemented as true contradictory proceedings.

          FICPI-Turkey is advocating for opposition proceedings which would be more like the EPO’s opposition proceedings This would involve the parties exchanging written submissions which include a full statement of facts, arguments and evidence, followed by a hearing where the parties can highlight aspects of their case and argue why they should prevail. At the end the Opposition Division announces its decision.

      • Copyrights

        • Manga Publisher Takeshobo Sues Cloudflare For Copyright Infringement

          Major Japanese publisher Takeshobo has sued Cloudflare in a Tokyo court for alleged copyright infringement. The publisher says it was forced into the action after requests to remove content being offered by a Cloudflare customer were ignored. Takeshobo is taking care not to mention the name of the ‘pirate’ site in question but TorrentFreak has uncovered a DMCA subpoena from 2019 which may shine some light on proceedings.

        • Sheeran v Chokri Part 2: Admission of similar fact evidence

          Readers may remember the case of Ed Sheeran and Sam Chokri, discussed by this Kat back in August 2018 here. The case is still on going and the most recent hearing before Mr Justice Nugee took place on the 9th December 2019 in the High Court of England and Wales.


          As to the second part of the test, which could be stopped if it could be seen clearly at this stage that even if fully proved, the probative value was outweighed by the prejudice so that a fair trial. The claimant argued that Deputy Master based his decision on incorrect numbers and overlooked certain factors such the effect on Ed’s reputation. However, the Judge did not accept this argument and stated that Deputy Master had identified a number of downsides of allowing the plea to go forward, such as the increase in the cost, complexity and length of the trial, as well as referring to the impact on the Claimant – although not hugely important, still born in mind.

          Therefore, in all the circumstances the Judge did not agree with the Claimants criticisms of Deputy Master’s judgment and the appeal was dismissed. Although it was noted that there is nothing to stop these pleadings to be struck out at a later stage for lack of particularisation.

          The risk of including this evidence if of course to create an assumption that “once a thief, always a thief”. However, where there has been an instance of similarity between songs that might have been a coincidence, it is less likely to be a coincidence where there are three instances. As it was said in the case of Rex v Sims [1946] K.B. 531, [at 540]: “The probative force of all the acts together is much greater than one alone.” So the probative force of four resemblances together is much better than one alone.” The songs where played to the Judge in Court, and whilst two songs sounding similar does not equate to a claim for copyright infringement, when that is supported by the clearance and royalty share evidence, this was enough to allow the pleadings at this stage.

        • Katy Perry Accused of Bringing Biased Experts Into Copyright Trial

          Attorneys for Katy Perry are recruiting expert musicologists to reverse a shocking, $2.8 million copyright infringement verdict against the pop singer. Those musicologists are now being attacked as biased towards Perry and her collaborators.

        • George Gershwin’s Rhapsody In Blue Is In The Public Domain And Gerswhin’s Nephew Is Worried Someone Might Turn It Into Hip Hop

          Last week we announced our latest Gaming Like It’s 1924: Public Domain Game Jam, and among the newly public domain works first released in 1924 is George Gershwin’s classic Rhapsody in Blue, which you might better know as the United Airlines theme song.

IRC Proceedings: Wednesday, January 08, 2020

Posted in IRC Logs at 2:33 am by Needs Sunlight



#techrights log

#boycottnovell log



#boycottnovell-social log

#techbytes log

Enter the IRC channels now

The Concept of Confidentiality May be Self-Defeating in the Context of Patents

Posted in Europe, Patents at 2:17 am by Dr. Roy Schestowitz

If confidentiality or secrecy is the very thing patents were conceived to tackle/discourage…

Patents encourage publication but please keep it all a secret

Summary: If transparency through publication is the supposed motivation of patents, then why is the concept of confidentiality so strictly enforced (even when the EPO itself actively violates the confidentiality of applicants and other stakeholders)?

WHEN someone produces a physical invention it is possible to disassemble it and possibly reverse-engineer it thereafter. It doesn’t matter if there is or isn’t a patent, so in a sense that invention is disclosed as soon as it hits the market/s. The specifications underlying this invention just aren’t formally disclosed. In the case of drugs (or chemicals) the production process may not be obvious to the recipient of a drug. However, the ingredients can be determined and sometimes the structural composition as well. In both cases we can see that patents as means of publicising an invention (unlike secrecy or even trade secrets) may be moot; and sure, sometimes patents allude to things that do not exist in the market (yet, if ever) and having some formal description may be valuable for reproduction (in the future or at present by peers/competitors). When it comes to software patents, it all boils down to code. If it is Free software, anyone can study and also copy that code. No point to patents on those…

The American courts, having already grappled with 35 U.S.C. § 101, more or less concluded that patents pertaining to nature and code aren’t valid. Alice and Mayo may have put millions of US patents in their graves (or already-expired patents even deeper in the ground). For over 5 years SCOTUS has refused to revisit or reconsider the matter; as for the Federal Circuit (one level below SCOTUS), it rarely deviates from this well-cemented norm…

There are many misconceptions abound regarding patents and it’s up to us, non-lawyers, to address and correct those falsehoods.

“The concept of confidentiality in this case is akin to “trade secrets” — a sort of thoughtcrime, with laws enforceable by employers who seek to make the mere ‘possession’ of some knowledge a ‘crime’ (somewhat like NDAs).”Recently, the appeal boards in Munich (oh, sorry! Haar, but let's pretend it's part of Munich) dealt with the aspect of secrecy surrounding patent-pending research. This week UDL published an article about it. Sorry to disappoint you, UDL (promotional piece in Lexology, akin to a paid press release), but the European Patent Office (EPO) does not protect confidentiality and barely grasps that very concept. Under the watch of António Campinos it has happened repeatedly after being ‘normalised’ in the Battistelli era.

Here are some portions from the article:

The confidentiality of patient data is an essential consideration in any clinical trial — but stakeholders must also consider the confidentiality of the invention being trialled. If just one member of the public can access information about the invention before a European patent application is filed — whether this is through writing, oral disclosure or use — the invention may lack novelty.

This is so important due to the sheer number of stakeholders involved in a clinical trial, which can include sponsors, Contract Research Organisations (CROs), investigators and site personnel, healthcare personnel, regulatory agencies and participants.


While the Boards of Appeal of the EPO found in T598/12 that a trial participant isn’t a member of the public in the strict sense, a particularly contentious area of law is whether unused and unreturned trial drugs form a public disclosure.

A general principle of the European Patent Convention, following the Enlarged Board of Appeal’s Decision in G1/92, is that the chemical composition of a product is state of the art when the product as such is available to the public and can be analysed and reproduced by the skilled person, irrespective of whether or not particular reasons can be identified for analysing the product.


The Opposition Division followed T7/07 in agreeing that information given to patients cannot be regarded as prima facie confidential. Indeed, it might be considered unethical to bind trial patients by general explicit or implicit confidentiality obligations, as they should be able to discuss medication with their spouses and doctors. However, it was found that trial participants were under a legal obligation to use the tablets according to a stipulated schedule and return any non-administered drugs. In contrast to T7/07, loss of control over the return of the dispensed drugs hadn’t been established, as patients were legally prevented from disposing of the drugs and also from passing on information contained in them to third persons not bound by confidentiality. Any ‘breach’ therefore didn’t allow a conclusion to be made that the tablets were available to a member of the public.

The concept of confidentiality in this case is akin to “trade secrets” — a sort of thoughtcrime, with laws enforceable by employers who seek to make the mere ‘possession’ of some knowledge a ‘crime’ (somewhat like NDAs). Do we really wish to steer patent law in such a direction? Isn’t that rather antithetical?

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts