Bonum Certa Men Certa

Links 5/8/2020: Wayfire 0.5 and Plasma Browser Integration



  • GNU/Linux

    • Desktop/Laptop

      • Here’s the glaring potential flaw in Windows 10X devices as Chromebook competitors

        Stop me if you’ve heard this before: Imagine an operating system that’s focused on using the web browser and you can’t install traditional desktop apps on. No, I’m actually not talking about Chromebooks, and if I was, that would be an outdated thought experiment since you can install full desktop Linux apps on Chrome OS. I’m talking about upcoming devices running Microsoft Windows 10X, a “lite” software platform that is reportedly debuting in roughly 9 months.

        You may not recall that Microsoft tried a similar approach in 2012 with Windows RT and the first Surface device.

      • Linux Marketshare Dipped in July – But Not By Much! [Ed: No, it is wrong to base one's assessment on a Microsoft partner that pretends Android, ChromeOS etc. don't even exist]
    • Linux Magazine

    • Audiocasts/Shows

      • mintCast 340.5 – Will It Blend?

        1:41 Interview with Jason van Gumster 1:01:48 Feedback 1:11:03 Check This Out 1:15:27 Outro

        In our Innards section, we become blender experts with Jason van Gumster’s help.

        And finally, the feedback and a few suggestions.

      • This Week in Linux 111: Linux 5.8, BootHole & GRUB2 Flaws, Firefox 79, JellyFin, Nitrux, & More

        On this episode of This Week in Linux, we’ve got some really cool hardware news, we’ve finally got some Linux laptops equipped with an AMD Ryzen 4000H series processor. These laptops are thanks to Tuxedo Computers and KDE Slimbook. Cooler Master has launched a kickstarter campaign to make a pretty slick Case for the Raspberry Pi 4. We’ve also got a LOT of App News this week with the latest release of the most popular open source email client, Thunderbird 78 from Mozilla. KDE has released version 7.0.0 of digiKam. If you’ve been wanting an open source way to control your RGB lights on your devices then OpenRGB may be the tool for you. And finally, PeerTube has announced the 2.3.0 release that comes with the much anticipated Global Search feature! All that and much more on Your Weekly Source for Linux GNews!

      • There’s a Hole in my Boot! | LINUX Unplugged 365

        We explain why BootHole is getting so much attention and break down the key issues. Then we review our favorite Linux-compatible headsets.

    • Kernel Space

      • Linux 5.8 released, features Thunderbolt 4.0 support and improved security

        Linux's creator Linus Torvalds has released a new version of the Linux kernel following seven release candidates.

        While he did consider creating an eighth release candidate for Linux 5.8 last week, on Sunday Torvalds decided "it's not just worth waiting another week when there aren't any big looming worries around”.

        Linux 5.8 succeeds the latest stable Linux Kernel 5.7 and includes all of the changes that were pulled out during the kernel 5.8 merge windows. As Linux 5.8 received a surprisingly high number of merge requests during its merge window, Torvalds said that it is one of the biggest Linux releases yet in terms of the number of commits and close to Linux 4.9.

      • Checkpoint/Restore Of Unprivileged Processes Sent In For Linux 5.9

        Linux 5.9 is bringing another feature that's long been baking and of interest to a growing number of stakeholders... checkpoint/restore functionality of unprivileged processes.

        With Linux 5.9 all the pieces should be in place for allowing checkpoint/restore of processes not running as root. This saving and restoring of processes can be used for functionality like container migration, moving workloads in HPC environments, or for the Java JVM to speed-up startup time. The Linux kernel has supported checkpoint/restore of processes but only as root until now.

      • Linux 5.9 Continues Working On A Variety Of Scheduler Improvements

        Among the many pull requests sent in for the Linux 5.9 merge window by longtime developer Ingo Molnar are the usual assortment of scheduler improvements.

        [...]

        - The deadline scheduler is now capacity-aware and has seen other improvements too.

        - UClamp performance improvements for this utilization clamping functionality.

        - Cleanups to the energy/power-aware scheduling.

      • Top 10 New Features in Linux Kernel 5.8

        Linus Torvalds recently announced the release of Linux Kernel 5.8, and he seems delighted with it. He has pointed it out as the most significant release of all time. To developers, this new kernel comes with an addition of 800,000 new code lines and more than 14,000 changed files. To the average user, you might not see many eye-candy changes, as seen in the earlier releases.

        Overall, the Linux Kernel 5.8 releases include a bunch of driver support, optimizations, processor improvements, and a variety of security enhancements. In the Linux Kernel mailing lists, Linus Torvalds wrote, “So I didn’t expect this, but 5.8 looks to be one of our biggest releases of all time.”

        Given the release timeline for Linux 5.8, it may be available for testing in distributions like Ubuntu 20.10 and Fedora 33 soon. Let’s take a look at some of the features you can expect in Linux Kernel 5.8.

      • Wrap it before you tap it? No, say Linux developers: 'GPL condom' for Nvidia driver is laughed out of the kernel

        Linux devs have dismissed a proposed patch to the kernel that would only work with a Nvidia driver, motivating a second patch that will prevent disguised use of proprietary code in GPL modules.

        The Linux Kernel licensing rules make provision for proprietary third-party modules but state that they must be tagged as such.

        This "cannot be used for modules with source code in the kernel tree. Modules tagged that way are tainting the kernel with the 'P' flag when loaded and the kernel module loader refuses to link such modules against symbols which are exported with EXPORT_SYMBOL_GPL()."

        Facebook developer Jonathan Lemon put forward an RFC (Request for Comments) on a proposal to implement DMA (Direct Memory Access) zero-copy between a network card and a GPU to enhance network performance, while keeping the protocol processing on the CPU. The use case is for "GPUs used for machine learning, which are located near the NICs, and have a high bandwidth PCI connection between the GPU/NIC," states the RFC.

        The code relies on Nvidia's proprietary driver for Linux, noticed by kernel maintainer Greg Kroah-Hartman, who observed: "OK, now you are just trolling us. Nice job, I shouldn't have read the previous patches. Please, go get a lawyer to sign-off on this patch, with their corporate email address on it. That's the only way we could possibly consider something like this."

      • Power Management and Thermal Control Microconference Accepted into 2020 Linux Plumbers Conference

        We are pleased to announce that the Power Management and Thermal Control Microconference has been accepted into the 2020 Linux Plumbers Conference!

        Power management and thermal control is an important area in the Linux ecosystem to help with the global environment. Optimizing the amount of work that is achieved while having long battery life and keeping the box from overheating is critical in today’s world. This meeting will focus on continuing to have Linux be an efficient operating system while still lowering the cost of running a data center.

        Last year’s meetup at Linux Plumbers resulted in the introduction of thermal pressure support into the CPU scheduler as well as several improvements to the thermal framework, such as a netlink implementation of thermal notification and improvements to CPU cooling. Discussions from last year also helped to improve systems-wide suspend testing tools.

      • Graphics Stack

        • Defaulting Radeon GCN 1.0/1.1 GPUs To Better Linux Driver Is Held Up By Analog Outputs

          Switching from the "Radeon" to "AMDGPU" kernel driver on Linux is possible for Radeon GCN 1.0/1.1 era graphics cards and doing so can mean slight performance benefits, the ability to run the AMDVLK or RADV Vulkan drivers, and simply making use of this better maintained driver. But having these original GCN graphics cards default to the modern AMDGPU driver appears held up by the lack of analog video output support with that driver.

        • Intel's Open-Source H.265/HEVC Encoder Sees First Release Of 2020

          Intel's Scalable Video Technology team is known for their open-source video encoder work particularly on AV1 and VP9 formats, but they also continue to maintain a high performance H.265/HEVC encoder as well. Intel SVT-HEVC 1.5 was released on Monday as their first major update of the year.

          Intel SVT-HEVC 1.5 fixes "all memory leaks" following a refactoring of their allocation/deallocation code that also leads to the ability for FFmpeg to run multi-instance encoding in parallel. SVT-HEVC 1.5 also has a number of optimizations, fixes for a random hang issue with few threads (something we've seen as well with SVT-HEVC in our own benchmarks), and a number of other fixes.

        • GNOME's Mutter Adds Support For Launching "Trusted Clients" On Wayland

          Merged to GNOME's Mutter compositor is an API for Wayland to allow the launching of trusted clients.

          This "trusted clients" support is namely about allowing child windows to be signified as being from a parent window/process. This can also allow for some nifty use-cases for GNOME on Wayland. The patch explains: Unfortunately, although the child process can be a graphical program, currently it is not possible for the inner code to identify the windows created by the child in a secure manner (this is: being able to ensure that a malicious program won't be able to trick the inner code into thinking it is a child process launched by it).

        • Wayfire 0.5 Wayland Compositor Brings Latency Optimizations, More Protocols

          Wayfire, a Wayland compositor inspired by the likes of Compiz with different desktop effects, is out today with a new feature release.

          Perhaps most exciting with Wayfire 0.5 is the work done to improve (reduce) the latency. Wayfire now better tracks how much time it needs to draw a frame, support for the presentation time protocol, and other work. Aside from latency improvements, there are Wayland protocol additions for primary selection for allowing middle-click-paste to work plus the output-power-management protocol for better handling display output power management behavior.

        • Intel Tiger Lake OpenCL Support On Linux Now Considered Production Ready

          With all the recent work on Intel's open-source compute stack around the vector back-end and GPU code generation with their ISPC compiler there was another significant milestone achieved that went unnoticed until spotting the change a few days ago.

          The open-source Intel Compute Runtime in the past two weeks now has "production" ready OpenCL support for the forthcoming Gen12 Tiger Lake graphics. That's good news with Tiger Lake laptops expected to market soon.

        • RADV ACO Back-End Begins Tackling Navi 2 / GFX10.3 Support

          With the "Sienna Cichlid" and "Navy Flounder" open-source driver support as what appear to be the first "Navi 2" GPUs and the first of the "GFX10.3" generation on the graphics engine side there is the initial kernel support with Linux 5.9 and the initial Mesa support for 20.2. That Mesa support has been focused on RadeonSI as the official OpenGL driver as well as Mesa's RADV driver as the Radeon Vulkan driver in-tree but not officially supported by AMD. That RADV support is currently un-tested. Both drivers currently depend upon the "AMDGPU" back-end found in the forthcoming LLVM 11.0 with its initial GFX10.3 support. But now on the RADV driver side there is preliminary GFX10.3 bits landing for the popular "ACO" back-end.

          ACO is the back-end worked on by Valve and other stakeholders like open-source graphics driver engineers from Google and Red Hat. But as ACO isn't officially supported by AMD, there hasn't been any patches from them in wiring up the Navi 2 / GFX10.3 support for this AMDGPU LLVM alternative. Rhys Perry as part of Valve's Linux driver efforts though has worked out what should be the initial changes needed for this yet-to-be-released hardware with ACO.

    • Applications

      • Flash ISOs to Multiple USB Sticks on Linux with Popsicle

        This handy tool, which is written in Rust, lets you write an .iso (or other compatible image file) to more than one USB stick, SD card, or external drive at the same time.

        If you’ve been tasked with preparing multiple flash drives for your favorite OS to hand out to attendees at an event or the like then this would certainly be useful.

        But even if your needs aren’t as demanding as that being able to prep two installers, e.g., an SD card and a USB stick, to work with two different devices is made easier by this tool.

      • Meet The Beautiful Linux App You Need In Your Terminal

        There’s no shortage of apps to monitor your PC’s system resources, regardless of the operating system you’re running. But it’s less common to stumble across a piece of software that looks this gorgeous running in a terminal window. Seeing is believing, and I dare you not to fall in love with the unique beauty of Bashtop.

        Bashtop is a cross-platform resource monitor for Linux, macOS and FreeBSD. It tracks your PC’s CPU core usage (and per-core temps!), RAM and disk usage (including current read/write speeds), bandwidth consumption and running processes. You can also filter processes and send various kill signals.

        It does everything you’d expect a resource monitor to do, and a few things you don’t.

      • Pinta Open-Source Image Editing and Drawing App Sees New Major Release After 5 Years

        Pinta 1.7 is now available and it looks like it’s a massive update to the open-source drawing and image editing application, which most of you probably forgot about.

        Highlights of this release include support for tabs to make it more easy to switch between multiple images with the ability to dock them side-by-side or transformed in new windows, support for zooming and panning in the Rotate / Zoom dialog, which now rotates in-place.

        Also new is a Smooth Erase tool that can be enabled when using the Type menu on the toolbar of the Erase tool, as well as support for JASC PaintShop Pro palette files and the ability to open images just by dragging and dropping an image URL from a web browser.

    • Instructionals/Technical

    • Games

      • Cursed Gem is a pretty charming and amusing challenging platformer out now

        I have to admit, Cursed Gem is quite a nice surprise. Throwing in a little comedy into a challenging pixel-art platformer.

      • Action RPG 'Last Epoch' laughs at your free time with the biggest update ever

        Free time be damned, it's time to jump back into Last Epoch for another dozen hours or so because Eleventh Hour Games clearly don't want me to sleep tonight. On August 4 they released update 0.7.9, which they said was the "BIGGEST update in Last Epoch history".

        What's the big fuss about with this update? It splits off The Monolith of Fate end game into its own zone, with several islands each containing "a Timeline representing a reality that never was". Confused? Well, Last Epoch is an action RPG that involves a wee bit of time travel. As you progress and conquer timelines, you get all sorts of fancy rewards and you they're repeatable with different layouts. Sounds awesome.

      • Minesweeper but it's a rogue-lite with tons of features - DemonCrawl is out for Linux PC

        Oh no, I think DemonCrawl might just end up being my next 100 hour game and it's now available for Linux PC.

        Released originally in November 2019, the developer decided to support Linux to ensure people can get the best experience rather than relying on the Proton compatibility layer. Two weeks after announcing it and the Linux version has been released.

      • Jagged Alliance 2 game engine 'Stracciatella' has a big new release

        The community working to keep the classic Jagged Alliance 2 alive with the Stracciatella game engine have put out their first release in a few years.

        With the Stracciatella project their aim is to provide good cross-platform support, improve stability, fix bugs and provide a stable platform for mod development. It's a noble aim, especially when it's an old game long left behind by the original teams and in this case the original developer and publisher no longer even exist.

      • Master of Orion inspired open source 4x strategy FreeOrion has a new release

        Inspired originally by Master of Orion, the free and open source FreeOrion project has a brand new release.

        For the FreeOrion, this was a reasonably quick release considering they had another release back in February and they don't usually update too often. For a good reason this time though, as they've managed to do a major tech move from Python 2 to 3 to enable FreeOrion to stay up to date with modern code. That wasn't the only big change though.

      • Take an emotional trip through the mind in Into A Dream out now

        Into A Dream is a brand new release from indie developer Filipe F. Thomaz, telling a tale about diving into the mind of someone diagnosed with severe depression.

        You're quite literally exploring their mind too, using the power of medical science. You will be travelling through the mind of Luke Williams, as their last hope before "fading away". You need to find the events that led to their darkened mind, meeting family and friends (well, memories of them anyway) while finding a way to "trick him into letting you access his darker dreams and unveil the emotional, powerful and heartbreaking journey of his life".

      • Need another building and farming RPG? Verdant Village enters Steam Early Access

        Littlewood and Stardew Valley not enough for you? Need more farming, crafting and exploration? Verdant Village is now live in Early Access on Steam.

        "You've washed ashore in a foreign land. With nothing to your name other than a few tools you’ll have to learn how to live off the land. Explore, grow crops, and meet the locals. How you live is up to you. Can you create a new life for yourself in the small town of Amberglen?"—well, luckily for you the King seems nice and gave you an abandoned piece of land to call your own and it's up to you to bring it back to life.

      • LunarG releases new Vulkan SDK with DirectX Shader Compiler for Linux and more

        LunarG have today, August 4 2020, released a new and enhanced version of their Vulkan SDK (software development kit).

        What exactly is it? The Vulkan SDK is a collection of essential tools used by developers to assist in development and debugging of Vulkan applications. LunarG works with the Vulkan Working Group over at The Khronos Group to keep it open source, and provide ongoing upgrades to it.

      • Littlewood is a seriously peaceful town-building RPG out now

        After a successful Kickstarter campaign in the beginning of 2019 and an Early Access release later that same year, Littlewood has grown into a wonderful town-building RPG.

        In a world where the evil has already been defeated, it asks the question: what now? The answer, of course, is to rebuild everything and attempt to live out the rest of your lives in peace and perhaps find a little love along the way. Easily comparable to the likes of Stardew Valley and Animal Crossing, it offers up a similar experience of letting you do what you want at your own pace and just relax.

      • GOverlay makes Linux gaming overlay MangoHud even easier to use

        MangoHud has become the go-to way to get a decent readout of game performance with an overlay on Linux, and now with the latest improvements the GOverlay interface has made it much easier to use.

      • Free to play collectible card game 'Doomtrooper' enters Early Access

        Reviving the collectible card game from the 90s, developer Secret Cow Level has now launched Doomtrooper CCG into Steam's Early Access program.

        "Get ready for demonic aliens, cyber-mechanical vehicles, and interplanetary chainsaw warfare! Doomtrooper is a digital adaptation of the physical card game by the same name. Play Warrior cards to form your squad and earn victory points by eliminating the enemy's forces."

      • Ecosystem building sim 'Terra Nil' now gives you a whole continent to restore

        A building sim that's as relaxing as it is challenging, Terra Nil has a truly wonderful idea and I absolute love following it along in development with a new big update out now.

        In Terra Nil, you're tasked with turning a barren wasteland into an ecological paradise complete with different flora and fauna, then clean up after yourself to leave the environment pristine. Quite clever mechanically, giving you a certain percentage you need to hit on each map with your greenery. Originally it just gave you random maps to play through but now the progress is evolving.

        As for Terra Nil 0.4, it gives you a whole continent to restore with different biomes across the areas you're trying to restore. When you do complete a level, the menu map then covers that area in greenery and it's actually quite slick.

      • Award-winning strategy game The Battle of Polytopia is now on Linux PC

        After winning awards and gaining popularity in the mobile space, Midjiwan AB have ported over The Battle of Polytopia to PC (Linux, macOS, Windows) and it's out now.

        They're calling the PC version The Battle of Polytopia: Moonrise, although the Steam page still has the original name, in an attempt to differentiate it from the mobile version. The PC release does come with some enhancements like larger maps, better map generation, map customization options, random multiplayer matchmaking, player avatars, a Russian translation, the ability for more than one player to play with the same tribe and they sat it gives them room to develop new features more quickly.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • The structure of KDE, or how anarchy sometimes works

          KDE is a funny beast. In a lot of ways, it’s an anarchic society that actually works!

          Engineers and designers work on KDE software and websites, but none of them are paid by KDE itself. Most are volunteers but some (myself included) are paid by 3rd-party companies. These people work on what they want or what they are sponsored by their company to work on, not what anyone in KDE tells them to work on.

          KDE has a board of directors, but they are elected by KDE’s membership rather than stockholders (there is no stock lol), and do not control KDE’s strategic direction the way the board of directors does in a corporation. Rather, they mostly take care of financial and legal matters, sort out copyright claims, help to organize the yearly Akademy conference, and so on.

          There is no formal “upper management” or even “middle management” layer. We have the “gardening team” whose members constitute volunteer managers, but we mostly do things like triaging bugs, following up on stuck merge requests, perform QA on unreleased software, and so on. We support the people doing the work, rather than telling them what to do.

        • Announcing Krita’s Scripting School!

          In 2018, we reintroducted scripting to Krita. Unlike our previous attempts to provide scripting, this time it took off! People are making all kinds of useful and fun extensions for Krita. Like a new color picker and mixer, a plugin to modify the way Krita’s subwindows are handled, new toolboxes, integration with other applications like Autodesk Shotgun,

          But what was missing was a good overview of the various areas that could be scripted. Tutorials and example code on how to use the scripting API in bite-size chunks. The regular API documentation is generated automatically from the APIDOX comments. It is a good reference but can be difficult to understand since it is generated from the C++ code that provides the scripting bindings.

        • Plasma Browser Integration 1.7.6

          I’m pleased to announce the immediate availability of Plasma Browser Integration version 1.7.6 on the Chrome Web Store as well as Firefox Add-Ons page. This release comes with a few bug fixes, performance improvements, and translation updates.

          [...]

          As usual, this release brings some improvements to media controls. Short sounds and videos are currently ignored to avoid trying to control e.g. a “new message” sound or short hover video previews. However, some live stream implementations don’t report the correct duration of Infinity but gradually fill up their time bucket every few seconds. Previously, the extension only checked duration once to determine whether to provide media controls. With this update duration is continuously checked and media controls would become available eventually.

          Furthermore, for websites that do not set album art through Media Session API, the video player’s poster is now used as album cover. This is the cover image that is often shown when the video isn’t playing.

      • GNOME Desktop/GTK

        • Clarissa Borges: Which library is the GNOME UI extending from?

          About two weeks ago I did some research and learned about some libraries to choose one to extend from to use on my GSoC GNOME UI library project, and it turned out to be a very interesting topic that I’d like to share and take the opportunity to talk about how’s the project going, as it’s been a while since I don’t blog :P

          In case you don’t know what my project is about, I recommend you to visit my first post where I provide an explanation of the project goals.

    • Distributions

      • Reviews

        • Pantheon Desktop Review: A Beautiful Alternative to macOS

          The Pantheon Desktop is designed specifically for elementaryOS and is considered one of the most visually appealing desktops around. It clearly draws a lot of inspiration from macOS, which makes it a great alternative for those who are looking to make the switch or who have always wanted to master that workflow. In this Pantheon Desktop review, I take a look at user experience and performance, as well as some notable features, and deciding who should use the Pantheon desktop.

      • BSD

        • An Introduction to ZFS A Place to Start

          ZFS has become increasingly popular in recent years. ZFS on Linux (ZoL) has pushed the envelope and exposed many newcomers to the ZFS fold. iXsystems has adopted the newer codebase, now called OpenZFS, into its codebase for TrueNAS CORE. The purpose of this article is to help those of you who have heard about ZFS but have not yet had the opportunity to research it.

          Our hope is that we leave you with a better understanding of how and why it works the way it does. Knowledge is key to the decision-making process, and we feel that ZFS is something worth considering for most organizations.

        • GSoC Reports: Enhancing Syzkaller support for NetBSD, Part 2

          As a part of Google summer code 2020, I have been working on Enhance the Syzkaller support for NetBSD. This post summarises the work done in the past month.

          For work done in the first coding period, you can take a look at the previous post.

        • The GNU GDB Debugger and NetBSD (Part 3)

          I've written an integration of GDB with fork(2) and vfork(2) events. Unfortunately, this support (present in a local copy of GDB in the base-system) had not been merged so far, because there is a generic kernel regression with the pg_jobc variable. This variable can be called a reference counter of the number of processes within a process group that has a parent with control over a terminal. The semantics of this variable are not very well defined and in the result the number can become negative. This unexpected state of pg_jobc resulted in spurious crashes during kernel fuzzing. As a result new kernel assertions checking for non-negative pg_jobc values were introduced in order to catch the anomalies quickly. GDB as a ptrace(2)-based application happened to reproduce negative pg_jobc values quickly and reliably and this stopped the further adoption of the fork(2) and vfork(2) patch in GDB, until the pg_jobc behavior is enhanced. I was planning to include support for posix_spawn(3) events as well, as they are implemented as a first-class operation through a syscall, however this is also blocked by the pg_jobc blocker.

        • BSD Router Project Release 1.97 (04/08/2020)
      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Stasiek Michalski answers Richard Brown's questions as the openSUSE election campaign progresses

          Community members are welcome to ask the candidates questions about their views on the project and to comment on some of the pertinent matters within the community. Richard Brown, former Chairman of openSUSE, put a few questions to Stasiek Michalski about his views on conflict resolution, the board structure and the project's key sponsor SUSE.

          Stasiek expressed his views as he answered Richard on the project mailing list.

        • Leap 15.2 Install party @ GOLEM - A quick report

          Ah, the event was also recorded, but they still have to let me know whether that worked well or not.

          I decided to do a live install as I think our installer is great, and wanted to show it off a bit. :-) In fact, I’ve heard a few times people saying that installing openSUSE is difficult, and I wanted to give it a shot to busting that myth.

          I showed how it is possible to install the distro with just a few clicks, which is the opposite of difficult. After that, I went back and explained all the various possible customizations that one can make – but only if she wants to– at each stage.

          Feedback on this was extremely good, and I think I’m going to reuse this same approach for other similar occasions.

          While the installer was copying packages, there was the time to talk a bit about the characteristics of Leap such as its goals, release cycle, development process, relationship with SLE, etc.

          I quickly mentioned the maintenance process, taking advantage of some slides kindly provided by Marina (thanks to you again as well!), and this also was perceived as very interesting.

          After the system was ready, I had the time to showcase YaST a little, to explain how to add Packman repos for the codecs and to introduce BTRFS snapshots, snapper and demo a reboot into a previous snapshot and the rollback.

      • IBM/Red Hat/Fedora

        • Remembering Thomas Gilliard (satellit)

          I’m sad to report that Thomas Gilliard (satellit), who was a valued member of the QA team for many years, passed away last week. His wife contacted me with the news. Thomas was a regular and reassuring presence at QA and blocker review meetings and ran many thousands of tests since he first joined the team in 2009. He was particularly dedicated to testing our Sugar builds. We’ll miss him.

        • Implementation of varlink support for libnmstate – GSoC’20 nmstate project

          This blog is about the varlink implementation in nmstate and my experience in this during this period. As a computer science enthusiast I’m interested in researching new topics. This project is my first experience in open source development has been a challenging experience. The project aims to enable libnmstate to be used by other programming languages, systems which don’t support python and via remote connections. I have also included some links which I referred to. I hope it will be helpful for students like me.

        • Announcing the release of Spacewalk 2.10 for Oracle Linux

          Oracle is pleased to announce the release of Spacewalk 2.10 Server for Oracle Linux 7 along with updated Spacewalk 2.10 Client for Oracle Linux 7 and Oracle Linux 8. Client support is also provided for Oracle Linux 6 and Oracle Linux 5 (for extended support customers only).

          In addition to numerous fixes and other small enhancements, the Spacewalk 2.10 release includes the following significant features...

        • Why I switched to Fedora

          As stated above Fedora has a software freedom commitment similar in spirit to that of Debian. This means that you should be able to give Fedora to anyone, anywhere without violating intellectual property laws. Any software which is either not licensed in a way that Fedora finds acceptable or that bares US patent encumbrances can be found in the rpmfusion.org repository.

          After the install your next concern is undoubtedly configuring things and installing new packages. Fedora’s command-line package manager is dnf. It works as you would expect.

          Note also that since rpm uses file-based dependency tracking instead of package-based dependency tracking, as almost all others do, there are very few traditional metapackages. There are, however, package groups.

      • Debian Family

        • DebConf6 (20200804-debconf6)

          DebConf6 was my 4th DebConf and took place in Oaxtepec, Mexico.

          I'm a bit exhausted right now which is probably quite fitting to write something about DebConf6... many things in life are a question of perception, so I will mention the waterfall and the big swirl and the band playing with the fireworks during the conference dinner, the joy that we finally could use the local fiber network (after asking for months) just after discovering that the 6h shopping tour forgot to bring the essential pig tail connectors to connect the wireless antennas to the cards, which we needed to provide network to the rooms where the talks would take place.

          DebConf6 was the first DebConf with live streaming using dvswitch (written by Ben Hutchings and removed from unstable in 2015 as the world had moved to voctomix, which is yet another story to be told eventually). The first years (so DebConf6 and some) the videoteam focussed on getting the post processing done and the videos released, and streaming was optional, even though it was an exciting new feature and we still managed to stream mostly all we recorded and sometimes more...

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • How to speed up the Rust compiler some more in 2020

            First up is a process change: I have started doing weekly performance triage. Each Tuesday I have been looking at the performance results of all the PRs merged in the past week. For each PR that has regressed or improved performance by a non-negligible amount, I add a comment to the PR with a link to the measurements. I also gather these results into a weekly report, which is mentioned in This Week in Rust, and also looked at in the weekly compiler team meeting.

            The goal of this is to ensure that regressions are caught quickly and appropriate action is taken, and to raise awareness of performance issues in general. It takes me about 45 minutes each time. The instructions are written in such a way that anyone can do it, though it will take a bit of practice for newcomers to become comfortable with the process. I have started sharing the task around, with Mark Rousskov doing the most recent triage.

            This process change was inspired by the “Regressions prevented” section of an excellent blost post from Nikita Popov (a.k.a. nikic), about the work they have been doing to improve the speed of LLVM. (The process also takes some ideas from the Firefox Nightly crash triage that I set up a few years ago when I was leading Project Uptime.)

          • Data@Mozilla: Experimental integration Glean with Unity applications

            You might notice Firefox Reality PC Preview has been released in HTC’s Viveport store. That is a VR web browser that provides 2D overlay browsing alongside immersive content and supports web-based immersive experiences for PC-connected VR headsets. In order to easily deploy our product into the Viveport store, we take advantage of Unity to help make our application launcher. Also because of that, it brings us another challenge about how to use Mozilla’s existing telemetry system.

            As we know, Glean SDK has provided language bindings for different programming language requirements that include Kotlin, Swift, and Python. However, when we are talking about supporting applications that use Unity as their development toolkit, there are no existing bindings available to help us achieve it. Unity allows users using a Python interpreter to embed Python scripts in a Unity project; however, due to Unity’s technology being based on the Mono framework, that is not the same as our familiar Python runtime for running Python scripts. So, the alternative way we need to find out is how to run Python on .Net Framework or exactly on Mono framework. If we are discussing possible approaches to run Python script in the main process, using IronPython is the only solution. However, it is only available for Python 2.7, and the Glean SDK Python language binding needs Python 3.6. Hence, we start our plans to develop a new Glean binding for C#.

      • CMS

        • WordPress 5.5 Release Candidate 2

          The second release candidate for WordPress 5.5 is here!

          WordPress 5.5 is slated for release on August 11, 2020, but we need your help to get there—if you haven’t tried 5.5 yet, now is the time!

      • FSF

        • Help the FSF tech team empower software users

          The Free Software Foundation (FSF) tech team is the four-person cornerstone of the primary infrastructure of the FSF and the GNU Project, providing the backbone for hundreds of free software projects, and they epitomize the hard work, creativity, and can-do attitude that characterize the free software movement. They’re pretty modest about it, but I think they deserve some serious credit: it’s only because of their everyday efforts (with the help of volunteers all over the world) that the FSF can boast that we can host our own services entirely on free software, and help other people to become freer every day. It’s also largely to their credit that the FSF staff were able to shift to mostly remote work this spring with barely a blip in our operations.

        • GNU Projects

          • GNU Debugger Adding eBPF Debugging Support

            The GNU Debugger (GDB) has merged initial support for debugging of eBPF code that is traditionally consumed by the Linux kernel as part of this in-kernel special purpose virtual machine.

            Oracle engineer Jose Marchesi contributed the new target of (e)BPF for basic debugging at this point.

        • Licensing/Legal

          • Freedom Isn't Free

            Seen in that vein, the radical undertones of open source didn’t just come out of nowhere, and they’re not unique to software. Instead, open source is simply a response to the very real contradictions that abound when property rights are applied to information. Where it fails is by offering an easy way out—by creating a microcosm, itself commodified, that suspends intellectual [sic] property [sic] conventions on a small scale, without ever presenting a viable alternative to the wider intellectual property regime required under capitalism.

      • Programming/Development

        • RcppCCTZ 0.2.8: Minor API Extension

          RcppCCTZ uses Rcpp to bring CCTZ to R. CCTZ is a C++ library for translating between absolute and civil times using the rules of a time zone. In fact, it is two libraries. One for dealing with civil time: human-readable dates and times, and one for converting between between absolute and civil times via time zones. And while CCTZ is made by Google(rs), it is not an official Google product. The RcppCCTZ page has a few usage examples and details. This package was the first CRAN package to use CCTZ; by now at least three others do—using copies in their packages which remains less than ideal.

        • Kafka Monthly Digest – July 2020

          In this 30th edition of the Kafka Monthly Digest, I’ll cover what happened in the Apache Kafka community in July 2020.

        • GDScript progress report: New GDScript is now merged

          As some of you might be aware, the refactor that I have been working on lately is now merged into the master branch. This is the work explained in previous progress reports.

        • An open source solution for continuous testing at scale

          In Sogeti's most recent World Quality Report, software testing ranked No. 1 in terms of its contributions to business objectives and growth, making it a key enabler for business digitalization. Despite this, the software testing industry still reports major pain points related to test maintenance, automation, tooling, and skills. Most of the tooling in common use lacks capabilities, is too complex to integrate, provides insufficient intelligence, or is too difficult to use.

          Cerberus Testing provides a solution to these problems. It is a test automation solution built by retail companies to support digitalization initiatives and focuses on usability, scalability, and integration of the test lifecycle process.

        • Use your favorite programming language to provision Infrastructure as Code

          As you navigate the world of IT and technology, there are some terms you come across repeatedly. Some of them are hard to quantify and may take on different meanings as time goes on. "DevOps" is an example of a word that seems (to me) to change depending on the person using it; the original DevOps pioneers might not even recognize what we call DevOps today.

          If you're a software developer, "Infrastructure as Code" (IaC) may be one of those terms. IaC is using the same software-development practices you'd use to write user-facing features to declare the infrastructure that applications run on. This often means using tools like Git or Mercurial for version control and Puppet, Chef, or Ansible for configuration management. At the infrastructure-provisioning layer, the most common technology is CloudFormation (for AWS specifically) or Terraform as an open source alternative for creating hybrid-cloud resources for your applications to run on.

          Explore the open source cloud Understanding clouds Free online course: Developing cloud-native applications with microservices architectures What is hybrid cloud? eBook: Building a hybrid cloud strategy What is Kubernetes?

        • Python

          • Multiple File/Image Upload with Django 3, Angular 10 and FormData

            In the previous tutorial we have seen how to implement file uploading in Django and Angular 10. In this tutorial, we'll see how to implement multiple file uploading with FormData.

            It's recommended that you start from the previous tutorial to see detailed steps of how to create a django project, how to install Angular CLI and generate a new Angular 10 project along with services and components as we won't cover those basics in this part.

          • Python Projects for Beginners (Massive 2020 Update)

            Learning Python can be difficult. You can spend time reading a textbook or watching videos, but then struggle to actually put what you've learned into practice. Or you might spend a ton of time learning syntax and get bored or lose motivation.

            How can you increase your chances of success? By building Python projects. That way you're learning by actually doing what you want to do!

            When I was learning Python, building projects helped me bring together everything I was learning. Once I started building projects, I immediately felt like I was making more progress.

            Project-based learning is also the philosophy behind our teaching method at Dataquest, where we teach data science skills using Python. Why? Because time and time again, we’ve seen that it works!

          • Practical Recipes for Working With Files in Python

            Python has several built-in modules and functions for handling files. These functions are spread out over several modules such as os, os.path, shutil, and pathlib, to name a few. This course gathers in one place many of the functions you need to know in order to perform the most common operations on files in Python.

          • Introduction to scheduled tasks helper scripts

            For all PythonAnywhere users who like to automate their workflow using scripts there’s already the pythonanywhere package which provides an interface for some PythonAnywhere API features. If you’re one of them, you might be interested in some recent additions for programmatic management of Scheduled Tasks.

          • Mike Driscoll: Python Malware May be Coming to a Computer Near You

            Cyborg Security reported recently that malware is starting to appear that has been written using the Python programming language. Traditionally, most malware has been written in compiled languages, such as C or C++.

            The reason is simple. Compiled languages let the attacker create smaller, harder to detect, executables. However, Python’s popularity and ease of use has made it more appealing to malware authors. The biggest problem with Python for malware is that it tends to use considerably more RAM and CPU than malware written in C or C++.

            Of course, with PCs being as powerful as they are now, this is no longer an issue. Especially when you consider that there are so many applications being written with Electron. Your web browser is now a huge resource hog!

            As the Cyborg Security website points out, you can use PyInstaller or py2exe to create an executable of your Python code. What that article doesn’t mention is that someone will need to digitally sign that software as well to get it to run on Windows 10. One thing the article mentions that was interesting to me is that you can use Nuitka to basically transpile your Python code to C and you’ll end up with a much smaller executable than you would with either PyInstaller or py2exe.

          • PyCoder’s Weekly: Issue #432 (Aug. 4, 2020)
          • PSF GSoC students blogs: Weekly Check-in #10
          • Python 3.6.9 : My colab tutorials - parts 008.
  • Leftovers

    • N.K. Jemisin Wrote a Sci-Fi Ode to New York City—Then It Became Reality

      The people of New York City have long been considered its heart, their energies an undercurrent rippling beneath every block. But what if the city itself was a living, breathing entity with a soul so distinct it threatened the existence of other universes? In N.K. Jemisin’s latest book, The City We Became, New York is on the brink of being “born,” fighting to claim its own corner of the cosmos. Her characters represent each of the five boroughs plus one primary figure; the city is them, and they are the city. In the first book of what she is calling the Great Cities trilogy, the avatars, Manny (Manhattan), Brooklyn (Brooklyn), Bronca (The Bronx), Padmini (Queens), and Aislyn (Staten Island) discover that they must work together to find the unnamed primary figure of New York and defeat the Woman in White, the book’s antagonist, who wants to see the city obliterated. While the book is a work of fantasy, many of the Woman in White’s weapons of destruction take the form of real-world harms, such as gentrification, white supremacist propaganda, and police violence.

    • What Truths Can You Divine From Instagram Paintings?

      Which is the real work of art: the one on the wall or the one in your mind after you’ve seen it? Which counts more, the object or the experience? I’ve long insisted that it is impossible to evaluate an artwork—and especially, perhaps, if it’s a painting—without seeing it firsthand. The only exceptions are works made specifically for reproduction—in other words, certain (but not all) kinds of conceptual art, but also graphic arts, comics, and the like. Otherwise, reproductions (whether printed or digital) just don’t do the trick of communicating a work’s innate materiality, however rarefied or seemingly intangible that materiality may be. As the painter Rafael Vega recently told me, reflecting on the move by galleries to take more of their business online, “Like it or not, we need physical space to show those objects, because [paintings] exist in a real time and place. At least for now, I don’t see how online shows can do the same thing.”

    • Lower Than the World
    • Mohammed Rafi: Singer and Human Par Excellence

      Mohammed Rafi,€ the greatest humanitarian and singer, breathed his last forty years ago today, on July 31, 1980, due to multiple heart attacks while rehearsing for an album at home. Over 20,000 people, including film people, attended his funeral amidst heavy downpour. Rafi’s versatility; his command over different genres; his modulating techniques to suit a vast variety of actors lip-syncing to his playback singing; but also his principles; his passion for work without monetary greed; his humility; generosity; his smooth relationships with peers; and his popularity among his generation, and even among the new generations have assured him an immortal place not only in South Asia’s music history but also€ worldwide.

    • On the Beauty of Life

      Some friends were wondering how I spend my days. I told them I write most of the time. I explained my books and essays are invisible conversations, if not with the present, at least with the future. I keep asking questions about life, all of its gigantic spectrum: biological, social, political and historical.

    • Florida teen accused of Twitter [attack] pleads not guilty

      Tuesday's hearing in Tampa reportedly took place via Zoom. Clark is scheduled for a bond hearing Wednesday, with bail set at $725,000.

    • Twitter About To Be Hit With A ~$250 Million Fine For Using Your Two Factor Authentication Phone Numbers/Emails For Marketing

      There are many things that big internet companies do that the media have made out to be scandals that aren't -- but one misuse of data that I think received too little attention was how both Facebook and later Twitter were caught using the phone numbers people gave it for two factor authentication, and later used them for notification/marketing purposes.

    • Education

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Vivaldi 3.2 Brings a Mute Button on Picture-in-Picture Mode, More Improvements

          Vivaldi Technologies announced today the general availability of the Vivaldi 3.2 web browser for all supported platforms, an update that brings various improvements and new features.

          Vivaldi 3.2 comes about two months after Vivaldi 3.1 and introduces a mute button to the Picture-in-Picture implementation called Pop-out Video. This lets users better control the floating windows when watch clips by muting or unmuting the sound of the video.

          Vivaldi devs say that the new mute button on the Pop-out video window is a welcome addition when you work from home and you have to quickly jump into an online meeting or take a phone call as you can now immediately mute the clip without having to close the window.

          You can see the new mute button in action below. Of course, you can also mute the entire tab by right clicking on the tab where the video plays and selecting the “Mute Tab” context menu item or by using the quick commands, but it’s faster with the new mute button on the Pop-out video.

        • Windows 10 Devices Are at Risk From the BootHole Vulnerability

          Unfortunately, because this flaw is related to Windows’ boot sequence, it’s not something that you can fix yourself. Microsoft has to release a patch that fixes the BootHole flaw. However, this isn’t an easy task.

          The boot sequence is an essential part of keeping the operating system stable. As such, if Microsoft rushes out a buggy patch for the flaw, it will cause system instability.

          As a result of this, it may take Microsoft a while to release a patch that fixes BootHole. And we’re all reliant on Microsoft doing so.

        • Greg Joswiak replaces Phil Schiller as head of Apple marketing

          Marketing is a huge role inside of Apple that goes beyond simply advertising products, so this marks a significant change within the company. As Apple puts it, the marketing division is “responsible for Apple’s product management and product marketing, developer relations, market research, business management, as well as education, enterprise, and international marketing.” Joswiak has been in Apple leadership roles for more than two decades, and he’s led Apple’s worldwide product marketing for the last four years.

          Schiller has been with Apple since 1997, helping to steer the company from one of its lowest points to the technology juggernaut that it is today. While he’s been in charge of marketing, Schiller is also known for his involvement in Apple’s hardware, often presenting new products — like the previous Mac Pro — onstage at events.

        • Chromebook perks now include Google's Stadia service

          In fact, buying a Chromebook comes with two Stadia perks. The first offers $20 off the purchase of the Stadia Premiere Edition, which essentially replaces the Stadia Founder’s Edition cloud gaming hardware that launched and almost immediately sold out. But as the second perk points out, you don’t even need the Premiere Edition hardware: Chromebooks now ship with three months of Stadia Pro, the Stadia cloud gaming service. (Engadget previously reported the new Stadia perks.)

          Be aware that this is a trial. After the three-month service period expires, you’ll be signed up for Stadia Pro at $9.99 per month. Also, you’ll need to own a Chromebook released in June, 2017, or later.

        • Pseudo-Open Source

          • Openwashing

          • Privatisation/Privateering

            • Linux Foundation

              • Open Source Security Foundation Joined by Microsoft and Others To Improve Linux Software [Ed: The Linux Foundation isn't about Linux anymore and it isn't about security either (but NSA back doors]

                Microsoft is a founding member of the Open Source Security Foundation, along with "GitHub, Google, IBM, JPMC, NCC Group, OWASP Foundation and Red Hat," the announcement added. The JPMorgan Chase banking chain is also listed as a founding member, per the Open Source Security Foundation's FAQ.

              • Open Source Security Foundation Launched To Improve OSS Security

                The Linux Foundation has announced the formation of the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together leaders to improve the security of open source software (OSS) by building a broader community with targeted initiatives and best practices.

                The OpenSSF combines efforts from the Core Infrastructure Initiative, GitHub’s Open Source Security Coalition and other open source security work from founding governing board members GitHub, Google, IBM, JPMorgan Chase, Microsoft, NCC Group, OWASP Foundation and Red Hat, among others. Additional founding members include ElevenPaths, GitLab, HackerOne, Intel, Okta, Purdue, SAFECode, StackHawk, Trail of Bits, Uber and VMware.

        • Security

          • Dozens of NGOs hit by hack on US fundraising database

            A major ransomware attack has affected dozens of international NGOs and their records of private donations, but details of the hit on a US fundraising platform are scarce, and two weeks after being warned some aid groups are yet to notify their donors or the public.

            International aid groups – and their private donors – are among those whose data was hacked in a security breach at online service provider Blackbaud. Names, addresses, and records of individual donations were compromised by hackers, who were paid an undisclosed ransom to return the data and delete any copies.

            World Vision, Save the Children, and Human Rights Watch are among the large nonprofits impacted by the breach, and media reports suggest at least 200 customers of US-based Blackbaud were involved, although the company has not provided a list of affected clients.

            Alan Bryce, an official at the Charity Commission – the legal regulator in England and Wales – told The New Humanitarian that, as of 4 August, 63 UK-based charities had notified them after being affected by the ransomware attack.

            Bryce suggested NGOs were likely to tighten up procedures following the incident, in which hackers gained control of client data on Blackbaud’s systems and locked the company out until payment was made. “Charities who have suffered cybercrime go on to revise their IT security, their training programmes, or their website security,” he said. “Do not wait until it is too late for your charity.”

          • The fixes to the Linux BootHole fixes are in

            The first release of patches to the Linux BootHole came with a show-stopping problem. The fixed machines wouldn't boot. For the most part, that problem has been solved.

          • GRUB2 Boot Failure Issues Fixed in Debian and Ubuntu, Update Now

            The recent GRUB2 updates that patched some serious security vulnerabilities also caused boot failure issues for some users, so fixes for these regressions have started appearing for some distros, including Debian and Ubuntu.

            Last week, I was reporting on the BootHole vulnerability (and some other seven flaws) found in the GRUB2 bootloader, which is used by almost all GNU/Linux distributions out there. The issues opened up systems using Secure Boot to attacks, allowing local attackers to bypass UEFI Secure Boot restrictions and execute arbitrary code.

            Due to a highly coordinated effort between the security researchers who discovered the vulnerability and Linux OS maintainers, most GNU/Linux distributions were able to provide patches for their users. However, for some, these patches broke the Secure Boot implementation and left people with unbootable systems.

          • IoT Security Vulnerabilities are Ubiquitous: How To Secure Your Router and Your Linux System Now

            Luckily, there are various measures that Linux users can take to secure their wireless routers and protect their systems - most notably, conducting a Linux firmware replacement. This article will explore the benefits of “flashing” your wireless router with alternative open-source firmware, and will introduce some great alternative firmwares and single-purpose OSes that you may wish to look into.

            [...]

            Recent security research has made it clear that router manufacturers are dropping the ball on security - a discouraging trend in the industry that needs to change. However, given this unfortunate reality, it is imperative that users assume responsibility for securing their wireless routers.

          • Bill Barr Applauds FOSTA Sponsor's Clone Of Senate's Encryption-Breaking 'Lawful Access' Bill

            I guess those "rule of law" folks don't care if a law is any good or will do what it intends to do without causing significant collateral damage. All they care about is that it's a law and, as a law, everyone should just subject themselves to it with a minimum of complaining.

          • Supporting Digital Freedom at the (Virtual) Summer Security Conferences

            During a typical year, EFF staff members would be headed to€ Las Vegas to present our latest work to the world and ensure legal support for computer security researchers at the long-running hacker events BSidesLV, Black Hat, and DEF CON. These summer security conferences are a natural opportunity for the curious and the professional to geek out on tech. Hackers, tinkerers, and reverse engineers were among the first to embrace the excitement and potential of their own imaginations in digital space. They have been a core part of EFF and the online freedom community since the beginning, and we relish thanking them face to face.

            But this year, as we each grapple with a sobering pandemic, these conferences have had to undergo big changes and are all happening in virtual space.€ DEF CON is even free to attend. This pandemic, as well as far-reaching protests, have forced us to€ rethink€ much of our daily lives—and these€ questions can feel overwhelming.

          • TikTok Ban: A Seed of Genuine Security Concern Wrapped in a Thick Layer of Censorship

            It is ironic that, while purporting to protect America from China’s authoritarian government, President Trump is threatening to ban the TikTok app. Censorship of both speech and social media applications, after all, is one of the hallmarks of the Chinese Internet strategy.€  While there is significant cause for concern with TikTok’s security, privacy, and its relationship with the Chinese government, we should resist a governmental power to ban a popular means of communication and expression.€ € 

            As is too often the case with government pronouncements, the Trump administration has proposed a ban without specifying what the ban would actually be or what authority allows for it. Rather, the President has said broadly, “we’re banning them from the United States,” or most recently, “it's going to be out of business in the United States.” This could mean a ban on using the app, or perhaps a ban on distributing TikTok in app stores, or maybe something else. Any way you slice it, an effective ban of the scope suggested cannot be squared with the Constitution.€ 

          • ‘1Password’ App Coming To Linux, Initial Release Available For Download

            The user-friendly and cross-platform password manager app, 1Password, is finally coming for all Linux platforms with full-feature and native support. Currently, a development preview for Linux has been unveiled.

            This is the initial release for testing and validation purposes only. Hence, you should not use its Linux development preview for production or business environments.

            As planned, an official release with long-term support will be announced later this year after including new updates, features, and changes over the next few months. However, if you want a stable version of 1Password for Linux, you can use 1Password X in your browser.

            1Password is available for all devices, browsers, and operating systems such as Windows, macOS, iOS, Android, Chrome OS, Google Chrome, Brave, Edge, and Firefox. And now it is also going to be available for Linux desktop as well.

          • Privacy/Surveillance

            • Senators Graham And Blumenthal Can't Even 'Earn' The EARN IT Act: Looking To Sneak Vote Through Without Debate

              Senator Lindsey Graham very badly wants to push the extremely dangerous EARN IT Act across the finish line. He's up for re-election this fall, and wants to burnish his "I took on big tech" creds, and sees EARN IT as his path to grandstanding glory. Never mind the damage it will do to basically every one. While the bill was radically changed via his manager's amendment last month, it's still an utter disaster that puts basically everything we hold dear about the internet at risk. It will allow for some attacks on encryption and (somewhat bizarrely) will push other services to more fully encrypt. For those that don't do that, there will still be new limitations on Section 230 protections and, very dangerously, it will create strong incentives for internet companies to collect more personal information about every one of their users to make sure they're complying with the law.

            • Privacy Advocates Herald Bill to Curb Corporate Use of 'Enormously Invasive' Facial Recognition Technology

              "Do we really want to live under constant surveillance by unaccountable corporations?" said Sen. Bernie Sanders. "I don't."

            • Sen. Merkley Leads on Biometric Privacy

              Businesses across the world are harvesting and monetizing our biometrics without our knowledge or consent. For example, Clearview AI extracted faceprints from three billion people, and now it sells face-matching services to police departments. Likewise, retail stores use face surveillance to identify customers they deem more likely than others to engage in shoplifting, often based on error-prone, racially biased criminal justice data. Other businesses profit on tracking of our fingerprints, iris scans, and other biometrics.

              So it is great news that U.S. Sens. Jeff Merkley and Bernie Sanders have introduced the National Biometric Information Privacy Act (BIPA). The Act requires businesses to get your opt-in consent before collecting or sharing your biometrics; to delete your biometrics in a timely fashion; and to store your biometrics securely. Most importantly, the bill empowers you (and us) to sue businesses that break these rules.

            • The Government's Failed Track-and-Trace System is a Disaster for England
            • Chinese gamers will need to verify their real names on all games by September

              China is rolling out a real name authentication and verification system for all gamers in the country by September as a way to track gamers and make sure that they aren’t playing too much. Chinese gamers on popular games such as Honour of Kings (aka Arena of Valor) by Tencent have already been subject to a real name verification system put in place by Tencent. In fact, that real name verification system includes a facial recognition step. Fellow gaming giant NetEase has also already rolled out real name verification on their games. Now, the state run real name authentication system will fill in the gaps and need to be used by all gaming companies that haven’t developed their own privacy-defeating system. The long awaited end of anonymity while gaming in China was announced at the country’s biggest gaming expo, ChinaJoy, by an official from the Chinese Communist Party’s (CCP) Central Publicity Department. The official, Feng Shixin, also emphasized that the government would be cracking down on unapproved games as it recently did with a purge from the iOS app store.

            • Apple’s retail technology play

              The system lets retailers accept credit card and smartphone payments using their smartphone and the built-in NFC chips on cards and devices. It’s a simple task: retailer inputs the cost, the card/phone is tapped on the device and payment is exchanged.

              It is interesting to note that Samsung has been working with Mobeewave since 2019.

            • The biggest problem with Microsoft’s fractured TikTok deal

              But there’s a problem at the heart of the deal that no one on either side has addressed — and it’s serious enough to doom the entire project if it can’t be resolved. Microsoft isn’t bidding for TikTok; it’s bidding for the portion of TikTok in four countries: the US, Canada, Australia, and New Zealand. No one has ever split up a social network along regional lines, much less under threat of a national ban from the president. Peeling those four countries away from the rest of TikTok would be enormously difficult, and even if it were successful, it would leave Microsoft with an undersized and strangely regional social network, presenting significant investment and revenue challenges. Trump, ByteDance, and Microsoft have a lot to hash out over the next six weeks, but if they can’t solve that central problem, then none of it matters. And that central problem is much harder than anyone is willing to admit.

            • China will not accept U.S. 'theft' of TikTok: China Daily

              China will not accept the “theft” of a Chinese technology company and is able to respond to Washington’s move to push ByteDance to sell short-video app TikTok’s U.S. operations to Microsoft, the China Daily newspaper said on Tuesday.

              The United States’ “bullying” of Chinese tech companies was a consequence of Washington’s zero-sum vision of “American first” and left China no choice but “submission or mortal combat in the tech realm”, the state-backed paper said in an editorial.

            • Google's secret home security superpower: Your smart speaker with its always-on mics

              Once the deal closes, ADT's more than 20,000 installers will also sell Google-made smart displays, security cameras and other hardware, and ADT will more closely integrate Google technology into its own home security offerings. "The goal is to give customers fewer false alarms, more ways to receive alarm events, and better detection of potential incidents inside and around the home," Google Nest VP and GM Rishi Chandra said in a blog post.

            • The Microsoft Police State: Mass Surveillance, Facial Recognition, and the Azure Cloud
    • Defence/Aggression

    • Environment

    • Finance

      • The 1 Percent’s Attack on Unemployment Benefits is a Sign of Our Broken Democracy
      • Why the Idea of Jobless Benefits Scares the Conservative Mind

        When Congress passed the CARES Act earlier this year, lawmakers gave some low-wage Americans who lost their jobs an income they’ve been demanding for years: $600 a week, which works out to $15 an hour for a 40-hour workweek. Because the federal minimum wage is less than half that rate—stuck there due to the intransigence of conservatives waging a class war against the poor—the coronavirus pandemic ironically gave the bottom rung of the American workforce a taste of what they could have had all along. So popular was this $600 in jobless benefits that even some Republicans who had voted against that provision in the CARES Act boasted about it to their constituents and failed to mention that like most of their GOP colleagues, they had initially opposed the provision.

      • COVID Stimulus Checks Shouldn’t Penalize One-Parent Households

        Both the HEROES Act passed by the House in May and Senate Republicans’ HEALS Act announced this week would provide a new round of stimulus in the form of one-time cash payments to most Americans, but with some major differences. One of these differences is in how the bills treat one-parent households with children, the vast majority of which are headed by mothers.

      • Globalization and the End of the American Dream

        Immanuel Wallerstein provocatively begins one of his essays with the following cautionary note: “Globalization is a misleading concept, since what is described as globalization has been happening for 500 years.”

      • We Need an Economic Survival Package Not Another Stimulus

        There continues to be enormous confusion about what we should be trying to accomplish in the next pandemic relief package. This is best demonstrated by Republicans’ obsession with getting people back to work, with a mixture of cuts to unemployment benefits and return to work bonuses.

      • Workers Face Retaliation, Including Layoffs, For Organizing Unions During COVID-19 Pandemic

        The coronavirus pandemic has fueled strikes, protests, and union organizing efforts in response to mass layoffs and concerns of safety protections for essential workers around the United States since economic shutdowns began in March 2020.

        As workers try to organize unions to improve working conditions during the pandemic, employers have engaged in retaliation, including laying off workers involved in organizing.

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • Josh Hawley Introduces His Latest Attack On Section 230

        Guys, I'm beginning to get the feeling that Senator Josh Hawley doesn't like Section 230. I mean, beyond creating a laughably inaccurate and misleading "True History of Section 230," Hawley has now introduced at least four bills to modify or end Section 230. Perhaps if he introduces 10 he'll get a free one. His latest, introduced last week would remove Section 230 for any internet company that has "behavioral advertising." Now I've been skeptical of the value of behavioral advertising in many cases, but this new bill is absurd.

    • Freedom of Information/Freedom of the Press

    • Civil Rights/Policing

      • 'The World Is Watching': Amnesty Report Details Human Rights Violations by US Police During Racial Justice Protests

        The use of force detailed in the report "is ultimately a symptom of the very issue that started these protests: unaccountable police violence."

      • Migrants clash with Russian law enforcement as they attempt mass crossing of Russia-Kazakhstan border

        A group of approximately 500 Uzbekistani citizens have attempted to break through the border in Russia’s Southwestern Samara Region and enter Kazakhstan, in order to make their way home to Uzbekistan, Interfax and TASS report.€ 

      • Proud If Delusional Police: An Incredible Amount of Restraint
      • “It’s Basically a Death Sentence”: Hunger Strikers Demand Release as Virus Surges in ICE Jails

        People being held in Immigration and Customs Enforcement jails are holding work strikes and hunger strikes over the lack of access to personal protective equipment or quality medical care, and to demand their release. We speak with Joe Mejia, an asylum seeker who was among a group of prisoners at Yuba County Jail in California who led a hunger strike while he was held there for nearly 11 months. “That place is dangerous,” Mejia says. “It is a death sentence to detainees, especially right now with the coronavirus.”

      • “Release Them All”: Calls Grow to Stop Jailing Immigrants as Transfers & Deportations Spread COVID

        The U.S. government continues to hold tens of thousands of asylum seekers and immigrants in detention centers and jails, ignoring the advice of medical experts as the coronavirus continues to spread. ICE has also continued to transfer and deport people — including those who are infected — making it a global superspreader. We speak with Luis Angel Reyes Savalza, an immigration attorney and co-director of Pangea Legal Services in San Francisco, who himself is undocumented and recently got arrested at a protest outside the mansion of California Governor Gavin Newsom demanding the release of people in state prisons and immigration jails, calling the situation “really alarming.”

      • Escalating State Repression and Covid-19: Their Impact on the Poor in Kenya

        Soon after Kenya experienced its first Covid-19 case on 13 March 2020, President Uhuru Kenyatta invoked the Public Order Act to activate a series of tough measures, including wearing face masks at all times, the closure of schools and all ‘non-essential’ businesses, and a dusk till dawn curfew. Reports of police brutalities quickly followed. Even before the start of the curfew on 27 March, police in downtown Nairobi reportedly whipped and kicked people on the street, and in Embakasi, forced people walking home from work to kneel before them.

      • Russia’s Justice Ministry seeks disciplinary action against defense lawyers in the Safronov case

        The Russian Justice Ministry’s Moscow Department has asked the Moscow Bar Association to initiate disciplinary proceedings against four of the lawyers defending jailed journalist Ivan Safronov, a fifth lawyer from Safronov’s defense team, the head of the human rights organization “Team 29,” Ivan Pavlov, told Interfax.

      • Only Belarus soldiers on Alexander Lukashenko describes his government as an island of stability in a volatile, violent world

        The entire planet is in chaos, sliding slowly but surely into the abyss. Protests have consumed the United States. Hong Kong is boiling over in China. The Indian-Chinese border is flaring up. There are sparks flying at the border between India and Pakistan. There are still burning pockets of instability in Northern Africa. Passions are being inflamed around Iran, Venezuela, and North Korea. The post-Soviet space isn’t doing so well, either. And on this fault line, Belarus is the only place of calm in central Eurasia. Russia is afraid of losing us because it has no allies left without us. The West is showing an interest in us. China, too, is relying on our stability. Belarus has a multi-vector future: we will partner with the West, with China, and with countries far and wide. And Russia will always remain our ally, no matter who is in office there or here. That is true, despite the fact that Moscow has traded deep fraternal ties for a partnership.

      • Militarized BORTAC Border Patrol Raids & Ransacks Medical Camp on U.S. Border, Arrests 30 Migrants

        In Arizona, heavily armed Border Patrol officers raided the medical camp of humanitarian group No More Deaths and detained 30 migrants whose whereabouts are now unknown. It was the second raid in just two days on the camp, which provides water, food and medical attention to refugees crossing into the United States through the scorching Sonoran Desert. “Immediately after they entered the camp, the first thing they did was round up all of the No More Deaths aid workers and zip-tie them, remove their phones,” says Montana Thames, a humanitarian aid worker with No More Deaths. “It was very clear they didn’t want any witnesses.” No More Deaths also recently published documents revealing the Border Patrol Union, a pro-Trump and anti-immigrant extremist group, had instigated a 2017 raid of the same camp.

      • Her Rapist Threatened to Make Her “Disappear.” Instead of Asylum, ICE Put Her in a Hotel and Sent Her Back.

        A teenage girl carrying her baby arrived at the U.S. border this summer and begged for help. She told federal agents that she feared returning to Guatemala. The man who raped her she said had threatened to make her “disappear.”

        Then, advocates say, the child briefly vanished — into the custody of the U.S. government, which held her and her baby for days in a hotel with almost no outside contact before federal officers summarily expelled them from the country.

      • On Diversity, Silicon Valley Failed to Think Different

        Renewed vows in June by tech companies to diversify their workforces recall years of failure at Microsoft, Facebook, and Google. At those companies, Black employees make up 3.3%, 1.7%, and 2.4% of technical roles, respectively. Proxy statements show there was only one Black executive among the leadership teams at Microsoft, Facebook, Google, Apple, and Amazon.com last year. He was at Google, and he left in January.

    • Internet Policy/Net Neutrality

      • Space X's Starlink Won't Be The Broadband Disruption Play Many People Think

        After initially obtaining an FCC license for up to 1 million Starlink satellite broadband customers in the United States, Space X last week quadrupled that estimate, and is now hopeful that 5 million Americans will sign up for service. To be clear: Space X's service won't be taking on traditional broadband providers in major metro areas. Instead, the company will be using thousands of low orbit satellites (with lower latency than traditional satellite broadband) to deliver marginally decent service to under-served rural Americans, assuming it winds up being profitable longer term.

    • Monopolies

      • From The Stupid To The Bizarre: Trump Demands That His Government Should Take A 'Substantial' Cut Of TikTok's Purchase Fee

        The whole TikTok story keeps getting dumber. While we still believe that the weird moral panic about TikTok is overblown and Trump's threat to ban the company from the US over the weekend is crazy and unconstitutional, people are still taking things seriously. On Friday evening Trump said that he planned to issue an executive order banning the company (which is not quite how any of this works). He didn't actually do this. He also said he was against an American company like Microsoft buying TikTok, which apparently put the ongoing acquisition talks on hold.

      • Microsoft’s proposed purchase of TikTok would be its biggest yet

        Microsoft's shareholders appear to welcome the acquisition, despite the political uncertainties and a mooted purchase price of $50bn—twice as much as its biggest previous purchase, LinkedIn, a professional-networking and job-search platform. Microsoft’s share price has risen by 4% since the announcement of the prospective deal, adding around $60bn to its market value. In recent years America’s five biggest tech firms have all been eager acquirers of other, smaller firms (see chart)—one of the complaints of congressional Democrats. If Microsoft buys the American bit of TikTok, it will cement its position as the biggest spender in the group.

      • Patents

        • Proving Infringement by Standard Essentiality — Also, Interesting Ebay Question

          In the case the patentee proved infringement by showing (1) that the claims-in-suit are essential to the LTE standard and (2) that TCL’s accused devices are LTE-compatible. The patentee did not walk through the elements of the claims and prove how each element is found in the accused product. In several prior cases, the Federal Circuit has held that this standard-essential-therefore-infringing approach is proper. See, e.g., Ericsson, Inc. v. D-Link Sys., Inc., 773 F.3d 1201, 1209 (Fed. Cir. 2014) (because a “standard requires that devices utilize specific technology, compliant devices necessarily infringe certain claims . . . cover[ing] technology incorporated into the standard”).

          On appeal here, the court focused on the question of “who decides: Judge or Jury?”

          [...]

          On appeal, the Federal Circuit sided with the patentee — holding that the issue was properly before the jury and that “TCL’s entire appeal rests on its misreading of a single statement from Fujitsu.” Basically, the court explains that it spoke loosely in Fujitsu because that case was decided on summary judgment in a situation with no material facts in dispute.

        • Watchdog Demands to Know If Drug Maker Sitting on Possible Covid-19 Treatment Due to Patent, Profit Concerns

          "It is sadly predictable that Big Pharma responds to a global pandemic by trying to bring to market only those drugs that maximize its profits."

      • Copyrights

        • AVG Anti-Virus Made The Pirate Bay Unusable

          Over the past days, The Pirate Bay was stripped of all content for users of AVG anti-virus. The security software flagged Pirate Bay's resource domain apibay.org as a potential threat. The exact problem with the domain was not revealed, but AVG informs TorrentFreak that it was likely a false positive.

        • French Anti-Piracy Agency Generated €87,000 in Fines From €82m in Public Funding

          French anti-piracy agency Hadopi has published its latest annual report, revealing data on its fight against pirates using P2P systems such as BitTorrent. Since its inception 11 years ago, the agency has sent 12.7 million warnings to pirates generating 87,000 euros in fines. Over the same period, the agency itself has cost French tax payers 82 million euros.

        • Ex-Google engineer sentenced to 18 months in prison for stealing self-driving car files

          Levandowski pleaded guilty to the theft of trade secrets in March. In his admission, Levandowski said that he had stolen over 20 files from the tech giant. He was initially charged with 33 counts of theft and attempted theft of trade secrets, though the plea deal reduced it to just one count.

        • Levandowski gets 18 months in prison for stealing Google files

          The dispute between the companies is ongoing. Levandowski filed for bankruptcy in March because he owes $179 million to Alphabet Inc’s (GOOGL.O) Google for his actions before resigning in January 2016.

          Google last week asked the bankruptcy judge to reject Uber’s argument that it is not responsible for paying the $179 million under his old employment agreement.

        • Ex-Google Engineer Levandowski’s Jump to Uber Ends in Prison

          Autonomous driving engineer Anthony Levandowski was ordered to spend 18 months in prison for stealing trade secrets from Google as he defected to Uber Technologies Inc., in one of the highest-profile criminal cases to hit Silicon Valley.

          U.S. District Judge William Alsup in San Francisco imposed the sentence Tuesday after Levandowski pleaded for mercy and prosecutors said anything short of locking him up would render similar crimes by future engineers a mere cost of doing business. Alsup subtracted nine months from what government lawyers wanted, and said the engineer should serve his term only once the coronavirus has been wiped away from prisons.

        • Former Google exec Anthony Levandowski sentenced to 18 months for stealing self-driving car secrets

          Levandowski was once a superstar engineer in the fast-growing world of self-driving cars who helped jumpstart a Google division dedicated to the technology. He was later accused of stealing documents from his time at Google before founding Otto, a self-driving truck company. He would go on to sell Otto to Uber in 2016, which allowed him to join the ride-hailing company as a high-ranking executive in its self-driving division.

          Shortly after the sale, Google’s self-driving unit, then called Waymo, filed a lawsuit against Uber for trade secret theft, alleging its acquisition of Otto allowed the company to gain access to sensitive and confidential Waymo technology Levandowski illegally took with him on his way out.

          Uber and Waymo settled the lawsuit, but Levandowski was still on the hook for criminal charges of trade secret theft brought by the US Attorney’s Office of the Northern District of California after he refused to hand over any documents during the court case. Levandowski ultimately reached a plea deal, and as part of today’s sentencing he will pay nearly $757 million in restitution to Google and a fine of $95,000, TechCrunch reports.

        • Tencent in Talks to Create $10 Billion Streaming Giant

          The Chinese social media titan -- which owns a 37% stake in Huya and 38% of DouYu -- has been discussing such a merger with the duo over the past few months, although details have yet to be finalized, said the people, who asked not to be identified because discussions are private. Tencent is seeking to become the largest shareholder in the combined entity, one person said.

          A deal would create an online giant with more than 300 million users and a combined market value of $10 billion, cementing Tencent’s lead in Chinese games and social media. Faced with rising competition for advertisers from ByteDance Ltd. and its rapidly growing stable of apps, the WeChat operator would be able to sell ads across an expanded content network. Huya and DouYu would keep their respective platforms and branding while working more closely with Tencent’s own esports site eGame, said the people.

        • Taylor Swift Changes Artwork For New Album, Merch After Online Retailer Complains Of Similarities

          If ever there were an artist who seems to straddle the line of aggressive intellectual property enforcement, that artist must surely be Taylor Swift. While Swift has herself been subject to silly copyright lawsuits, she has also been quite aggressive and threatening on matters of intellectual property and defamation when it comes to attacking journalists and even her own fans over trademark rights. So, Taylor Swift is, among other things, both the perpetrator and the victim of expansive permission culture.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024