Bonum Certa Men Certa

Links 4/3/2021: Pardus 19.5 is Out and Free Software Foundation Gets Consulting Grant



  • GNU/Linux

    • Audiocasts/Shows

      • BSDNow: macOS inspired Desktop

        FreeBSD 13 BETA Benchmarks, FreeBSD Jails Deep Dive by Klara Systems, FreeBSD Foundation looking for a Senior Arm Kernel Engineer & OSS Project Coordinator, macOS-Inspired BSD Desktop OS by helloSystem, A Trip into FreeBSD and more.

      • The Linux Link Tech Show Episode 896

        xu4, persistent networking, 3d printing, cooking, knives

      • Forbidden | Coder Radio 403

        After we pine about the way things used to be, Mike shares why he is developing a fondness for C++.

    • Kernel Space

      • 5.12 Merge window, part 1 [LWN.net]

        The beginning of the 5.12 merge window was delayed as the result of severe weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he wasted little time; as of this writing, just over 8,600 non-merge changesets have been pulled into the mainline repository for the 5.12 release — over a period of about two days. As one might imagine, that work contains a long list of significant changes.

      • An introduction to lockless algorithms [LWN.net]

        Low-level knowledge of the memory model is universally recognized as advanced material that can scare even the most seasoned kernel hackers; our editor wrote (in the July article) that "it takes a special kind of mind to really understand the memory model". It's been said that the Linux kernel memory model (and in particular Documentation/memory-barriers.txt) can be used to frighten small children, and the same is probably true of just the words "acquire" and "release".

        At the same time, mechanisms like RCU and seqlocks are in such widespread use in the kernel that almost every developer will sooner or later encounter fundamentally lockless programming interfaces. For this reason, it is a good idea to equip yourself with at least a basic understanding of lockless primitives. Throughout this series I will describe what acquire and release semantics are really about, and present five relatively simple patterns that alone can cover most uses of the primitives.

      • How useful should copy_file_range() be? [LWN.net]

        Its job is to copy len bytes of data from the file represented by fd_in to fd_out, observing the requested offsets at both ends. The flags argument must be zero. This call first appeared in the 4.5 release. Over time it turned out to have a number of unpleasant bugs, leading to a long series of fixes and some significant grumbling along the way.

        In 2019 Amir Goldstein fixed more issues and, in the process, removed a significant limitation: until then, copy_file_range() refused to copy between files that were not located on the same filesystem. After this patch was merged (for 5.3), it could copy between any two files, falling back on splice() for the cross-filesystem case. It appeared that copy_file_range() was finally settling into a solid and useful system call.

        Indeed, it seemed useful enough that the Go developers decided to use it for the io.Copy() function in their standard library. Then they ran into a problem: copy_file_range() will, when given a kernel-generated file as input, copy zero bytes of data and claim success. These files, which include files in /proc, tracefs, and a large range of other virtual filesystems, generally indicate a length of zero when queried with a system call like stat(). copy_file_range(), seeing that zero length, concludes that there is no data to copy and the job is already done; it then returns success.

        But there is actually data to be read from this kind of file, it just doesn't show in the advertised length of the file; the real length often cannot be known before the file is actually read. Before 5.3, the prohibition on cross-filesystem copies would have caused most such attempts to return an error code; afterward, they fail but appear to work. The kernel is happy, but some users can be surprisingly stubborn about actually wanting to copy the data they asked to be copied; they were rather less happy.

      • Microsoft Sends Out Patches For Hyper-V "Isolation VMs" With Linux [Ed: Microsoft is interjecting shims for proprietary software with NSA back doors... into the Linux kernel]

        With the forthcoming Linux 5.12 kernel there is a big Redmond victory with Linux being able to boot as the root partition on Microsoft's hypervisor while moving forward the company still has more in store for the ongoing years long effort of Linux on Hyper-V.

        [...]

        At the moment there are 12 patches from Microsoft engineers under a "request for comments" banner on implementing this Hyper-V support for Isolation VMs -- both with VBS and AMD SEV-SNP. It's obviously too late for seeing in the 5.12 kernel but we'll see when this latest Hyper-V driver initiative is buttoned up and ready for mainline.

      • Graphics Stack

        • Radeon R600 Gallium3D Flips On OpenGL 4.5 For NIR Backend - Phoronix

          The experimental NIR back-end for the R600 Gallium3D driver as an alternative to the default TGSI code-path has now enabled OpenGL 4.5 support for capable GPUs.

          With a number of OpenGL 4.5 conformance test suite fixes that were merged on Tuesday, OpenGL 4.5 is now ultimately enabled for the NIR code path.

          This OpenGL 4.5 support is enabled for all Radeon HD 5000 "Cedar" GPUs through the Radeon HD 6000 series where the R600g driver support ends. Previously and for the non-NIR code-path this is at OpenGL 4.3 support.

    • Benchmarks

      • Chrome 89 vs. Firefox 86 Performance Benchmarks On AMD Ryzen + Ubuntu Linux

        Given this week's launch of Chrome 89 and the recent Firefox 86 debut, here are some quick benchmarks for those curious about the current performance when using Ubuntu Linux with a AMD Ryzen 9 5900X and Radeon graphics.

        Curious about the latest standing of the newest Firefox and Chrome releases on Linux, here are some quick benchmarks carried out on one of the systems locally. A larger comparison will come soon while this is just a quick one-page article for those eager to see some new browser numbers for AMD on Linux.

        The Ryzen 9 5900X was at stock speeds - the reported CPU frequency is due to a kernel bug working its way to 5.11/5.10 stable still.

    • Applications

      • 4 Best Free and Open Source Graphical MPD Clients

        MPD is a powerful server-side application for playing music. In a home environment, you can connect an MPD server to a Hi-Fi system, and control the server using a notebook or smartphone. You can, of course, play audio files on remote clients. MPD can be started system-wide or on a per-user basis.

        MPD runs in the background playing music from its playlist. Client programs communicate with MPD to manipulate playback, the playlist, and the database.

        The client–server model provides advantages over all-inclusive music players. Clients can communicate with the server remotely over an intranet or over the Internet. The server can be a headless computer located anywhere on a network.

        There’s graphical clients, console clients and web-based clients.

        To provide an insight into the quality of software that is available, we have compiled a list of 4 best graphical MPD clients. Hopefully, there will be something of interest here for anyone who wants to listen to their music collection via MPD.

        Here’s our recommendations. They are all free and open source goodness.

      • Manage your personal budget with this open source application

        Terminal Finances is a free and open source application that helps you control your personal accounts easily and simply. It's available for Linux and Windows.

    • Instructionals/Technical

      • From openbox to sway

        I've been running the Openbox window manager since 2005. That's longer then I've lived in any one apartment in my entire life!

        However, over the years I've been bracing for a change.

        It seems clear the Wayland is the future, although when that future is supposed to begin is much more hazy.

        Really, I've felt a bit like a ping pong ball, from panicking over whether Xorg is abandoned to anxiously wondering if literally everything will break the moment I switch to Wayland.

        In fact, I started this blog post over a year ago when I first decided to switch from the Openbox to Sway.

        This is my third major attempt to make the change and I think it will finally stick this time.

      • How to Setup Docker Private Registry on Ubuntu 20.04

        For Smooth CI/CD development using the docker platform, consider using a self-hosted docker registry server. Docker registry is the repository where you can store your docker images and pull them to run applications on the server. For faster delivery as well as secure infrastructure, it is recommended to set up your own docker private registry to store your docker images and distribute among organizations. In this article, we are going to learn how to setup docker private registry on Ubuntu 20.04

      • How To Install ERPNext on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install ERPNext on Ubuntu 20.04 LTS. For those of you who didn’t know, ERPNext is an Enterprise Resource Planning (ERP) is a simple yet free and open source ERP system written using Frappe framework – a full-stack web app framework in Python and JavaScript. ERPNext is one of the best ERP applications used by thousands of businesses worldwide to manage their ERP processes. It offers a rich set of features including HR, Sales, Purchases, CRM, Manufacturing, Inventory, and Accounting management. Let’s get started with the installation process.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the ERPNext open-source ERP system on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to install Discord Canary on a Chromebook

        Today we are looking at how to install Disord Canary, the Alpha Builds of Discord, on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

      • How to install Roblox Game on Ubuntu 20.04 LTS Linux

        Roblox is not just a game but a whole universe that the Roblox community has created over time. Although it is officially available for Windows 10, macOS, Amazon store, Android, and Xbox One, is it possible to install Roblox on Linux such as Ubuntu somehow? Well, the answer is Yes. We can test it using Wine but some glitches would be there depending upon the system. Nevertheless, in our usage of Roblox on Ubuntu 20.04, it worked perfectly fine…

        In Roblox, we can play one of the thousands of mini-games or create our own. There are no limits to your creativity. The graphic style of Roblox is based on Lego bricks o Minecraft, but in principle, Roblox is more similar to the module system of Gameglobe, a 3D game kit that has already been shut off by Square Enix just after few years of launch. The selection of games ranges from shooters and platformers to puzzles and RPGs. Design your own characters, conditions to win, challenges, in the short whole virtual world according to your own ideas.

      • 7 Useful Tips for Self-hosting a Ghost Blog With Docker

        Ghost is an open source CMS platform which is lightweight, fast and has focus on building a membership website.

        You can always opt for managed hosting from Ghost itself. But since it is an open source software, you are also free to host it on your own server and manage it yourself.

        Thanks to cloud services like Linode and DigitalOcean, deploying a new Linux server with Ghost installed becomes a matter of a few clicks.

      • How to Enable or Missing UTF-8 Support in Linux

        When you access a specific web page or any text file which is written in a different language or use an ASCII message, then your system will not be able to detect language.

        Because of that, you will see “X” all over the file. All this happens because of missing UTF-8, or you have selected the wrong locales.

        Through this article, we will enable UTF-8 support using the terminal in Linux. Before that, first understand what is UTF-8, Why the system requires UTF-8 support?

      • How to install Budgie desktop on Manjaro

        Budgie is an elegant and simplified desktop environment that integrates very well with Manjaro. Budgie is developed and maintained by the Solus team. This article will delve into the details of everything you need to know while installing the Budgie Desktop on Manjaro.

      • How To Update Fedora Linux using terminal to apply updates - nixCraft

        I recently switched from Windows server to Fedora 32/33 server running in the cloud. How do I apply software updates and patches on Fedora 32/33 server using the terminal application?

        Fedora Linux uses dnf command. It is the next upcoming major version of yum command. Yum is a package manager for RPM-based Linux distributions such as CentOS/RHEL 7.x and older version of Fedora Linux. You need to use the dnf command to update Fedora Linux using terminal for latest software patches. This page explains how to update a Fedora Linux using the terminal.

      • How to Turn Off Automatic Brightness on Ubuntu Linux

        Some new laptops come with built-in integrated light sensor. Operating systems use this sensor to measure the ambient light conditions and change the screen brightness automatically. This helps in reducing eye strain.

        You can see that this is a useful feature. But not everyone might like it all the time. For example, while watching Netflix on Linux at night, it reduces the screen brightness at the lowest for me. This makes the movie scene quite dull.

        This is one of the many cases when you probably would not want automatic brightness. Turning off automatic brightness on Ubuntu is quite simple. I’ll show that to you in this quick article.

        This tutorial is valid for GNOME desktop environment. The command line method should work for MATE desktop as well. If you are not certain, check which desktop environment you are using.

      • MultiCD - A Shell Script to Combine Multiple Bootable ISO's into One CD

        If you’ve ever used a multiboot CD that contains different utilities or bootable ISOs then creating one for yourself would be amazing. In this article, we shall take a look at MultiCD.sh, a shell script that is designed to help you build a multiboot CD image that can contain different, small Linux distros and/or utilities.

        There are many advantages of using this script and they include among others; no need for different CDs for small Linux distributions or utilities, you can simply use ISO images that you already have without downloading them again and in case of new versions, simply download them and run the script again and build a new multiboot image.

      • Linux Sponge - Soak Up Standard Input and Write to a File - Putorius

        The sponge command is part of the moreutils package. It is a utility that provides a function that is so simple it’s genius. It’s basic use is to soak up (get it? sponge..) standard input and write it to a file. The terminology “soak up” is more important than just creating a fun play on words. In this short tutorial we show you the sponge commands basic usage and why the term “soak up” is important.

      • Learn How to Use Postman to Test APIs

        Anyone who creates APIs should also be testing APIs. One of the most popular ways to test APIs is to use Postman. Postman has over 10 million users worldwide.

        We've released a Postman crash course on the freeCodeCamp.org YouTube channel that will teach you everything you need to know to start easily testing your APIs.

        Valentin Despa created this course. Valentin is a developer educator who has been teaching software concepts for many years.

      • How to find NetworkManager version on Linux - nixCraft

        How do I check or find NetworkManager version on Linux distribution?

        We can use the nmcli command line for controlling NetworkManager and reporting network status. Another option is to use the NetworkManager to print the version on Linux.

      • [Older] Introduction to database normalization: the first three normal forms

        The table above, doesn’t satisfy the first normal form, why? For the first normal form to be satisfied, each column of a table must contain atomic (indivisible) data. In the second row of our table, which contains information about the “The Usual Suspects” movie, we can see that the genre column contains data which is not atomic. Two genres are actually listed: Thriller and Neo-noir. Let’s say in our representation we want to allow one movie to be associated with more than one genre; how do we solve the problem?

        The first thing that comes to mind may be to add a new row in the same table, repeating the information about the movie, and just specify one genre per raw. This idea is quite horrible, since we would have a lot of redundant data (we should repeat the same movie information each time we want to associate it with a new genre!).

        Another slightly better solution, would be to add a new column, so to have, for example, a genre1 and genre2 columns. This however would, among the other things, represent a limit: what if a movie should be listed under more than two genres?

      • How To Install Atom Text Editor on Manjaro 20 [Ed: The problem is that it's controlled by Microsoft]

        In this tutorial, we will show you how to install Atom Text Editor on Manjaro 20. For those of you who didn’t know, Atom is a free and open-source text and source code editor for OS X, Linux, and Windows with support for plug-ins written in Node.js, and embedded Git Control, developed by GitHub. It supports more than 35+ programming languages by default.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Atom Text Editor on a Manjaro 20 (Nibia).

      • Learning through breaking | Bryan Quigley

        I run Steam in a flatpak for convenience and confinment reasons. One day my Steam install failed with

    • Games

      • Twin sisters worth millions thanks to female gamers

        Twin sisters in Japan have become multi-millionaires after floating their female-focused mobile games company on the stock market.

        Anna and Mizuki Nakajima's combined stake in Coly, the firm they founded, was worth around 15.2bn yen (€£101m, $141.5m) when it launched last week.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Fosdem 2021: A paining timelapse with comments

          Ramon Miranda was preset at virtual Fosdem 2021 in the KDE booth to demonstrate Krita. Here’s a timelapse of the event, with comments! If you want to know more about the free and open source software community where Krita came into existence, watch it!

    • Distributions

      • IPFire Linux Firewall Distro Now Offers WPA3 Client Support, Faster DNS Resolution

        IPFire 2.25 Core Update 154 is IPFire’s first update in 2021 and, as you can imagine, it comes with a bunch of goodies for those who want to deploy IPFire as a Linux-powered hardened firewall on their machines.

        The biggest changes in this release include the enablement of WPA3 support for the client side, allowing you to connect to authenticate to the network and encrypt packets using the latest WPA3 protocol, which was supported in IPFire since IPFire 2.25 Core Update 153, and faster DNS resolution by reusing any TLS and TCP connections in IPFire’s built-in DNS proxy.

      • New Releases

        • Pardus 19.5 Sürümü Yayınlandı

          TÃœBÄ°TAK ULAKBÄ°M tarafından geliÅŸtirilmeye devam edilen Pardus’un 19.5 sürümü yayınlandı. Pardus 19.5, Pardus 19 ailesinin beÅŸinci ara sürümüdür.

      • BSD

        • Announce: OpenSSH 8.5 released

          OpenSSH 8.5 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly.

          OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support.

          Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html

      • SUSE/OpenSUSE

        • openSUSE beta brings it in line with SUSE's enterprise product

          The community Linux distribution openSUSE has released a beta of its stable version 15, known as Leap, bringing it on par with the commercial SUSE Linux Enterprise version 15 Service Pack 3 as far as packages are concerned.

          According to Douglas DeMaio, a leader of the openSUSE project, the idea behind this is to make it easier for those who want to switch to the enterprise distribution to carry out tests before they decide whether to go ahead or not.

          openSUSE also has a rolling branch of development known as Tumbleweed which can be used by those who want the latest software packages.

          Announcing the release of the beta, Tim Imich, openSUSE developer community architect, wrote in a blog post: "This release is an important milestone for openSUSE and SUSE, our users and customers: Leap 15.3 is the first release where openSUSE Leap and SUSE Linux Enterprise share the same source code and use the exact same binary packages."

      • IBM/Red Hat/Fedora

        • Red Hat Enterprise Linux 8.1 achieves Common Criteria Certification

          Red Hat announced further strengthening of Red Hat Enterprise Linux as a platform of choice for users requiring more secure computing, with Red Hat Enterprise Linux 8.1 achieving Common Criteria Certification.

          The first major security certification for Red Hat Enterprise Linux 8, this validation emphasizes Red Hat’s commitment to supporting customers that use the world’s leading enterprise Linux platform for critical workloads in classified and sensitive deployments.

          For Common Criteria, Red Hat Enterprise Linux 8.1 was certified by the National Information Assurance Partnership (NIAP), with testing and validation completed by Acumen Security, a U.S. government-accredited laboratory.

        • Community Blog monthly summary: February 2021

          This is the latest in our monthly series summarizing the past month on the Community Blog. Please leave a comment below to let me know what you think.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Chromium

          • Brave Search is a privacy-first search engine

            Brave is buying Tailcat, an open search engine, and will add it to what it’s calling Brave Search, a forthcoming search engine. The difference between Google, Bing, and Brave Search is twofold: Brave won’t collect IP addresses or use personally identifiable information to improve search result; and it will collect its own, independent search index.

            It’s the latter element that will affect how well Brave Search searches. Google and Bing have developed sophisticated models for indexing and organizing the web’s content. Google's success at helping you find exactly what you want is a primary reason for its success, despite its eager use of your browsing data for profit.

      • Productivity Software/LibreOffice/Calligra

      • FSF

        • Free Software Foundation awarded consulting project grant from Community Consulting Teams of Boston

          The Free Software Foundation (FSF) today announced the award of a pro bono management consulting project from Community Consulting Teams of Boston (CCT). The strategic need is an analysis and marketing plan focused on the FSF's diverse network of supporters worldwide. The project is anticipated to be completed this summer.

          As one of eight pro bono consulting project grants awarded by CCT in 2021, the FSF was chosen among Boston-area nonprofits based on its demonstrated need, organizational stability, and readiness to plan and implement change. CCT has awarded over 200 consulting grants to Boston-area nonprofits since its inception in 1990, providing an estimated $20 million value.

        • The Free Software Foundation Has Into A Consulting Agreement To Improve Its Image

          The Free Software Foundation, founded in 1985 by honorary doctor Richard Stallman in order to support and promote free software, has never amounted to much in terms of both public awareness and corporate and governmental interest. It remains a rather small niece organization with a dozen employees and a budget barely above a million US dollars per year. The Linux Foundation, on the other hand, has 160 employees and yearly budget just shy of a hundred million US dollars.

          The Free Software Foundation has announced that they have entered into a pro bono consulting agreement with their next door neighbor Community Consulting Teams of Boston who will "recommend ways to improve communications and outreach to achieve the FSF's vision of free software as a kitchen table issue".

          [...]

          We can only hope the Community Consulting Teams of Boston (CCT) will point out that an organization called "Free Software Foundation" should focus on promoting free software, not cater to a tiny minority of mentally ill satanic cult members by promoting 白左 nonsense. That outcome is, sadly, not a given these days. We can't rule out that the CCT will recommend that the FSF abandons its free software roots and becomes a 白左 social justice organization through and through. That would probably spark some narrow short term interest and publicity, but it would be a death-sentence in the long run.

      • Openness/Sharing/Collaboration

        • Open Access/Content

          • Thank You for Participating in Open Sharing Is Caring!

            In our Open Sharing is Caring challenge, we asked you to openly share an image, song, artwork, research paper, poem, GIF…whatever it may be with the world by gifting it to the public domain. By using #OpenSharingIsCaring on Twitter, LinkedIn, and Facebook, we watched as you generously gave to the public domain.

          • More collaboration and clarity in Open Science, the study says

            The latest report on the state of Open Source Software in higher education and research was published at the end of January. The report is a part of the support that DINUM, the French interministerial agency, has given to the mission Bothorel that recently put forward several recommendations on Open Data and Open Source.

            The research conducted by the consultancy Inno€³ focuses on Open Source in higher education and research and bases on a survey of over twenty institutions and other studies on the subject. It aims to draw a first overview of Open Source practices in higher education and research institutions and analyse related challenges and opportunities. The report also took a look at internal Open Source policies in analysed organisations in relation to other perspectives on digital development, such as digital sovereignty, open data, open access.

      • Programming/Development

        • 3 Excellent Free Books to Learn about VHDL - LinuxLinks

          VHDL (VHSIC-HDL, Very High Speed Integrated Circuit Hardware Description Language) is a hardware description language used in electronic design automation to describe digital and mixed-signal systems such as field-programmable gate arrays and integrated circuits. VHDL can also be used as a general-purpose parallel programming language.

          VHDL is an extremely powerful tool. The more you understand as you work and study with VHDL, the more it will enhance your learning experience independently of your particular area of interest. The concept of using software to design hardware that is controlled by software will definitely provide you with endless hours of contemplation.

          VHDL is designed to fill a number of needs in the design process. Firstly, it allows description of the structure of a design, that is how it is decomposed into sub-designs, and how those sub-designs are interconnected. Secondly, it allows the specification of the function of designs using familiar programming language forms. Thirdly, as a result, it allows a design to be simulated before being manufactured, so that designers can quickly compare alternatives and test for correctness without the delay and expense of hardware prototyping.

        • Building rootless containers for JavaScript front ends

          By default, most containers are run as the root user. It is much easier to install dependencies, edit files, and run processes on restricted ports when they run as root. As is usually the case in computer science, though, simplicity comes at a cost. In this case, containers run as root are more vulnerable to malicious code and attacks. To avoid those potential security gaps, Red Hat OpenShift won’t let you run containers as a root user. This restriction adds a layer of security and isolates the containers.

          This article shows you how to run a JavaScript front-end application in a rootless container. The example builds on the code from my previous article, Making environment variables accessible in front-end containers.

        • Learn to debug code with the GNU Debugger

          The GNU Debugger, more commonly known by its command, gdb, is an interactive console to help you step through source code, analyze what gets executed, and essentially reverse-engineer what's going wrong in a buggy application.

          [...]

          Whether you're just learning GDB or you're a pro at it, it never hurts to have a reminder of what commands are available to you and what the syntax for those commands are.

        • Runaway JavaScript Spec

          XML is tree based. Logical and good, feels like all extensions have their perfect places, and it degrades gracefully if you are a little behind. Things can, in theory, also get deprecated (i.e. things that are too old could also degrade gracefully, if people would’ve been mature enough to remove old stale things from their specs—an example of this that did happen is <blink>; in many browsers blink text now is rendered as just plain text).

          CSS is based around selectors and properties. Another setup that’s a very robust and future-proof spine.

          JavaScript is a language that is grown in a wild way. Compared to languages ​​like Lisp and Forth that can be expanded with the same consistent, logical methods that XML and CSS can.

        • Lotus 1-2-3

          I tend to use a lot of retro software, partly because I’m a big nerd but also because I just prefer to work in a terminal. There were a ton of major commercial software products for MS-DOS that were highly polished, and can still be used effectively in an xterm today.

          I do like using Lotus 1-2-3, I even have a boxed copy of the last DOS version released, version 4!

        • Flutter

          • Google launches Flutter 2.0 to target developers across all platforms | VentureBeat

            Google has unveiled version 2.0 of Flutter, its open source UI development kit that helps app makers build cross-platform software from the same codebase. While the upgrade ushers in a spread of new features, today’s launch event was perhaps mostly designed to highlight Flutter’s continued transition beyond mobile to support apps wherever they reside — the web, desktop, and even emerging form factors such as foldables.

            The internet giant first unveiled Flutter at its I/O developer conference back in 2017. Version 1.0 arrived on the scene in December 2018 with support for Android and iOS apps, but in the two-plus years since, Google has extended support (somewhat) to include web apps, MacOS, Linux, Windows, and even embedded devices. However, such support has been offered only in early-stage iterations that were either unavailable to most developers, or not designed for production-grade apps — and that is what’s changing today.

          • Google Unleashes Flutter 2 And a New Era of Apps

            In its initial releases, Flutter allowed developers to create apps that run on both Android and iOS. But now Google is setting its sights higher. Much higher.

          • Canonical Chooses Google’s Flutter UI SDK to Build Future Ubuntu Apps

            For those not in the known, Flutter is an open-source UI SDK (software development kit) created by Google to helps those who want to build quick and modern applications for a wide-range of operating systems, including Android, Linux, Mac, iOS, Windows, Google Fuchsia, that work across desktop, mobile, and the Web.

            A year ago, Canonical teamed up with Google to make the Flutter SDK available on Linux as Snap, the universal software deployment and package management system for Ubuntu `and other GNU/Linux distributions, allowing those interested in building beautiful apps on the Linux desktop.

        • Python

          • Moving commits between independent git histories

            PyPy is an alternative Python implementation. While it does replace a large part of the interpreter, a large part of the standard library is shared with CPython. As a result, PyPy is frequently affected by the same vulnerabilities as CPython, and we have to backport security fixes to it.

            Backporting security fixes inside CPython is relatively easy. All main Python branches are in a single repository, so it’s just a matter of cherry-picking the commits. Normally, you can easily move patches between two related git repositories using git-style patches but this isn’t going to work for two repositories with unrelated histories.

            Does this mean manually patching PyPy and rewriting commit messages by hand? Luckily, there’s a relatively simple git am trick that can help you avoid that.

          • Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted

            The Python Package Index, also known as PyPI, has removed 3,653 malicious packages uploaded days after a security weakness in the use of private and public registries was highlighted.

            Python developers use PyPI to add software libraries written by other developers in their own projects. Other programming languages implement similar package management systems, all of which demand some level of trust. Developers are often advised to review any code they import from an external library though that advice isn't always followed.

            Package management systems like npm, PyPI, and RubyGems have all had to remove subverted packages in recent years. Malware authors have found that if they can get their code included in popular libraries or applications, they get free distribution and trust they haven't earned.

            Last month, security researcher Alex Birsan demonstrated how easy it is to take advantage of these systems through a form of typosquatting that exploited the interplay between public and private package registries.

          • A pair of Python vulnerabilities [LWN.net]

            Two separate vulnerabilities led to the fast-tracked release of Python 3.9.2 and 3.8.8 on February 19, though source-only releases of 3.7.10 and 3.6.13 came a few days earlier. The vulnerabilities may be problematic for some Python users and workloads; one could potentially lead to remote code execution. The other is, arguably, not exactly a flaw in the Python standard library—it simply also follows an older standard—but it can lead to web cache poisoning attacks.

            [...]

            [Update: As pointed out in an email from Moritz Muehlenhoff, Python 2.7 actually is affected by this bug. He notes that python2 on Debian 10 ("Buster") is affected and has been updated. Also, Fedora has a fix in progress for its python2.7 package.]

          • NumPy 1.20 has been released

            NumPy is a Python library that adds an array data type to the language, along with providing operators appropriate to working on arrays and matrices. By wrapping fast Fortran and C numerical routines, NumPy allows Python programmers to write performant code in what is normally a relatively slow language. NumPy 1.20.0 was announced on January 30, in what its developers describe as the largest release in the history of the project. That makes for a good opportunity to show a little bit about what NumPy is, how to use it, and to describe what's new in the release.

            [...]

            NumPy adds a new data type to Python: the multidimensional ndarray. This a container, like a Python list, but with some crucial differences. A NumPy array is usually homogeneous; while the elements of a list can be of various types, an ndarray will, typically, only contain a single, simple type, such as integers, strings, or floats. However, these arrays can instead contain arbitrary Python objects (i.e. descendants of object). This means that the elements will, for simple data types, all occupy the same amount of space in memory. The elements of an ndarray are laid out contiguously in memory, whereas there is no such guarantee for a list. In this way, they are similar to Fortran arrays. These properties of NumPy arrays are essential for efficiency because the location of each element can be directly calculated.

            Beyond just adding efficient arrays, NumPy also overloads arithmetic operators to act element-wise on the arrays. This allows the Python programmer to express computations concisely, operating on arrays as units, in many cases avoiding the need to use loops. This does not turn Python into a full-blown array language such as APL, but adds to it a syntax similar to that incorporated into Fortran 90 for array operations.

        • Rust

    • Standards/Consortia

      • How beers and Vikings gave Bluetooth technology its name

        Low-cost and with low power consumption, Bluetooth was finally launched in May 1998, using technology allowing computer devices to communicate with each other in short range without fixed cables.

        The first consumer device equipped with the technology hit the market in 1999, and its name, which was initially meant to be temporary until something better was devised, became permanent.

  • Leftovers

    • Sinclair Broadcast Group Lays Off 5% of Workforce Due to ‘Profound Impact’ of Pandemic

      Sinclair owns several national networks, and owns or operates 23 regional sports networks and 190 television stations across 88 markets. Amid an ongoing shift to on-demand viewing, Sinclair is launching a three-hour morning news program for over a third of its TV stations, and in 2019 launched the STIRR ad-supported free streaming service, featuring news and sports.

    • Can Chinese law firms take over the world?

      China is not content mastering the niceties of the old order. It is also subtly forging a new one around Chinese law. This begins by luring international students to its law schools, mostly from poor countries along the Belt and Road Initiative (BRI), its globe-spanning programme of infrastructure works. Plenty receive plush bursaries from the government in Beijing. Since only Chinese citizens can practise law in China, many foreign graduates prefer to return home, as paid-up members of China-friendly legal networks.

    • Hardware

      • Germanium transistors: logic circuits in the IBM 1401 computer

        How did computers implement logic gates in the 1950s? Computers were moving into the transistor age, but transistors were expensive so circuits were optimized to minimize the transistor count. At the time, they didn't even use silicon transistors; germanium transistors were used instead. In this blog post, I'll describe one way that logic gates were implemented back then: diode-transistor logic.

    • Health/Nutrition

      • COVID-19 vaccination, lymph nodes, and mammography guidelines

        I’ve said many times before that there’s nothing new under the sun when it comes to the antivaccine movement. Basically, every antivax trope, lie, distortion, talking point, and bit of disinformation has been resurrected, dusted off, and repurposed to spread fear, uncertainty, and doubt (FUD) about the COVID-19 vaccines. As they’ve done since I first started, antivaxxers have blamed COVID-19 vaccines for death, infertility, and Alzheimer’s disease, while characterizing them as a sort of toxin-laden “gene therapy” that can “reprogram your DNA.” True, there is one antivax lie that hasn’t (yet) been resurrected for COVID-19, namely the claim that the vaccines cause autism, but that’s only because no COVID-19 vaccine has been approved or mandated for children. (You can bet that the vaccine-autism myth will reappear as soon as we start vaccinating children against COVID-19.) Even so, I now realize that I’m not entirely correct in saying that there is “nothing new under the sun” from antivaxxers about COVID-19 vaccines. A few days ago, I came across one that I’d never heard before. Have you heard the one about the COVID-19 vaccine, lymph nodes, and mammography?

      • Kentucky mom alleges hospital workers missed her cancer — then covered up their mistake

        As Johnson dined with her family, a cancerous tumor was silently growing inside of her. The warning signs were there in the initial X-rays of her breast — enough to warrant additional tests at the very least, according to doctors who later reviewed the images. But someone at the hospital had sent the wrong letter, Johnson’s lawyers allege, giving Johnson the all-clear instead of directing her to return for a follow-up exam.

        By the time Johnson discovered the discrepancy 10 months later — thanks only to her own insistence on seeking a second opinion after the pain in her breast worsened — her new doctors feared it might be too late to save her.

        Johnson didn’t know it then, but this was the start of a yearslong battle not only with a deadly disease, but with a health system and medical workers who, Johnson’s lawyers say, went to extraordinary lengths to cover up their error.

      • Without Backpackers to Pick Them, Crops Rot by the Ton in Australia

        The pandemic has disrupted the rhythms of labor and migration worldwide. In Western Europe, for example, borders were tightened early last year, keeping out seasonal workers from Eastern Europe.

        But in isolated Australia, the pandemic has delivered a particularly sharp blow, exposing the unstable foundation of its agriculture industry, a growing $54-billion-a-year goliath that for years has been underpinned by the work of young, transient foreigners.

    • Integrity/Availability

      • Proprietary

        • AJA Video Systems Releases Desktop Software v16

          Desktop Software v16 includes compatibility updates for the latest macOS, Windows and Linux operating systems, including support for macOS 11.x Big Sur, Ubuntu 20.04 LTS, Redhat/CentOS 8 and continuing support for Windows 10 updates. Desktop Software v16 enhances and expands support for high-end computer hardware, including certified compatibility of AJA PCIe cards and Thunderbolt devices with the 2019 Mac Pro and AJA PCIe card support for Supermicro X11DAI, X11SPA+TF and X11DPG. For IP video workflows, v16 also increases compatibility with NMOS compliant devices by updating to NMOS 1.3 and adds improved troubleshooting capabilities with new LLDP support for KONA IP, Io IP and Avid ArtistTM | DNxIPTM.

        • Big Tech firms see tax windfall after Supreme Court ruling on Microsoft

          The Supreme Court ruling said, “The amounts paid by resident Indian end-users/distributors to non-resident computer software manufacturers/suppliers, as consideration for the resale/use of the computer software through EULAs (end user license agreement)/distribution agreements, is not the payment of royalty for the use of copyright in the computer software, and that the same does not give rise to any income taxable in India.”

          This would mean companies need not deduct tax at source as per the Income Tax Act, the court ruled, before adding that this would cover the different models used by companies to operate in India.

        • Post-Cyberattack, Universal Health Services Faces $67M in Losses [iophk: Windows TCO]

          While UHS didn’t mention what kind of attack it suffered, reports pointed to the Ryuk ransomware as the culprit. However, there was no mention of ransomware – or losses incurred from a paid ransom – in the earnings report.

        • Ryuk Ransomware: Now with Worming Self-Propagation

          The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems (ANSSI). The agency said that it achieves self-replication by scanning for network shares, and then copying a unique version of the ransomware executable (with the file name rep.exe or lan.exe) to each of them as they’re found.

          “Ryuk looks for network shares on the victim IT infrastructure. To do so, some private IP ranges are scanned: 10.0.0.0/8; 172.16.0.0/16; and 192.168.0.0/16,” according to a recent ANSSI report. “Once launched, it will thus spread itself on every reachable machine on which Windows Remote Procedure Call accesses are possible.”

        • Leveraging digital certificates to protect commercial 5G mobile networks

          Unlike most other communications networks, mobile systems provide no method to verify cryptographically the identity of the other end in the communication. As a result, every single consumer electronic device with a cellular modem communicates with any base station that advertises broadcast messages claiming to be a valid operator, regardless of whether that is true or not. To put this into perspective, cellular networks at layer 2 behave as if your laptop’s browser always accepted self-signed certificates by default, without prompting the user for input on whether to do so in the first place.

          This security challenge is inherent to mobile communications networks and impacts all wireless protocols and generations of cellular networks. Even newer 5G networks fail to prevent mobile devices from inadvertently camping on a malicious base station. This latest protocol provides no means to verify cryptographically the identity of base stations and networks to which a mobile device connects.

          This implies that IMSI catching is still possible in 5G, and indeed, it is. The message “Hey, I am your operator and I forgot your TMSI. Please send me your IMSI” still lacks authentication and integrity protection in 5G. The only difference from LTE is that the concept of IMSI is replaced by the SUPI in 5G, and in place of TMSI, one would be referring to the GUTI.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The Linux Foundation Continues to Expand Japanese Language Training & Certification

                Japan is one of the world’s biggest markets for open source software, which means there is a constant need for upskilling of existing talent and to bring new individuals into the community to meet hiring demand. The Linux Foundation is committed to expanding access to quality open source training and certification opportunities, which is why we have developed a number of Japanese language offerings.

                [...]

                While Hyperledger Fabric Administration is the newest Japanese course offered by Linux Foundation Training & Certification, it is far from alone. Our catalog of Japanese-language offerings includes:

        • Security

          • ESET says more threat groups using Microsoft zero-days in attacks

            Slovakian security firm ESET says it has detected at least three additional threat groups using a zero-day in Microsoft Exchange Server in attacks, even as the US Government issued an emergency directive telling all US federal bodies to patch Exchange and report on exploitation by noon on Friday.

          • Patches for Multiple New GRUB2 Security Flaws Start Rolling Out to Linux Distros, Update Now

            Remember last year’s BootHole security vulnerabilities? Well, it looks like no less than eight (8) new security flaws were discovered in the GRUB2 bootloader allowing attackers to bypass UEFI Secure Boot, and it affects almost all GNU/Linux distributions using GRUB2 versions prior to 2.06.

            These include CVE-2020-14372, which allows a privileged user to load crafted ACPI tables when Secure Boot is enabled, and CVE-2021-20233, which lets an attacker with local root privileges to drop a small SSDT in /boot/efi and modify grub.cfg to instruct the GRUB bootloader to load said SSDT and overwrite the kernel lockdown configuration, thus enabling the attacker to load unsigned kernel modules and kexec unsigned code.

          • Unpatched Bug in WiFi Mouse App Opens PCs to Attack

            Wireless mouse-utility lacks proper authentication and opens Windows systems to attack.

            The mobile application called WiFi Mouse, which allows users to control mouse movements on a PC or Mac with a smartphone or tablet, has an unpatched bug allowing adversaries to hijack desktop computers, according to researcher Christopher Le Roux who found the flaw.

            Impacted is the Android app’s accompanying WiFi Mouse “server software” that is needed to be installed on a Windows system and allows the mobile app to control a desktop’s mouse movements. The flaw allows an adversary, sharing the same Wi-Fi network, to gain full access to the Windows PC via a communications port opened by the software.

            WiFi Mouse, published by Necta, is available on Google Play and via Apple’s App Store marketplace under the publisher name Shimeng Wang. The only version tested by Le Roux was the Windows 1.7.8.5 version of WiFi Mouse software running on Windows (Enterprise Build 17763) system.

          • Top 10 Best Linux Port Scanners for Network Admins

            Port scanning is a crucial thing in the world of networking. Actually, the network traffic is sent and received through the ports of an IP address. So, to find out the open ports capable of sending and receiving data, you have to use port scanning software. Anyways, I am not giving a lecture on “Fundamentals of Networking” here. I am assuming that you are aware of the basics of port scanning since you are looking for port scanners for your Linux system.

            Port scanner tools are used mostly by network or server administrators. But there are some personal use cases too. Sometimes, gamers and ethical use this method to find out the backdoors of a network for research purposes. No matter why you are using it, a good port scanner can make your job much easier. Luckily Linux has a wide range of port scanner packages to install, and we are going to talk about them.

    • Defence/Aggression

      • A man has injured eight people, three seriously, in a stabbing attack in a south Swedish town which police are treating as suspected terrorism.

        The terrorist threat level has been "elevated" since 2010 - level three out of five.

      • Boko Haram teams up with bandits in Nigeria

        Ongoing Institute for Security Studies (ISS) research shows however that not only did JAS participate in the abduction, but the link between the group and bandits pre-dated the incident.

        Boko Haram, particularly under Shekau, has long been interested in expanding its base beyond Nigeria’s north-east. And its north-west and north-central regions are increasingly becoming its areas of choice due to deteriorating security and other conditions there.

        Stoking threats in other regions reduces security forces’ pressure on Boko Haram in the north-east.

      • Gunmen kidnap 300 schoolgirls in increasingly lawless northwest Nigeria

        School kidnappings were first carried out by jihadist groups Boko Haram and Islamic State West Africa Province but the tactic has now been adopted by other militants whose agenda is unclear.

        They have become endemic around the increasingly lawless north, to the anguish of families and frustration of Nigeria’s government and armed forces. Friday’s was the third such incident since December.

        The rise in abductions is fuelled in part by sizeable government payoffs in exchange for child hostages, catalysing a broader breakdown of security in the north, officials have said, speaking on condition of anonymity.

      • What is behind the increase in gang violence in France?

        The French government is taking the role of social media seriously. It wants to use local networks of borough councils, the police and schools to monitor social networks to stop them being used as platforms engendering gang violence – one of several measures put forward by the interior and justice ministries.

        But Sauvadet argued that this will not be enough, because social media accelerated a cultural phenomenon that had already taken root. “Powered by American popular culture, gang culture has become mainstream,” he said, adding that it has been trivialised by US rappers and influencers, and “has even been taken over by multinationals, such as a famous sports brand, which used a kind of gang aesthetic to sell a clothing line to young people”.

    • Transparency/Investigative Reporting

      • Germany Fears Influence of Russian Propaganda Channel

        RT DE, which had been called RT Deutsch until November, has been disseminating Kremlin-financed propaganda in Germany since 2014. Germany’s domestic intelligence agency, the Office for the Protection of the Constitution, which has been keeping an eye on the platform, says the outlet is seeking to weaken trust in democratic institutions. The agency says there are close links between the station and those seeking to undermine the democratic order in Germany in addition to conspiracy theorists. And it considers the news disseminated by RT DE to be part of a disinformation campaign orchestrated by the Russian state.

        Internal documents from the media platform that DER SPIEGEL has seen show the extent to which German staff are required to follow instructions from Moscow, and how political those instructions are.

    • Environment

      • Killings of human rights defenders 'go largely unnoticed by outside world'

        "Hundreds of Human Rights Defenders are being killed every year, and there is little sign that this is going to stop. We also know that many of these murders are signaled in advance with threats," the Special Rapporteur told DW. Those threats can be direct or indirect, targeted at individuals or more general, according to the report. They "are often intended to intimidate, silence and stop human rights defenders from carrying out their work. There is no more direct attack on civil society space than the killing of human rights defenders," the report reads.

        According to the Special Rapporteur, the problem is "widespread." Since 2015, a total of 1,323 human rights defenders have been killed and at least 281 were killed in 2019 alone, the Office of the United Nations High Commissioner for Human Rights (OHCHR) found. The killings were committed in 64 countries worldwide, a third of UN member states.

    • Finance

      • PayPal to add 1,000 engineers to India development centres in 2021

        Technology talent will be hired across software, product development, data science, risk analytics and business analytics streams at entry, mid-level and senior roles. PayPal India also announced its plans for campus hires from top engineering colleges across India.

        [...]

        The India Technology Centers currently employs over 4500 people across the three centres who a play a critical role in enabling a safe and seamless payments experience for the company.

    • AstroTurf/Lobbying/Politics

      • Parler Calls Amazon a "Bully" in New Suit Over Web Service Termination

        Instead of amending its federal lawsuit against Amazon Web Services after a judge ripped its request for an injunction, Parler is trying a different course. It dropped that suit and filed a new one in Washington state court — this time alleging violations of its rights as a consumer.

      • US Army commits to its African allies after combining Europe and Africa commands

        The United States Army has recently combined its Europe and Africa branches. Considering this consolidation, the US Army held a media briefing that communicated its continued commitment to its African allies. The briefing also discussed the multinational African Lion training exercise scheduled for June 2021.

        The first speaker, General Christopher Cavoli, Commanding General, US Army Europe and Africa (the new name for the command), spoke from the Southern European Task Force, Africa headquarters in Vicenza, Italy.

      • Sir Michael Somare’s passing marks the end of an era for Papua New Guinea

        The passing of Sir Michael Somare, the first chief minister and the founding prime minister of Papua New Guinea, ends a remarkable political life that began when he was elected to the pre-independence House of Assembly in 1968 and saw him serve four terms as prime minister.

      • Former Parler CEO Matze Stripped Of All Company Shares Upon Firing, Sources Say

        The power struggle that led to conservative social media site Parler abruptly firing its founder and CEO John Matze last month became so acrimonious that when Matze was sacked, he was also involuntarily stripped of his entire stake in the company, according to people familiar with Matze's exit.

        In the aftermath of the Jan. 6 attack on the U.S. Capitol, Amazon Web Services, which served as Parler's web host, knocked it offline, saying it did too little to stop the spread of violent messages. Soon after, Matze became locked in a dispute with Rebekah Mercer, the Republican mega-donor and Parler co-founder, over how the platform should address inflammatory content.

      • Facebook to lift political ad ban imposed after November election

        Details: Facebook said that it put the temporary political ad ban in place after the November 2020 election to avoid confusion or abuse following Election Day. It admitted that its ban needed to include issue ads to be effective.

      • The Supreme Court may be set to gut voting rights — but Democrats can still stop them

        On the surface, Brnovich v. Democratic National Committee and Arizona Republican Party v. Democratic National Committee may not seem like a big deal. The cases address partisan fights over rules in Arizona disallowing third party ballot collection and requiring ballots cast in the wrong precinct to be thrown out entirely, regulations that don't seem, on their surface, like earth-shattering assaults on the ability of most voters to cast ballots. But voting rights experts fear that the particulars of the Arizona restrictions are not really what's at stake in the case, which is likely to be ruled on this summer.

    • Censorship/Free Speech

      • Internet disrupted in Chad amid deadly standoff at opposition candidate’s house

        Metrics show national connectivity disrupted from approximately 9:00 a.m. local time falling to 60% of ordinary levels by 9:30 a.m., corroborating user reports of difficulty getting online from capital N’Djamena.

      • How is Bangladesh's Digital Security Act muzzling free speech?

        Bangladesh's Parliament passed the DSA in late 2018 following sectarian violence sparked by posts on Facebook. However, the wording is vague and its provisions broad.

        For example, it criminalizes engaging in "propaganda" against the "spirit" of the 1971 Bangladeshi war of independence. It also criminalizes criticizing Bangladesh's national anthem, the national flag and the nation's founder, Sheikh Mujibur Rahman, father of Prime Minister Sheikh Hasina.

        Those found in violation of the law face hefty fines and lengthy jail sentences, even life imprisonment for certain repeat offenses. Arrests under the act can be made without a warrant.

        Citing data from Bangladesh's Cyber Crime Tribunal, Amnesty International reports that about 2,000 cases have been filed under the DSA, with journalists often targeted. Ten newspaper editors faced legal charges under the act for critical reporting on leaders of the ruling Awami League party in 2020.

        Ali Riaz, a Bangladeshi political scientist at Illinois State University in the US, told DW that provisions in the DSA pose a threat to fundamental rights enshrined in the Bangladeshi constitution and international standards of freedom of expression.

    • Freedom of Information/Freedom of the Press

      • Freedom House downgrades India to 'partly free'

        Freedom House on Wednesday downgraded India from free to partly free, voicing fear that the world's largest democracy was descending into authoritarianism under Prime Minister Narendra Modi.

        The democracy research institute, which is independent but receives US funding, pointed to mob violence against Muslims, intimidation of journalists and rising judicial interference since Modi's Hindu nationalist Bharatiya Janata Party won power in 2014.

      • At least 3 US reporters face court hearings on charges from 2020 coverage of protests and rallies

        Local authorities in Iowa, Massachusetts, and North Carolina should drop all charges against journalists who were arrested while doing their jobs, the Committee to Protect Journalists said today.

        This month, three journalists who are facing charges are scheduled to appear in court in relation to their coverage of protests and rallies in 2020: Des Moines Register reporter Andrea Sahouri, Alamance News reporter Tomas Murawski, and freelance photojournalist Richard Cummings, according to Sahouri, Cummings, and Alamance News publisher Tom Boney Jr., all of whom spoke to CPJ in phone interviews and via email.

      • Moscow Judge Upholds Fines Against RFE/RL Under Controversial 'Foreign Agent' Law

        A district court judge in Moscow has rejected five separate appeals by RFE/RL against lower-court rulings that imposed fines against the company for violating Russia’s controversial “foreign agent” law.

        Judge Aleksei Krivoruchko of the Tverskaya District Court issued the rulings on March 3, confirming fines imposed on RFE/RL for failing to mark written and broadcast materials in accordance with regulations set by the state media-monitoring agency Roskomnadzor. The lower court imposed the fines on February 10.

      • RSF files criminal complaint against Saudi crown prince in Germany

        The complaint was filed for Mohammed bin Salman's alleged role in the assassination of journalist Jamal Khashoggi. Reporters Without Borders also cited the arbitrary detention of 34 journalists in the Gulf country.

      • Three takeaways from the US intelligence report blaming Saudi Arabia’s Mohammed bin Salman for Khashoggi’s murder

        Yet the report’s conclusion that Saudi security and intelligence act only with bin Salman’s blessing has important implications that go beyond the Khashoggi case. It lays the groundwork to demonstrate bin Salman’s culpability in the Saudi state’s imprisonment of journalists; according to CPJ’s 2020 prison census, the country is the fourth worst jailer of journalists in the world. As CPJ has documented, Saudi Arabia has tortured journalists and surveilled activists abroad.

      • CPJ calls on US and allies to sanction Saudi crown prince in wake of Khashoggi report

        The intelligence report states, “although Saudi officials had pre-planned an unspecified operation against Khashoggi we do not know how far in advance Saudi officials decided to harm him.”

        CPJ is also leading a lawsuit calling for intelligence agencies to release any documents they have concerning their awareness of threats against Khashoggi, who was a U.S. resident at the time of his death, and their duty to warn him.

      • US failure to sanction prince for Khashoggi killing ‘dangerous’: UN expert

        A UN human rights investigator said on Monday that it was “extremely dangerous” for the United States to have named Saudi Arabia’s de facto ruler as having approved an operation to capture or kill journalist Jamal Khashoggi but not to have taken action against him.

        Agnes Callamard, special rapporteur on summary executions who led a UN investigation into Khashoggi’s 2018 murder, reiterated her call for sanctions targeting Crown Prince Mohammed bin Salman’s assets and his international engagements.

        He approved an operation to capture or kill Khashoggi, according to a declassified US intelligence released on Friday as the United States imposed sanctions on some of those involved but spared the crown prince himself in an effort to preserve relations with the kingdom.

      • Crown prince MBS faces fallout in Saudi-US relations after report on Khashoggi murder

        President Joe Biden’s decision to publish a US intelligence report asserting that Saudi Arabia’s Crown Prince Mohammed bin Salman approved an operation to “capture or kill” US-based journalist Jamal Khashoggi not only alters the relationship between Washington and Riyadh but refocuses attention on the Saudi heir and de facto ruler of the kingdom.

      • Three Women Working for a News Outlet Are Gunned Down in Afghanistan

        The victims were Mursal Hakimi, 25, Sadia, 20, and Shanaz, 20 — many Afghans have a single name — who worked in a department that records voice-overs for foreign programs, Mr. Pasoon said. A fourth woman was wounded in one of the attacks and taken to the hospital, according to a provincial hospital spokesman.

        Malalai Maiwand, 26, a television and radio presenter with Enikass, was gunned down in much the same way in December. The Islamic State affiliate in the country claimed responsibility for that killing as well.

      • Journalists May Be Most At Risk (As Described) From A Presumed January 6 Geofence Warrant

        At the time I suggested the story’s conclusions went well beyond the evidence included in it. I had several concerns about the story.

        First, it didn’t address the granularity of location data collected, explaining whether the data collection focused just on the Capitol building or (as the story claimed) “in the area” generally. The Capitol is, according to multiple experts, incredibly wired up, meaning that one can obtain a great deal of data specific to the Capitol building itself. That matters here, because as soon as Trump insurrectionists entered the Capitol building, they committed the trespass crimes charged against virtually all the defendants. And the people legally in the Capitol that day were largely victims and/or law enforcement. It’s not an exaggeration to say that anyone collected off location collection narrowly targeted to the Capitol building itself is either a criminal, a witness, or a victim (and often some mix of the three).

    • Civil Rights/Policing

      • How many femicides in Turkey are covered up as suicides?

        Last year, 300 women were murdered in Turkey, according to a women's rights organization. The number of unrecorded cases could be far higher as femicides are often filed as suicides.

      • Stacey Abrams On Why Securing Voting Rights Is As Necessary Now As In The Past

        [On Tuesday] the Supreme Court has heard arguments in two Arizona cases that could further gut the 1965 Voting Rights Act. How worried are you that this current 6-3 conservative majority court will help erode much of the work that you and other activists have done?

      • After the Cops Seized Her Car, the Government Waited Five Years Before Giving Her a Chance To Get It Back

        In a state court motion filed last week, Harris argues that the unconscionable delay in giving her a chance to recover her car was a due process violation that by itself justifies its immediate return. Massachusetts invites such abuse, she says, because its civil forfeiture law "does not provide any deadline [by] which the Commonwealth is required to initiate forfeiture proceedings." The Phoenix-based Goldwater Institute, which represents Harris, cites several other constitutionally questionable aspects of the state's law, which epitomizes everything that is wrong with the practice of confiscating property by alleging that it is connected to crime, even when the owner has done nothing illegal.

        According to the Institute for Justice, Massachusetts "has the worst civil forfeiture laws in the country." Massachusetts is the only state to earn an F in the latest edition of the organization's Policing for Profit report. It is not hard to see why.

      • Should anyone go to prison based on secret SOFTWARE?

        The Electronic Frontier Foundation, recently celebrated an appellate ruling in the USA, because: “No one should be imprisoned or executed based on secret evidence that cannot be fairly evaluated for its reliability, and the ruling in this case will help prevent that injustice”.

        The ruling EFF is talking about is one in which a man accused of murder was granted access to the source code of DNA testing kit, used gather evidence against him.

        The software helped analyze a genetic sample from a weapon that was used to tie the defendant to the crime. The defense asked to check the source code of that software, to be sure that it was free of errors. They pointed out that other sofware of the same type had been found, only through access to its source code, to include “a secret function [that tended] to overestimate the likelihood of guilt.”

    • Monopolies

      • Patents

        • Russia: First “public security” compulsory license

          According to the Decree 3718-r, Pharmasintez JSC, a Russian generic company, has been granted a 1-year compulsory license to use Gilead’s patents protecting Remdesivirsubject to a “fair compensation”.[1]

          Pharmasintez JSC filed a request for a compulsory license to the Government after a few unsuccessful attempts to enter into a license agreement with Gilead voluntarily.

          The Decree is based on art. 1360 of the Russian Civil Code which entitles the Government to grant a compulsory license “in the interests of public security” without a patent holder’s consent subject to its notification and “a fair compensation”.

          According to the Russian Federal Antimonopoly Service, such compulsory licenses are designed to eliminate discrimination in relation to Russian manufacturers by global pharmaceutical companies, which is, however, strongly criticized by the professional community.

          The Decree has triggered the mechanism of art. 1360 of the Russian Civil Code for the first time.

          But a compulsory license has not been first ever made: previously, compulsory licenses for dependent patents (art. 1362 of the Russian Civil Code) were granted to Nativa LLC, a Russian generic company, based on the court decisions (particularly, as a result of the dispute against Celgene on Lenalidomid[2]).

          [...]

          It is evident that the Decree is another step towards consistent restriction of patent rights in the sphere of Life Sciences in Russia clearly aimed to support national generic business.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024