12.20.21

Nat Friedman Has Deleted His Flickr Account After More Than 15 Years

Posted in Microsoft at 4:43 pm by Dr. Roy Schestowitz

at Friedman's Flickr account

Nat Friedman deleted his Flickr account

Summary: Earlier today Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley, was in the docket after assaulting women; his "best friend" (according to him) and outgoing GitHub CEO has decided it’s time to self-vanish; as we noted this morning, Mr. Graveley deleted/deactivated both his Twitter account and LinkedIn account

Bonus: Stay tuned. We have a surprise tomorrow…

The EPO’s ‘IT’ Systems Have Become a ClusterZuck, Based on EPO Insiders

Posted in Europe, Patents at 3:36 pm by Dr. Roy Schestowitz

Facebook Meta Announcement: Please like!
When a patent office becomes all about nepotism and politics, at the expense of science and technology

Summary: The comical state of EPO “IT” is explained in a cynical communication entitled “The Joys of Technology”

THE EPO has long had “IT” issues. Benoît Battistelli already chucked literally hundreds of millions of euros down the bin with his utterly awful “IT” systems. It was so bad that António Campinos appointees had to bury the whole thing and earlier this year they illegally outsourced their systems to Microsoft. Even the U.S. Patent and Trademark Office (USPTO), which is American, did not go that far, except for document formats.

“The EPO rapidly loses control of its own systems!”Circulating among EPO staff at the moment is a document about the latest “epic fail” at the Office. Does the Office management ever care to understand Quality Control? No, to them (the ‘suits’), “Quality” just means speed; in other words, hurry up already!

The Central Staff Committee (CSC) asks: “Are you also participating in the weekly “noreply_bit Bingo”? Wondering how many of these frequent mass emails will be crying for your attention this week again? We feel sorry for our BIT colleagues who see themselves forced to make the impossible possible, scrambling to keep our services up and running. They deserve our support and understanding. At the same time, we suggest that everyone keeps a record of these many interruptions, as they inevitably impact on your production.”

We know how “production” gets measured; the management calls the grant of many software patents “production” and EPO examiners are compelled to play along (or get sacked for low “production”). Likewise, their “BIT” colleagues are made to work with unsuitable infrastructure, some of which has been outsourced to profoundly incompetent companies. The EPO rapidly loses control of its own systems! This should never be happening!

Anyway, reproduced below is the 2-page publication from the CSC

Munich,16/12/2021
sc21150cp

The Joys of Technology

Weekly noreply_bit Bingo

Dear Colleagues,

Are you also participating in the weekly “noreply_bit Bingo”? Wondering how many different incident / issue / release notice / software update / … you will be receiving this week again? Wondering how often you will ‘kindly’ be told to restart your computer, to wait for the VPN connection to be available again, to be ‘thanked for your understanding’ while some essential tools are offline or otherwise dreadfully slow?

Wondering which new tools, e-learning modules, PGP digital process update, intranet links, video messages, newsletters… will be crying for your attention this week?

The pattern is all too frequent and recurring and we feel sorry for our BIT colleagues who are tasked time and again to jump through hoops while scrambling to resume normal service. BIT staff make the impossible possible and they deserve our support and understanding.

Computer and connectivity problems are a fact of life. There is no avoiding the fact that technology will fail from time to time and that updates and restarts will be necessary – yet the staff of our ‘model international organisation’, ‘at the forefront of technology’ seem to have to endure more than their fair share of IT issues in these distributed times.

The Office proudly proclaims that it works for a “Minimum Viable Product” – yet seems to forget that staff then needs to do actual work with this “Minimum Viable Product” – a tool which often turns out to be overly cumbersome to work with, buggy or incomplete, and will have to undergo several updates before it can be called anywhere near a final, working product. Agile development may sound very cool – unfortunately it means the user will get a rough first draft to plod through. It compromises the quality of our data with numerous time-consuming changes and updates requiring retroactive corrections as the versions evolve. And with each such “agile minimum viable product” productivity gains are heralded as if it were the best thing since sliced bread.

The tools we get should be there to enable or help us to do our work – all too often they seem more likely to hold people back.

The BIT administration seems to have launched their staff into a sprint – but they forgot to check if their development teams were able to walk stably first. The weekly “noreply_bit Bingo” nicely illustrates this conundrum, and one can only wonder which hefty budgets are necessary to fuel these efforts.

There appears to be a fundamental mismatch between the goals given to BIT staff and the needs of the Office: BIT staff seem to have to provide new tools, releases, and updates at an unprecedented pace in more than 40 years of history of the Office. On the one hand this puts them under undue pressure: for instance they are not even able to maintain the habitual change freeze for the month of December.

On the other hand, the continuous issuing of new tools and releases – most of them turning out to be beta versions – ends up in slowing staff down in a continuous effort of adaptation and learning, rather than helping staff in achieving their challenging targets. This is not working smart.

Staff Representation, which has always advocated a smart way of working for EPO staff, calls on the administration to reconsider this ill-conceived and counter-productive policy of pushing BIT to issue new products and releases at a pace which is unnatural and unsustainable for staff in all DG’s and BIT alike.

Even if we all work in a bean-counting system where every tap on the keyboard is timed and monitored, and tallied up in a huge, big ranking excel sheet to decide who gets the box of chocolates at the end of the year, our ‘model international organisation’ has forgotten to include the result of the weekly “noreply_bit Bingo” in their bean-counting system. The time lost here is simply not accounted for. This, we can compensate for during evenings and weekends. Could this be the reason why core hours and flexitime are about to be chopped?

One thing we can be sure of: the weekly “noreply_bit Bingo” keeps our mailboxes full and gives ample evidence that our mail servers are quite capable of handling frequent mass emails.

In the meantime, make sure to keep a record of the time lost due to all of these outages, to the e-learning modules, due to scouting around the intranet trying to find the updated “How-To” guides. Keep track of each entry on your “noreply_bit Bingo” sheet. It may come in handy for the inevitable “gap analysis” during the appraisal cycle: we are not so sure yet how the new coveted “holistic approach” will cater for this.

The Central Staff Committee

Since they’re mentioned “gap analysis”, how can we forget the "gap"…?

Video download link | md5sum daa6c4b14f45f1292dcf04348028c109

[Meme] EPO Data Protection

Posted in Deception, Europe, Microsoft, Patents at 3:07 pm by Dr. Roy Schestowitz

You put the passwords in this box and call it 'Data Protection'

Summary: António Campinos explains to EPO delegates all they need to know about the EPO's Data Protection Board (DPB), Data Protection Rules (DPR), and Data Protection Officer (DPO)

EPO’s Illegal Surveillance Covered Up by Buzzwords Bingo and Acronyms: Data Protection Board (DPB), Data Protection Rules (DPR), and Data Protection Officer (DPO)

Posted in Europe, Microsoft, Patents at 2:35 pm by Dr. Roy Schestowitz

EPO's B&W logo
CSC members of the GCC wrote a publication to explain the laughable situation (albeit very politely or “diplomatically” as ‘suits’ like to put it)

Summary: Years after the surveillance scandals (blunders and actual crimes) of Benoît Battistelli it seems clear that António Campinos carries on with the same tradition of violating privacy of staff and stakeholders, who are of course being lied to (with euphemisms such as “Data Protection”)

The Central Staff Committee (CSC) of the EPO has published a report on the consultative ‘meeting’ (Webchat or “videoconference”) which took place 11 days ago regarding “Data Protection” (the EPO prefers to use this positive-sounding term whilst illegally spying on staff and sending confidential data of applicants to Microsoft/United States). The irony isn’t lost either; like ViCo ‘courts’ dealing with or deciding on ViCo. We now have videoconferences dealing with the legality of surveillance, which certainly these videoconference facilities introduce (the EPO could self-host its videoconferencing, but it probably lacks the technical staff that can configure Free software; good workers have been driven out for years).

In any case, this 6-page publication which currently circulates among EPO staff was ‘leaked’ to us, so we can reproduce it in full below, as HTML:

Munich,17/12/2021
sc21149cp

GCC meeting on 9 December 2021

Data Protection

Dear Colleagues,

The President convened a one-hour GCC meeting via videoconference in order to deal with documents about data protection, in particular to consult on new Circular 420. The Circular deals with the implementation of Article 25 of the Data Protection Rules, which is about restricting the rights of data subjects (read: employees) in specific cases. The CSC members of the GCC unanimously abstained on the document.

The CSC members of the GCC also gave an opinion (without a vote) on the Rules of Procedure of the Data Protection Board, which will act as an “Appeals Committee” for data protection disputes.

Both opinions are attached to this report.

At the end of the meeting we asked about the President’s intentions with his draft social agenda, in particular the “Review of Leave1”. The President announced that all aspects of leave would be addressed, but with the aim making them fair, transparent, predictable and simple, as always2.

The Central Staff Committee

Annexes: opinions of the CSC members of the GCC

- Circular 420: Implementing Article 25 of the Data Protection Rules (DPR) (document GCC/DOC 26/2021)
- Rules of Procedure of the Data Protection Board (document GCC/DOC 27/2021)

_____________
1 See also our publication “Social Agenda 2022” of 3 December 2021.
2 He made the same promise for the reform of the education benefits.


Annexes

Opinion of the CSC members of the GCC on GCC/DOC 26/2021
Circular 420: Implementing Article 25 of the Data Protection Rules (DPR)

General Remarks

In June 2021, the Administrative Council adopted amendments to the ServRegs and the Implementing Rules for Articles 1b and 32a ServRegs (Protection of personal data and data protection oversight), the “DPR”, with decision CA/D 5/21. The GCC consulted on 2 June 2021 on the corresponding CA document CA/26/21. The opinion1 of the CSC members of the GCC was published with their report on the GCC meeting. Obviously, the main flaws of the regulation remain and cannot be remedied in a lower-ranking Circular No. 420.

Human rights should never be taken for granted. The recent judgments regarding the rights for strike at the EPO provide proof for that. The rights to privacy and protection of personal data are such human rights.

Therefore, the CSC members of the GCC appreciate the efforts of the Office to align with highest standards and best practices in data protection. What are these highest standards? It is the GDPR, the general Data Protection Regulations from the EU, as well as the EUDPR, the regulation on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies, which have been introduced in 2018. These are widely considered the Gold Standard in data protection.

Already in February 2019, so almost three years ago, in a publication 2 Staff Representation denounced that the rights to privacy and protection of personal data of EPO employees and its stakeholders did not correspond to these highest standards. Staff representation asked that:

1. The EPO policies on data protection should be aligned with the EU regulations;
2. The role of the Data Protection Officer should be strengthened, and its independence should be assured;
3. An external and independent oversight body should be appointed with the task of monitoring the application of data protection policies at the EPO;
4. Separate data protection policies should be defined for investigative procedures (e.g., misconduct or fraud). Its implementation should be the responsibility of a distinct Data Protection Officer nominated, e.g., by the Administrative Council.

Although late (almost 3 years after that publication and 4 years after the introduction of the EU regulations, and although not as ambitious as we might have liked, finally the EPO has taken some steps forward. We see that indeed the EPO policies have been aligned with the EU regulations and that we have a Data Protection Officer who is more independent and has more resources.

Still the new framework deviates in some important points from the EUDPR. Indeed, it does not provide the same level of protection afforded to employees in the EU institutions.

The main problem is that the President of the Office is both the controller and the appointing authority for the members of the supposedly independent Data Protection Board (DPB). The task

_____________
1 Opinion of the CSC members of the GCC on GCC/DOC 5/2021 (CA/26/21 and CA/26/21 Add.1): Modernisation of the Data Protection Framework of the European Patent Office under the Strategic Plan
2023, 10.06.2021, link
2 Data Protection @ EPO, quo vadis?, CSC, 20.02.2019, link


of the Data Protection Board is to check that the controller is doing the right things. The second problem is that the powers of the Data Protection Board are limited: it cannot make binding opinions or impose sanctions. It just provides an opinion which the EPO President (the controller) can follow or not. For further information please refer to the Opinion of the CSC members of the GCC on GCC/DOC 5/20211.

Evidently, the EPO has a specific institutional set-up which differs from that of the EU institutions. However, this does not explain the important deviations from the Data Protection Regulation of the EU on such fundamental points. So, we observe some improvements, but unfortunately no Gold Standard at the EPO on the topic of data protection regulations.

On Circular No.420

One critical provision is Article 25 DPR, which restricts the rights of the data subject. Article 25 DPR essentially corresponds to Article 25 EUDPR. The rights concerned are the rights to information, access, rectification, erasure, restriction of processing, data portability, notification and communication of a personal data breach and confidentiality of electronic communications. The rights which remain untouched are the right to object and the right to be preserved from decisions based solely on automated processing.

In the EU, the restrictions either relate to the Member States, to “dispute” proceedings or exclusively to the internal security of Union institutions and bodies, including of their electronic communications networks (Article 25.(1)(d)).

Whereas the CSC members of the GCC are able to compare the EPO DPR with the EUDPR, they lack information (e.g. benchmarks) allowing them to compare with other international organisations or EU agencies, as regards the implementation of Article 25. They also lack benchmarks on how often these restrictions are applied in other organisations. Data on the past and current practice of imposing such restrictions at the EPO are also not available.

Consultation process

The Circular mentions “extensive consultation with those relevant internal stakeholders over the last few months”. One of the main stakeholders, the representatives of the EPO staff, i.e., its Staff representation was excluded from the task force. A single one-hour ViCo was convened by the DPO for explaining the Circular and for the Staff Representation to give their input. However, IT issues prevented the circular from being available for all staff representatives on time. Due to the very tight time line and the extremely late involvement of the Staff Representation, no replacement ViCo could be convened. The GCC meeting is de facto the first opportunity to discuss the Circular with management. One informal meeting with the DPO took place beforehand.

As to the content

Article 4 provides a list of situations, or legal grounds, in which restrictions to the rights of the data subject are possible. It lists inter alia also internal audits. One can reasonably assume that some right on data protection might have to be temporarily restricted during investigative or disciplinary proceedings. However, in the case of internal audits this is questionable. “Internal audits” is a broad term. It might be that there are some specific internal audits for which such restrictions are


necessary. These specific internal audits should have been listed instead of the broad term “internal audits”.

Restrictions are discretionary acts by a data controller, hence subject to limited review. In reply to a request for review, the (delegated) controller will only inform the requester whether the data have been processed correctly and, if not, whether any necessary corrections have been made3. It is therefore very different from a usual request for review within the meaning of Article 109 ServRegs, which calls for a reasoned decision4. The controller must be able to demonstrate compliance with the DPR, for accountability purposes, but the requester is not informed of that “demonstration”.

The Office might impose restrictions, e.g., as regards confidentiality of electronic communications, in investigations, disciplinary proceedings, appeals proceedings, health-related processes. The grounds for the restriction have to be given, i.e., the “legal basis” for the restriction as listed in Article 4. Reasons for restrictions might remain hidden to the data subject in certain cases5. When it comes to disputes in such cases, the facts available to one party, the Office, shall be made available to the Data Protection Board upon request. The other party, i.e., the staff member, will not necessarily have access to those facts. This jeopardises the right to a “fair trial” before the DPB.

This shows again that these restrictions should be imposed only in very specific and exceptional cases. And this is further proof of the importance of the independence of both the Data Protection Board and the DPO, which is crucial for building trust..

Conclusion

The Office deliberately chooses not to follow the EUDPR, which can be considered the “gold standard”. Even when taking into account the institutional set-up of the Organisation6, the new framework could have been aligned closer to the EUDPR. The main problems are, in particular, that the President of the Office is both the controller and the appointing authority for the members of the DPB and that the DPB cannot make binding opinions.

The new framework will require re-evaluation in a few years, hopefully with a view to coming closer
to the EUDPR.

Based on the foregoing, the CSC members of the GCC unanimously abstain on the document.

_____________
3 Article 25(3)c DPR.
4 Article 109(4) ServRegs: “The competent appointing authority shall take a reasoned decision on the outcome of the review…”
5 See Article 7(4); see also Article 25(3)b. and 25(4) DPR
6 See, e.g., Article 10 EPC


Opinion of the CSC members of the GCC on document GCC/DOC 27/2021:
Rules of Procedure of the Data Protection Board

The CSC members of the GCC give the following opinion on document GCC/DOC 27/2021.

Introduction

The Administrative Council (AC) has been informed in June 2021 of the Data Protection Rules (DPR) with document CA/26/21 Add. 1. The AC has adopted the new data protection framework with decision CA/D 5/21.

The Data Protection Board (DPB) has two functions, namely an oversight / advisory function and a function as part of the mechanism for legal redress1. The Rules of Procedure (RoP) of the DPB describe the role and the responsibilities of the DPB, including the procedure for dealing with complaints on data protection issues.

The RoP of the DPB relate to the second function, i.e. dealing with complaints. The DPB will replace the Appeals Committee (ApC) for decisions on data protection issues. The RoP for the DPB resemble the RoP for the ApC. In comparison, they include inter alia additional directions for the Board, e.g. as regards criteria for receivability (Article 5), various constraints on time limits for internal processing, the concrete form of opinions (Article 10), etc. The DPB is composed of members having a recognised technical and/or legal background, especially in data protection matters. One would expect that the DPB would be in a position to sort out such matters in an autonomous manner, i.e., deciding on the RoP themselves without interference by the President of the Office, taking for instance good judicial practice and ILOAT jurisprudence into account.

The RoP of the DPB are adopted by the President of the Office in consultation with the President of the Boards of Appeal. With the GCC document, the President informs the GCC members that he adopts the RoP of the DPB. The role of the DPB is limited to proposing amendments to these RoP, which the President may adopt or reject. The DPO confirmed this in the GCC meeting: the DPO would consider whether the proposed amendments could be taken over. By contrast, the Appeals Committee adopts its own Rules of Procedure (with additional approval from the President of the EPO). The latter is the more appropriate sequence for a body intended to be an independent supervisory.

The general impression is that the DPO is willing to retain control on the procedure, which the DPB is expected to follow, although the DPB is the DPO’s supervisory.

The missing bits: rules for oversight / advisory and whistleblowing functions

The RoP include a general statement as to its role, viz. an expert, reliable and authoritative body in the field of data protection ensuring an appropriately informed decision-making process by the President. However, the rules exclusively relate to its function as a replacement for the ApC for dealing with individual disputes. No rules are set up for its advisory function.

Furthermore, under Article 68 of the EU Regulation, staff members of the EU institutions, bodies and agencies can lodge complaints with the European Data Protection Supervisory

_____________
1 Article 47 DPR


(EDPS), which roughly corresponds to the DPB, even if they are not personally affected by the alleged breach. This is a whistle-blower provision. The EPO excludes this possibility in Article 3(1): only the data subject whose data protection rights have allegedly been infringed is entitled to lodge a complaint.

This could be explained by external institutional constraints, such as the regulations at ILOAT, if the DPB was regarded exclusively as a replacement for the ApC. However, this is not the case and there is a need for establishing a formal channel for dealing with whistle-blowers, in data protection matters as well as in other matters. Presently there is no such channel formalised in the Service Regulations.

Specific positive aspects in the RoP of the DPB:

- Article 10(6): the reasoned opinion of the DPB is communicated to all parties at the same time, including the complainant.

- Article 15(2): a possibility is created for the Board to further examine a complaint of
its own motion after the complainant has withdrawn.

- Article 9(7): there is a provision for urgency.

- Article 16(1): the communication of the final decisions is apparently managed by the
DPB itself (Secretariat).

The CSC members of the GCC suggest that the ApC should consider including these aspects, mutatis mutandis, into their own rules.

Negative aspect in the RoP:

- Contrary to the ApC, no hearing is foreseen.

The CSC members of the GCC suggest that the DPB should consider including this essential possibility, mutatis mutandis, into their own rules and regret that the DPO is of the opinion that proceedings in writing are sufficient in all cases.

Another publication has been passed along — an even more interesting one. The EPO has become a technical blunder which not only breaks laws but also has broken systems. This is what happens when the President hires friends (nepotism) instead of people with suitable qualifications. Aside from illegal outsourcing (to external companies) they end up with a circus of a patent office.

Smart People Reject the Newest Cars

Posted in Free/Libre Software at 2:19 pm by Dr. Roy Schestowitz

Video download link | md5sum bc3ad53ec30f9a3a50ad6d6560a2cf06

Summary: Free software activists need to be aware of what’s happening to cars; they’re nowadays a large number of computers/microprocessors designed to oppress or at least control their supposed ‘owner’ (who lacks actual control over what he or she paid for)

TODAY we started the series entitled "The Car Drives You" — a set of articles that may go on for weeks if not longer. It’s a grossly under-explored issue. Last night we shared a new video about Toyota — a 10-minute clip from Louis Rossmann. Several people told us about this issue (and the corresponding video) in recent days, so we’ve taken a deeper look. This should resonate with Free software activism.

Rossmann took note of this article some people had told him about. To quote: “Update 12/11/2021 @ 2:20 pm ET: The story has been updated to clarify that the key fob’s proximity-based radio frequency remote start function will not work without a paid subscription to Toyota’s Remote Connect suite of connected services. The Drive regrets any confusion the original copy may have caused.”

“This should resonate with Free software activism.”A few hours ago Dan Maloney at Hackaday followed up with: “Key fobs as a service? Have we really gotten to that point? It would seem so, at least for Toyota, which is now requiring a subscription to use the company’s Remote Connect function. To be fair to Toyota, the Remote Connect system seems to do a bit more than the average key fob, with things like remote start and smartphone or smartwatch integration. It doesn’t appear that using the key fob for more mundane uses, like opening the doors, will be nerfed by this change. But if you want to warm up your car on a cold winter’s morn while you’re still in your jammies, then be prepared to cough up $8 a month or $80 a year on select 2018 and above models. Whether Toyota and other manufacturers get away with this nickel-and-dime stuff is up to the buyers, of course; if enough people opt out, maybe they’ll think of some other way to pad their bottom line. But since we’ve already seen heated seats as a service (last item), we suspect this is the shape of things to come, and that it will spread well beyond the car industry.”

If this sort of thing sounds rather familiar, then, well…it probably ought to. Across other domains in computing we keep seeing this sort of thing; with malicious, untrustworthy, and fake 'security' like TPM and UEFI ‘secure boot’ being advanced it’s bound to get only worse over time.

The video above is s discussion of some of the issues covered so far and some aspects which shall be covered next.

GitHub is Run by Exceptionally Bad Actors Who Should Never be Put in Charge of Anything

Posted in Free/Libre Software, GNU/Linux, Microsoft at 12:32 pm by Dr. Roy Schestowitz

Video download link | md5sum 83702e81a8ace83ff45551af54aa5a89

Summary: The management of GitHub, appointed to run GitHub by Microsoft itself, is basically a bunch of Free software-hostile people with a long track record of abusing women and infiltrating Free software communities to promote Microsoft from within them

IN THE ELEVENTH part of our exclusive series (a part entitled "Violence Against Women") we started taking an even closer look at GitHub leadership, which includes people who have attacked GNU/Linux and Free software for decades. Some of them are sociopaths, too. All these people (including Miguel de Icaza) are very closely connected since 20+ years ago and the harm they’re done to advance their careers isn’t forgettable. 15 years ago I was on the radio (US) with Miguel de Icaza when he was promoting Microsoft’s lock-in (notably OOXML) openly and shamelessly. They’re users. These people are users. They lack empathy. They’d run over anybody — even their partners — to get ahead.

The video above concerns the latest part and goes a little further by sharing side stories and observations, mostly facts left out from the text (for particular reasons).

Links 20/12/2021: helloSystem 0.7, Steam Deck as a Console, and Much More

Posted in News Roundup at 12:17 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • 12 Biggest Linux Stories of the Year 2021

      As the year 2021 comes to an end, it’s time to take a look at some of biggest stories that impacted Linux and Linux users.

    • 9to5Linux Weekly Roundup: December 19th, 2021

      This has been a great week with some cool releases, starting with System76’s Pop!_OS Linux 21.10, which now also runs on the Raspberry Pi 4, and continuing with new EndeavourOS and Debian GNU/Linux 11 point releases to keep you up-to-date with the latest security and bug fixes.

      On top of that, we got a new Steam Client update, a new major release of the powerful GCompris educational software suite, as well as new major releases of the GNU nano text editor and digiKam professional photo management software.

    • Kernel Space

      • Test this new Linux kernel – but don’t forget Christmas or that you have a family, says Linus Torvalds

        Linus Torvalds has confirmed that version 5.16 of the Linux kernel will take a little longer to develop than usual, thanks to Christmas.

        “Things are calming down, and rc6 is fairly small,” he wrote in his weekly State of the Kernel post. “That’s normal for this time in the release schedule, but it’s also normal for this time of year.”

      • Linux 5.16-rc6 Kernel Released

        Linus Torvalds has released the sixth weekly release candidate of Linux 5.16 for testing this Christmas week.

        Linus wrote in the 5.16-rc6 announcement, “Things are calming down, and rc6 is fairly small. That’s normal for this time in the release schedule, but it’s also normal for this time of year. And I expect that the next two weeks will be very quiet, and smaller still. But maybe people are bored, maybe people are staying in due to covid picking up again, we’ll just see.”

        As a reminder, the Linux 5.16 cycle will be extended due to the holidays and to avoid opening the Linux 5.17 kernel merge window around the New Year festivities. Thus Linux 5.16 will release in early January (should be 9 January) followed by the 5.17 merge window opening.

      • Kernel prepatch 5.16-rc6 [LWN.net]

        The 5.16-rc6 kernel prepatch is out for testing.

    • Applications

      • 4 cool new projects to try in COPR for December 2021

        Copr is a build system for anyone in the Fedora community. It hosts thousands of projects for various purposes and audiences. Some of them should never be installed by anyone, some are already being transitioned to the official Fedora Linux repositories, and the rest is somewhere in between. Copr gives you the opportunity to install third party software that is not available in Fedora Linux repositories, try nightly versions of your dependencies, use patched builds of your favorite tools to support some non-standard use cases, and just experiment freely.

        If you don’t know how to enable a repository or if you are concerned about whether is it safe to use Copr, please consult the project documentation.

      • Best Free and Open Source Alternatives to Apple Messages

        Messages is an instant messaging software application.

        It offers features like conversation pinning, the ability to mention individuals, message searching, and tools to send messages such as Memoji.

        Messages is proprietary freeware that’s not available for Linux. What are the best free and open source alternatives?

      • AppImage Pool is an App Store to Help You Find & Manage AppImages

        We have plenty of information on the history of AppImage and its making. If you are new to Linux, you should also check out our guide on using AppImage.

        AppImage makes it easy for applications to work across various distributions without needing to install dependencies or anything.

        However, unlike Flathub for Flatpaks, you may not find a portal to browse applications available as AppImages.

        NX Software Center in Nitrux OS does the same job, but it is not available to easily install on other distributions. So, AppImage Pool comes to the rescue as an app store for AppImage applications that you can install in any Linux distribution.

    • Instructionals/Technical

      • Our never-used system for user-provided NFS accessible storage

        We definitely built a single OmniOS machine to be the initial NFS frontend. I’m not sure we ever built an iSCSI backend for it, because in practice we never went anywhere with actually selling this idea to professors and having them buy disks for it. Instead, a few years later (in 2016), we quietly decommissioned the single OmniOS frontend we’d built. The last lingering relic of this entire cycle of design, build, and decommissioning was a third iSCSI network we noticed recently.

      • Some brief notes for myself on growing a LVM root filesystem

        Growing the disk image depends on your virtualization system and in any case is usually pretty simple and obvious; that took me no time at all. First, you need to change the disk partitioning so that the LVM partition is expanded to cover the new disk space. Unfortunately, fdisk doesn’t seem to directly support doing this. Some directions I found online suggested using fdisk to delete and recreate the partition, but I thought that was too alarming so I tried out GNU parted instead, because parted has a ‘resizepart’ operation. The magic unit to use in resizepart to make it use up all of the new free space is ‘-1s’, which means ‘the last sector of the disk’. It turns out that parted is more dangerous than I expected, because unlike software like fdisk, parted writes your changes to disk immediately. If I ever have to do this to real disks that I cannot take virtual machine snapshots of and roll back to if something goes wrong, I will use a different program.

      • Do We Really Need A Link Step?

        The basic idea is to treat the final executable file (an ELF file, say) as a mutable data structure. When the compiler would emit an object file it instead allocates space in that executable file using a shared memory allocator, and writes the object code directly into that space. To make this tractable we’ll assume we aren’t going to generate optimal code in size or space; we’re going to build an executable that runs “pretty fast”, for testing purposes (manual or automated).

      • How to install Pterodactyl on Ubuntu 18.04 – Unixcop the Unix / Linux the admins deams

        Pterodactyl is another open-source game server management panel. It is based on PHP – Go – React. Also, ithas a really amazing control panel. Moreover, It comes with amazing features, Console Viewer for all servers, Databases management backups and advanced server settings or for each server and it is easy to use. All the servers runs in an Docker Container. It provides support for major Source Dedicated Servers, Minecraft etc. Lets start with the tutorial!

      • How To Install pgAdmin 4 On Ubuntu 20.04

        PGAdmin is a web-based GUI tool used to interact with the Postgres database sessions, both locally and remote servers as well. It is an open-source, powerful, and feature-rich graphical user interface (GUI) administration and management tool for the PostgreSQL database. It provides a powerful user interface that enables you to easily create, manage, maintain and use database objects, by both beginners and experienced Postgres users alike.

        pgAdmin 4 supports PostgreSQL 9.2 or later, and runs on Unix and its variants such as Linux, Mac OS X as well as Windows operating systems.

        In this article, we will learn how to install pgadmin 4 on Ubuntu 20.04 server. This guide assumes that you already have Postgres 9.2 installed and set up. If not checkout How to Install and Configure Postgres 14 Ubuntu 20.04

      • How to Install Suricata on RHEL, Rocky & AlmaLinux

        Suricata’s popularity is a result of it being an independent and open source threat detection engine, which is a lifesaver for Network administrators that are looking for a seamless and performant way of examining and managing network traffic issues. Some of Suricata’s functional attributes include triggering alerts, generating log events, and managing compromised incoming traffic.

      • How to Install MySQL 8.0 on CentOS 8 Stream – LinuxCapable

        MySQL is a relational database management system based on SQL (Structured Query Language). It is one of the most widely used database software for several well-known applications. MySQL is used for data warehousing, e-commerce, and logging applications, but its more commonly used feature is a web database storage and management.

        CentOS 8 Stream ships with MySQL in its AppStream. However, as many know, this is not the latest version. In the following tutorial, you will learn how to install MySQL 8.0 using AppStream or the newest community RPM version from MySQL repositories on CentOS 8 Stream.

      • How to Install Brave Browser on CentOS 8 Stream – LinuxCapable

        Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser. Brave is a privacy-focused internet browser that sets itself apart from other browsers by automatically blocking online advertisements and website trackers in its default settings.

        Brave claimed that its browser puts less strain on your computer’s performance than Google Chrome. Even with multiple tabs open at once, Brave uses less memory than Google Chrome, up to 66% less.

        In the following tutorial, you will learn how to install Brave Browser on CentOS 8 Stream.

      • How to Manage Docker Engine Plugins – CloudSavvy IT

        Docker Engine supports a plugin system that lets you add extra functionality to the container runtime. Plugins for new storage drivers, networking stacks, and logging systems are all freely available.

        Modern versions of Docker Engine include everything you need to manage plugins within the CLI. We’re concentrating on this “managed” plugin system in this guide. You must manually install and maintain plugins that use the legacy plugin system.

      • How to Install and set up PHP and Nginx (LEMP) on OpenSUSE Leap 15.3

        In this guide we are going to install and set up PHP and Nginx in OpenSUSE Leap 15.3. We will also set up a virtual host to serve a simple php info page.

        PHP is a general-purpose scripting language geared towards web development. It is one of the popular programming languages for the web. Popular tools such as WordPress are coded using php. Big companies like Facebook also uses php heavily.

        Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. It started out as a web server designed for maximum performance and stability. Nginx has grown in popularity since its release due to its light-weight resource utilization and its ability to scale easily on minimal hardware. Nginx excels at serving static content quickly and is designed to pass dynamic requests off to other software that is better suited for those purposes.

      • How to Install WhatsApp on Manjaro – Linux Nightly

        WhatsApp is a free messaging application used by over a billion people worldwide. WhatsApp provides secure, reliable voice and video calls that can be made locally or internationally with a Wi-Fi or cellular data connection. WhatsApp is available for multiple devices, like computers, tablets, and phones.

        Even though there’s no download link for Linux on the WhatsApp website, it’s still possible to install WhatsApp on Manjaro. In this tutorial, you’ll learn how to install WhatsApp from the command line on Manjaro.

      • Install OpenProject on Debian 11 – Unixcop the Unix / Linux the admins deams

        OpenProject is an open-source web tool for enterprise project management. So, OpenProject is aimed at Project Managers, Department Managers, Production Managers, Team Leaders, Analysts, and, in general, any professional user who needs to manage projects or to know their evolution.

        Also, OpenProject can be installed on-premises in your own infrastructure, having full control and 100% data ownership. This makes it a very interesting application and many companies are increasingly using it as a working tool.

      • Install and configure TeamCity Agent on Linux – Unixcop the Unix / Linux the admins deams

        Following the previous article where you’ve installed TeamCity server. In this post, you will learn how to install TeamCity Agent on Linux machine.

        TeamCity is a build management and continuous integration tool which supports a variety of version control systems and build runners. It is a commercial tool and licensed under a proprietary license, Freemium software license up to 100 build configurations and 3 free build agents are available.

      • Learn how to install MicroK8s for Kubernetes

        Kubernetes is a ubiquitous name in container management and is not only recommended, but nearly required for success with containers. However, Kubernetes is a hefty program with a vast array of add-ons and features — not all of which are necessarily useful to the average IT pro.

        MicroK8s is a Kubernetes distribution designed to be small and responsive and to include required components only. It is also designed to be fast and efficient to use, with several useful tools IT admins can activate via the command line.

        Because MicroK8s is so small, an installation could require less than 12 GB of RAM, and it can run on a modern Raspberry Pi. Consequently, its small size means that it can be built and run on a single developer workstation, which also eases tear-down and recreation.

        An additional benefit to MicroK8s is that it’s ideal for edge and other devices with modest performance offerings. MicroK8s is also deemed stable for production use by Canonical.

      • Suricata Setup on pfSense

        pfSense is a firewall/router computer software distribution based on FreeBSD. The open source pfSense Community Edition and pfSense Plus is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network

      • Pfsense High Availability – Unixcop the Unix / Linux the admins deams

        This recipe describes a simple three interface HA configuration. The three interfaces are LAN, WAN, and Sync. This is functionally equivalent to a two interface LAN and WAN deployment, with the Sync interface being used to synchronize configuration and firewall states between the primary and secondary firewalls.

      • Pfsense Bridging – Unixcop the Unix / Linux the admins deams

        Normally each interface on the pfSense® firewall represents its own broadcast domain with a unique IP subnet. In some circumstances it is desirable or necessary to combine multiple interfaces onto a single broadcast domain, where two ports on the firewall will act as if they are on the same switch, except traffic between the interfaces can be controlled with firewall rules. Typically this is done so multiple interfaces will act as though they are on the same flat network using the same IP subnet and so that clients all share broadcast and multicast traffic.

      • Automate SSH Login Using Ssh Agent And Sshpass

        Checkout how to automate the ssh login using ssh-add, ssh-agent and sshpass on Linux.

      • How to set an out-of-office message on GNU Mailman | Enable Sysadmin

        In my formative years working odd jobs in IT at small startups, I never had enough time off to warrant an out-of-office auto-response on my email. Recently, though, I’ve discovered that some companies promote a healthy work-life balance and not only enable but encourage employees to take a break. As with the all-powerful sudo command, however, with great power comes great responsibility, and a holiday demands an away message.

      • How to install and configure NextCloud on OpenSUSE Leap 15.3 and LEMP

        In this guide, we are going to set up NextCloud on a OpenSUSE Leap 15.3 server hosted with Nginx, Mariadb and PHP (LEMP stack). We will be using Mariadb 10 and PHP 7.4 for this guide.

        Nextcloud is an Open Source suite of client-server software for creating and using file hosting services. It is a a free self-hosted cloud storage solution similar to Dropbox, Google Drive, etc. With Nextcloud, you don’t have to worry about the pricey alternatives and since you will host your own files, you don’t have to worry about privacy or someone collecting your data.

        NextCloud can be installed on a private home server or a virtual private server in the cloud. Files can then be uploaded and then synced to a local desktop, laptop or even a smartphone. This way you have full control of your data.

      • How to install and Configure Mariadb 10 in OpenSUSE Leap 15.3

        MariaDB is an open-source one of the most popular relational database management system (RDBMS) that is a highly compatible drop-in replacement of MySQL. It is built upon the values of performance, stability, and openness, and MariaDB Foundation ensures contributions will be accepted on technical merit.

        MariaDB was developed as a software fork of MySQL in 2009 in response to Oracle’s acquisition of MySQL. MariaDB intends to remain free and open-source software under the GNU General Public License. It is part of most cloud offerings and the default in most Linux distributions.

        In this guide we will learn how to install and configure MariaDB in OpenSUSE Leap 15.3.

      • How to convert PDF to images on Linux | FOSS Linux

        Nothing seems as excellent as having flexible software to aid in the conversion of images and your other stuff to your preferred version, like, in this case, converting PDF files to images. This review will, in detail, enlighten how to carry out this process (convert) the pages of a PDF document to image files (PNG, JPEG, and a lot of other formats).

        Here is a compiled list of software and command-line methods to help you accomplish this. Of course, and for many reasons, you can always find an online software converter site that easily converts PDF to images; however, there is no guarantee that your file will always be secure. Hence, we recommend converting PDF on your Linux system, which we will show you. Besides the graphical user interface format, we will also cover the command line convertion, and pdftoppm methods give you various options.

      • How to Upgrade to Pop!_OS 21.10 from 21.04 – LinuxCapable

        Pop!_OS 21.10 was released and saw the introduction of GNOME 40, Linux kernel 5.15. One of the latest features introduced by the Pop!_OS team is the Refresh install option which will keep user accounts and files but reset the system and apps to a mostly refreshed boot.

        This version also saw the inclusion of a New App Library, and a more excellent search window replaced the full-screen app menu. In the following tutorial, you will learn to upgrade your existing Pop!_OS 21.04 system to the latest version 21.10.

      • [Updated] How to Setup MySQL Replication in RHEL, Rocky and AlmaLinux

        Data replication is the process of copying your data across multiple servers to improve data availability and enhance the reliability and performance of an application. In MySQL replication, data is copied from a database from the master server to other nodes in real-time to ensure consistency of data and also to provide backup and redundancy.

        In this guide, we demonstrate how you can set up MySQL (Master-Slave) replication in RHEL-based distributions such as CentOS, Fedora, Rocky Linux, and AlmaLinux.

      • Network traffic for an Ironic Node | Adam Young’s Web Log

        I’ve set up a second cluster, and the Ironic nodes are not PXE booting. Specifically, if I watch the nodes boot via an IPMI serial-on-lan console, I see that they send out a DHCP request and never get a response back.

        This is a problem I am familiar with from my days at Penguin. Time to dig in and understand the networking setup on the controller to see why it is not getting the packet. Or, possibly, why it is getting it and the response is getting dropped.

        I have another cluster that is working properly, and I am going to look at the setup there to try and contrast it with the broken set up, and figure out my problem.

        What is a functioning network setup looking like in this cluster? Lets start with the IP address of a functioning server on a baremetal node.

      • Proxychains – Run Commands and Applications using Proxy Tunnels

        Proxychains is a UNIX/LINUX program that can redirect all your connection through a secure tunnel. Supported protocols used by proxychains are SOCKS4, SOCKS5, HTTP, and HTTPS.

      • How to open ISO image without burning to disc in Linux – Unixcop the Unix / Linux the admins deams

        Hey Guys, Today we will talk about an important article which is about that you can export or move the content of optical discs such as CD or DVD into an image file for archival purposes. The file typically uses .iso or .img extension and is of ISO 9660 filesystem format.

      • How To Install Siege on AlmaLinux 8 – idroot

        In this tutorial, we will show you how to install Siege on AlmaLinux 8. For those of you who didn’t know, Siege is an HTTP load tester and benchmarking utility. Its a powerful tool for measuring system reliability during high loading and can be used by web developers to test their code when the site is under duress

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Siege benchmark utility on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

      • Pfsense Backup and Recovery – Unixcop the Unix / Linux the admins deams

        The best practice is to make a backup after each minor change, and both before and after each major change or series of changes. Typically, an initial backup is taken in case the change being made has undesirable effects. An after-the-fact backup is taken after evaluating the change and ensuring it had the intended outcome. Periodic backups are also helpful, regardless of changes.

        pfSense software makes an internal backup upon each change, and the best practice is to download a manual backup as well. The automatic backups made on each change are useful for reverting to prior configurations after changes have proven detrimental, but are not good for disaster recovery as they are on the system itself and not kept externally. As it is a fairly simple and painless process, administrators should make a habit of downloading a backup now and then and keeping it in a safe place. Backups may be handled easily and automatically using the free AutoConfigBackup service.

      • How to Create ASCII Text Banners in Terminal – Unixcop the Unix / Linux the admins deams

        We will show how to create ASCII text banners from plain text, command-line utility called FIGlet

        FIGlet is a simple command-line utility for creating ASCII text banners or large letters out of ordinary text.

      • Install Zopier Soft-Phone – Unixcop the Unix / Linux the admins deams

        Begin by navigating to Zopiers download page and downloading the relevant installer for your system. In this article, we will be installing the soft-phone onto a Windows machine (Linux, Mac, Android, and IOS are also supported). If you need a VOIP server to connect to, I recommend following the article I write on installing Asterisk VOIP Server. Find said article here.

    • Games

      • All the evidence says the Steam Deck is a console, despite what Valve says. – Invidious

        You want a rant, I give you a rant. The Steam Deck is a PC. But it’s also a console. And it’s MORE of a console than a PC. That’s a good thing, in my opinion. But their marketing has been terrible and they need to not only embrace the Deck’s true console identity, but they need to market the Deck TO CONSOLE gamers.

      • Park management sim Indoorlands now lets you make your own rides | GamingOnLinux

        Indoorlands is a pretty unique game when it comes to building up a theme park and the developer just put up the biggest and most interesting Early Access update yet.

        “The indoor park management simulator where you can create your rides from scratch, control them and freely design your halls. Manage, expand and develop your own park to inspire your visitors. Satisfy your visitors’ needs by unlocking and researching new buildings, rides, transportation and more!”

        With the latest update, they’ve enabled a new ride editor that had previously been in public experimental testing. This editor allows you to actually build you own ride from parts. This even came with Steam Workshop integration to upload and download creations.

      • Selaco looks mental in the latest ‘ridiculous’ particle effects teaser | GamingOnLinux

        Built with the awesome power of GZDoom, the upcoming shooter Selaco is really looking to be something quite special and I absolutely need to play this.

        “Selaco is a brand new original shooter running on GZDoom, featuring thrilling action set pieces, destructibility, smart AI and a fleshed out story taking place within an immersive game world. It draws inspiration heavily from F.E.A.R. in terms of action set pieces, while mixing traditional retro-FPS elements from QUAKE and DOOM, along with some more modern features. Together with professional artists who work in the industry, several having worked on successful throwback FPS games in the past, Selaco is a fully fleshed out world full of character, action, and mystery.”

      • Goblinz Studio to bring even more turn-based goodies with Sandwalkers | GamingOnLinux

        Sandwalkers is a roguelike turn-based exploration game from Goblinz Studio, who’ve developed and published a number of games now like Legend of Keepers, Sigma Theory, As Far As The Eye, Neurodeck and more.

      • Well that’s a surprise, Project Zomboid’s MASSIVE overhaul is out now | GamingOnLinux

        Not long at all after putting up a special Beta for testing, The Indie Stone have now set the massive Build 41 overhaul for the Zombie survival game Project Zomboid up as the official new version.

        The absolute biggest upgrade the game has ever seen and it’s quite magnificent.

        Project Zomboid has come such a long way. I remember back in 2011 where the developer had an unfortunate incident where their development hardware (along with the source code) was stolen that resulted in some big delays and lots of stress. It’s taken a long time to get to this stage but it was firmly worth it and Build 41 is very impressive.

    • Desktop Environments/WMs

    • Distributions

      • Reviews

        • Review: The PinePhone running Manjaro and Plasma Mobile

          A thought which kept coming to mind while using the PinePhone with its default operating system was that the experience feels really rough, like an early beta. Which, upon reflection, is appropriate since that’s exactly what it is. I was running what’s essentially a beta platform with young software on it and the mixed experience is to be expected. These are still early days for the PinePhone and for mobile branches of distributions such as Manjaro. Plasma Mobile has only been running on the PinePhone for about a year and I was running a version which, since I was unable to install updates, was out of date.

          With all of this in mind I’d like to say that I don’t think Manjaro and Plasma Mobile running on the PinePhone is a good experience yet – it’s not something I’d use on a daily basis like I have /e/ OS or UBports. But the pieces are all there. Plasma Mobile on Manjaro has a phone, text messaging, an app store with most of the same software we can run on desktop distributions, a minimal yet functional settings panel, and similar key features. At the moment this combination (Plasma Mobile and the PinePhone) is probably only going to appeal to Linux enthusiasts who want to tinker, who want to push the limits of the hardware, who want to set up hobbyist projects to see if they can run a web server on the device, or who want to help polish open source solutions.

          This is all fine and good. This is an early offering and a modest one and it’s paving the way for more polished and more advanced options down the road. As I said, right now it isn’t ready to replace my existing phone, but all the right pieces are present and, with slightly better performance and a little more RAM, I could see the next generation of PinePhones running Plasma Mobile being suitable as a daily device.

          I’d also like to acknowledge there are other Linux distributions which can run on the PinePhone. The PINE64 wiki lists over 20 flavours of Linux which can run on this device and I’m eager to try out the alternatives.

      • New Releases

        • Alt Server, Alt Workstation and Alt Education 10.0 Released – itsfoss.net

          The release of three new products based on the tenth ALT platform (p10 Aronia): “Alt Workstation 10” , “Alt Server 10” , “Alt Education 10” . The products are supplied under the License Agreement , which provides the opportunity for free use by individuals, but legal entities are only allowed to test, and for use it is required to purchase a commercial license or conclude a license agreement in writing.

          The tenth platform provides users and developers with the opportunity to use Russian systems Baikal-M, Elbrus with official support for systems based on Elbrus-8SV (e2kv5), Elvis and compatible, as well as a wide range of equipment from world manufacturers, including POWER8 / 9 servers from IBM / Yadro, ARMv8 from Huawei, and a variety of ARMv7 and ARMv8 single board systems including Raspberry Pi 2/3/4 boards. For each architecture, the assembly is carried out natively, without using cross-compilation.

          Particular attention is paid to free solutions that allow corporate users to migrate from a proprietary infrastructure, ensure the continuity of a unified directory service for enterprises and organizations, and provide remote work with modern means.

      • BSD

        • helloSystem 0.7 Released With Big Improvements For This Leading Desktop BSD OS – Phoronix

          For those with extra time around the end-of-year holidays, helloSystem 0.7 is now available as the newest update to this leading BSD-based desktop operating system that is inspired by Apple macOS but powered by FreeBSD.

          The helloSystem distribution splashed onto the scene at the beginning of this year in wanting to be the “macOS of BSDs”, including its own desktop UI modeled after Apple’s operating system. The helloSystem project has been making good progress towards its goals while to end out 2021 is the v0.7 release.

          With helloSystem 0.7 they have shifted to being based on FreeBSD 13-RELEASE rather than FreeBSD 12. That alone is a big improvement for better hardware support and functionality for this desktop platform.

      • Debian Family

        • Debian 11.2 Update Download – itsfoss.net

          Debian 11.2 bullseye Update Download, The second corrective update for the Debian 11 distribution has been published , which includes the accumulated package updates and fixed bugs in the installer. This release includes 64 updates that address stability issues and 30 updates that address vulnerabilities.

          Changes in Debian 11.2 include an update to the latest stable versions of the containerd, golang (1.15) and python-django packages. Libseccomp adds support for syscalls for newer Linux kernel releases, up to 5.15. Added the rustc-mozilla package , which is required to build from sources newer versions of firefox-esr and thunderbird. The wget utility resolves the problem with loading files larger than 2GB on 32-bit systems.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Open source design collaboration with Penpot

        When a team of designers works together on a project, one of the most important goals is consistency. Whether you need a consistent look because of a corporate identity or just for visual cohesion, the look and layout of pages and screens must be reasonably similar within any given project. It’s hard enough to do this as a solo artist, and it gets more complex with added contributors. It becomes a monumental task when several mock-ups from a design team must be approved by a client, signed off by an accessibility expert, and then translated by a team of programmers. It’s difficult but manageable with the right tool, and the open source tool for the job is Penpot.

        Penpot is an online design workspace where designers can create or import graphical elements, create mock-ups, and share those mock-ups with clients and collaborators. It is open source and relies on open formats like SVG, which means your contributors have lots of choices in what tools they use to contribute assets. To try Penpot, go to Penpot.app and create an account.

      • Next-Gen Terminals

        The terminal is as old as the computer and largely hasn’t changed. It’s where developers send commands to their machine (or remote machines) – you might hear it called the command line. But the terminal is text-only: no images, no rich text, no functionality that hooks into modern development workflows.

      • FLOSS developers and open web activists are people too

        I can’t believe I have to spell this out, but: free/libre/open-source software developers and open web activists selflessly running independent services online are people too.

        It seems this idea is especially difficult to grasp for researchers (including, apparently, whoever reviews and green-lights their studies). The latest kerfuffle with the Princeton-Radboud Study on Privacy Law Implementation shows this well.

      • SaaS/Back End/Databases

        • 2021 Holiday Greetings

          You can always download and use what we have at any time. As discussed in our blog post YottaDB Continuous Integration / Continuous Delivery, thanks to our CI pipeline, the master branches of our source code repositories have the latest code that passes all tests, and is production grade. The exception is the core YottaDB software, releases of which involve multiple cycles of an extensive test suite across a network of machines, testing which cannot yet be made into a CI pipeline. The ydbinstall.sh script has options to download and install YottaDB as well as plugins. Each language wrapper is installed the way that developers of that language expect packages to be installed (e.g., the Go wrapper is installed the way that Go developers expect Go packages to be installed).

      • FSF

        • Licensing/Legal

          • [Old] The FTC Might’ve Just Found Its Spine On Right To Repair, Sort Of

            There’s a lot of ways in which companies discourage your ability to fix things you buy, and at long last the Federal Trade Commission has pledged to push back against them.

            A policy statement released Wednesday by the FTC announced that its members have “unanimously voted to ramp up law enforcement against repair restrictions that prevent small businesses, workers, consumers and even government entities from fixing their own products.”

            This comes only a few days after President Joe Biden signed an executive order calling upon the commission to take the issue more seriously. And while most of the focus in the media appears to be centered on the company that makes your smartphone, this carries huge implications for the automotive industry as well — especially as software becomes increasingly unavoidable in all vehicles, and EVs become more accessible.

          • [Old] John Deere turned tractors into computers — what’s next?

            One of our themes on Decoder is that basically everything is a computer now, and farming equipment like tractors and combines are no different. My guest this week is Jahmy Hindman, chief technology officer at John Deere, the world’s biggest manufacturer of farming machinery. And I think our conversation will surprise you.

          • Is Open Source Free Riding Bad?

            So far, I haven’t heard of any good solutions to this free rider problem. Asking companies to act altruistically and donate to projects doesn’t work.

          • Open Minds Podcast: Creative Commons’ 20th Anniversary Special feat. Lawrence Lessig

            On this milestone episode of CC’s Open Minds podcast, join us as we celebrate the 20th Anniversary of Creative Commons’ founding on December 19, 2021. We take you back to Creative Commons founder Lawrence Lessig’s keynote from the 2021 CC Global Summit (watch the recording here), originally held in September 2021.

          • No Brown M&M’s

            The real reason was that the band was pushing the boundaries of concert productions: elaborate stages, highly technical setups for the equipment, and truckloads of gear. Any errors could have serious consequences: damaged gear, technical issues during the show, or even physical danger to the band members.

            They needed a way to quickly check the sophistication of the crew at the venue, so they just looked for the bowl of M&M’s on the table. Any brown M&M’s and they knew that they needed to double check everything. A canary of sorts.

      • Programming/Development

        • On Code Reviews

          Why code review? Even though I don’t find many bugs, it is still worthwhile. First of all, it is similar to proof reading text. It can be hard to spot your own mistakes. Therefore it is good with a second pair of eyes to check the code. Even if there aren’t any bugs, there can still be issues that should be corrected: unclear code, poor naming, missing tests etc. And once in a while there actually is a bug. Code reviews also help to spread the knowledge of how the code works.

        • Process Planning for Large Systems

          Advances in robotic capabilities allow us to tackle bigger problems with autonomous systems. While extra degrees of freedom in large robots like rail systems or mobile bases empower cutting edge work, they can cause challenges in process planning; the creation of the “useful” motion of a robotic system that is constrained by the application at hand. The ROS Industrial Consortium has addressed this problem by developing new process planners that can quickly plan process for robots with large degrees of freedom.

        • Perl/Raku

          • [Old] Chapter 8: Slightly Skeptical View on Larry Wall and Perl

            Perl was a breakthrough that is difficult to understand in retrospect because it achieved so much in establishing the legitimacy of scripting languages as a separate, distinct class of programming languages. It also violated a lot of common CS dogmas, and still managed to achieve a tremendous success, which actually discredited orthodox views on computer language design. May be that’s why it create so much animosity at CS departments, why they pushed first Java and then Python as the first language for students to rehabilitate themselves. The animosity which reminds me jeremiads against PL/1 another, albeit older, revolutionary language what was a precursor of C.

            With all due respect for PHP, Python, Ruby and other scripting languages, it was Perl which served as an icebreaker that navigated previously unknown and dangerous Arctic path. Those who followed it later faced mostly clean water (may be due to global warming — much better hardware, which also legitimized overhead inherent in interpretive languages and typical for Python and Ruby ;-).

            Perl also introduced several innovation is lexical structure of languages. One is a wide use of “tagged literals” (q, qq, qr, qx) which much later (in 2019) is found its way into Python as f-strings. Still the idea of “dynamic delimiters for literals remains the unique Perl feature. Other language designers were simply too afraid to replicate it, as it is a clear kick in chin to the adherents of language design orthodoxy.

            Another interesting innovation of Perl is the statement that allow you to define a namespace (package statement). Perl was that first major language that allow explicit manipulation with the namespace of a program.

        • Java

          • Log libraries and the tendency to open holes in things

            Logging stuff is in the news this week. Specifically, people with Java and log4j somewhere in their lives are having a miserable time. I figured I’d re-tell a story about terrible things done by way of a bunch of feature-rich libraries and dubious interconnections. I’ve mentioned this in passing before, but this time I’ve tried to be much more specific about how it works.

            This is a tale that’s happened at multiple distinct companies, and I have to imagine it’s happening (or *is happening*) at several more. Note that while I’m picking on the G* stuff here since it’s open source and thereby more likely to resonate with readers, reimplementations of these libraries under other names have also introduced the same problems to those companies.

  • Leftovers

    • Opinion | Books That Made 2021 Worth Living Through

      As the Post-Gazette’s book review editor since 2012, I assign far more reviews than I ever have to write. The biggest perk of the job is that I get to read without worrying about the deadline for writing reviews I impose on the army of colleagues and talented freelancers who do most of the heavy lifting.

    • The Young Lords Ride Again

      Takeover was screened in November as part of the “Meet The Press Film Festival at AFI Fest.” Los Angeles’ largest annual film festival, AFI Fest returned to Hollywood in 2021 for live, in-person screenings (with a virtual component) of documentary, short, indie, studio, and foreign productions at the TCL Chinese Theatres. According to AFI’s website: “In partnership with NBC’s Meet the Press, these short documentaries spotlight compelling stories about pressing issues facing our society with conversations moderated by NBC News journalists.” Meet the Press, of course, is the long running TV news program.

      To read this article, log in here or subscribe here. In order to read CP+ articles, your web browser must be set to accept cookies.

    • Advent of Bloggers (Series) Posts

      Below is a list of my blog posts in the Advent of Bloggers (Series) category.

    • The history of the metal box that’s wrecking the supply chain

      The disruption has gotten so bad that some US politicians want the government to take on a bigger role in regulating shipping. Last week, a bipartisan group of House members passed legislation that would allow the Federal Maritime Commission, the US’s international ocean transportation agency, to pressure shipping companies to prioritize empty containers for American manufacturers and farmers.

      We weren’t always so dependent on these big metal boxes, though. The first commercial container ship voyage set sail in 1956, and it was only in the 1980s that this form of ocean freight really took off. As global trade proliferated, businesses realized that containers could make shipping cheaper and easier to manage at scale. Because these containers were standardized — they’re typically 20 feet or 40 feet long — thousands could be loaded onto a single cargo ship at once.

    • Why is Vox Media buying Group Nine?

      Two weeks, two deals. And now four digital media companies are turning into two. Get ready for more of that.

      That’s the takeaway from Monday’s news that Vox Media — my employer — is close to acquiring Group Nine, the publisher behind outlets like The Dodo and NowThis. That deal announcement, first reported in the Wall Street Journal and then confirmed via a companywide email shortly after, comes days after BuzzFeed finished up buying Complex Networks, the publisher aimed at dudes who like hip-hop and sneakers.

    • Science

      • [Old] Webb Orbit

        The James Webb Space Telescope will not be in orbit around the Earth, like the Hubble Space Telescope is – it will actually orbit the Sun, 1.5 million kilometers (1 million miles) away from the Earth at what is called the second Lagrange point or L2. What is special about this orbit is that it lets the telescope stay in line with the Earth as it moves around the Sun. This allows the satellite’s large sunshield to protect the telescope from the light and heat of the Sun and Earth (and Moon).

      • The James Webb Space Telescope will transform our understanding of alien worlds

        For now that 21-foot-wide eye is closed, the telescope folded like a clamshell. Gleaming in shades of gold, silver, and crinkled lavender, the $10-billion instrument is too big to fit inside one of the world’s biggest rockets, the Ariane 5, without being folded up.

        NASA is footing the bulk of the mission’s bill, but the European Space Agency, which contributed to two of the four on-board science instruments, is responsible for launching the telescope. That’s why, as soon as December 24, JWST is slated to take flight from ESA’s tropical spaceport in French Guiana—its final Earthly port of call before sailing beyond the reach of human hands.

      • Confirmed! Webb Telescope to launch Christmas Eve

        Following launch, the telescope will require about a month to travel to L2, the second Lagrangian point, a point located at some four times the moon’s distance.

      • About the James Webb Space Telescope

        Webb is the result of over 20 years of planning and development. Several elements make the space observatory unique and help ensure it will meet its objectives: [...]

    • Education

      • I Was Part of a Human Subject Research Study Without My Consent

        In case you actually do want to make a GDPR/CCPA request, here is the process and the rough steps I will take: [...]

      • A professor hid a cash prize on campus. All students had to do was read the syllabus

        Kenyon Wilson is the associate head of performing arts at the University of Tennessee at Chattanooga and decided to put an Easter egg in the syllabus for his music seminar class this past semester.

        The hint read: “Thus (free to the first who claims; locker one hundred forty-seven; combination fifteen, twenty-five, thirty-five), students may be ineligible to make up classes and …”

        This would have led students to a locker that contained a $50 bill, free to the first student to claim it. But at the end of the semester, when he went to check the locker, the bill was still there.

      • Harvard plans to go remote in January as Covid-19 cases surge

        Harvard University announced Saturday that it will return to remote learning for the first few weeks of 2022 as infection concerns grow in the face of a new coronavirus variant.

        The Ivy League institution told students and staff that it would spend the first three weeks of January returning to online courses as coronavirus infections increase locally and worldwide. Only students who were authorized to remain on campus or are given permission to return to campus should plan on coming back from winter break in that time.

    • Health/Nutrition/Agriculture

      • Opinion | Opioid Crisis: Purdue Pharma/ Sackler Family Fails in End Run around Justice

        In a seismic victory for justice and accountability that re-opens the deeply flawed recent September, 2020 settlement of the Purdue pharma bankruptcy case, the Sackler family will be forced to confront the pain and devastation they have allegedly caused. Judge Colleen McMahon of the U.S. District Court for the Southern District of New York, ruled, Dec.16, 2021,that the settlement, part of a restructuring plan for Purdue approved in September by a bankruptcy judge, Robert Drain, U.S. Bankruptcy Court, White Plains, N.Y., should not go forward because it releases the company’s owners, members of the billionaire Sackler family, from liability in civil opioid-related cases.

      • Only a Quarter of the $9 Billion HUD Got to Combat COVID Impacts Has Been Spent
      • Mother to sue Japan production firms over Netflix suicide case

        Kyoko Kimura has reportedly claimed that staff on the show encouraged her daughter to heighten the drama.

        This year, the Tokyo District Court ordered Fuji TV and the production company to submit scripts, pre-edited footage and other materials after a request from Kyoko’s lawyers, according to Japanese media reports.

      • World cannot defeat pandemic in uncoordinated way: UN Chief

        Speaking to journalists in New York, Antonio Guterres also asked Member States to be “far more ambitious” in their efforts to reach 70 per cent of people in all countries by the middle of 2022, a goal established by the World Health Organization (WHO).

        Just days from the deadline, 98 countries have not been able to meet that end-of-year target, and 40 nations have not yet even been able to vaccinate 10 per cent of their population. In lower-income countries, less than 4 per cent of the population is immunized.

    • Integrity/Availability

      • Proprietary

        • [Old] Ransomware attack hits French-Public School Board [iophk: Windows TCO]

          The Conseil des écoles publiques de l’Est de l’Ontario issued a press release November 30 announcing it had been attacked, and that after resecuring the network it was discovered that some files stored at its board office had been stolen and held for ransom.

          The board said it had paid the attackers and the data that had been stolen [sic] was deleted.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • ConsenSys Health and Linux Foundation Public Health to Collaborate on Open Source Software for Veterans’ Health [Ed: The 'Linux' Foundation is now a front group for ConsenSys]

                ConsenSys Health, a company creating decentralized patient-centric healthcare networks, and Linux Foundation Public Health (LFPH), which builds, secures and sustains open source software for public health authorities, have commenced a collaboration focused on the uniquely complex healthcare needs of United States veterans and their families.

                The collaboration includes the creation of an LFPH-hosted Veterans Affairs Steering Committee focusing initially on current and contemplated open source software components to power VICI. Under the leadership of ConsenSys Health and the non-profit Dixon Center for Military and Veterans Services, the VICI (Veterans Incentivized Coordination and Integration) initiative is convening a consortium of enterprise and public sector stakeholders to focus on the healthcare needs of veterans, their families and caregivers.

        • Security

          • Josh Bressers: Episode 302 – Log4j is a mess

            Josh and Kurt talk about the same topic everyone is talking about, Log4j. This episode was recorded on the Wednesday after the first Log4j issue. We point out all the gaps and difficulties for the defenders. The situation has gotten worse since then.

          • Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations

            Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished.

            As Dr. Johannes Ullrich, Dean of Research at the SANS Technology Institute, recently noted, “Log4Shell will continue to haunt us for years to come.”

            His advice? “Dealing with Log4Shell will be a marathon. Treat it as such.” So let’s see what’s the latest news that can impact your mitigation and remediation efforts.

          • Privacy/Surveillance

            • Palantir to localize UK data operations as privacy regulations tighten

              Palantir Technologies Inc (PLTR.N) said on Friday it plans to shift its entire UK data processing out of the United States, at a time when data privacy regulations are tightening across the globe.

              While Palantir already hosts all UK customer data within the country, handling of metadata is currently done in the United States.

              The company handles sensitive data for its clients in the UK including the National Health Service (NHS).

    • Defence/Aggression

      • Opinion | With Afghanistan War Commission, A Chance for Accountability At Last

        Here in Red Sox Nation, baseball fans are given to wearing T-shirts that read “Yankees Suck!” Another local sentiment, perhaps even more widespread, goes like this: “Congress Sucks!”

      • US Air Wars Killed Thousands of Civilians, Including Children, NY Times Reports
      • Back to the Future: The Long Roots of Venezuela’s Communal Tradition

        As we shall see, Marx later revised this idea, coming to embrace the relevance of the communal past for the socialist future. However, this backward-looking shift in Marx is not well-known, and it has not kept the bulk of the socialist movement from being oblivious to the importance of communitarian pasts. Latin America may be an exception to this general theoretical trend, for the simple reason that that continent’s past weighs heavily on the present and many political movements appeal to it. In Venezuela, anthropologists Iraida Vargas and Mario Sanoja have forcefully argued for the pertinence of the region’s communal past – and the relics of communitarian practices that survive today – to the project of socialist construction. They claim that both Venezuela’s history and its long-standing cultural traditions could be the basis of the Bolivarian Process’s development of communal socialism, having uncovered some surprising links between the future that the revolution aspires to and its roots in a society whose practices of solidarity and deep-seated conceptions of equality are often shaped by Indigenous and African traditions.

        To read this article, log in here or subscribe here. In order to read CP+ articles, your web browser must be set to accept cookies.

      • ‘Historically Large Win’: Chile Votes for Socialism over Fascism

        BREAKING: Gabriel Boric defeats José Antonio Kast - 56% to 44%.

        The Associated Press is reporting:

      • Opinion | Chilean Election

        British journalist Claude Cockburn once claimed that he won a contest among the sub-editors on the London Times to write the dullest headline and actually get it published in the paper. His winning headline was ‘Small Earthquake in Chile, Not Many Hurt’.

      • WATCH: Migrant in Sweden praises Islamic State during arrest

        “I promise you. I am ISIS, I was with ISIS, I will continue with ISIS, ISIS is best, ISIS is best, ISIS is best,” the man shouts as he is arrested.

      • Hong Kong goes to the polls after China purge of pro-democracy voices

        The election Sunday is Hong Kong’s first since a dramatic overhaul of its electoral system, which critics say is aimed at tightening Beijing’s grip on the legislature, known as the Legislative Council, and further silencing opposition figures. Many of the territory’s democratic politicians are in prison or awaiting trial; others have been barred from running, resigned from politics or gone into self-exile overseas after a crackdown on dissent that included a sweeping national security law Beijing imposed last year.

        The drastic shift has tamped down public enthusiasm for the election, with fewer than half of voters saying they plan to participate, compared to a record 71 percent turnout in the district council election in 2019.

      • Islamic world pitches ways to aid desperately poor Afghans

        Khan seemed to offer Taliban a pass on their limits on education for girls, urging the world to understand “cultural sensitivities” and saying human rights and women’s rights meant different things in different countries. Still other speakers, including the OIC chairman Hussain Ibrahim Taha, emphasized the need for the protection of human rights, particularly those of women and girls.

    • Environment

      • Ranchers and farmers are destroying the rainforest. Is Bolsonaro to blame?

        This article is part of “The Fifth Crime,” a series on ecocide published in partnership with Inside Climate News, a nonprofit, independent news outlet that covers climate, energy and the environment, and Undark Magazine, a nonprofit, editorially independent digital magazine exploring the intersection of science and society.

      • Energy

        • States Are Letting Utility Companies Cut Off Power Just as Winter Arrives
        • Bank of Russia steps up campaign against private cryptocurrencies

          Russia’s central bank ratcheted up its campaign against private cryptocurrencies on Friday, a day after Reuters reported it wants to ban investments in them.

          Valeriy Lyakh, head of its department for countering market misconduct, said in a video that investment in cryptocurrencies was an “out-and-out swindle” and a “financial pyramid”.

        • The most powerful people in [cryptocurrency]

          All four have amassed multi-billion-dollar fortunes, and huge influence, in just a few years. In conventional finance, where money is commonly borrowed, spent or saved, the most powerful intermediaries are bankers, payment firms and asset managers. But private currencies today are mostly used to speculate, which makes exchange bosses, who provide punters with the tools and venues to trade, the kings of a world whose raison d’être, paradoxically, is to do away with mighty middlemen.

    • Finance

    • AstroTurf/Lobbying/Politics

      • Religion, Science, Politics

        The religion-science-politics overlap is clear when scripture-quoting antiabortionists who’d be happy about bombing infidels in Afghanistan fly a “Pro-Life is Pro-Science” banner, and claim that the Roe v Wade ruling was “musty” because “science has changed”. There’s rather less science in the “odious little argument”, as Jean and Peter Medawar called it, of the Great Beethoven Fallacy which goes that terminating a pregnancy because the father was syphilitic and the mother tubercular would have meant murdering Beethoven. Actually, neither of Beethoven’s parents had syphilis. But truth’s not the aim. As the Medawars note, unless there’s a causal connection whereby a tubercular mother and syphilitic father produce musical geniuses, abstinence from intercourse would equally as well do the job of depriving the world of a Beethoven. Any celebrity will do. Justin Bieber’s an occasional update. And, since it’s a fatuous discussion, Hitler can be used as a counterargument. Meanwhile, the question of women’s rights is whisked away from the debate, and antiabortionists like Rep. Madison Cawthorn can speak of women as “earthen vessels sanctified by almighty God”.

        To read this article, log in here or subscribe here. In order to read CP+ articles, your web browser must be set to accept cookies.

      • Unified cyber security task force by March: Source

        The telecom department will develop an internal task force with the relevant skill sets and capabilities required specifically for the telecom sector. “This sub task force will work in conjunction with the unified national-level cyber security task force that has been envisaged,” the source said, adding that 20 officers have already been identified for getting embedded into the project. “There are also plans to add more officers, with specialised skills sets, to this team as we move forward,” the source said.

        The current cyber threats are handled by the specialised Indian Computer Emergency Response Team or CERT-In, which operates under the Ministry of Electronics and IT. It is the nodal agency to deal with cyber security threats like hacking and phishing, and strengthens security-related defence of the Indian internet domain. However, with the cyberattacks getting more sophisticated, the government has increasingly felt the need to have a specialised unified task force that acts on inputs not only from security and cyber forces from within the country, but also from inputs from ‘like-minded friendly countries’ from across the world.

      • Did You See What Big Bird Tweeted?

        Ted Cruz fighting with Big Bird on Twitter was not on our 2021 Bingo card.

      • Facebook pays fines to Russia over banned content

        Facebook (FB.O) has paid 17 million roubles ($229,643) in fines owed in Russia for failing to delete content Moscow deems illegal, the Interfax news agency reported on Sunday, but with the threat of a potentially larger fine looming.

        Facebook parent Meta, along with Alphabet’s Google (GOOGL.O), faces a court case next week for suspected repeated violations of Russian legislation on content and could be fined a percentage of its annual revenue in Russia. read more

    • Misinformation/Disinformation

      • Schools Close After ‘National School Shooting Day’ TikTok Threats

        After rumors of a school shooting threat on December 17 that spread on TikTok—called “National School Shooting Day” or “National Shoot Up Your School Day”—many schools around the country are closing for the day or beefing up police presence, but law enforcement and the platform say none of the threats appear to be credible.

    • Censorship/Free Speech

    • Civil Rights/Policing

      • [Old] Meet the Self-Hosters, Taking Back the Internet One Server at a Time

        My experience with Syncthing quickly sent me down the self-hosting rabbit hole. I looked at what else I could host myself, and found simply everything: photo collections (like Google Photos); recipe managers; chat services that you can connect with the popular tools like Discord; read-it-later services for bookmarking; RSS readers; budgeting tools; and so much more. There’s also the whole world of alternative social media services, like Mastodon and PixelFed, to replace Twitter, Facebook, and Instagram, which can be self-hosted as a private network or used to join others around the world.

        Self-hosting is something I’ve found fun to learn about and tinker with, even if it is just for myself. Others, like KmisterK, find new opportunities as well. “Eventually, a career path started with it, and from there, being in the community professionally kept me personally interested as a hobby.” Edward also found a connection with his career in IT infrastructure, but still continues self-hosting. “It is nice to be able to play around in a low risk/impact environment,” he said.

      • Nonbelievers across Africa risk freedom, family support

        More than a year passed before Bala, an ex-Muslim and president of the Humanist Association of Nigeria, would be charged. Bala is an outspoken atheist in a deeply religious country. His alleged crime: Posting blasphemous statements online.

    • Digital Restrictions (DRM)

    • Monopolies

The Car Drives You — Part I — You Own Nothing

Posted in Apple, Free/Libre Software, Microsoft at 8:06 am by Dr. Roy Schestowitz

Car after crash
Steered by the car, which does not accept instructions from its driver and owner

Summary: With all the media hype about things getting “smart” (and various buzzwords to accompany this hype so as to sell useless gimmicks and gadgets that spy/manipulate) it’s important to understand what gradually happens to automobiles that are nowadays being sold

THE question may seem pointless and banal. Who truly owns today’s cars? It’s a perfectly legitimate question? Who drives it? Who can bypass or override the driver? Again, nowadays the question isn’t so simple to answer.

We already published (this past evening) a timely new video about cars becoming increasingly hostile towards their owner/driver, assuming that the owner is the person who paid for it (not the manufacturer) and driving is about more the pressing down a pedal. When we wrote about privacy issues and safety issues we pointed out that today’s mechanical/physical pedals are connected to a computer, not the engine/throttling parts.

“…today’s mechanical/physical pedals are connected to a computer, not the engine/throttling parts.”Where is this going? Where do governments steer us? Why is media debate so scarce?

In last night’s Daily Links we included this new link, cautioning about creeping oppression. To quote:

When a government decides to take a look at your particular field of experimentation, it’s never necessarily a cause for rejoicing, as British motor vehicle enthusiasts are finding out through a UK Government consultation. Titled “Future of transport regulatory review: modernising vehicle standards“, the document explains that it is part of the process of re-adopting under UK law areas which have previously been governed by the European Union. Of particular interest is the section “Tackling tampering”, which promises a new set of offences for “tampering with a system, part or component of a vehicle intended or adapted to be used on a road“.

They go into detail as to the nature of the offences, which seem to relate to the production of devices designed to negate the safety or environmental features of the car. They’re at pains to say that they have no wish to target the legitimate car modification world, for example in motorsport or restoration, but it’s easy to see how a car hacker might inadvertently fall foul of any new rules. It’s worried the enthusiasts enough that a petition has been launched on the UK parliamentary petition site, making the point that the existing yearly MOT roadworthiness test should fulfill the function of taking any illegal vehicles off the road.

It’s probably too late to weigh in; this official page says: “The consultation period began on 28 September 2021 and will run until 11:45pm on 22 November 2021. Ensure that your response reaches us before the closing date.”

There’s also this EU page for those outside the UK.

“With all those cars nowadays, at least the newly-sold ones, there’s not just a computer onboard but several computers and they not only contain software; it’s no longer immutable, it’s network-connected, and sometimes remote updates modify the behaviour of the car.”This runs parallel to the war on general-purpose computing, including software. This whole subject is closely connected to software freedom.

“Well, Apple and Microsoft are chumming the waters with Right to Repair,” an associate told us yesterday.

“They’re focusing on hardware only, which is an improvement,” Ryan noted. “But without knowing how the software works or how to replace their operating system, you still don’t control the device. They want to be in control of when the last software update goes out.”

Our associate said that “Apple, Microsoft, and the others are trying to saturate the news on that topic, diffuse and unfocus the work, and confuse the public and, especially, the politicians. This has to be slammed through as legislation or else Apple will continue on the path it has been going down since Steve Jobs got sick, and where most other vendors are deciding to follow. Nothing other than a legal smackdon will suffice, the PR efforts to the contrary are no more than PR efforts to stall and weaken the effort. and take away the existing rights. There has always been the right to repair stuff one owns. However, Apple and the others are trying to spin that into not applying to computers. Apple is even looking like it is aiming to ban general-purpose computing. Notice that the trade press and other lapdogs are now grovelling about “sideloading” and insinuating how it is bad, rather than pointing out that the real name is “installation” and it is a normal activity on device and tools one own and controls. Microsoft, Apple, and the car and farm equipment companies see that it could go either way. Right now the US is leaning towards keeping the rights that are in place, but with enough lobbyist money the vendors could tip it the other way. Here is an FTC position statement on the topic [1, 2].” [PDF]

“Microsoft is trying to retcon “installing software on Windows” as sideloading if you don’t get one of the five apps that’s not fake from their store,” Ryan said. The associate responded: “A key aspect is that Microsoft cultists have trained the public and the politicians to be completely docile when “computers” are mentioned and to roll over when “software” is mentioned. In the latter, they have help from the copyright cartel.”

With all those cars nowadays, at least the newly-sold ones, there’s not just a computer onboard but several computers and they not only contain software; it’s no longer immutable, it’s network-connected, and sometimes remote updates modify the behaviour of the car. Unlike some phone or PC, cars put you in life-threatening situations, so it certainly does matter.

“We’ve been hearing similar stories lately; smart people reject the “new” and “smart” cars.”“I wish they’d just go back to what cars in the 1980s came with,” Ryan said. “If you can find a 1985 Honda or GMC pickup or anything really and the body is in good shape… You’d be financially better off to wheel it down to a good mechanic and dump $10,000 or more into having him fix everything that needs attention than you would buying a new car. And you can find some cars that old that never rusted, that look like they came straight out of the 80s. If they were in California or Nevada or even Florida. Obviously, for safety you should take it down and have it inspected and repaired as needed. Expect to replace all of the brake lines, belts, and rubber hoses. They dry rot. But once you get out ahead of that, the car might be perfectly usable for many years.”

We’ve been hearing similar stories lately; smart people reject the “new” and “smart” cars. “I hope to get at least a few more years out of the Impala,” Ryan said, “but I won’t be replacing it with anything very new. I’ll probably go looking for about a 2010 Crown Victoria or something that was fleet owned. They just don’t break down nearly as often as newer cars do. They were pretty much designed in the 70s-90s and then tweaked along the way. Ford never invested anything in a total redesign after that. The mentality, right, was different then. Back then, people were smarter and they knew, hey, this is a major purchase and it should last a while. Now it’s “If my brand new $50,000 Toyota can’t ping a web server to verify I paid my $8 a month remote starter fee, they start disabling my shit!”. “Wow, so amazing! $850 a month car payments for 7 years, you say? Oh boy!”. “Plus the $8 a month for the remote starter of course!” Like, when did Toyota get so greedy that they have to tack on $8 a month to an $850 a month car? Remember Henry Ford? His philosophy was that mass production should make cars so cheap and so easy to repair that anyone could own one? Henry Ford was obviously a shrewd Capitalist, and these modern car companies could not be more diametrically opposed to his viewpoint. They want to tack on surprise fees that you won’t even consider, to a car that’s got you bleeding out like a deer that’s been hung on a rack. They control the government safety agencies. They ask for all of these new “safety” features to be mandatory. That way their competitors can’t produce an affordable car either. When you wreck it, it’s totaled because it costs $1,000 for the body damage and $10,000 to realign some sensors. When those idiots ran into my Impala, you know what I did? I pulled off the bumper cover and put on an aftermarket one that was on ebay for $150. It’s held on by standard bolts that you can just unscrew and screw back in. It took out my fog lamps, but the plastic was so yellowed anyway that I just unplugged them and tossed them in the dumpster.”

In the next part we shall revisit the issue from another angle. Stay tuned.

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts