01.24.21

Internet Origins of the Mob

Posted in Site News at 8:32 pm by Guest Editorial Team

Reprinted with permission from Daniel Pocock

For anybody who has ever been elected into office, from the student union to a national legislature, the recent scenes in Washington DC have been particularly disturbing.

When reports appear about the efforts Trump made blackmailing the State of Georgia into changing their results, it is even more disturbing for those of us who also experience threats or blackmail while holding some form of office or voluntary leadership role. In my case, the free software community elected me as a representative in 2017 and right up to the day I resigned in September 2018, people who opposed the election result sent me constant threats and harassment.

Even two years after resigning, the same mob still pushes doxing and defamation. This is blackmail, they want the questions about volunteers and elections to be withdrawn. Each time new revelations come to light, such as the notorious FSFE women court case, it demonstrates why they find an independent representative so inconvenient.

US Capitol mob, FSFE, Debian, Doxing volunteers

My experiences with bad actors go back a long way and give some startling insights into the rise of these practices in the online space from way before the birth of Facebook or Twitter.

US Capitol riot, predicted and censored

Pine Gap, intelligence down underIn a Novmeber 2020 discussion about elections in a free software project, I posted a comment that predicted exactly where Donald Trump was going:

Kevin Costner got it right in his 1997 flop, The Postman. Stay tuned for the sequel, The GNU Mailman. Quote from the trailer “You are a dangerous man!”.

The email never appeared in the thread. It vanished.

In the movie, the country is ravaged by a plague. Cliven Bundy is the law. The only remaining trace of great national institutions is a postman’s uniform, which seems to fit Costner. This quickly leads to physical conflict. The Bundies are the mob, the Postman is a proxy for Washington.

Paranoia from the grave

In 1996, an Australian political party realized they had made a mistake, they had selected a candidate who was too extreme even for Australian politics. During her campaign, her racist comments about Indigenous Australians prompted the party to withdraw her endorsement. The decision came too late, ballot papers had already been printed with her name beside the party name. The Division of Oxley elected Pauline Hanson by mistake.

There is a unique symbiosis between extreme politicians and the media. Not only does the media profit from giving these candidates airtime but as a bonus, rival groups staging protests and counter-protests guarantee further news stories. Within months of her election, Australia’s police were exerting more resources to protect Hanson than any other politician, including the Prime Minister.

In this context, Channel 7 saw an opportunity: Hanson cut a deal with the news desk to record a video to be played upon her assassination. On 25 November 1997, it was leaked (truncated version).

Dubbed the Video from the Grave, the following lines jump out:

There was always a chance that I would be killed and many believe this would be a mortal blow to what began with my election. You must not allow this to happen, … you must fight on.

Like a geologist examing a core sample, we can go back to this 60 minutes report on the first 100 days of Hanson mania. Watching the first minutes of the video again today, the penny dropped. The Tea Party movement and Trump spent hundreds of millions of dollars on campaigns. Hanson was able to cook up an indistinguishable feast of extremism in a fish and chip shop. Trump had a budget like an Arnold Schwarzenegger movie, Pauline Hanson was operating like the producers of the Blair Witch Project but you can’t really tell them apart. Before the invention of social media, Hanson had perfected and exemplified techniques that America’s Tea Party movement would not start immitating for another 10 years.

Unlike Trump, Hanson sold her business empire when she was elected. The fish and chipperie was subsequently acquired by immigrants. A crowdfunding campaign was established to buy them out and convert it into a kebab or halal takeaway.

Hanson now has her own political party. In 2019, her candidates were calling for Australians to fight like hell and rival politicians were the targets.

Pauline Hanson, Fight like hell, Donald Trump

Quote from Pauline Hanson Party: Time to fight like hell against lazy or dishonest politicians

When the mob came for me

I had just completed my first year of undergraduate engineering and been elected to a role in the Melbourne University Student Union. As a side project, I created a web site supporting native title rights for indigenous Australians. The web site received a commendation from the leader of one of the main political parties, Kim Beazley:

Daniel Pocock, Kim Beazley, Canberra

Support for the maintenance of native title – and opposition to the Howard Government’s Wik legislation – from all sections of the community has been unprecedented. Australians from all walks of life are coming together to proclaim their support for native title and reconciliation.

This homepage provides yet another avenue for people around the world who support native title to make their feelings known to the Howard Government.

<snip>

This homepage is an excellent new way in which people in the community can contribute to the native title debate.


Kim Beazley

Leader of the Opposition

Canberra

The site was a runner up in the Loud Festival run by the Australian Council for the Arts. This was well outside the traditional undergraduate engineering curriculum. Mr Beazley became America’s most wanted Australian.


Daniel Pocock, Loud Award runner up, 1997


Three days after Hanson’s video was leaked in 1997, pleading with people to fight on, I found myself in their cross hairs. Although social media did not exist, doxing had just been invented and they chose to practice on Mr Beazley, Carlo Carli, the local member of parliament and I. Some of the online attacks captured here.

Looking at the doxings, you can find many synergies in the style of abuse between fascists in the far right and those who give orders to volunteers in open source. As Wikipedia notes, there is always some violation of the victim’s privacy. The Australian fascists chose to publish my mobile phone number, it doesn’t even belong to me any more but it still lingers on that web site for any neo-Nazi who comes along and wants to call it. The more recent attack involved molesting my entry in the Debian keyring the night before my wedding anniversary. Fascists choose to add something personal like this to add personal pain, to deter people from speaking again. We can see the same tactic in the siege of the US Capitol, the fascist note on Nancy Pelosi’s desk:

Nancy Pelosi, Debian, FSFE, threats

Whether it is a threat on Pelosi’s desk, a rogue Debian Developer desecrating my wedding anniversary or a dog leaving some dampness on a tree, the mindset behind it is equally intrusive and crude.

What I find really stunning from the earlier fascist doxing is the following quote, most ordinary readers would feel the efforts described here deserve praise:

What is interesting is that a little bit of on-line detective work reveals that Daniel Pocock is the technical contact for a domain vmore.org.au which is called Virtual Moreland and that this service provides FREE Internet services for Community Groups – just COMMUNITY GROUPS! (Au$100,000 has been sought from the Victorian state government to get this little baby going and based on the success of the participants in the past getting this tax payer funding should be a breeze).

Helping the government transfer taxpayer dollars back into highly transparent projects like Virtual Moreland would appear to be an incredible success.

You know your mob is special if the sight of a library has them frothing at the lips:

“(CO.AS.IT owns) A modern library service, … <snip>” … No guessing who paid for all of that…

Why do fascists hate libraries? There are usually lots of books. Some of those books, like some blogs, may confront their Code of Conduct mindset.

The doxing paints an image of community groups coming from the extreme left. Multiculturalism is a far more complex phenomena. The philosophy of people like Mr Carli and I would probably be seen as mainstream in most civilized countries. The Moreland region is popular with the Italian diaspora, which is also a very Catholic community. At that time, the Arch-Bishop of Melbourne was the conservative Cardinal George Pell. In addition to the state funding, we received generous donations of some spare computers and even a surplus file server from the Catholic administration.

It is fascinating to fast-forward 20 years and contrast the rants of Pauline Hanson’s mob with the rogue elements of the open source software community. Hanson’s mob started attacking me after students elected me as a representative. This pro-Google mob started attacking me after the free software community elected me as a representative. While Hanson’s mob complained about my dedication to helping communities, Google’s mob use me as a scapegoat, blaming me for all the strife in communities where some volunteers are disenfranchised. Yet in the latter case, they are not communities at all. They are exploitative organizations that keep volunteers off their membership rolls, a model that is barely a notch above modern day slavery. They don’t allow members to join but if members ask questions about the money, they tell people we have been expelled. There is a strong smell of fraud in misrepresenting the true nature of membership.

While the defamation from Google is incredibly extreme, it is easy to see that my principles remained constant over these decades. Whether it is in the case of the native title campaign (1997) or my efforts to document the doctored membership rolls of the FSFE in 2018, what drives me is a concern for all participants to have equity, dignity and justice. A system where some volunteers are excluded from elections in the open source world has an unusual odour, much like the Apartheidesque phenomena of excluding Indigenous Australians from the land.

When Google attacks independent volunteers, it is because they can’t accept the principles outside their own worldview, just as Donald Trump can’t accept the people who didn’t vote for him. In a stunning role-reversal, while officials are releasing details of Trump’s attempts to blackmail Georgia, a GAFA mob led by Google was exposed blackmailing Australia’s parliament.

It is disturbing for me to see that rogue elements of Debian, FSFE and Pauline Hanson’s One Nation have found something in common, doxing volunteers with personal attacks to drown our principles. We find another synergy in the way fascist groups discredit people outside their monoculture, branding everything they don’t agree with as spam. Like some archaeological discovery, tracing this tool of groupthink back to a far right web site from 1997. It is up there in the very first line of the doxing, the statement “Now I have said before that I don’t like to receive unsolicited email“. There is no way he could receive a message from my web site if he hadn’t inserted his email address in the form to test it. To this day, fascists use the assertion of spamming to avoid questions and hobble people into groupthink.

Centenary of Federation, Australia, 2001

My efforts with Virtual Moreland were recognized with a Centenary of Federation certificate. Web sites hosted by the project were absorbed into other community hosting providers when I left Australia in 2002.

We also ran a training lab and portable Internet cafe based on thin client computing, like Linux Terminal Server Project, but that was only invented two years later.

Virtual Moreland lab

The government grant provided 1,000 hours of training to people from local community organizations making their first web site. Drupal and WordPress didn’t exist. I built my own Content Management System using PHP. This made it easier to train people. Thanks to the CMS, many of these local groups were keeping their web sites up to date.

This shows just how long I’ve been doing development with Debian. Earlier projects, while I was at high school, involved Slackware. When some newcomers arrive and start trying to erase the volunteers who lived in the era before Google, they are trying to erase a critical part of our heritage. Changing our history and our language is another synergy between the traditional fascists and those raiding the open source community. Google has even redefined the word fascism so it no longer includes their allies and apologists in society. It is both an attack upon society, who lose the insights from history and it is also an act of aggression against the target. When you’ve been doing something like Linux for this long, you don’t just disappear on the whim of some Google puppet. When somebody stands up at a conference, pronounces herself to be a developer by fiat and incites a mob to humiliate real developers, it feels like she wants to cut off my arm. Maimimg people like that is another tool of fascists. In Sierra Leone, the practice of canceling people has been taken to extremes by amputating hands and feet. The false claims of expulsions and demotions have the same intention: frustrating people’s future ability to work, enforcing and perpetuating asymmetry between the fascist and their victim. Not everybody who wears a uniform behaves this way.

Debian, FSFE, demotion, expulsion, shaming, community team, defamation, gossip, amputation, bodily mutilation, groupthink, cybertorture

In any other domain, volunteers who give decades of service like this are given recognition and thanks.

From PUPs to Mobs

One of the more remarkable phenomena in Australian politics was the decision of businessman Clive Palmer to start his own party and pick novice candidates to run under his name in as many seats as possible.

Palmer, like Trump, is a businessman. Trump’s slogan was Make America Great Again. Who copied who?

Clive Palmer, Make Australia Great

The billionaire Palmer won a seat in parliament and set a record for absenteeism. President Trump counted a record amount of time and money spent on golf, mostly on his own properties.

But it turns out the copy-cat behaviour didn’t start there. One of those almost randomly selected candidates of the Palmer United Party (PUP), Jacqui Lambie, was promising to fight like hell as early as 2014 in her campaign against poppy farms. In fact, Lambie has used the fight like hell slogan for everything from gay marriage to home defence.

The conclusion is that Trump’s rabble-raising pitch may not even be his own creation, down under it sounds like a cover act inspired by two of the most loathed politicians in Australia’s far right, Pauline Hanson and Jacqui Lambie.

A deeper conclusion is that if fascists around the world are all a bunch of carbon copies, this debunks the central pillar of their platform, their argument that we should discriminate against people based on their place of origin.

01.10.21

Alex Oliva’s Resignation From the FSF Board

Posted in Free/Libre Software, FSF, GNU/Linux at 12:19 pm by Guest Editorial Team

Original blog post

At the advice of friendly FSF board members, I turned in the following letter to the FSF president, asking him to pass it on to directors and voting members at a suitable time:

My dear colleagues,

I'm very sorry for the trouble I've caused. My participation in the fundraiser was intended to restore the trust and support from people who'd grown suspicious of us, and whom we were failing to communicate with. I figured they might listen to me, and I was very hopeful of our future. Alas, I understand it didn't come across this way, and I admit that posting it was a big mistake, one that I regret deeply.

My inability to predict unintended reactions to my writings led me to realize and accept how badly I need feedback from others before publishing on sensitive topics, and how much I still have to learn about effective communication.

As much as I wish I'd had a chance to contribute to the FSF during my tenure, the way for me to learn what I still need to learn is through practice, not inaction, and I do not wish to impose on the FSF any more of the risks and pitfalls of my learning process.

I therefore offer you, Geoffrey Knauth, FSF President, my resignation from the FSF Board of Directors. Please let me know when it becomes effective, if you choose to accept it. I hope that some day, after learning what I need to learn (and, if I may say, at more fortunate timing), I get another chance to support the FSF from the inside again.

Meanwhile, I look forward to other ways to cooperate from the outside.

Thanks for bearing with my shortcomings, and for your continued work to keep the FSF fighting the good fight,

It was accepted immediately, but the response did not specify when it becomes effective. I'm not sure what that implies.

Anyway, I suppose I'm no longer a member of the board of directors of the FSF.

So blong,


Copyright 2007-2020 Alexandre Oliva

Permission is granted to make and distribute verbatim copies of this entire document worldwide without royalty, provided the copyright notice, the document’s official URL, and this permission notice are preserved.

The following licensing terms also apply to all documents and postings in this blog that don’t contain a copyright notice of their own, or that contain a notice equivalent to the one above, and whose copyright can be reasonably assumed to be held by Alexandre Oliva.

This work is licensed under the Creative Commons License BY-SA (Attribution ShareAlike) 3.0 Unported. To see a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.

01.07.21

Technology, Citizenship, Democracy and Tyrants

Posted in America, Europe, Free/Libre Software at 7:46 pm by Guest Editorial Team

Reprinted with permission from Daniel Pocock

This week, the world saw dramatic scenes in Washington as a mob stormed the US Capitol building. Scenes like this are painful to watch but they also provide fascinating opportunities to learn lessons about leadership and the world we live in.

At the same time, the free software world has been coming to grips with the judicial complaints at least one woman has made against a free software organization, the Free Software Foundation Europe e.V. and its leader, Matthias Kirschner.

This is relevant for all of us in every free software organization. Try to put yourself in the shoes of a female employee or a volunteer, a foreigner in Germany, when they go into a court room and they are confronted by this vile defamation from somebody who claims, as President of an organization using the name Free Software, that he speaks on behalf of all of us.

Now stop for a moment and think of the woman shot during the riots in Washington. As an employee of the armed services, President Trump was not just a political leader, he was also commander in chief and therefore her boss. As both an American and a soldier, even if her conduct looks outrageous to many of us, she believed she belonged there.

The communications of both these presidents, Kirschner’s vile campaigns of vilification against multiple women and volunteers and Trump’s call to resist, resonated with each of these women in ways that outsiders may never appreciate.

The stories of these “leaders” are intertwined and among other things, begin on my birthday.

9 November

9 November 1989 is the day that a mob began pulling down the Berlin Wall. As a thought exercise, how would censors at Twitter or Facebook decide which side to take in such an event? Would they focus on the short term risk to human life or the long term benefit of democracy in former communist states? Should they make such decisions at all?

On 9 November 2016, I woke up on my birthday to the news that Donald Trump had been elected president of the United States.

As a belated birthday gift, I’m giving the world this White House briefing room scene for OBS Studio so you can all peacefully simulate a visit to the White House during President Trump’s absence from social media. OBS Studio is free software, that means it is free for everybody to download and use, whether you are a president or not.

President Trump has shown us the promise of democracy: anyone can be president. Now let free software do the rest.

The censorship question, Silicon Valley against the US constitution

Having mentioned censorship, I can’t resist the urge to put Mark Zuckerberg in his place.

Twitter, Google-Youtube and Facebook all censored the US President. Many people will not lose sleep over that decision.

The US constitution provides two means to remove a president. Neither of these procedures puts power in the hands of Silicon Valley. The US constitution requires the action to come from the democratically elected lawmakers and Vice President. Many Americans are furious at Trump for failing to uphold his oath and protect the US constitution against a mob: but who will protect the constitution from Silicon Valley?

It is at exactly this time that Silicon Valley overlords will arrive and pretend to be saviors. They are wolves in sheep’s clothing.

If you sincerely care about the loss of human life, contemplate the hundreds of thousands of Americans who died under Trump’s Coronavirus response. Silicon Valley did little to restrain him when he advised people not to wear face masks, a far more deadly policy than the riots.

It is a simple fact that the US death toll from Coronavirus far exceeds the combined death toll from Hiroshima and Nagasaki.

Why did Twitter and friends stop procrastinating and finally cut him off on 7 January 2021? Was it because of the loss of life at the US Capitol or was it because on the same day, voters in Georgia had just given the incoming president control of the US Senate?

When Trump advised the US population to drink or inject bleach, nobody took any action against him.

Google, Twitter and Facebook tolerated Trump while hundreds of thousands of people were dying. They feared another four years of his rule. When the run-off vote in Georgia banished the Republicans, Silicon Valley had no more use for Trump and they cut him loose. Had Trump remained in office or had the Republicans won Georgia, Trump would still be tweeting today. Hundreds of thousands of dead Coronavirus patients wouldn’t be mentioned. Silicon Valley’s intervention was entirely self-serving.

Nominating for the FSFE elections

Shortly after that birthday surprise in 2016, I submitted my nomination for the role of Fellowship Representative in the elections of FSFE.

Ever since then, I’ve been subjected to something that the former leader of Debian described as a campaign of harassment.

Even before the US election in November 2020, media outlets leaked details about a Trump conspiracy to undermine the vote. While FSFE’s fellows were deciding how to vote in 2017, FSFE’s management were secretly discussing how to avoid further elections:

florian snow, matthias kirschner, fsfe

Well dressed children

Since losing the US election in November 2020, President Trump has behaved like a giant toddler stamping his foot.

On a daily basis, this reminded me of the state of free software organizations. From the disappearance of my nomination email in the Fedora Council elections, my removal from the Debian keyring days before nominations opened in 2019 and the situation in FSFE.

FSFE stands out. The community clearly voted for me, putting Florian Snow second, as results at Cornell’s independent Internet Voting Service clearly show.

Yet just a few months later, the president, Matthias Kirschner, used his executive power to give the same General Assembly voting rights to the loser, Snow, in effect, changing the result of the election.


Subject: Re: [GA] Membership Application: Florian Snow, Feedback until 15 December
Date: Mon, 18 Dec 2017 07:16:04 +0100
From: Matthias Kirschner <mk@fsfe.org>
To: ga@lists.fsfe.org

After all the positive feedback by you, I have now accepted Florian as
member to be officially confirmed at the next general assembly.

Jonas will add him to the mailing list.

Regards,

Matthias

The community had voted for me but Kirschner needed to have another white German male. I’ve never seen anything like this in any other country. What was he looking for with this move, an emotional support animal? If we really care about diversity, we have to consider that this same psychology made it impossible for Kirschner to work with women as equals, so he fired them all.

The way that Snow entered the General Assembly, despite losing the election, is what came to mind when I saw people clambering into the US Senate.

florian snow, matthias kirschner, fsfe

Elections were just an illusion

It turns out that everything FSFE gave us, the Fellowship smart cards with our names on them, like membership cards, the fsfe.org email addresses and even the elections were just a gimmick to make us feel like members without really being members.

In other words, these Fellowships were comparable to investments in funds operated by Bernard Madoff or Allen Stanford. Their Ponzi schemes gave investors bank statements showing balances that didn’t exist while FSFE voting gave us a feeling of membership that didn’t really exist.

Challenging such deceptions was my responsibility as an elected representative of the community. If the representative doesn’t call out something like this, they are not doing their job properly. Yet whenever I asked about it, the only reply was Kirschner’s fury. When FSFE’s female employees wrote about asking for equal pay, I could relate to their words completely in my quest for volunteers to have equal voting:

A female colleague and me had dared to discuss wage transparency and gender pay gap in the office. Apparently it is common in Germany that this gap exceeds 20%, but we both felt secure that the free software movement is progressive, and cares about being inclusive and equal opportunities oriented. Unfortunately we miscalculated – our boss Matthias was beyond furious. After that office meeting, he told my colleague “there will be consequences”.

Another round of censorship

The woman in question writes about defamation in particular:

The court process was taxing. The FSFE lawyer made up easily disprovable slanders against me – and I say “easily” because their charges were demonstrably false, but of course finding evidence that is also admissible in the conservative German court system did not do much good for my stress levels over summer. They disrespected the court by not submitting papers on time, and they refused to answer my allegations, opting instead to portray me as a disobedient, sexist, racist, incompetent belligerent. Why did they give such a person a permanent contract after a six month probation period?

People noticed that after I resigned in disgust from the FSFE, my blog was censored from Planet Fedora, Planet Mozilla, Planet Ubuntu and Planet Debian. I receive regular reports of emails being sent behind my back. Several people leaked an email from Kirschner about how he wanted to gather information:

One general wish — which I agreed with — from Debian was to better share information about people

What is the purpose of such a communication which is clearly illegal under the GDPR? Did Kirschner hope to obtain information with which to coerce or discredit a representative elected by the community, just as Trump has tried to discredit the US elections?

At the point Kirschner wrote that email, I was no longer a member of FSFE. His methods and motives were completely illegal under the GDPR, just as Trump’s attempts to cling on to power are illegal.

Home invasions

We could think of the US Capitol, rather than the White House, as the home of US democracy. How would this woman feel about the president of the Free Software organization going to her home against her will?

A weekend of non-stop calls followed, including from hidden phone numbers. He even texted telling me I should answer my phone, for my own better. Even after my lawyer warned him to terminate all attempts to communicate with me and send someone else to pick up my work laptop, he came in person to my house, and was very irritated that I was not alone.

This is incredible stuff.

Take a moment to put yourself in this woman’s shoes, imagine your boss arriving at your home anticipating he would find you alone.

Now imagine if this woman has spent much of her life in the free software world, she volunteers for other groups, maybe Fedora or Mozilla and she attends one of their booths at an event. How is she going to feel if she is standing at a Fedora booth or Mozilla booth and it is right beside the FSFE booth, right beside the man who violated her home in this way?

A few weeks ago, I politely asked on the Fedora Council mailing list whether it was appropriate for Red Hat to give money to Kirschner’s group. Kirschner’s behavior at this woman’s home is no more tolerable than Trump’s behavior at the US Capitol.

Choking democracy

After Kirschner used his executive authority to grant Florian Snow voting rights in the FSFE, Kirschner then put Snow in charge of the communications from the representative elected by the Fellows. This was a hideous snub to democracy, matched only by the antics of Trump and his mob:

Subject: Request to mailing list Discussion rejected
Date: Tue, 18 Sep 2018 05:06:09 +0000
From: discussion-owner@lists.fsfe.org
To: daniel@pocock.pro

Your request to the Discussion mailing list

Posting of your message titled “Re: FSFE and censorship – not true?”

has been rejected by the list moderator.

Snow, the interloper, shutting down debate, just as interlopers shut down the US Capitol…

florian snow, matthias kirschner, fsfe

12.31.20

Alexandre Oliva: Happier GNU Year!

Posted in Free/Libre Software, FSF, GNU/Linux at 12:41 pm by Guest Editorial Team

Original blog post

Since about 2019-09-11, the FSF (the largely autonomous staff body that was supposed to be supervised by, and to follow directions given by the board of directors) has asked me to leave FSF public communications to them, even while I was acting president, and preferred to distance themselves from myself and from Richard Stallman's leadership.

When they make as urgent an exception as they have yesterday, I might as well take it.

The FSF has been running its end-of-year fundraiser for several weeks, and at the time of this writing it's 175 new members short of its goal of 500 new members by the year's end, with less than 24 hours to go.

If I were to explain this shortcoming, as I often have, I'd point out that, over the past 15 months, to a significant number of Free Software and former FSF supporters, the FSF has come across as betraying its founder, lifetime leader, and founding-father of the social movement it belongs in.

In this timeframe, the FSF has notably often written Richard out of Free Software history, and instead promoted others who took very vocal stances against him.

All these Free Software supporters have, in my candid opinion, quite legitimate reasons for suspicion of what the FSF is really up to. More so given the limited amount of information available to them.

But don't get me wrong. The FSF keeps on doing a lot of very important work for Free Software in general, and for the GNU Project specifically. A lot of it is not enjoyable or exciting to do, and it's often not even noticed, but it's there, solid and constant as ever!

What the FSF is missing, in my still candid opinion, is the kind of inspiring (if often controversial) leadership and vision that Richard provided.

No offense to Geoff, he's a fine and kind person, and a strong and long-time supporter of Free Software, of the FSF, and of Richard's. But, well, he's no Richard Stallman. Not when it comes to living the values of Free Software, not when it comes to inspiring others to do so, not when it comes to foreseeing freedom problems and invariably being Stallmanly right about them. Geoff surely knows all that, and everyone probably realizes by now how worse off the FSF has been since Richard resigned.

Now, unhappy as I've been for the ways in which the FSF leadership has mistreated me, Richard Stallman has been mistreated far worse. And yet, when people emailed him expressing disapproval for the
FSF
, even right after his resignation, he has asking them to keep on supporting the FSF (see the Oct 1st, 2019 followup in the link; it has Richard's response to that post. He's such a kind [of] person.

Having seen what I've seen, faced the resistance I have, and noticed how biased the regard for community opinions and board directions seemed to be, I'm afraid I can't comfortably get myself to join Richard in asking for blanket support for the FSF. Some close friends would say I'm too honest, too transparent, and they'd be right: I have my reservations and concerns indeed.

But, besides recognizing the work the FSF keeps on doing, I am also hopeful because I perceive some things turning for the better. Because of this hope, there is something else that I am reasonably comfortable recommending and asking of those who'd trust the FSF better with Richard Stallman back in the board of directors:

Would you make a pledge to become a new member, or to renew your membership, if the FSF gets Richard back in the board of directors? Please email it to the FSF contact address (info), copying myself (oliva, at fsf or gnu).

Past communications in his favor have generally failed to reach the board of directors, and I believe this would be valuable information for the directors and voting members to have.

Would you do that for me, for Richard, for the FSF, for the Free Software Movement? That would be much appreciated! Thanks in advance!

Now, if you trust Richard enough to go by his recommendation rather than mine, I'm sure your new or renewed membership before the deadline will be much appreciated. Even in this case, I'd welcome a copy of an email to the FSF expressing that you've joined or renewed following Richard's recommendation.

Regardless, may you have a much happier GNU year!

So blong,


Copyright 2007-2020 Alexandre Oliva

Permission is granted to make and distribute verbatim copies of this entire document worldwide without royalty, provided the copyright notice, the document’s official URL, and this permission notice are preserved.

The following licensing terms also apply to all documents and postings in this blog that don’t contain a copyright notice of their own, or that contain a notice equivalent to the one above, and whose copyright can be reasonably assumed to be held by Alexandre Oliva.

This work is licensed under the Creative Commons License BY-SA (Attribution ShareAlike) 3.0 Unported. To see a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.

12.24.20

Nobody Needs GitHub for Anything

Posted in Free/Libre Software at 10:27 am by Guest Editorial Team

Summary: A reader explains why Rust is wrong to use GitHub and why the reasoning/excuses of many such projects are inherently flawed if not intentionally dishonest

This article is a discussion around the following thread.

Let’s bust some myths here.

Myth 0: GitHub is the only way to develop software in a distributed fashion.

“Software was developed in a distributed fashion since the dawn of software.”Let’s list things that were developed in a distributed fashion long before the existence of GitHub:

0) Git itself
1) GNU C compiler
2) GNU utilities
3) Linux Kernel
4) GnuPG
5) FreeBSD

Need we go on? Software was developed in a distributed fashion since the dawn of software.

Myth 1: GitHub is the only distributed development system.

Trying to market GitHub as the only way to develop software in a distributed fashion is a display of such ignorance that it is revolting. Which is why the statement “When there is a viable distributed alternative to guthub [sic] I am sure it will be seriously considered” could only be propaganda.

The Rust committee are spoiled for choice when it comes to distributed development systems. The market for interfaces built on top of Git is incredibly saturated. Gitea and GitLab are among two of the systems that are direct competitors to GitHub. So the problem here is not lack of a “viable distributed alternative” to GitHub. If the Rust committee wanted to migrate, they have many options available.

Myth 2: You need systems like GitHub or GitLab or Gitea to develop software in a distributed fashion, in the first place.

Distributed software development (DSD) is a social phenomenon; DSD is not tied to any one tool/system. People with experience in DSD know that projects usually have contributions coming in from several channels: email, forums, dedicated bug-trackers, IRC chats, etc.

Contributions that are worth something will get accepted, regardless of how they get into the hands of the maintainer(s) of a project.

Don’t believe the marketing propaganda that you NEED GitHub. If you want to use GitHub, you are free to do so. Just don’t fall for the lie that GitHub is the only option out there.

Myth 3: GitHub works for large projects.

Once your codebase and the necessary tooling required to develop your software gets complex enough, you will be met with the deficiencies of GitHub. GitHub chokes on large diffs; you are forced into the automation workflows imposed on you by GitHub; you can’t analyse the source code when something doesn’t work as you expect; these are only some of the deficiencies.

Myth 4: Your project is safe on GitHub.

Go browse the internet about what happened to the program youtube-dl. The following links are informative (and entertaining):

Free as in Freedom Should Not be Associated With Cost

Meme #0

Robotnik Button: Microsoft loves Open Source, Microsoft loves RIAA

Meme #1

Dhmis argument: EFF: Youtube-dl takedown is RIAA's fault, Youtube-dl: But Microsoft is in the RIAA, EFF: Look, it's not like we're going to tell people to delete GitHub, Elephant in the room: Didn't the EFF give an award to Microsoft recently?

12.21.20

Court Case: Matthias Kirschner, FSFE Women and Volunteers Face Modern Day Slavery

Posted in Courtroom, Europe, Free/Libre Software at 9:56 pm by Guest Editorial Team

Reprinted with permission from the Free Software Fellowship

These women are two more victims abused, two more reasons to stop giving money to FSFE and ban them from all Free Software events.

Susanne Eiswirth, Matthias Kirschner, Galia Mancheva, FSFE, workplace bullying, harassment

A blog has appeared with details of the allegations against Matthias Kirschner, including workplace bullying, sexism, stalking and underpayment of women.

Everything in the blog is entirely consistent with the observations of the last fellowship representative: Kirschner is a thin-skinned despot who tries to control everybody around him. We previously covered Kirschner’s character defects here.

We were not sure whether to name the women who were fired by Kirschner. You can see their names on this snapshot of the FSFE web site before Kirschner decided to blame them for his own small-mindedness. Now the women published a blog, will Matthias Kirschner and Florian Snow publish their names in the next FSFE meeting minutes? Look out for the names Susanne Eiswirt and Galia Mancheva. Their crime? They wanted to be paid.

One of the claims is that women are paid far less than men. This is often hard to prove. The article suggests women are paid twenty percent less than men, in other words, women are paid to work four days and they are like volunteers on the fifth day of the week. We’ve seen how FSFE and Kirschner in particular sells the work of volunteers to other groups and subjects volunteers to experiments and punishments.

There is another side to this story: Kirschner prefers to hire women as interns, not employees, so he can use them up and throw them away before they ever begin to ask serious questions about money. FSFE disposes of and immediately replaces two interns every six months or so. This is a sham to get around the employment law. Kirschner does this so that the women in these roles always remain within the more youthful age bracket, so they can spend long hours at conferences smiling at men and collecting donations.

Matthias Kirschner, FSFE, harassment, bullying, women

The blog published by one of the sacked women:

————– I took FSFE to court. This is my story –––––
Soon after the first lockdown in Berlin this year I filed a public case in the Berlin Tribunal of Labour Court against the president of Free Software Foundation Europe (FSFE), Matthias Kirschner, for workplace bullying.
Why? A female colleague and me had dared to discuss wage transparency and gender pay gap in the office. Apparently it is common in Germany that this gap exceeds 20%, but we both felt secure that the free software movement is progressive, and cares about being inclusive and equal opportunities oriented.
Unfortunately we miscalculated – our boss Matthias was beyond furious.
After that office meeting, he told my colleague “there will be consequences”. Our efforts coincided with the resignation of Richard Stallman from the US-based sister organisation of FSFE due to careless revictimisation of female victims of sexual abuse- another gender discrimination issue in our community that would cause the situation in our office to deteriorate quickly.
In its reluctant press release on this pivotal change in leadership in the largest free software organisation in the world, the FSFE had opted to honour Stallman for his undeniably long service and overlook the social issues underlying the change – something with which I expressed dissatisfaction, and not without support from colleagues.
It led to immediate retribution.
I was ordered to rewrite the text and was warned that I had “three hours to do it. Whether we will publish it or not, is going to be my [Matthias', my rem.] decision, not yours”. Free software is in most of our digital infrastructure, and I care a lot about inclusivity in this community to ensure that our most basic tools can be developed by everyone’s perspectives for everyone’s needs, so I rewrote our announcement. But not only was it never published – it was not even honoured with his feedback.
My aforementioned female colleague, who had also backed me up, was fired just a few days later. Personally, I was subjected to a good amount of pressure and strategic intrigues.
I was given tasks irrelevant to my job description and far below my qualifications. I was degraded both as a professional and due to who I am through instructions such as “translate this [text] in your mother tongue, so you can understand better”. I was belligerently micromanaged and questioned through rebukes like “why do you refer to dates in this format and not in that format”, while there is no office policy on following a particular date standard. I was even told some of the things I was working on were bullshit! For 3 months I was pushing for time to launch a newsletter survey as an attempt to make qualitative improvements, but my effort was labelled as “not necessary”.
I was regularly nagged, and prevented from doing the work I was hired for. In front of my colleagues I was tasked with one thing and in private I was asked not to do it and have it replaced with another, and then in front of others asked about the progress on the previous. Matthias was manufacturing the false impression I wasn’t doing my work, while at the same time calling and texting my private phone number in obscure hours (such as 5:00AM or 22:00PM) with work orders and topics. Unlike other colleagues, I had a hard time receiving time off for the extra days I worked on, and was prevented from taking any of my annual holidays.
I suspected Matthias was preparing to fire me, and indeed I was on a clock. He needed to make sure he was re-elected FSFE president before he could get rid of me. It would have damaged his chances to have fired all the full-time women in the office in the two months leading up to the elections – an unnecessary risk – but once approved he would have another two years’ free reign.
At this time my friends were starting to worry – the psychological pressure and lack of enough time off caused my condition was decline. I had to take a sick leave. Certain that I was about to get fired, my friends encouraged me to seek legal counsel, if so only to keep myself focussed on constructive tasks.
Immediately after my sick leave announcement, Matthias fired me over the phone on a Friday night, and threatened me to immediately go to the office to hand over work-related items. Appearing in the office during a sick leave is illegal in Germany, so I refused. A weekend of non-stop calls followed, including from hidden phone numbers. He even texted telling me I should answer my phone, for my own better. Even after my lawyer warned him to terminate all attempts to communicate with me and send someone else to pick up my work laptop, he came in person to my house, and was very irritated that I was not alone.
Eventually, of course, my sick leave ended, I was fired, and there was a global pandemic with follow-on lockdowns.
It was against this background that I filed a complaint in the Anti-Discrimination Commission in Germany and I filed a case against him in court for work-place bullying.
Disappointingly, it turned out, the Commission does not have much legal authority for actions, so I proceeded further only with the bullying case.
During the process, one curious clue popped up. In one of the publicly available answers to the court he argued I had no reason to doubt a gender pay gap, because you see, there was this male trainee that was having a lower pay than me.
But, not only does the FSFE rate women salaries lower, but also foreigners. So, if you happen to be a foreign woman – well, tough luck. At the same time they are proudly proclaiming the office “international” and “inclusive” when pursuing donor relations or in relations to the public.
The court process was taxing. The FSFE lawyer made up easily disprovable slanders against me – and I say “easily” because their charges were demonstrably false, but of course finding evidence that is also admissible in the conservative German court system did not do much good for my stress levels over summer. They disrespected the court by not submitting papers on time, and they refused to answer my allegations, opting instead to portray me as a disobedient, sexist, racist, incompetent belligerent. Why did they give such a person a permanent contract after a six month probation period? Well, magnanimously they apparently were afraid that I would otherwise be disappointed.
Now, I finally received the Labour court’s verdict some days ago. The court basically says that even though they recognise my claims as true I do not qualify for financial remuneration because I did not suffer for at least a year and I did not end up having major psychological damage of my identity.
I was accused by the FSFE that my claim was driven by a desire for a quick financial gain. Unfortunately, the German law foresees only monetary and no other type of compensation. However, I was given the opportunity in court to ask for something else. I asked for an apology and the president of the FSFE refused.
Why am I writing all this? Because I want to expose the hypocrisy and double standards in FSFE leadership. How the organisation “promoting” transparency, equality and inclusivity treats employees and more specifically women. How donations are spent on nurturing Matthias’ grandiosity. Because, let’s be honest, to how many male employees’ homes would he appear uninvited after being cautioned by a lawyer not to do so?
I remain committed to open infrastructure and free software, and I know the community extends beyond the FSFE Berlin office, where Matthias reigns supreme with the support of his FSFE Board employees. I of course also hope that the advocacy arm of the European free software movement will eventually also reflect the diversity, friendship and equality that I continue to find in the movement as such. Finally, I want to thank those of my hacker friends who showed up in person at my final court hearing and those whose priceless support remained in spite of physical distance. Your presence made it so much more bearable, and reminded me that it is not the sour apples of the FSFE offices that make our community, but the many people around them who continue to commit themselves and their skills to a better tomorrow.

12.19.20

Alexandre Oliva on Richard Stallman’s Leadership

Posted in Free/Libre Software, FSF at 8:32 pm by Guest Editorial Team

Original blog post/article by Alexandre Oliva

Ducks in a row

Summary: New article by Alexandre Oliva of the FSF’s Board

Free Software is a social, ethical and political movement for freedom, solidarity and autonomy in software users’ digital lives.

Richard Stallman founded it, published and defended the ideas that drive it, and amassed quite a significant amount of support, and also of criticism. Opponents of the movement he started have long resorted to attacking him on unrelated issues, in attempts to undermine the movement and his leadership thereof.

He’s so famously associated with leadership of the movement at large that he’s even labeled father of open source, despite his disapproval for the dissident, business-oriented marketing campaign that takes that name, whose prominent members often criticize him. Ironically, people often think they are disparaging their own leader.

Even among them, he’s a reference point when it comes to caring about software freedom for users, and he understands much of the power dynamics that constantly threaten freedoms, to the point that “Stallman was right” became a famous meme.

He’s always been a very inclusive leader. Anyone willing to advance the ideals, goals, and strategies of our movement is welcome to do so, regardless of other unrelated views. Those who do a good job at it earn trust and support from other proponents, including from the founder himself. When people show success at promoting our values to a community, we’re happy to support them at that. This is caring about the cause, and it’s good leadership, too.

Not long ago, there were moves to exclude Stallman from the movement and from the organized efforts he started, and impose a political stand about issues unrelated to the software freedom issue. It’s not that people can’t or shouldn’t hold or express unrelated views; he and they should be just as welcome and free to do so. People are multidimensional: we care about multiple issues.

However, in the Free Software Movement, the focus has always been on a single issue: freedom for all software users, justified on ethics and grounded on solidarity and on human rights, particularly on free speech. Stallman remains committed to the ideas that define the movement: though he supports several unrelated causes, he has not attempted to impose them on the free software movement.

The rationale to exclude him, on the other hand, implies a very significant departure from the single issue that has united us. It amounts to redefining the Free Software Movement by forcing other political views into it. The result would be one that couldn’t count on such broad support, because alignment on multiple unrelated issues would be required. It would exclude present and future supporters who refuse to conflate their support for Free Software with unrelated issues. That would divide and damage the movement, and I believe nobody favorable to the movement should accept that, whether they support the unrelated views or not.

Again, it’s not that people shouldn’t hold or defend unrelated views, nor that we oppose those views, it’s that making them additional core issues of a so-far single-issue movement is divisive. With respectful expression of ideas, thoughtful listening, and willingness to learn and to improve, we increase the odds of helping each other and finding common ground, even if it’s just that tolerating differences on unrelated issues unites us and makes the movement stronger, whereas intolerance to such differences would tend to fragment it.

Anyway, some advocates may believe they can do a better job than the founder at promoting software freedom values to communities that share other unrelated values with them, or that dislike him, for whatever reasons–valid or not. Let’s encourage them and wish them success! We and they are for the same cause, in the same movement, after all.

But let’s also wish them to be conscientious about how to criticize the founding-father and leader of the movement that got us all together to support, promote and live by the software freedom values. Even if the criticism is valid, publicly disparaging him hurts the movement, dividing us and pushing potential supporters away. So let’s go for adult conversations when fair and honest criticism is called for, and leave the public shaming based on false reports to our opponents, shall we?

So blong…


Copyright 2007-2020 Alexandre Oliva

Permission is granted to make and distribute verbatim copies of this entire document worldwide without royalty, provided the copyright notice, the document’s official URL, and this permission notice are preserved.

The following licensing terms also apply to all documents and postings in this blog that don’t contain a copyright notice of their own, or that contain a notice equivalent to the one above, and whose copyright can be reasonably assumed to be held by Alexandre Oliva.

This work is licensed under the Creative Commons License BY-SA (Attribution ShareAlike) 3.0 Unported. To see a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 444 Castro Street, Suite 900, Mountain View, California, 94041, USA.

12.17.20

Links 17/12/2020: Mesa 20.3.1, Ubuntu Touch OTA-15 and More

Posted in News Roundup at 3:23 am by Guest Editorial Team

  • GNU/Linux

    • Desktop/Laptop

      • Chrome OS Developers highlight the Linux terminal in new promo video

        Google rolled out the new Terminal 2.0 for Crostini Linux back in late July and with it came some much-needed UI improvements to make the Chrome OS developer environment a little more user-friendly. With the update, users can now customize the terminal as well as open multiple terminal instances in a single window. Most of it is simply for show and has little to do with the functionality of the Terminal app but you can access and customize keyboard shortcuts to curate your personal workflow.

    • Server

      • Third Party Device Metrics Reaches GA

        With Kubernetes 1.20, infrastructure teams who manage large scale Kubernetes clusters, are seeing the graduation of two exciting and long awaited features…

        [...]

        Many of the features related to fundamental device support (device discovery, plugin, and monitoring) are reaching a strong level of stability. Kubernetes users should see these features as stepping stones to enable more complex use cases (networking, scheduling, storage, etc.)!

        One such example is Non Uniform Memory Access (NUMA) placement where, when selecting a device, an application typically wants to ensure that data transfer between CPU Memory and Device Memory is as fast as possible. In some cases, incorrect NUMA placement can nullify the benefit of offloading compute to an external device.

        If these are topics of interest to you, consider joining the Kubernetes Node Special Insterest Group (SIG) for all topics related to the Kubernetes node, the COD (container orchestrated device) workgroup for topics related to runtimes, or the resource management forum for topics related to resource management!

      • Inexpensive highly available LXD cluster: Redundancy

        In the previous post I went over the reasons for switching to my own hardware and what hardware I ended up selecting for the job.

        Now it’s time to look at how I intend to achieve the high availability goals of this setup. Effectively limiting the number of single point of failure as much as possible.

        [...]

        On the compute side, I’m obviously going to be using LXD with the majority of services running in containers and with a few more running in virtual machines.

        Stateless services that I want to always be running no matter what happens will be using anycast as shown above. This also applies to critical internal services as is the case above with my internal DNS resolvers (unbound).

        Other services may still run two or more instances and be placed behind a load balancing proxy (HAProxy) to spread the load as needed and handle failures.

        Lastly even services that will only be run by a single instance will still benefit from the highly available environment. All their data will be stored on Ceph, meaning that in the event of a server maintenance or failure, it’s a simple matter of running lxc move to relocate them to any of the others and bring them back online. When planned ahead of time, this is service downtime of less than 5s or so.

      • Raspberry Pi Hosting Firm miniNodes Grows Up, Gets Proper Data Center | Data Center Knowledge

        The pioneer of selling tiny bare-metal computers as a service expects more growth, fueled by the rise of Arm servers.

    • Audiocasts/Shows

      • Linux Mint 20.1 Beta XFCE

        Today we are looking at LinuxMint 20.1 Beta, the XFCE Edtion It comes with Linux Kernel 5.8 (upgradeable to 5.8), XFCE 4.14, and uses about 600MB of ram when idling. Enjoy!

      • Linux Mint 20.1 Beta XFCE Run Through

        In this video, we are looking at Linux Mint 20.1 Beta XFCE Edition.

      • FLOSS Weekly 609: Open Source Security – Trusting Open Source in Government and Business

        David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he’s involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That’s in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic.

      • Installation And First Look Of NuTyX

        I’m taking a quick first look at a Linux distribution that I haven’t tried before. That distribution is NuTyX. It’s country of origin is Switzerland, and the distro is based on Linux From Scratch. It has its own package manager called “cards”. It also uses BusyBox.

      • Desktop Linux Will Never Matter To The Linux Foundation

        I don’t know why this keeps being news, the Linux Foundation doesn’t care about desktop linux this should be evident from who funds the organisation and who is on the board of directors but every year it comes out that the Linux Foundation has made their report on Mac OS surprising more people than it should

      • Why you should patch CVE-2020-1971 (and how KernelCare+ can help)

        On December 8th, OpenSSL revealed vulnerability CVE-2020-1971, which can cause a denial of service attack on unpatched web servers. Although not a data-leakage bug, this vulnerability could bring down an application via a malicious certificate, so it’s important to understand the basics of it and why patching it is important.

      • Open Source Security Podcast (Josh Bressers): Episode 242 – Door 17: Vulnerability response

        Josh and Kurt talk about vulnerability response. What is it, what does it mean, how does it work

      • The Linux Link Tech Show Episode 885

        selling stuff, linux phones, service now, network improvements, ps5

      • mintCast 350 – Rocky Road Ahead

        First up, in our Wanderings, Joe preps for 3D work and does some Audio editing, Tony gets older and has a new toy to play with, Bo has been educating himself, Moss destroys his wife’s computer by accident, and Josh was a little late.

        Then in the news, We have the latest Mint newsletter, Cinnamon 4.8 arrives, Elementary OS goes Pi, and much more

        In security, we shed some light on Oblivious DNS over HTTPS

      • Seduced by The Snake | Coder Radio 392

        Mike recalls how he accidentally converted his development shop into a Python house, and Chris experiments with his Minium Viable Robe.

    • Kernel Space

      • Linux 5.11 HID + Input Changes Bring Inhibiting Support, AMD Sensor Fusion Hub – Phoronix

        The input subsystem changes for the Linux 5.11 kernel have now been submitted and merged. Along related lines, the HID subsystem changes were also submitted with notable updates as well.

        On the input side with Linux 5.11 a new feature is the “inhibited” feature to temporarily disregard input from select devices. The use-case for this inhibited input device support is for devices like 2-in-1 laptops where the laptop may be folded underneath the device at times and during that period no input events should reach user-space as it would amount to accidental input. With today’s devices there are also other similar setups where at times you may want to avoid any input events from a given device or to prevent it from potentially waking the system. This inhibited input support was spearheaded by Google’s Chrome OS engineers.

      • AMD Frequency Invariance Support Comes With Linux 5.11 – Phoronix

        The previously reported on work for frequency invariance calculations for AMD CPUs with a focus on the AMD EPYC 7002 series has been merged for Linux 5.11 as part of the “sched/core” material.

        Following all of the Intel Linux kernel work in recent months around frequency invariance handling for more accurate load tracking and making more accurate frequency scaling decisions, the initial AMD implementation is here with Linux 5.11 as part of the core scheduler updates. In basic terms, the frequency invariance calculation is for addressing the issue of tasks appearing larger if the CPU is running slower so the frequency invariance takes into account the current frequency relative to the maximum possible frequency.

      • XFS, stable kernels, and -rc releases

        Ever since the stable-update process was created, there have been questions about which patches are suitable for inclusion in those updates; usually, these discussions are driven by people who think that the criteria should be more restrictive. A regression in the XFS filesystem that found its way into the 5.9.9 stable update briefly rekindled this discussion. In one sense, there was little new ground covered in this iteration, but there was an interesting point raised about the relationship between stable updates and the mainline kernel -rc releases.
        In the beginning, stable updates were restricted to critical fixes only, but the rules were relaxed over time. The patches merged for stable updates now are often automatically selected using a machine-learning system; others are picked because they look like they fix something somewhere. The result has been a massive increase in the number of patches going into the stable updates; the 5.9.x series has had over 1,900 patches applied through 5.9.11, while the delta between 4.9 and 4.9.246 is well over 18,000 patches.

        Incorporating all those patches undoubtedly has the effect of increasing the number of useful fixes in the stable releases, which is a good thing. But it also increases the chances of merging bad patches that provide users with something other than the problem-free experience they were looking for.

        For example, this XFS “fix” was posted to the linux-xfs list on November 9; it was reviewed, applied, and eventually pushed to the mainline four days later, where it appeared in the 5.10-rc4 release. On the 17th, Greg Kroah-Hartman included this patch in the 5.9.9 review cycle, along with 254 other fixes. No objections were raised, and the patch was part of the 5.9.9 release on the 19th, ten days after it was originally posted.

      • Sidestepping kernel memory management with DMEMFS

        One of the kernel’s primary jobs is to manage the memory installed in the system. Over the years, though, there have been various reasons for removing a portion of the system’s memory from the kernel’s view. One of the latest can be seen in a mechanism called DMEMFS, which is being proposed as a way to get around some inefficiency in how the kernel keeps track of RAM.
        In the early years, the motivation for hiding memory from the kernel was to avoid the problems caused by fragmentation. Allocating large contiguous areas tended to be nearly impossible after a system had been running for some time, creating problems for hardware that absolutely could not function without such areas. Once upon a time, an out-of-tree patch called “bigphysarea” was often used to reserve a range of memory for such allocations; since the kernel did not get its hands on this memory directly, it could not fragment it. LWN first captured a bigphysarea announcement in 1999, but the patch had been around for some time by then.

        In the relatively recent past (2010), the contiguous memory allocator (CMA) patches provided a similar functionality using the same technique. Since then, though, the problem of allocating large contiguous areas has gotten much smaller. The kernel’s own defragmentation mechanisms have improved considerably, and simply having more memory around also helps. CMA now relies on compaction and no longer uses a carved-out memory region.

        DMEMFS has a different motivation. The kernel tracks memory via a data structure called the “memory map”, which is essentially an array of page structures. A great deal of information is packed into this structure to tell the kernel how each page is used, track its position on various lists, connect it to its backing store, and more. Much effort has been expended over the years to keep struct page as small as possible, but it still occupies 64 bytes on 64-bit systems.

      • The future of 32-bit Linux

        The news for processors and system-on-chip (SoC) products these days is all about 64-bit cores powering the latest computers and smartphones, so it’s easy to be misled into thinking that all 32-bit technology is obsolete. That quickly leads to the idea of removing support for 32-bit hardware, which would clearly make life easier for kernel developers in a number of ways. At the same time, a majority of embedded systems shipped today do use 32-bit processors, so a valid question is if this will ever change, or if 32-bit will continue to be the best choice for devices that do not require significant resources.

        To find an answer, it is worth taking a look at different types of systems supported in Linux today, how they have evolved over time with the introduction of 64-bit processors, why they remain popular, and what challenges these face today and in the future.

      • Understanding 52-bit virtual address support in the Arm64 kernel

        The introduction of 64-bit hardware increased the need to handle larger address spaces.

      • Graphics Stack

        • [Mesa-dev] [ANNOUNCE] mesa 20.3.1
          Hi list,
          
          I'd like to announce mesa 20.3.1, which is now available for download.
          We've got lots of good stuff here; iris, panfrost, aco, radeonsi, nir,
          softpipe, zink, core gallium, st/mesa, turnip, android, meson, and
          plenty of radv fixes.
          
          Cheers,
          Dylan
          
        • Mesa 20.3.1 Released With Several RADV Fixes, Other Driver Updates

          Mesa 20.3 shipped earlier this month while those waiting for the first point release to upgrade to this quarterly series can now safely make the shift as Mesa 20.3.1 was released today.

          Mesa 20.3.1 was released today with a wide assortment of fixes throughout this collection of predominantly OpenGL and Vulkan drivers. The RADV Radeon Vulkan driver stands out with having a number of fixes — there are some Next-Gen Geometry (NGG) fixes as well as for now marking GFX10.3 / RDNA2 as a non-conformant Vulkan implementation since it hasn’t officially passed the Vulkan CTS yet. Plus there are other RADV fixes as well as for the ACO compiler back-end.

        • Mike Blumenkrantz: Pointers

          This is the journey of how zink-wip went from 0 fps in RPCS3 to a bit more than that. Quite a bit more, in fact, if you’re using RADV.

          As all new app tests begin, this one started with firing up the app. Since there’s no homebrew games available (that I could find), I decided to pick something that I owned and was familiar with. Namely a demo of Bioshock.

        • NVIDIA CUDA 11.2 Released For Further Enhancing Its Proprietary Compute Stack – Phoronix

          In addition to the NVIDIA 460 series Linux beta driver being released this week, CUDA 11.2 has also made its debut for Windows and Linux.

    • Instructionals/Technical

      • How To Install Spotify on Linux Mint 20 – idroot

        In this tutorial, we will show you how to install Spotify on Linux Mint 20. For those of you who didn’t know, Spotify is a digital music streaming service that gives you instant access to millions of songs, from old classics to the latest hits. You can stream everything, upgrade and sync tracks and playlists offline, or purchase individual tracks to keep forever.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of Spotify music streaming on a Linux Mint 20 (Ulyana).

      • Boost Up Productivity in Bash – Tips and Tricks | Linux Journal

        When spending most of your day around bash shell, it is not uncommon to waste time typing the same commands over and over again. This is pretty close to the definition of insanity.

        Luckily, bash gives us several ways to avoid repetition and increase productivity.

        Today, we will explore the tools we can leverage to optimize what I love to call “shell time”.

      • How to Disable IPv6 on RHEL/CentOS 8

        IPv6 (Internet Protocol Version 6) is an internet protocol that routes traffic and provides an identification and location system for computers on networks. It has long been touted that IPv6 will replace IPv4, but we are not there yet. Disabling IPv6 on your system is actually quite straightforward.

      • How to Use the nmap Command | Linuxize

        Nmap is a powerful network scanning tool for security audits and penetration testing. It is one of the essential tools used by network administrators to troubleshooting network connectivity issues and port scanning .

        Nmap can also detect the Mac address, OS type , service version, and much more.
        This article explains the basics of how to use the nmap command to perform various network tasks.

      • How to install Audacity 2.4.2 on a Chromebook

        Today we are looking at how to install Audacity 2.4.2 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to install Linux Kernel 5.10 on Ubuntu 20.04 LTS – Linux Shout

        Recently, Linus Torvalds has released the long term supported version of Linux Kernel i.e 5.10. In this version, the set_fs () mechanism is set to be removed, however, not for all but at least on some CPU architectures will. The current Linux kernel 5.10 supports the ARM Memory Tagging Extensions (MTE).

        The kernel also supports the start of RISC-V systems with EFI for the first time. AMD’s encryption for virtualization (SEV) now also supports the encryption of processor registers of guest systems.

      • Autofs instead of fstab – blog’o’less

        There is an inefficient way to mount external storage (local or remote). An hard to die habit: fstab. Let’s try autofs.

      • How to install Libreoffice in kali linux using terminal – Linux Shout

        Kali Linux which is one of the popular distros for hacking and penetration testing doesn’t come with office software out of the box. Thus, we can install LibreOffice on Kali using just one command on the terminal, if you want.

        LibreOffice is another widely used free and open-source office after Apache OpenOffice. It is one of the best alternatives to the Microsoft office program in the free category. It comes with all modules we need to perform document-related tasks. From word processing to spreadsheets and the development of presentations, all areas are covered.

      • Moving things around in OpenStack | Adam Young’s Web Log

        While reviewing the comments on the Ironic spec, for Secure RBAC. I had to ask myself if the “project” construct makes sense for Ironic. I still think it does, but I’ll write this down to see if I can clarify it for me, and maybe for you, too.

        Baremetal servers change. The whole point of Ironic is to control the change of Baremetal servers from inanimate pieces of metal to “really useful engines.” This needs to happen in a controlled and unsurprising way.

        Ironic the server does what it is told. If a new piece of metal starts sending out DHCP requests, Ironic is going to PXE boot it. This is the start of this new piece of metals journey of self discovery. At least as far as Ironic is concerned.

        But really, someone had to rack and wire said piece of metal. Likely the person that did this is not the person that is going to run workloads on it in the end. They might not even work for the same company; they might be a delivery person from Dell or Supermicro. So, once they are done with it, they don’t own it any more.

      • Getting SweetHome3D To Run on Fedora 33

        When I tried running SweetHome3D, I got two different problems depending on which of the scripts I tried. I eventually was able to get ./SweetHome3D-Java3D-1_5_2 to run.

    • Games

      • Great nonogram puzzler Pixross from Kenney is now on Steam and upgraded | GamingOnLinux

        After releasing for itch.io first Pixross, the nonogram puzzle game from Kenney, has now hopped on over to Steam and it also had a sweet upgrade for both stores.

        “Pixross is a picture logic puzzle game featuring 150+ unique puzzles, customization and extra challenges for each puzzle. Unlock new puzzle packs or customization options by completing puzzles!”

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • GTK 4.0 Released, One Month After GIMP Finally Switched to GTK 3.X

          The GTK development team has just announced GTK 4.0; The latest stable version of the popular graphical user interfaces development toolkit. After 4 years of continuous work, the GTK 4.0 series brings tremendous changes over the GTK 3.X branch.

          You can read more about these changes in details from the official GTK blog post, which we’ll not copy here since you’d need to see the detailed videos and screenshots by yourself.

          However, there are some interesting remarks about GTK 4.0

        • Who Wrote GTK4

          GTK 4 has been a colossal, multi-year development endeavor that started in October 2016 and ended in December 2020. Now that the 4.0 release is finally out, it’s time to look back to the incredible amount of work done by hundreds of contributors over these four years.

          Back in 2016 we were definitely a bit optimistic on the time table, and thought we would be able to release 4.0 in three years, by the end of 2019. The plan was to start by changing the rendering pipeline of GTK, by moving it to a retained graph of operations that could be submitted to the GPU, as opposed to the immediate mode rendering that we had since the very beginning of the toolkit, and which survived two major API cycles—first by abstracting Xlib drawing commands, and then by moving to Cairo operations. Of course, we also knew we wanted to improve other sub-systems, like input and the windowing system API, to move away from X11-isms and towards a design more in line with the requirements of Wayland (and other windowing systems). What we got, after all was said and done, is a deep redesign of the internals of the toolkit, as well as a different programming model that favors more delegation through ancillary objects, and fewer leaky abstractions and deep type hierarchies; additionally, we pared down the exposed internals, to ensure that the toolkit, and the applications using it, will be more maintainable in the future. The downside is that GTK is less of a “meta toolkit”, whose internal state can be poked at from the outside while expecting to work across multiple releases; that approach was, in the long term, unsustainable given the available resources, and left us unable to optimise or improve the internals of GTK, to the detriment of every user.

    • Distributions

      • IBM/Red Hat/Fedora

        • Fedora and its editions

          Fedora has long had Workstation and Server editions and, back in August, added an edition for Internet of Things (IoT) devices. Those editions target different use cases for the distribution, as does the CoreOS “spin” (or “emerging edition”), which targets cloud and Kubernetes deployments. A proposal to elevate Fedora CoreOS to a full edition as part of Fedora 34 was recently discussed on the Fedora devel mailing list. As part of that, what it means for a distribution to be part of Fedora was discussed as well.

        • Kubernetes predictions for 2021, scientists are joining GitHub, and more industry trends [Ed: Red Hat is boosting Microsoft's proprietary software monopoly (citing marketing material from Microsoft)]
        • Remi Collet: New server for 2021

          I just moved all my web sites to a new server.

          If you read this entry, this means DNS have done their work, and you are connected to this new server.

        • Fedora 33 : Sigil software.

          Sigil is a ePub editor for Linux and omes with powerful features like UTF-16, EPUB 2 spec, and limited EPUB 3 support.
          The complete control over directly editing EPUB syntax in Code View and Table of Contents generator with multi-level heading support and metadata editor.

        • Should I offload my networking to hardware? A look at hardware offloading

          In this post we’ll look at why you should care about network hardware offloading. It is more than networking speeds and bottlenecks.

        • Red Hat Builds a Common Kubernetes Foundation for Windows and Linux Container Workloads with Windows Containers Support for Red Hat OpenShift [Ed: Red Hat helping Microsoft]
        • Scaling cloud-native messaging applications with KEDA – IBM Developer

          Great news: you’ve just written your first messaging application with IBM MQ. Your messaging application is well encapsulated, you’ve followed reactive principles, and you’re ready to deploy it to your cloud service. Your code is elegant – it takes a message from a queue, performs a task, and then moves on to the next one. Your application will doubtlessly be efficient and consume tiny amounts of compute resource in CPU and memory.

          As your app runs natively in the cloud, you can expect container orchestration to provide a basic autoscaling mechanism for free. If the container starts to get busy, then Kubernetes will step in to provision more instances of the app. However, in this scenario, we have a different problem: While the system is busy and the app is working as hard as it can, the CPU and memory consumption is low so the autoscaler won’t detect that messages are backing up on a queue. In turn, this can result in a noticeable delay in response times as the increased load is not recognized or in the worst case a full queue that is no longer capable of receiving new messages.

      • Debian Family

        • UCS 5.0 Beta: Preview of the new generation

          We published the last UCS major release (UCS 4.0) in 2016. With UCS 5.0, we have now decided to go for an extensive update of the technical base and design of UCS. The first beta version of UCS 5.0, which has now been released, provides an initial preview of these updates. While testers are invited to try it, app vendors are offered a possibility to port and adapt their software. The beta version gives a glimpse of the new UI design and already provides some of the planned functions. However, this preview is not intended for productive use.

      • Canonical/Ubuntu Family

        • Ubuntu Touch OTA-15 brings bug fixes and support for more phones – Linux Smartphones

          The latest release of Ubuntu Touch for smartphones and tablets is starting to roll out and for the most part this release focuses on stability, bug fixes, and adding support for more devices. But Ubuntu Touch OTA-15 also paves the way for the next few releases, which will bring much bigger changes.

          Probably the most interesting things about Ubuntu Touch OTA-15 are that it brings improved support for the Volla Phone and other devices designed to ship with Android 9, and adds support for a few new devices including the Google Pixel 3a and F(x)tec Pro 1 and Pro 1 X.

          [...]

          According to the OTA-15 release notes, the latest stable channel build of Ubuntu Touch now supports smooth audio playback on the Volla Phone, allows pictures taken with the phone’s camera to be rotated correctly, and there are some cellular improvements as well. These changes should hopefully apply to other Android 9 devices as well.

        • Linux Mint 20.1 ‘Ulyssa’ beta launches with new programs

          The Linux Mint project has just released the beta for Linux Mint 20.1. The new beta is available in the Cinnamon, MATE, and Xfce flavours of Linux Mint and aside from desktop improvements, share the same set of new features.

          Neowin has covered some of Linux Mint’s development updates in recent months and the work that went in then has landed in a more mature form in this beta. Highlights include a new Web Apps tool that lets you turn your favourite sites into web apps accessible from the app menu and IPTV program called Hypnotix has been created and items can be marked as favourites in the file manager on Cinnamon.

          Another change in Linux Mint 20.1, which has been known for quite a while now, is the inclusion of Chromium in the repositories. Chromium had previously been removed from the Linux Mint repositories because the maintainers didn’t like that it had Snap dependencies. The Chromium that is now included is compiled directly by the Mint team and updates will be released in a timely manner.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • Firefox 85 Will Let You Remove All Saved Logins with One Click, Drops Adobe Flash Support

            Firefox 84 arrived on Tuesday with the WebRender feature enabled by default for some Linux systems using X11 and the GNOME desktop environment, as well as the ability to allocate shared memory on Linux systems for improved performance and increased compatibility with Docker.

            Firefox 84 is also the last version of the popular web browser to support the Adobe Flash Player plugin, which will no longer be supported by Adobe after January 12th, 2021. Therefore, Firefox 85 will be the first release of Mozilla’s web browser to no longer support Adobe Flash Player, which will improve performance and security.

          • 2020 MDN Web Developer Needs Assessment now available

            The 2020 MDN Web Developer Needs Assessment (DNA) report is now available! This post takes you through what we’ve accomplished in 2020 based on the findings in the inaugural report, key takeaways of the 2020 survey, and what our next steps are as a result.

            [...]

            We are aiming to follow up on key findings with further research in the next few months. This will involve picking some key areas to focus on, and then performing user interviews and further analysis to allow us to drill down into key areas of frustration to see what the way forward is to mitigating them.

      • FSFE

        • CWA without Google +++ International development cooperation +++ KDE interview

          Christian Grigis, Fynn Godau, Marcus Hoffmann and Marvin Wißfeld achieved what official bodies have been missing for months: They have made available the German “Corona Warn App” (CWA) for tracing Covid-19 risk contacts in a version that is completely free of dependencies on Google and is available in F-Droid, the Free Software app store.

          Initial release of the CWA was in June and the FSFE’s demand that any Corona tracking app must be used voluntarily and be Free Software has been followed. However, the implemented exchange of device keys via Bluetooth, on the basis of which the risk is calculated, is handled by an underlying interface called Exposure Notifications API, which was, significantly, developed by Apple and Google and was largely proprietary. One also had to use proprietary Google Play Services or the iTunes store to install it.

      • FSF

        • IDAD 2020 sent Netflix and DRM a message

          December 4th was the Free Software Foundation (FSF) and its Defective by Design (DBD) campaign’s fourteenth International Day Against DRM (IDAD), and we couldn’t have done it without your help. Given that we were unable to organize in person this year, the international response of people who digitally stood up against Digital Restrictions Management has been nothing short of inspiring. We were able to come together for a common goal and voice our opposition against DRM.

          Being the International Day Against DRM, it wouldn’t be complete without a bit of action. Thanks to the help of our supporters, we were able to send Netflix a strong message about its use of DRM. Given its tremendous resources and influence, Netflix has the opportunity to pave the way and be the first major and globally used DRM-free streaming service. As it currently stands, however, it falls into the trap of restricting what users can and cannot do with their media under the guise of “copyright infringement,” something DRM does nothing to combat (and even if it did, would only do so at an unacceptable cost to your freedom). As December 4th also marked the start of Netflix’s “StreamFest” promotion in some countries, we wanted to be there to tell it that no use of DRM is acceptable. Together, we were able to make our voices heard. And we’re pretty sure they heard us, based on reports of them taking the main phone number we pointed the DRM Elimination crew to offline.

        • John Goerzen: Non-Creepy Technology Purchasing & Gifting Guides

          This time of year, a lot of people are thinking of buying gadgets and phones as gifts. But there are a lot of tech companies that have unethical practices, from terrible working conditions in their factories to spying on their users. Here are some buying guides to help you find gadgets that are fun – and not creepy.

          The Free Software Foundation’s Ethical Tech Giving Guide is a fantastic resource from what’s probably the pickiest organization out there when it comes to tech. Not only do they highlight good devices, they also explain why and why you should, for instance, avoid the iPhone (their history of silencing political activists and spying on users).

          The FSF also has a Guide to DRM-Free Living talks about books, video, audio, and software that respects your freedom by letting you make your own backups, move it to other devices, and continue to use your purchases even if you have no Internet or the company you bought them from goes bankrupt. This is a fantastic and HUGE resource; there are hundreds of organizations out there that provide content in a way that respects your rights — and many of them do it for free, legally, as well.

        • GNU Projects

          • Gnulib can help your C++ programs

            Typically you test your programs on glibc systems. Gnulib helps you to have the same program compile and work fine on other platforms, such as musl libc systems, macOS, FreeBSD, NetBSD, OpenBSD, AIX, Solaris, Cygwin, mingw, MSVC, Haiku, and even Minix and Android.

            To do so, Gnulib implements many functions specified by POSIX or found in glibc if the platforms lacks them, and adds workarounds for bugs in the platform implementations. These substitutes are now (since 2019, actually) available also to C++ programs, if your program accesses these functions directly.

          • GNUHealthCon 2020. Social Medicine in a time of pandemic

            It was not easy… we’re so used to celebrate the GNU Health Conference (GHCon) and the International Workshop on eHealth in Emerging Economies (IWEEE) in a physical location, that changing to a virtual conference was challenging. At the end of the day, we are about Social Medicine, and social interaction is a key part of it.

            The pandemic has changed many things, including the way we interact. So we decided to work on a Big Blue Button instance, and switch to virtual hugs for this year. Surprisingly, it work out very well. We had colleagues from Gabon, Brazil, Japan, Austria, United States, Argentina, Spain, Germany, Chile, Belgium, Jamaica, England, Greece and Switzerland. We didn’t have any serious issues with the connectivity, and all the live presentations went fine. Time zone difference among countries was a bit challenging, specially to our friends from Asia, but they made it!

          • GNU Health pioneers the adoption of WHO ICD-11 and ICHI standards

            The GNU Health project believes in coding standards, specially in those that can be widely used. In 2011, the United Nations University (UNU) adopted the GNU Health Hospital Management Information System (HMIS) component, in part because of its strong focus in social medicine and environmental health, but also because it complied with most of the World Health Organization standards.

            Using WHO standards is key for global health. The GNU Health federation provides timely and accurate health information to citizens and health professionals globally. We are able to generate this large, distributed networks of information thanks to protocols and standards, that permit the aggregation of data from thousands and even millions of nodes.

      • Programming/Development

        • State as Observables, State as Ngrx.

          Observables and Ngrx are complex. As with any technology, it is very very easy to forget what you are trying to accomplish as you wade through the details.

          Start and end by thinking “What do I want to accomplish”.

          These tools are capable of taking a very complex problem and simplifying it. That has been my experience.

          But they are also capable of taking a simple situation and making it very complicated.

          Start with defining the State. It is the data the view needs to render over time. How would you think about this problem.

          Where is the data coming from? Usually an api.

          What does the data look like from the api? Usually not what you need for the view, so the observable chain or the reducer functions would take this maybe complex tree and transform it into what your view needs.

        • Perl/Raku

          • A Note On Raku Performance

            Just another day before Christmas and one more great Raku Advent Calendar article: Day 14: Writing Faster Raku code, Part I.

          • Raku Advent Calendar: Day 17: Becoming a Time Lord in Raku

            I’ve lived within a few minutes of a time zone border for most of my life. The way we distinguished time wasn’t with the official monickers of “Eastern” and “Central” time. No, we used the much more folksy (and yet, also much cooler) terms “fast time” and “slow time”. Knowing which zone you were talking about was extremely important as many people like my mother lived in one zone and worked in the other.

            When I started looking at implementing internationalized DateTime formatters in Raku using data from the Common Linguistic Data Repository (or CLDR), I came to a fairly surprisingly realization: Raku doesn’t understand timezones! Sure, DateTime objects have the .timezone method, but it’s just an alias for .offset to figure out the offset from GMT.

            Having lived in countries that did daylight savings time at different times of the year, having family in places in my own zone that don’t observe daylight savings time, and knowing that there are weird places with thirty- and even forty-five-minute offsets from GMT, I knew time zones could be complicated.

          • Perl dying? Well now I don’t care

            It is a bit of a long story how I got burned by bad perl internal politics.

            For many years I wanted images in Pod. And many others wanted too. And of course, each time I raised this in lists and on facebook, an answer was, if you want it, go and write it yourself. I would tell that myself, the classic “patches are welcome”. Until one day I said, well, now, why actually not, right? Especially that I do have experience in creating and actively using images in pod using various hacks, such as direct inclusion of html with images, and even writing a standalone POD viewer capable of showing said images.

            However as I’m in software development in so many years, I know that just writing whatever image extension I feel like won’t get accepted: people won’t necessarily agree on the new sytnax, on the way it is implemented, or even on the very fact that the extenision is needed, at all. So I started by carefully asking around these questions everyone on all perl groups I could reach, and even opened a ticket on github to discuss whether image extension for pod is a good and desired thing to do, and what syntax it should have.

            [...]

            However the next step came to be not quite what I expected. Or even worse, it _was_ what I expected, but worked some months in advance to prevent just that. Namely, there started to appear feedbacks that said that they don’t want YAML. Well, after having come that far, some would consider it a bit too late probably. But okay, let’s find out what the problem is, and let’s fix it, and let’s move on. But… no. I asked several times what seems to be the problem, and the gist of it seems to be that they just don’t want it, without explanation. Just that. Worse, as I understand, this is core people. And so it has halted.

            Boy, this was a disappointment. Did I not ask everyone, everyone I could reach, do you have any objection? Do you mind this? Do you mind that? What is, in your optinion the syntax should be? And only after lots of efforts, it ended like this. I’m angry, I’m frustrated, I don’t have any stamina left to ask around again, especially the other side doesn’t seem to be interested in dialogue. And why should I, really? When I started with perl in 1997, and went on YAPC conferences, there were so many possibilities to expand the language, and Larry Wall was blessing all kinds of crazy extensions (remember rewrite of perl on C++? that was blessed too). It’s a pity that a culture once blossoming turned into this. Probably it needs to die so everyone would understand what was lost. I don’t know. And I don’t care now.

          • Drawing a blank with XS

            I spent quite a lot of time trying to work out what this error message meant:

            Error: Unterminated ‘#if/#ifdef/#ifndef’ in Libpng.xs, line 1328
            The first problem here is that line 1328 is the end of the file, so that wasn’t a big help.

            After spending a lot of time counting #if and #endif statements in the file over and over again, in the end I had the bright idea of looking at the actual XS output, and managed to find the problem.

        • Rust

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Beyond The Far Side: Thoughts on secure and private machines behind IPFire

            Following a certain unethical logic, it makes sense for an attacker to hit the weakest the hardest. Why bother with a reasonably secure firewall if the system behind it is missing important patches? Why try targeting the skilled IT staff – which will ignore the attempt at best, if not blocking your infrastructure for the entire network – if their stressful HR colleagues click on every link and open every document they see? As important as an IPFire’s configuration is, this post focuses on the systems behind such a firewall, considering important aspects in terms of both security and privacy.

            [...]

            It may sound like an eternal mantra, but running closed-source software is a bad thing. While this does not necessarily make open-source software intrinsically secure or better in any terms whatsoever, examining, auditing or customising is easier by an order of magnitude.

            In case the vendor does not ship a security update or does not provide you with an easy solution to turn off unwanted features such as telemetry, then, at least in theory, you have the opportunity to fix that on your own. On the other hand, the vendor’s conflict of interest is obvious: People do not pay for security fixes, and in order to make revenue, discontinuing support for older products and making users buy the new ones is a common strategy.

            The privacy side does not look better: German Federal Office for Information Security has been conducting a study on important aspects of Windows 10 in terms of security and digital sovereignty for years – it’s abbreviation SiSyPHuS (“Studie zu Systemintegrität, Protokollierung, Härtung und Sicherheitsfunktionen in Windows 10″, en: “Study on System Integrity, Logging, Hardening and Security relevant Functionality in Windows 10″) speaks for itself. Recently having issues with their OCSP server, Apple was found to transmit information of executed applications in clear text every time they are executed, effectively leaking the user’s activities and identity (i.e. IP address) to themselves, their CDN (Akamai), and everyone in between.

            In terms of privacy, running those operating systems is not just bad, it’s not an option anymore.

            However, running an open-source operating system does not solve the cross-contamination discussed earlier. Running and maintaining a set of VMs just for doing different things is a lot of work both for using and configuring or patching them.

            In the authors opinion, Qubes OS aims to provide a useful and holistic solution to this problem. Trying to separate its users digital life according to his or her analogue one, it makes running and switching between multiple electronic lifes suitable for everyday use.

            Needless to say, this does not come for free – Qubes OS more demanding hardware requirements than common operating systems – and requires some time and effort for setup or customisation, and splitting up data into different VMs. Ultimately, the author believes it is worth the effort for both security and privacy.

          • The future for general-purpose computing

            There can be no doubt that general-purpose computing has been a boon to the world. The ability to run different kinds of programs, from various sources, including bought from companies, written from scratch, and, well, built from source, is something that we take for granted on many—most—of the computing devices that we own. But that model seems to be increasingly disappearing in many kinds of devices, including personal computers, as a recent kerfluffle in the Apple world helps to demonstrate.

            In mid-November, macOS users suddenly started having difficulty launching applications on their systems. It was taking minutes to launch applications and the timing seemed suspiciously aligned with the release of macOS “Big Sur” on the same day. It turned out that Apple’s Online Certificate Status Protocol (OCSP) servers were overwhelmed or otherwise non-functional, which led to the problems.

            OCSP is used as part of the process of verifying notarized applications on macOS; those applications are signed by the developer’s key. Apple signs the developer’s public key, which is contained in a certificate similar to those used by TLS, but the system needs to check to ensure that the key has not been revoked. This check is performed at installation time and then each time the application is run.

            Normally, if the OCSP servers are not available, because they are down or the system is not connected to the internet, the connection will fail, which is treated as a “soft failure” so the certificate is considered valid. That way, the applications open immediately. During the outage, though, the servers were up but not responding correctly, so the applications would not launch until the connection timed out. That raised the visibility of the OCSP checking, which had already been going on in macOS for some time.

            The failure led to a rather over-the-top blog post by Jeffrey Paul that pointed out some major privacy flaws with OCSP, especially in relation to the checking that macOS Gatekeeper does to ensure that applications have valid signatures before running them. Every time an internet-connected macOS system starts an application, an OCSP query with a whole treasure trove of private information is sent to Apple. Obviously, the servers know what date and time the request was made and the IP address from which it was made; the latter greatly narrows down the geographic location of the system in question. There is also a hash sent for the certificate being queried, which Paul inaccurately called the “application hash”. All of that gives Apple a bunch of data that folks may not really want to provide to the company, but the OCSP queries are made over unencrypted HTTP. So anyone able to see the traffic (e.g. ISPs, government spy agencies, WiFi hotspot providers) also gets a look at which applications the user is running, when they are running them, and where.

    • Monopolies

      • Patents

        • An Analytic Approach to Patent Eligibility [Ed: When Kevin E. Noonan says "maddeningly difficult to define not what patent eligibility is" he is merely bemoaning the policies not being good for his pockets, rather than matters of "clarity" (the old spin)]

          Part of the problem is that it has been maddeningly difficult to define not what patent eligibility is (you cannot go wrong with “anything under the sun made by man”) but rather what it is not. In the high technology class of inventions, this has come down to deciding without defining what an abstract idea is and when its abstractness prevents patent eligibility; see, e.g., “Stupid §101 Tricks”). (The other, related type of ineligible subject matter are business method patents, the exclusion of which is almost categorical (see “Bilski v. Kappos, Alice Corp. Pty. Ltd. v. CLS Bank Int’l”; “CyberSource Corp. v. Retail Decisions, Inc.”); this has the benefit is requiring little interpretation and hence maximal certainty regarding what is ineligible.)

          But the ineligibility of the latest iGadget, while sometimes tragic, is not as existentially problematic as the havoc that these precedents have wreaked on life sciences patenting. For both diagnostic methods and to a slightly lesser extent natural products, the philosophically lost proscriptions by the Court, bolstered by plain illogic in district court (see “Ariosa Diagnostics, Inc. v. Sequenom, Inc.”) and Federal Circuit (see “Federal Circuit Denies Rehearing en banc in Ariosa v. Sequenom”) decisions, has rendered pursuit of patent protection for these inventions to be relegated to the ranks of the foolhardy. The effect on investment and hence progress and innovation has been as expected; perhaps the only silver lining from the SARS-Cov-2 epidemic has been that in the frantic and desperate struggle for both diagnostics and vaccines the usual market forces have been collapsed by government investment (which is not usually a recipe for economic success).

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts