EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS


Links 5/12/2019: qBittorrent 4.2.0, Expensive Librem 5 and OpenBSD Bugs

Posted in News Roundup at 1:52 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Disney+ Now Works on Linux, No Workarounds Required

      Disney launched its new video streaming service in the USA and Canada last month to much hype and attention (it scores 10 million subscribers in the first day alone).

      But many Linux users in those countries who’d been hoping to tune in to watch shows like The Mandalorian and High School Musical: The Musical: The Series were left disappointed.

      For although rival streaming services like Netflix and Amazon Prime work “out of the box” on Linux in web browsers like Google Chrome and Mozilla Firefox, Disney+ didn’t.

    • There is no “Linux” Platform (Part 1)

      In our community there is this idea that “Linux” is the third platform next to Windows and macOS. It’s closely connected to things like the “year of the Linux desktop”, and can be seen in the language around things like Flatpak, which bills itself as “The Future of Apps on Linux” and the Linux App Summit, which is “designed to accelerate the growth of the Linux application ecosystem”.

      But what does that actually mean? What does a healthy app ecosystem look like? And why don’t we have one?

      I think the core of the problem is actually the layer below that: Before we can have healthy ecosystems, we need healthy platforms to build them on.


      The reasons for this are largely historical. In the early days, free software desktops were a bunch of independently developed components. They were not necessarily designed for each other, or well integrated. This meant in order to have a usable system, someone needed to curate these components and assemble them into an operating system: The first distributions were born.

      Over the last decades this landscape has changed drastically, however. While GNOME 1 was a set of loosely coupled components, GNOME 2 was already much more cohesive and GNOME 3 is now essentially an integrated product. The shell, core apps, and underlying technologies are all designed with each other in mind, and provide a complete OS experience.

      Desktops like GNOME have expanded their scope to cover most of the responsibilities of platforms, and are in effect platforms now, minus the OS part. They have a very clear vision of how the system should work, and app developers target them directly.

      The elementary project has taken this development to its logical end point, and made its own vertically integrated OS and app store. This is why it’s the only “real” platform in the free software space at the moment.

    • Desktop/Laptop

      • 17 Stunning Winter Wallpapers for Desktop & Laptops

        And on the off chance you might be pining to do the same I’ve assembled a seasonable selection of HD winter wallpapers that are well suited for use on desktop PCs and laptops and tablets and Chromebooks and phones and you get the idea.

        All of the ice cold wallpapers below are sourced from unsplash.com. Unsplash is a terrific place to find high quality, royalty free photography that you can use in projects and apps and websites …and yes: as desktop wallpaper too.

        The images you see embedded below are compressed jpegs so use the links underneath to download a high-quality version direct from Unsplash (where you can also browse other images uploaded by the same artist).

      • Dell XPS 13 7390 Review: The Best Laptop For Desktop Linux Users

        Gone are the days when we had to do a lot of research and read a lot of reviews to find a machine that would work with the least amount of trouble with the desktop Linux distribution of choice. Today, almost every machine out there can run Linux. The kernel community has done an incredible job with device driver support to make everything work out of the box.

        Still, there are machines that can run Linux, and then there are machines that run Linux. Dell machines fall in the latter category. Five years ago, Barton George started a program within Dell to bring desktop Linux to consumer grade, high-end Dell systems. What started as one machine is now an entire line of high-end laptops and desktops.

        Among these machines, XPS 13 is my favorite. While I need a really powerful desktop to handle my 4K UHD, multicam video production, I also need an ultra-portable laptop that I can bring with me anywhere without having to worry about a bulky backpack and charger. XPS 13 was also my very first laptop, which lasted me more than 7 years. So, yes, there is that nostalgic factor, too.

      • Why choose Budgie for your Linux desktop

        No matter what desktop you use, there’s always something you want to change about it. One of the most popular applications for the GNOME desktop is Tweaks, which contains all the preference settings left out of the GNOME Settings panel. The Solus Linux distribution features the Budgie desktop, which is best described as one great big GNOME tweak.

        You may find Budgie in a software repository, but more likely, you’ll have to download and install Solus Linux to experience it. You can install it into a virtual machine, like GNOME Boxes.

      • Linux on the MAG1 8.9 inch mini-laptop (Ubuntu and Fedora)

        The Magic Ben MAG1 mini-laptop is a 1.5 pound notebook computer that measures about 8.2″ x 5.8″ x 0.7″ and which features an 8.9 inch touchscreen display and an Intel Core m3-8100Y processor.

        As I noted in my MAG1 review, the little computer also has one of the best keyboards I’ve used on a laptop this small and a tiny, but responsive trackpad below the backlit keyboard.

        Available from GeekBuying for $630 and up, the MAG1 ships with Windows 10, but it’s also one of the most Linux-friendly mini-laptops I’ve tested to date.


        I did not install either operating system to local storage, so I cannot comment on sleep, battery life, fingerprint authentication, or other features that you’d only be able to truly test by fully installing Ubuntu, Fedora, or another GNU/Linux-based operating system. But running from a liveUSB is a good way to kick the tires and see if there are any obvious pain points before installing an operating system, and for the most part the two operating systems I tested look good to go.

        Booting from a flash drive is also pretty easy. Once you’ve prepared a bootable drive using Rufus, UNetbootin, or a similar tool, just plug it into the computer’s USB port, hit the Esc key during startup to bring up the UEFI/SETUP utility.

      • Top 10 technical skills that will get you hired in 2020

        Linux is a family of open source operating systems based on the Linux kernel, which serves as the core of a computer’s operating system. The Linux kernel was first released by Linus Torvalds in 1991, and has exploded in popularity since then, powering both the Android mobile operating system and Chrome OS. Developers are free to use, download, or modify Linux to their own specifications, which contributes to its popularity and widespread usage.

    • Server

      • 10 skills every Linux system administrator should have

        I know what you’re saying. You’re saying, “Oh, great, someone else telling me that I need soft skills.” Yes, that’s what I’m telling you. Honing your interviewing skills can not only determine if you get a particular job, it can also be a major factor in the salary you get. It’s true. Let’s say, for example, that the salary range for a mid-level SA job is $56k to $85k per year. You might be fully qualified for the top of the range, but the company offers you $70k instead and mentions some nonsense about growth potential or they tell you that they’ll bring you along when the time is right.

        You need to practice answering questions. Answer the question that’s asked. Don’t give so much information that you see eyes glazing over, but giving answers that are too short will make you appear arrogant or flippant. Give enough examples of your work to let the interviewer(s) know that you know what you’re talking about. They can ask for more details if they want to.

        You have to learn to watch other people’s behaviors. Are they listening to you? Are they focused on you and the interview? Do they look as though you haven’t said enough when you pause to allow them to speak or ask another question? Watch and learn. Practice with other system administrators in your group. Do mock interviews with the group. I know it might sound silly, but it’s important to be able to speak to other people about what you do. This practice can also be good for you in speaking with managers. Don’t get too deep into the weeds with non-technical people. Keep your answers concise and friendly, and offer examples to illustrate your points.

      • IBM

        • Comparing Red Hat Ceph Storage 3.3 BlueStore/Beast performance with Red Hat Ceph Storage 2.0 Filestore/Civetweb

          This post is the sequel to the object storage performance testing we did two years back based on Red Hat Ceph Storage 2.0 FileStore OSD backend and Civetweb RGW frontend. In this post, we will compare the performance of the latest available (at the time of writing) Ceph Storage i.e. version 3.3 (BlueStore OSD backend & Beast RGW frontend) with Ceph Storage 2.0 version (mid-2017) (FileStore OSD backend & Civetweb RGW frontend).

          We are conscious that results from both these performance studies are not scientifically comparable. However, we believe that comparing the two should provide you significant performance insights and enables you to make an informed decision when it comes to architecting your Ceph storage clusters.

          As expected, Ceph Storage 3.3 outperformed Ceph Storage 2.0 for all the workloads that we have tested. We believe that Ceph Storage 3.3 performance improvements are attributed to the combination of several things. The BlueStore OSD backend, the Beast web frontend for RGW, the use of Intel Optane SSDs for BlueStore WAL, block.db, and the latest generation Intel Cascade Lake processors.

        • Red Hat: Leading the enterprise Linux server market

          Red Hat has long believed that the operating system should do more than simply exist as part of a technology stack; it should be the catalyst for innovation. Underpinning almost every enterprise IT advancement, from cloud services and Kubernetes to containers and serverless, is the operating system; frequently, this operating system is Linux. Red Hat is proud of the leadership position we have long maintained in the enterprise operating system market, providing the Linux foundation to drive enterprise IT innovation forward.

          Today, we’re pleased to continue this leadership, with a new report from IDC that includes data showing that Red Hat as the leading choice for paid Linux in the worldwide server operating environment market as well as a powerful player in server operating systems at-large.

          According to the report, “Worldwide Server Operating Environments Market Shares, 2018: Overall Market Growth Accelerates:”

        • Microservices-Based Application Delivery with Citrix and Red Hat OpenShift

          Citrix is thrilled to have recently achieved Red Hat OpenShift Operator Certification (Press Release). This new integration simplifies the deployment and control of the Citrix Application Delivery Controller (ADC) to a few clicks through an easy-to-use Operator.

          Before we dive into how you can use Citrix Operators to speed up implementation and control in OpenShift environments, let me cover the benefits of using the Citrix Cloud Native Stack and how it solves the challenges of integrating ingress in Kubernetes.

        • Wavefront Automates and Unifies Red Hat OpenShift Observability, Full Stack

          Red Hat OpenShift is an enterprise Kubernetes platform intended to make the process of developing, deploying and managing cloud-native applications easier, scalable and more flexible. Wavefront by VMware provides enterprise-grade observability and analytics for OpenShift environments across multiple clouds. Wavefront ingests, analyzes and visualizes OpenShift telemetry – metrics, histograms, traces, and span logs – across the full-stack, including distributed applications, containers, microservices, and cloud infrastructure.

          As a result of Wavefront’s collaboration with Red Hat, you can now get automated enterprise observability for OpenShift that’s full stack, through the Red Hat OpenShift Certified Wavefront Operator for OpenShift 4.1 and later. This Operator is available in Operator Hub embedded in OpenShift, a registry for finding Kubernetes Operator-backed services.

        • RHEL 8.1: A minor release with major new container capabilities

          The release of Red Hat Enterprise Linux 8.1 is a minor update to RHEL, but a major step forward with containers. The container-tools:rhel8 application stream has been updated with new versions of Podman, Buildah, Skopeo, runc, container selinux policies and other libraries. The core set of base images in Red Hat Universal Base Image (UBI) have been updated to 8.1, and UBI has expanded to include Go 1.11.5 as a developer use case. There are now 37 images released as part of UBI – they can all be seen on the UBI product page. Finally, we have released some really good updated documentation covering rootless, and other new features in the container-tools module.


          When we launched Red Hat Universal Base Image at Red Hat Summit in 2019, we got a lot of great feedback. One of the first requests we received was for Golang. It is a popular programming language in the Cloud Native space, and we immediately recognized the value of adding it (also, I know what you’re thinking! Stay tuned and you might see OpenJDK images soon).

          With the update to RHEL 8.1, we have added the ubi8/go-toolset container to the UBI family. This gives users the ability to compile Go applications using a pre-packaged container with Go 1.11.5.

        • Red Hat’s CTO sees open-source as driver of choice and consistency in hybrid environments

          A case can certainly be made that Red Hat Inc. and the open-source movement have commoditized portions of the information technology infrastructure. A much wider range of tools and systems are now available to enterprises than ever before.

          This trend is just part of the open-source journey, one that Chris Wright (pictured), as the senior vice president and chief technology officer of Red Hat and a veteran Linux developer, has seen evolve over more than 20 years as a software engineer.

          “What we’re experiencing in the Linux space is, it’s driving a commoditization of infrastructure,” Wright said. “It’s switching away from the traditional vertically integrated stack of a [reduced instruction set computer]/Unix environment to providing choice. As infrastructure changes, it’s not just hardware, it’s virtualized data centers, it’s public clouds.”

        • Introduction to the Red Hat OpenShift deployment extension for Microsoft Azure DevOps
    • Audiocasts/Shows

      • 2019-12-04 | Linux Headlines

        Canonical announces Ubuntu Pro, Netflix open sources Metaflow, and Plex has a new streaming service.

      • New “Cooking With Linux” Intro, Built Using Kdenlive

        A couple of days ago, as I was editing a new “Cooking With Linux” video, I realized that the CWL intro I had been using for so long, one I paid some poor soul on Fiverr to make for me, had a Google Plus link as part of the video. As you might know, Google Plus hasn’t been around for a while now, so I put aside my mostly completed video (Audacity for Editing Podcasts) and set about creating my own CWL intro. This is what I came up with. Feel free to comment, to tell me it sucks, to appreciate it, or whatever.

      • FLOSS Weekly 558: XWiki

        XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. It includes WYSIWYG editing, OpenDocument based document import/export, semantic annotations and tagging, and advanced permissions management.

      • ZFS Rename Repo | BSD Now 327

        We read FreeBSD’s third quarterly status report, OpenBSD on Sparc64, ZoL repo move to OpenZFS, GEOM NOP, keeping NetBSD up-to-date, and more.

      • The Linux Link Tech Show Episode 836
    • Kernel Space

      • Linux 5.4.2

        I’m announcing the release of the 5.4.2 kernel.

        All users of the 5.4 kernel series must upgrade.

        The updated 5.4.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y

        and can be browsed at the normal kernel.org git web browser:


      • Linux 5.3.15
      • Linux 4.19.88
      • Linux 4.14.158
      • Linux 4.9.206
      • Linux 4.4.206
      • LSM stacking and the future

        The idea of stacking (or chaining) Linux security modules (LSMs) goes back 15 years (at least) at this point; progress has definitely been made along the way, especially in the last decade or so. It has been possible to stack “minor” LSMs with one major LSM (e.g. SELinux, Smack, or AppArmor) for some time, but mixing, say, SELinux and AppArmor in the same system has not been possible. Combining major security solutions may not seem like a truly important feature, but there is a use case where it is pretty clearly needed: containers. Longtime LSM stacker (and Smack maintainer) Casey Schaufler gave a presentation at the 2019 Linux Security Summit Europe to report on the status and plans for allowing arbitrary LSM stacking.

        LSMs allow adding more restrictions to Linux than those afforded by the traditional security policies. For the most part, those policies reflect the existing mechanisms, such as permissions bits on files. But there are also other security concerns, such as binding to a network socket, that are outside of the usual permissions, so mechanisms to restrict access to them have been added to the LSM interface.

      • Some near-term arm64 hardening patches

        The arm64 architecture is found at the core of many, if not most, mobile devices; that means that arm64 devices are destined to be the target of attackers worldwide. That has led to a high level of interest in technologies that can harden these systems. There are currently several such technologies, based in both hardware and software, that are being readied for the arm64 kernel; read on for a survey on what is coming.

      • Keeping memory contents secret

        One of the many responsibilities of the operating system is to help processes keep secrets from each other. Operating systems often fail in this regard, sometimes due to factors — such as hardware bugs and user-space vulnerabilities — that are beyond their direct control. It is thus unsurprising that there is an increasing level of interest in ways to improve the ability to keep data secret, perhaps even from the operating system itself. The MAP_EXCLUSIVE patch set from Mike Rapoport is one example of the work that is being done in this area; it also shows that the development community has not yet really begun to figure out how this type of feature should work.
        MAP_EXCLUSIVE is a new flag for the mmap() system call; its purpose is to request a region of memory that is mapped only for the calling process and inaccessible to anybody else, including the kernel. It is a part of a larger address-space isolation effort underway in the memory-management subsystem, most of which is based on the idea that unmapped memory is much harder for an attacker to access.

        Mapping a memory range with MAP_EXCLUSIVE has a number of effects. It automatically implies the MAP_LOCKED and MAP_POPULATE flags, meaning that the memory in question will be immediately faulted into RAM and locked there — it should never find its way to a swap area, for example. The MAP_PRIVATE and MAP_ANONYMOUS flags are required, and MAP_HUGETLB is not allowed. Pages that are mapped this way will not be copied if the process forks. They are also removed from the kernel’s direct mapping — the linear mapping of all of physical memory — making them inaccessible to the kernel in most circumstances.

        The goal behind MAP_EXCLUSIVE seems to have support within the community, but the actual implementation has raised a number of questions about how this functionality should work. One area of concern is the removal of the pages from the direct mapping. The kernel uses huge pages for that mapping, since that gives a significant performance improvement through decreased translation lookaside buffer (TLB) pressure. Carving specific pages out of that mapping requires splitting the huge pages into normal pages, slowing things down for every process in the system. The splitting of the direct mapping in another context caused a 2% performance regression at Facebook, according to Alexei Starovoitov in October; that is not a cost that everybody is willing to pay.

        Elena Reshetova indicated that she has been working on similar functionality; rather than enhancing mmap(), her patch provides a new madvise() flag and requires that the secret areas be a multiple of the page size. Her version will eventually wipe any secret areas before returning the memory to general use in case the calling process doesn’t do that.

      • F2FS File-System Gets More Fixes With Linux 5.5

        The Flash-Friendly File-System continues to be refined and with the forthcoming Linux 5.5 kernel are more improvements albeit largely bug fixes.

        F2FS in Linux 5.5 improves the in-place updating I/O flow, ensures no garbage collection for pinned files, avoids a needless data migration within the garbage collection code, fixes a potential memory leak, and has a number of other fixes.

      • Netflix: BPF is a new type of software we use to run Linux apps securely in the kernel

        There’s growing interest in a new type of software for Linux machines called BPF, which allows the user to run a program in the kernel and enjoy “observability super powers”, according to Brendan Gregg, a senior performance architect at Netflix.

        BPF isn’t something an average computer user would know about or even use, but for network and software engineers it promises value. At Facebook, for example, engineers use BPF as part of a network load balancer.

        Facebook software engineer Alexei Starovoitov is credited with creating Extended BPF, which is now used in Android for collecting statistics from the kernel, monitoring, or debugging. And Google is using it as part of its Kernel Runtime Security Instrumentation to improve detection of security threat signals, such as a kernel module that loads and hides itself.

      • Graphics Stack

        • mesa 19.3.0-rc6
          Hi list,
          Available today is mesa 19.3.0-rc6. Things are starting to slow down, and there
          are now only two open issues in the 19.3 milestone, so I'm hopeful that next
          week will bring 19.3.0 final, and not an rc7, but I can always be surprised.
          By far radv + aco dominate the list of changes, but there's also changes to anv,
          panfrost, core gallium, fixes for OpenBSD, iris, and nir.
          Bas Nieuwenhuizen (2):
                radv: Unify max_descriptor_set_size.
                radv: Fix timeline semaphore refcounting.
          Boris Brezillon (2):
                gallium: Fix the ->set_damage_region() implementation
                panfrost: Make sure we reset the damage region of RTs at flush time
          Christian Gmeiner (1):
                etnaviv: remove dead code
          Daniel Schürmann (2):
                aco: don't split live-ranges of linear VGPRs
                aco: fix a couple of value numbering issues
          Dylan Baker (1):
                VERSION: bump version for 19.3-rc6
          Jason Ekstrand (1):
                anv: Set up SBE_SWIZ properly for gl_Viewport
          Jonathan Gray (2):
                winsys/amdgpu: avoid double simple_mtx_unlock()
                i965: update Makefile.sources for perf changes
          Jordan Justen (1):
                iris: Allow max dynamic pool size of 2GB for gen12
          Kenneth Graunke (2):
                driconf, glsl: Add a vs_position_always_invariant option
                drirc: Set vs_position_always_invariant for Shadow of Mordor on Intel
          Rhys Perry (5):
                aco: propagate p_wqm on an image_sample's coordinate p_create_vector
                aco: fix i2i64
                aco: add v_nop inbetween exec write and VMEM/DS/FLAT
                radv: set writes_memory for global memory stores/atomics
                nir/lower_io_to_vector: don't create arrays when not needed
          Samuel Pitoiset (2):
                radv: fix enabling sample shading with SampleID/SamplePosition
                radv/gfx10: fix implementation of exclusive scans
          git tag: mesa-19.3.0-rc6
        • Mesa 19.3 Might Release Next Week But For Now There’s RC6 With Several ACO+RADV Fixes

          Mesa 19.3 continues running behind schedule but stands chances for releasing next week if the lingering blocker bugs are closed.

          Mesa 19.3-RC6 was released today as the newest weekly release candidate and it brought with it several random RADV fixes, a number of ACO compiler back-end fixes that also benefit RADV, a few Gallium3D fixes, an Intel Iris Gen12 fix, and a workaround for Shadow of Mordor on Intel graphics.

        • Mesa Devs Discuss Potentially Dropping Non-Gallium Drivers Or Forking Code For Gallium

          Longtime open-source AMD graphics driver developer Marek Olšák has kicked off a discussion over the possibility in the not too distant future of either dropping non-Gallium3D drivers from Mesa (and moving them off to a maintenance branch or the like) or forking some of Mesa’s existing code to allow it to be better optimized for Gallium3D use-cases. Due to raised concerns, other possibilities are also being expressed like simply moving ahead with optimizing the Mesa code-base for Gallium3D at a cost of potentially hitting dead code more often with the classic drivers.

          As it stands now, the only relevant non-Gallium3D driver in the Mesa code-base is Intel i965. While that’s currently the default Intel driver, for Broadwell “Gen8″ graphics and newer they will be transitioning to their new Iris Gallium3D driver by default expected to happen for Mesa 20.0. The i965 driver will still be around for Haswell and older generations to come — either within mainline Mesa or some maintenance branch. As part of this new Mesa discussion was a hypothetical comment about creating a new Intel Gallium3D driver for Haswell and older, but that’s extremely unlikely to happen and was just brought up as a matter of being thorough. There aren’t the extra resources available to create an Intel Gallium3D driver for aging Haswell and older hardware plus that it would likely take around a year to develop and even longer before reaching performance parity to i965.

        • Remove classic drivers or fork src/mesa for gallium?
          Here are 2 proposals to simplify and better optimize the GL->Gallium
          1) Move classic drivers to a fork of Mesa, and remove them from master.
          Classic drivers won't share any code with master. glvnd will load them, but
          glvnd is not ready for this yet.
          2) Keep classic drivers. Fork src/mesa for Gallium. I think only mesa/main,
          mesa/vbo, mesa/program, and drivers/dri/common need to be forked and
          mesa/state_tracker moved. src/gallium/state-trackers/gl/ can be the target
          Option 2 is more acceptable to people who want to keep classic drivers in
          the tree and it can be done right now.
        • Mir 1.6 Released With New Wayland, DispmanX Platform Support

          Mir 1.6 is out today with the latest batch of features for this Ubuntu-focused display server that offers Wayland client compatibility.

          The two big additions to Mir 1.6 are on the graphics platform front. First, there is now a “Wayland platform” for running Mir as a nested compositor on top of a Wayland compositor. Secondly, the rpi-dispmanx platform is for Broadcom’s DispmanX API.

        • Before Ending 2019, Vintage SiS X.Org Driver Sees A New Release

          xf86-video-sis 0.12.0 is available this week as a new version of the SiS display driver for X.Org systems in supporting Silicon Integrated Systems’ display hardware.

          This X.Org user-space mode-setting driver has seen its first update in four months but prior to that it hadn’t seen any update to the open-source code in three years.

        • RadeonSI Lands SDMA Copy Support For Vega/GFX9

          The RadeonSI Gallium3D driver has finally landed SDMA copy support for Vega/GFX9 graphics hardware, which should principally benefit compute shaders and other cases.

        • AMD’s GPUOpen Releases Vulkan Memory Allocator 2.3

          AMD’s GPUOpen team has released their first official update to the open-source Vulkan Memory Allocator project in nearly one year.

          Vulkan Memory Allocator is an easy-to-use Vulkan memory allocation library that in the two and a half years since being open-sourced has been picked up for use by multiple games/engineers, Vulkan code samples, and other projects.

        • Chromium’s Ozone Wayland Back-End Is Now Considered Beta, Aiming To Ship Next Year

          For years there has been work on a Wayland back-end to Ozone, the Google component for abstracting user-interface elements and input/window handling among other tasks across platforms. It looks like in 2020 the Ozone Wayland support will be in good standing and promoted out of beta.

          We were tipped off to a recent presentation by Igalia’s Alexander Dunaev on their work contributing to the Ozone Wayland code. From consulting firm Igalia’s perspective, they have been focused on bringing up Ozone Wayland support in the embedded Linux context considering the number of consumer devices now shipping that use Wayland and Chromium or CEF. But all their embedded Linux work for Ozone Wayland also benefits the Linux desktop.

        • Mesa Developers Weigh Renaming Gallium “State Tracker” To “API”

          Gallium3D state tracker terminology has been around a decade now in referring to the portions of the architecture that are ultimately implementing various graphics / compute / video APIs. Marek proposed keeping the Mesa OpenGL state tracker term but in renaming the other state trackers to being “API implementations” as that terminology is technically more accurate for the likes of Clover OpenCL, VA-API, VDPAU, and the other state trackers / APIs implemented.

        • Lima Gets Tiling While Vulkan Turnip Lands SSBO + Compute Shaders

          The Lima Gallium3D driver that supports older Mali 400/450 hardware with an open-source OpenGL driver hasn’t been seeing too many improvements these days compared to the likes of the Panfrost Gallium3D driver for the newer Arm Mali Bifrost/Midgard architectures. But hitting Mesa 20.0-devel yesterday was tiling support for Lima. This should improve the performance for this open-source Mali driver and also end up working around the driver’s broken mipmapping support for linear textures.

        • Libinput 1.15 Is On Approach With Various Improvements/Fixes For Linux Input Handling

          Peter Hutterer has been preparing libinput 1.15 as the next update to this open-source input handling library used by Linux systems both on X.Org and Wayland.

          Compared to past releases that have seen exciting changes on supporting new input devices like the Dell Totem, scrolling enhancements, and other major additions, there isn’t too much of that with libinput 1.15.

    • Benchmarks

      • NVIDIA GeForce GTX 1650 SUPER Linux Performance

        For those looking to spend less than $200 USD on a graphics card, the recently launched NVIDIA GeForce GTX 1650 SUPER offers great value starting at $159 USD and working well with the NVIDIA Linux driver for providing decent 1080p Linux gaming performance as well as OpenCL / CUDA support. Here are benchmarks of the GTX 1650 SUPER alongside a total of 18 lower-end/mid-range AMD Radeon and NVIDIA GeForce graphics cards on Ubuntu Linux.

        The NVIDIA GeForce GTX 1650 SUPER features 1280 CUDA cores, a reference 1530MHz base clock, 1725MHz boost clock, 4GB of GDDR6 video memory on a 128-bit bus, and other common NVIDIA Turing GPU features sans this being a GTX part and not RTX thus no RT cores.

      • An Extensive Look At The AMD Naples vs. Rome Power Efficiency / Performance-Per-Watt

        Since the AMD EPYC 7002 “Rome” series launch in August we have continue to be captivated by the raw performance of AMD’s Zen 2 server processors across many different workloads as covered now in countless articles. The performance-per-dollar / TCO is also extremely competitive against Intel’s Xeon Scalable line-up, but how is the power efficiency of these 7nm EPYC processors? We waited to deliver those numbers until having a retail Rome board for carrying out those tests and now after that and then several weeks of benchmarking, here is an extensive exploration of the AMD EPYC 7002 series power efficiency as well as a look at the peak clock frequencies being achieved in various workloads to also provide some performance-per-clock metrics compared to Naples.

    • Applications

      • qBittorrent 4.2.0 Adds Support For Libtorrent 1.2, New Features

        qBittorrent 4.2.0 was released recently featuring support for libtorrent 1.2, some minor new features, as well as WebUI updates.

        qBittorrent is a free and open source BitTorrent client for Windows, macOS, OS/2, Linux and FreeBSD, written in C++ (Qt) and Python (for its optional search engine). It comes with a Qt GUI, but it can also be used on a headless server, without requiring the X window system — in both GUI and headless mode you can remote control it through its web user interface.

        The application comes with pretty much everything you’d need in a BitTorrent client, from sequential downloading and bandwidth scheduling to a torrent creation tool, anonymous mode, integrated search engine, RSS feed reader and downloader with advanced filters, IP filtering, and of course support for DHT, PeX, encrypted connections, LSD, UPnP and NAT-PMP port forwarding support, µTP, magnet links, private torrents and more.

      • qBittorrent 4.2 Released! How to Install in Ubuntu

        qBittorrent bittorrent client released new stable version 4.2.0 a few days ago. Here’s how to install it in Ubuntu 18.04, Ubuntu 19.04, and Ubuntu 19.10.

      • Polo – A Modern Light-weight File Manager for Linux

        Polo is a modern, light-weight and advanced file manager for Linux, that comes with a number of advanced features that are not present in many commonly used file managers or file browsers on Linux distributions.

        It comes with multiple panes with multiple tabs in each pane, support for archive creation, extraction and browsing, support for cloud storage, support for running KVM images, support for modifying PDF documents and image files, support for writing ISO files to UDB drives and much more.

    • Instructionals/Technical

    • Games

      • Ciel Fledge, an intriguing post-apocalypse daughter raising sim releases next year

        It’s 3716 and most of humanity lives on the floating city, ARK-3, to get away from a colossal alien threat that almost caused our extinction. Amongst all the chaos, a mysterious young girl is found and that’s where you come in.

        Ciel Fledge is a game about raising an adopted daughter in a future world that still has hope. One we took a look at some time ago and it finally has a release date. Studio Namaapa and PQube Limited have announced it’s releasing on February 21, 2020.

      • Slender Threads, a new point & click adventure thriller announced

        From the developer behind the rather amusing Nobodies and Kelvin and the Infamous Machine, Blyts just announced their new adventure thriller Slender Threads.

        In Slender Threads you will guide the protagonist, Harvey Green, an unremarkable travelling salesman through the scenic yet empty community of Villa Ventana. While nefarious, unseen forces exert increasingly more sway over him and the town’s residents.

      • Retro styled strategic fleet defence game XO has entered Early Access

        In the space strategy game XO, you take command of the last remaining Battleship as you attempt to gather a fleet in a desperate bid to save humanity.

        Sound a bit like Battlestar Galactica? Well, it should. The team said they were actually inspired by Battlestar Galactica, The Lost Fleet series, and games like FTL. Jumpdrive Studios ran a successful Kickstarter campaign for it back in 2015, so it’s been a while in the making.

      • Add jumping to your Python platformer game

        In the previous article in this series, you simulated gravity, but now you need to give your player a way to fight against gravity by jumping.

        A jump is a temporary reprieve from gravity. For a few moments, you jump up instead of falling down, the way gravity is pulling you. But once you hit the peak of your jump, gravity kicks in again and pulls you back down to earth.

        In code, this translates to variables. First, you must establish variables for the player sprite so that Python can track whether or not the sprite is jumping. Once the player sprite is jumping, then gravity is applied to the player sprite again, pulling it back down to the nearest object.

      • Trip the Ark Fantastic, a colourful story-driven adventure set in the Animal Kingdom announced

        An adventure through the Animal Kingdom in Trip the Ark Fantastic, announced today from Croatian developer Gamechuck.

        It’s a story-driven adventure game set in the Animal Kingdom on the verge of both industrial and social revolution. It seems to put a new spin on the story of Noah’s Ark, except this time the ancient myth here is that the ark was built by lions millennia ago to save all animals from a great flood. The story follows Charles, a hedgehog scholar on a mission by the lion king to save the monarchy, but his decisions could end up helping reformists or even to bring about anarchy.

      • Stadia Live Streaming with Farming Simulator 19

        No, I don’t know anything about this game and yes, it’s my first time playing.

      • The big Rocket League update that kicked out loot boxes is now live

        Psyonix have given loot boxes the boot in the latest update to Rocket League, with a new Blueprint and Item Shop system. There’s a whole lot more to it too.

        Instead of loot boxes, they now have a Blueprint system where you know what the item is and so there’s no gambling involved. These Blueprints can drop after an online match.

      • Motion Twin announce The Bad Seed expansion for Dead Cells

        The first paid DLC is on the way for Dead Cells, with Motion Twin hoping The Bad Seed will help their spin-off company Evil Empire continue pushing out further free content updates.

        Sounds like they’ve been seriously busy (announcement here). With The Bad Seed DLC releasing in “Q1″ next year, they’ve said it will be around $5 and since they’ve been doing quite meaty free updates for a while, it seems quite reasonable. If things go well with this DLC, they said they’re aiming for at least another two years of free content updates for everyone to the base game.

      • Fedora 31 : Lutris the Open Source gaming platform for Linux.

        Lutris is an Open Source gaming platform for Linux. It installs and launches games so you can start playing without the hassle of setting up your games. Get your games from GOG, Steam, Battle.net, Origin, Uplay and many other sources running on any Linux powered gaming machine.

    • Desktop Environments/WMs

      • Switching from Gnome to a tiling window manager

        After having thought about it since “forever”, I finally decided to switch to a tiling window manager. I went with sway since it runs on wayland and since it seems to be the recommended “wayland version of i3″, a tiling window manager that many of my tech friends use ;)

        After a few days of using sway, I’m pretty sure that I won’t switch back anytime soon. It feels super convenient to have all windows tiled on the screen and being able to rearrange and resize them easily with a few keyboard shortcuts.

        There’s still some things that didn’t work instantly, so I’ll try to document them here in hope that it’s useful to others.

    • Distributions

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Yes We Do it Again: SUSE Doc Day at SUSECON 2020

          A Doc Day is a time when a group of people gathers to collaborate on writing documentation on one or more given topics. The main premise for our Doc Day is to get a group of interested people – YOU – in a room together and have you work towards shared goals. To help you feel more comfortable, we will give a short overview of our documentation, how we usually work, and how you can contribute.
          Of course, you cannot write entire manuals or guides in one single day. But you can help us to improve existing documentation by reviewing, editing and updating it. In addition, we will use the Doc Day to kick-off the creation of new guides and papers for topics that you think are not yet covered (well enough).

        • openSUSE Board election 2019-2020 – Call for Nominations, Applications

          Two seats are open for election on the openSUSE Board. Gertjan Lettink completed his second term. Simon Lees completed his first term and thus he is eligible to run as a Board candidate again should he wish to do so.

        • status.opensuse.org updated

          Our infrastructure status page at https://status.opensue.org/ is using Cachet under the hood. While the latest update brought a couple of bugfixes it also deprecated the RSS and Atom feeds, that could be used to integrate the information easily in other applications.

          While we are somehow sad to see such a feature go, we also have to admit that the decision of the developers is not really bad – as the generation of those feeds had some problems (bugs) in the old Cachet versions. Instead of fixing them, the developers decided to move on and focus on other areas. So it’s understandable that they cut off something, which is not in their focus, to save resources.

        • SSL cipher updates

          Sometimes it’s a good idea to follow best practices. This is what we did by following the recommendations for “general-purpose servers with a variety of clients, recommended for almost all systems” from https://ssl-config.mozilla.org/.

      • Fedora Family

        • Fedora 29 Officially Reached End of Life (EOL) on November 26th 2019

          Fedora 29 has officially reached End of Life (EOL) effective on November 26th 2019.

          Users are advised to upgrade the latest release of Fedora 30 or Fedora 31, which was released on October 29, 2019.

          It’s a good time to upgrade your system as this EOL version repositories won’t be get any updates from the Fedora community.

          I mean to say, no updates will be pushed to any of the Fedora 29 repositories going forward such as security, bugfix, or enhancement updates.

          Also, they won’t add anymore new packages to Fedora 29 repositories.

          It means, we shouldn’t run EOL operating system because we won’t be getting any benefits from the community.

          It’s very risk and leads to face some security related issues when we run the EOL operating system.

        • PHP version 7.2.26RC1 and 7.3.13RC1

          RPM of PHP version 7.3.13RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.

          RPM of PHP version 7.2.26RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 29 or remi-php72-test repository for Enterprise Linux.

        • Heroes of Fedora (HoF) – F31 Final

          Hello fellow testers, welcome to the Fedora 31 Final installation of Heroes of Fedora! In this post, we’ll look at the stats concerning the testing of Fedora 31 Final. The purpose of Heroes of Fedora is to provide a summation of testing activity on each milestone release of Fedora. Without community support, Fedora would not exist, so thank you to all who contributed to this release! Without further ado, let’s get started!

      • Debian Family

        • Debian GNU/Linux 11 “Bullseye” Installer Is Now Available for Public Testing

          Unveiled earlier this year during the DebConf19 conference, Debian GNU/Linux 11 “Bullseye” will be the next major release of the acclaimed Linux-based operating system used by millions of computer users around the globe. It’s development kicked off a few months ago, so now it’s time to test drive the very first alpha build of the Debian Bullseye Installer.

          “It’s high time we started doing this: many components were updated, replacing “CD”/“CD-ROM” with “installation media”. Such changes are not documented individually below. That also explains why many languages are not fully translated in this alpha release,” said Cyril Brulebois on behalf of the Debian release team.

        • Molly de Blanc: Free software activities (November 2019)

          November brings two things very demanding of my time: Thanksgiving and the start of fundraising season.


          Debian is having a GR. I’ve been following the development of proposals and conversation, which is basically a part time job in and of itself.

      • Canonical/Ubuntu Family

        • Canonical Reveals Ubuntu Pro Linux ISO Images for AWS

          Canonical, the maker of famous Linux OS Ubuntu, has got an offer for Amazon’s AWS users. AWS users are mostly deploying Ubuntu as their major software on AWS servers for additional benefits over Windows. This modified Linux OS can be more flexible in options that help businesses to craft their operations accordingly in a much better way.

          This new release will be offered to cloud and enterprise businesses relying on AWS. There’s a standard Amazon Machine Images (Amazon AMIs) of Ubuntu that’s available in AWS Region already, yet there’s an introduction of Ubuntu’s Pro Images now. This new pack is an optimized version of the standards.

        • Ubuntu Pro arrives on AWS Marketplace with added security benefits

          Canonical has made Ubuntu Pro images available on the AWS marketplace.

          They are present in three flavors – Ubuntu 14.04 LTS, 16.04 LTS and 18.04 LTS – and these are premium images designed for businesses which come with important security and compliance features automatically enabled, not to mention extended maintenance.


          On the compliance front, Ubuntu Pro offers: “Customized FIPS and Common Criteria EAL-compliant components for use in environments under compliance regimes such as FedRAMP, PCI, HIPAA and ISO.”

          There’s also integration with various AWS security and compliance features, including the AWS Security Hub – although that won’t be available until the first quarter of next year.

        • Canonical now offers AWS optimized Ubuntu Linux

          When it comes to cloud operating system popularity, Ubuntu Linux is, by far, the most popular operating system on Amazon Web Services (AWS). According to the Cloud Market’s latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2), Ubuntu has over 364,000 images with only generic Linux images surpassing it. Now, Canonical, Ubuntu’s parent company, is seeking to further its domination by offering premium Ubuntu Pro Linux images to Amazon Web Services (AWS).

        • Canonical drops optimized Ubuntu Pro images on AWS

          Ubuntu Linux is already the most popular cloud operating system on Amazon Web Services Inc.’s cloud, but Canonical Ltd., the company that develops it, is hoping to extend its dominance by offering “premium” Ubuntu Pro Linux images to AWS users.

          The new Ubuntu Pro images are supported on the Amazon Elastic Compute Cloud and cover the three most recent long-term releases, including Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Further, they enable enterprises to purchase longer updates and security maintenance, as well as broader security coverage, with no contract needed.

        • Canonical Releases ‘Ubuntu Pro’ Linux Images for Amazon Web Services

          As far as cloud operating systems is concerned, Ubuntu Linux is, by far, the most popular one on Amazon Web Services (AWS). Now, Ubuntu’s parent company Canonical is trying to extend its dominance even further by offering premium Ubuntu Pro Linux images to AWS users.

          Ubuntu Pro has been created exclusively for Amazon Web Services and caters to the ever-growing needs of cloud and enterprise customers.

        • [Canonical on] The mundane revolution: Unexpected innovations in robotics

          Today’s headlines tend to focus on the weird and wonderful robots of this world: the Hollywood Terminators or mechanical dogs developed by Boston Dynamics and other Silicon Valley start-ups.

          The greatest innovations, however, can often be found in the more mundane corners of our society, within the industries and environments people least expect.

          It’s happened with medicine and the discovery of penicillin, for example, while Archimedes had his eureka moment in the bath.

          Robotics is no different. Its true value as a proposition will only reveal itself when we take the obvious with the sublime, and do not overlook the sublime simpler uses of robots, already active in the market today.

        • Snapcraft now auto-detects missing dependencies

          When you build snaps, the process of composing a complete snapcraft.yaml file will usually revolve around three main activities: parts, build requirements and runtime components. Sometimes, you may discover that you’re missing certain libraries in the compilation stage, or that they are required for your application to run. In most cases, you will iterate on your build a few times, and perhaps use our faster development guide to quickly nail down the missing elements.

          From snapcraft release 3.7 onward, things have become ever so easier. Now, it is possible to have snapcraft automatically detect and list missing runtime libraries, and allow you to complete your build with fewer errors and in less time.

    • Devices/Embedded

      • Rock Pi N10 SBC delivers AI-enhanced RK3399Pro starting at $99

        Radxa’s “Rock Pi N10” SBC runs Debian or Android 8.1 on an RK3399Pro for $99 (4GB RAM/16GB eMMC), $129 (6GB/32GB), or $169 (8GB/64GB), with the RAM split between the 6x CPU cores and the up to 3-TOPS NPU. The SBC is built around a Vamrs VMARC RK3399Pro SoM.

        Radxa has gone to Seeed to launch an open-spec, community-backed Rock Pi N10 SBC with an AI-enabled Rockchip RK3399Pro SoC delivered via Vamrs’ VMARC RK3399Pro SoM compute module. While the RK3399Pro is essentially a hexa-core RK3399 that adds an up to 3-TOPS NPU, the Rock Pi N10 is not just a Rock Pi 4 with an updated Pro SoC. Unlike that RK3399-based Raspberry Pi pseudo-clone, the Rock Pi N10 is a sandwich-style 100 x 100mm board. Despite the larger size, the feature set is very similar.

      • The Nest Box: DIY Springwatch with Raspberry Pi

        Last week, lots and lots of you shared your Raspberry Pi builds with us on social media using the hashtag #IUseMyRaspberryPiFor. Jay Wainwright from Liverpool noticed the conversation and got in touch to tell us about The Nest Box, which uses Raspberry Pi to bring impressively high-quality images and video from British bird boxes to your Facebook feed.

      • SBCs and compact embedded PCs run Linux on Ryzen Embedded

        EEPD’s Linux-ready “ProFive NUCR” SBC and “Box-NUCR” embedded PC based on it are built around AMD’s Ryzen Embedded R1000 SoC. The products follow the similar, but V1000-based ready “ProFive NUCV” and “Box-NUCV” released earlier this year.

        In mid-November, EEPD (or E.E.P.D.) announced an AMD Ryzen Embedded R1000 based Box-NUCR embedded computer built in Germany that runs Ubuntu. The Box-NUCR, which is based on a separately available ProFive NUCR SBC, was promoted this week by AMD as part of an Ryzen Embedded open ecosystem of R1000 and V1000-based mini-PCs and compact embedded computers that also includes new OnLogic and ASRock systems. AMD’s ecosystem encompasses a similar Ryzen Embedded V1000 based Box-NUCV and ProFive NUCV SBC that were announced in February (see farther below.)

      • Grove Sensors For Raspberry Pi

        Raspberry Pi is a great invention that ever happened. The little $35 computer can be used to build from a cam kit to the future of kids in rural India. To learn more about what this little device can do or has done, read this article I wrote a while back.

        You can also visit Raspberry Pi’s official page and see how Raspberry Pi is being used for research and education.

        In this article, I will also use Raspberry Pi to create something very interesting and useful. I am going to use Grove Sensors with Raspberry Pi and monitor the environment around the device, for example, temperature, air pollution, and water, etc.

      • The Yocto Project 3.0 release

        The Yocto Project recently announced its 3.0 release, maintaining the spring/fall cadence it has followed for the past nine years. As well as the expected updates, it contains new thinking on getting the best of two worlds: source builds and prebuilt binaries. This fits well into a landscape where reproducibility and software traceability, all the way through to device updates, are increasingly important to handle complex security issues.
        This update contains the usual things people have come to expect from a Yocto Project release, such as upgrades to the latest versions of many of the software components including GCC 9.2, glibc 2.30, and the 5.2 and 4.19 kernels. But there is more to it than that.

        One major development in this release was the addition of the ability to run the toolchain test suites. The project is proud of its ability to run builds of complete Linux software stacks for multiple architectures from source, boot them under QEMU, and run extensive software tests on them, all in around five hours. In that time we can now include tests for GCC, glibc, and binutils on each of the principal architectures. As a result, the test report for the release now has around two-million test results.

      • Purism

      • Purism Announces “Made in USA” Librem 5 Linux Phone, Now Available for Pre-Order

        It’s a known fact that Purism has done everything they could to make the Librem 5 the most secure and private smartphone on the market, but the fact of the matter that it’s not built in the United States of America might not please some customers.

        As such, the company, which is known for their security- and privacy-focused Linux-based laptops and phones, is now offering a special Librem 5 version manufactured in the US, with components made in the USA, in the same US facility where the Librem 5 devkits and Librem Key were built.

        “Having a secure auditable US based supply chain including parts procurement, fabrication, testing, assembly, and fulfillment all from within the same facility is the best possible security story,” said Todd Weaver, Founder and CEO of Purism. “By moving the supply chain into the same facility complex as our assembly and fulfillment center, we can directly oversee each stage of the production.”

      • Librem 5 USA

        We continue to enjoy seeing the reactions from customers who have received their Librem 5 units from the Birch batch. Now that Birch is out and we continue to make progress on the Librem 5 (with more updates to come!), we are excited to be able to reveal another important project we have been working on for many months. Purism now offers an important Librem 5 option for our customers that have particular concerns around security and the supply chain.

        We are committed to constantly improving the security of our products. One concern we hear repeatedly from our customers is over attacks in the hardware and software supply chain. We have written about the importance of protecting the digital supply chain before, and as we grow we continue to find new opportunities to further strengthen the security of our own supply chain, including most recently by offering the PureBoot Bundle–tamper-evident firmware straight from our facility.

        While we continue to improve the security of our Librem laptops, we also recognize that one of the most important computers many people own is their smart phone. This is the device you carry with you everywhere you go and likely has some of your most sensitive and personal data–it’s the device most at risk from a security and privacy standpoint. If there’s any device that should have as secure of a supply chain as possible, it’s a phone. Our experience in making our Librem 5 devkits in the USA and most recently moving Librem Key production to the same US facility has led to today, where we are excited to announce a new USA-produced version of the Librem 5 phone!

      • Purism Announces Librem 5 “USA” Model For $1999 USD

        Purism announced today a Librem 5 USA model of their smartphone that has the same specifications and features of their Librem 5 Linux smartphone but manufactured in the US. That pushes the 720×1440 display, i.MX8M, 3GB RAM, 32GB eMMC, 802.11n device from $699 USD to $1,199 USD. Update: Errr the price was raised now apparently to $1999 USD.

        They announced the Librem 5 USA model today at the $1199 USD price point (or $1999 USD if their latest edit is accurate) but won’t begin shipping until Q3’2020. The device will eventually be made at the same USA facility that makes their Librem Key and the former Librem 5 developer kits.

        • coreboot 4.11: Leaving No Librem Behind

          One of Purism’s core beliefs is to ensure that to the best of our ability, all new features, fixes, and improvements will be applied to all products, past and present.

        • Purism Closes $2.5m Note Series

          Purism as a Social Purpose Company (SPC) ensures the rights of humanity by creating products that fully respect people, and that mission has garnered a lot of attention and growth. One of the reasons Purism registered as an SPC was so that we could accept inbound investment without the risk that a toxic investor could force us to violate our values for profit (a common problem in C corporations). As a social purpose company Purism enshrines in its articles of incorporation that we must do what is good for society, therefore avoiding any and all toxic funding by virtue of the strictness of those articles.

          Funding growth—in addition to the triple-digit (yes that is over doubling) shipped revenue growth year-over-year since 2014 that Purism has been fortunate to see—can come in many forms, be that inventory financing, lines of credit, investment, and equity financing, to name a few.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Events

      • A recap of KVM Forum 2019

        The 13th KVM Forum virtualization conference took place in Lyon, France in October 2019. One might think that development may have finished on the Kernel Virtual Machine (KVM) module that was merged in Linux 2.6.20 in 2007, but this year’s conference underscored the amount of work still being done, particularly on side-channel attack mitigation, I/O device assignment with VFIO and mdev, footprint reduction with micro virtual machines (VMs), and with the ability to run VMs nested within VMs. Many talks also involved the virtual machine monitor (VMM) user-space programs that use the KVM kernel module—of which QEMU is the most widely used.

      • Enhancing KVM for guest protection and security

        A key tenet in KVM is to reuse as much Linux infrastructure as possible and focus specifically on processor virtualization. Back in 2007, this meant a smaller code base and less friction with the other kernel subsystems, especially when compared with other virtualization technologies such as Xen. This led to KVM being merged into the mainline with relative ease.

        But now, in the era of microarchitectural vulnerabilities, the priorities have shifted, and the KVM’s reliance on other kernel subsystems can be a liability. For one thing, the host kernel widens the TCB (Trusted Computing Base) and makes for a larger attack surface. In addition, kernel data structures such as the direct memory map give Linux access to guest memory even when it is not strictly necessary and make it impossible to fully enforce the principle of least privilege. In his talk “Enhancing KVM for Guest Protection and Security” (slides [PDF]) presented at KVM Forum 2019, long-time KVM contributor Jun Nakajima explained this risk and suggested some strategies to mitigate it.

      • Bar charts for diversity

        At the Linux App Summit I gave an unconference talk titles Hey guys, this conference is for everyone. The “hey guys” part refers to excluding people from a talk or making them feel uncomfortable – you can do this unintentionally, and the take-away of the talk was that you, (yes, you) can be better.

        I illustrated this mostly with conversational distance, a favorite topic of mine that I can demonstrate easily on stage. There’s a lot of diversity in how far people stand away from strangers, while explaining something they care about.

        The talk wasn’t recorded, but I’ve put the slides up.

        Another side of diversity can be dealt with by statistics. Since I’m a mathematician, I have a big jar of peanuts and raisins in the kitchen. Late at night I head down to the kitchen and grab ten items from the jar. Darn, all of them are raisins. What are the odds!?

        Well, a lot depends on whether there are any peanuts in the jar at all; what percentage is peanuts; whether I’m actually picking things randomly or not.

        There’s a convenient tool that Katarina Behrens pointed me to, which can help figure this out. Even if there’s only a tiny fraction of peanuts in the jar, there’s an appreciable chance of getting one (e.g. change the percentage on that page to 5% and you’ll see).

    • Web Browsers

      • Mozilla

        • Firefox Picture in Picture is Sweet, Here’s How to Use it on Linux

          Picture in picture (PIP) is a novel feature that makes it a doddle to watch a video while you’re busy doing something else (like reading blog posts).

          How? It allows video content to “pop out” of a web page and play in a separate floating window (with mouse-over player controls, where possible).

          With PIP you no longer need to tear out a browser tab, resize it narrowly, and try and fit it in somewhere on your screen.

          And Firefox 72, which is currently in beta, supports this handy feature on the Linux desktop.

        • Firefox 71 Linux Performance Isn’t Looking All That Great

          With each new release of Firefox we set out to see how the performance is looking on the Linux desktop. One discovery we’ve made is that when using Intel’s Clear Linux the Firefox performance is a lot more competitive to Google Chrome than we traditionally see on Ubuntu Linux. But with Firefox 71 we’re seeing the performance trending lower compared to Firefox 69 and 70.

          Here are some benchmarks of Firefox 69 / 70 / 71 builds using the official Mozilla binaries along with Chrome 78. All of the benchmarks freshly done from the same system that this time around was running Clear Linux.

        • Mozilla locks nosy Avast, AVG extensions out of Firefox store amid row over web privacy

          The Firefox extensions built by Avast have been pulled from the open-source browser’s online add-on store over privacy fears.

          Adblock Plus founder Wladimir Palant confirmed this week Mozilla has taken down the Avast Online Security and Avast-owned AVG Online Security extensions he reported to the browser maker, claiming the code was snooping on users’ web surfing.

          The problem, as Palant has been documenting on his blog for some time, is that the extensions – which offer to do things like prevent malware infections and phishing – may go well beyond their needed level of access to user information to do their advertised functions.

          According to Palant, the Avast extensions, when installed in your browser, track the URL and title of every webpage you visit, and how you got to that page, along with a per-user identifier and details about your operating system and browser version, plus other metadata, and then transmit all that info back to Avast’s backend servers. The user identifier is not always sent, according to Palant: it may not be disclosed if you have Avast Antivirus installed.

          The rub seems to be that Avast says it needs this personal data to detect dodgy and fraudulent websites, while Palant argues the company goes too far and wanders into spyware territory. While Avast’s explanation is plausible, there are much better and safer ways to check visited pages for nastiness, typically involving cryptographic hashes of URLs, than firing off all visited web addresses to an Avast server, we note.

        • Zibi Braniecki: Multilingual Gecko – 2017-2018 – Rearchitecture

          Between 2017 and 2018 we refactored a major component of the Gecko Platform – the intl/locale module. The main motivator was the vision of Multilingual Gecko which I documented in a blog post.

          Firefox 65 brought the first major user-facing change that results from that refactor in form of Locale Selection. It’s a good time to look back at the scale of changes. This post is about the refactor of the whole module which enabled many of the changes that we were able to land in 2019 to Firefox.

        • How to stop third party tracking on health sites

          This practice isn’t always unlawful, but it is creepy. Tracking by third parties happens across a wide swath of websites, but it is especially unsettling for health-related websites.


          If you’re fed up with the level of third party tracking happening on the web, take control of your personal data with Firefox with Enhanced Tracking Protection.

          The Firefox privacy protections dashboard reveals who’s trying to track you behind the scenes and helps you stop them. To see who’s trying to track you on individual webpages, click on the shield icon to the left of the Firefox address bar. (If you don’t see the shield, here’s how to update your Firefox.)

        • Mozilla GFX: moz://gfx newsletter #49

          By way of introduction, I invite you to read Markus’ excellent post on this blog about CoreAnimation integration yielding substantial improvements in power usage if you haven’t already.

          Next steps in this OS compositor integration saga include taking advantage CoreAnimation with WebRender’s picture caching infrastructure (rendering tiles directly into CoreAnimation surfaces), as well as rendering using a similar mechanism on Windows via DirectComposition surfaces. Markus, Glenn and Sotaro are making good progress on all of these fronts.

        • JSConf JP 2019 – Tokyo, Japan

          I do not step often in JavaScript conference. The language is not my cup of tea. I go through minified, obfuscated broken code every day for webcompat work. JavaScript switched from language that “makes Web page inaccessible and non performant” to “waste of energy, cpu, and nightmare to debug”.

          But this last week-end, I decided to participate to JSConf JP 2019 and I had a good time. I met cool and passionate people. I also felt old. You will understand later why.

        • DeepSpeech 0.6: Mozilla’s Speech-to-Text Engine Gets Fast, Lean, and Ubiquitous

          The Machine Learning team at Mozilla continues work on DeepSpeech, an automatic speech recognition (ASR) engine which aims to make speech recognition technology and trained models openly available to developers. DeepSpeech is a deep learning-based ASR engine with a simple API. We also provide pre-trained English models.

          Our latest release, version v0.6, offers the highest quality, most feature-packed model so far. In this overview, we’ll show how DeepSpeech can transform your applications by enabling client-side, low-latency, and privacy-preserving speech recognition capabilities.

        • AiC: Improving the pre-RFC process

          I want to write about an idea that Josh Triplett and I have been iterating on to revamp the lang team RFC process. I have written a draft of an RFC already, but this blog post aims to introduce the idea and some of the motivations. The key idea of the RFC is formalize the steps leading up to an RFC, as well as to capture the lang team operations around project groups. The hope is that, if this process works well, it can apply to teams beyond the lang team as well.


          In general, you can think of the RFC process as a kind of “funnel” with a number of stages. We’ve traditionally thought of the process as beginning at the point where an RFC with a complete design is opened, but of course the design process really begins much earlier. Moreover, a single bit of design can often span multiple RFCs, at least for complex features – moreover, at least in our current process, we often have changes to the design that occur during the implementation stage as well. This can sometimes be difficult to keep up with, even for lang-team members.

          This post describes a revision to the process that aims to “intercept” proposals at an earlier stage. It also proposes to create “project groups” for design work and a dedicated repository that can house documents. For smaller designs, these groups and repositories might be small and simple. But for larger designs, they offer a space to include a lot more in the way of design notes and other documents.

          Assuming we adopt this process, one of the things I think we should be working on is developing “best practices” around these repositories. For example, I think that for every non-trivial design decision, we should be creating a summary document that describes the pros/cons and the eventual decision (along with, potentially, comments from people who disagreed with that decision outlining their reasoning).

    • Productivity Software/LibreOffice/Calligra

      • Fixed a terrible [LibreOffice] regression

        There was a bug tdf#128133 about “muddy fonts in LibreOffice GUI with 125% scale in Windows”. I have 125% scaled GUI on all my machines with Windows because I have a bad vision. And that bug was very terrible for me.
        The bug was a regression but we have couldn’t to find a bad commit using bibisect process. We just have had wrong result.

      • [LibreOffice] Celebrating International Volunteer Day

        Today is International Volunteer Day. All around the world, volunteers give their time and energy to help many different causes – including free and open source software projects like LibreOffice.

        Indeed, LibreOffice wouldn’t be where it is today, without the incredibly valuable help of hundreds of volunteers in the last decade. So to everyone who has contributed to our project and community over the years, we at The Document Foundation want to say a big thank you! Your work has helped many millions of LibreOffice users around the world benefit from powerful, open and multilingual productivity tools.

    • FSF

      • The FSF tech team: doing more for free software

        At the Free Software Foundation (FSF), we like to set big goals for ourselves, keeping a relatively small group of dedicated activists determined to cover a lot of ground in a short time.The FSF tech team, for example, has just four members — two senior systems administrators, one Web developer, and a part-time chief technology officer — yet we manage to run over 120 virtual servers. These run on about a dozen machines hosted at four different data centers. These include many public-facing Web sites and community services, as well as every single IT requirement for the staff: workstations, data storage and backup, networking, printing, accounting, telephony, email, you name it.

        We don’t outsource any of our daily software needs because we need to be sure that they are done using only free software. Remember, there is no “cloud,” just other people’s computers. For example: we don’t outsource our email, so every day we send over half a million messages to thousands of free software hackers through the community mailing lists we host. We also don’t outsource our Web storage or networking, so we serve tens of thousands of free software downloads — over 1.5 terabytes of data — a day. And our popularity, and the critical nature of the resources we make available, make us a target for denial of service attacks (one is ongoing as we write this), requiring constant monitoring by the tech team, whose members take turns being ready for emergency work so that the resources our supporters depend on stay available.

        As hard as we work, we still want to do more, like increasing our already strict standards on hardware compliance, so in 2020, we will finish replacing the few remaining servers that require a non-free BIOS. To be compliant to our own high standards, we need to be working with devices that are available through Respects Your Freedom retailers. We plan to add new machines to our farm, so that we can host more community servers like the ones we already host for KDE, SugarLabs, GNU Guix, Replicant, gNewSense, GNU Linux-Libre, and FSFLA. We provide completely virtual machines that these projects use for their daily operations, whether that’s Web hosting, mailing lists, software repositories, or compiling and testing software packages.

        We know that many software projects and individual hackers are looking for more options on code hosting services that focus on freedom and privacy, so we are working to set up a public site that anybody can use to publish, collaborate, or document their progress on free software projects. We will follow strict criteria to ensure that this code repository hosts only fully free software, and that it follows the very best practices towards freedom and privacy.

      • What’s new in the GNU Press Shop

        Greetings from the GNU Press Shop! This is an update on what’s new and exciting at the Free Software Foundation’s (FSF) online store, your source for GNU apparel, programming manuals, and more. We know at this time of year you’ll be looking for GNU gifts for your favorite free software enthusiasts, and we have some terrific new picks for you to choose from! For holiday gifting, shipped within the US, we recommend placing your order before December 17th.

        For starters, we’ve got just the thing for the chilly season: we have replaced our extended selection of hooded sweatshirts with a single, user-friendly zip-up design. It still comes in our signature maroon color, but with an all-new “happy computer” graphic by the FSF’s superstar 2019 intern Valessio Brito. Between this sweatshirt and the satisfying feeling of helping spread the word about software freedom, we think you’ll be quite warm and cozy this winter.

      • FSFE

        • Report from the 2019 FSFE Community Meeting in Bolzano, Italy

          Report from the 2019 FSFE Community Meeting in Bolzano, Italy
          This year’s FSFE Community Meeting took place from Friday 15 November to Saturday 16 November 2019 as part of SFSCon – an annual Free Software event in the city of Bolzano in South Tyrol, Italy. As in previous editions, embedding our community meeting in another event gave us the opportunity to meet different parts of our own community as well as to connect with people from other communities.

          On Friday, SFScon started officially and the NOI Techpark transformed into the interim capital of Free Software with talks and booths. Of course, the FSFE booth was also part of it and the booth team commandeered the whole area by installing a balloon chain and putting up posters. The rumours that the booth team gave away free pizza (not as in freedom) to gain more attention, are highly exaggerated, though.

    • Programming/Development

      • This Week in Rust 315

        Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

      • Python

        • Adding Notifications to Long-Running Jupyter Notebook Cells

          If you use Jupyter Notebook to run long-running processes, such as machine learning training, then you would probably like to know when the cell finishes executing. There is a neat browser plugin that you can use to help solve this issue called jupyter-notify. It will allow you to have your browser send a pop-up message when the cell finishes executing.

        • #100DaysOfCode, Day 015 – Quick and Dirty Web Page Download

          I wanted to write a program that would just get the latest comic from turnoff.us and save the picture to a file.

        • Mozilla and Chan Zuckerberg Initiative to support pip
        • Creating Palindromes — if possible — from a string of letters.

          I don’t like the idea of Union[str, int] as a return type from this function. Yes, it’s valid Python, but it seems like a code smell. Since the intent is to build lists, a None would be more sensible than a number; we’d have Optional[str] which seems better overall.

          The solution that was posted was interesting. It did way too much work, but it was acceptable-looking Python. (It started with a big block comment with “#” on each line instead of a docstring, so… there were minor style problems, but otherwise, it was not bad.)

        • Functional programming design pattern: Nested Iterators == Flattening

          Here’s a functional programming design pattern I uncovered. This may not be news to you, but it was a surprise to me. It cropped up when looking at something that needs parallelization to reduced the elapsed run time.

        • List Comprehensions in Python

          A list is one of the fundamental data types in Python. Every time you come across a variable name that’s followed by a square bracket [], or a list constructor, it is a list capable of containing multiple items, making it a compound data type. Similarly, it is also a breeze to declare a new list and subsequently add one or more items to it.

        • Python if else demo

          A simple kata from codewars will show us how to use the if-else statement in python.

          The wide mouth frog is particularly interested in the eating habits of other creatures.

          He just can’t stop asking the creatures he encounters what they like to eat. But then he meets the alligator who just LOVES to eat wide-mouthed frogs!

          When he meets the alligator, it then makes a tiny mouth.

    • Standards/Consortia

  • Leftovers

    • Protest Song Of The Week: ‘She Showed Me Love’ By Neil Young and Crazy Horse

      In an interview for MOJO Magazine, Neil Young said it is a “hell of a time to be alive. I wouldn’t wish what’s gonna happen on my grandchildren, and even my children. I’ll probably be here long enough to see the very beginning of the devastation.” That is, “unless we do something to change it.” The rage from Young is personal. In 2018, he lost a home in Malibu, California, to a wildfire. It prompted the longtime musician to rant against President Donald Trump for his deadly climate change denial. Young and his band, Crazy Horse, recently released “Colorado,” an album filled with lyrics that attend to the environmental devastation surrounding us. Of particular note is a 13-minute jam called “She Showed Me Love.” On the track, Young sings about what Mother Nature has taught him. He recognizes the light that she brings. But Young protests against the “old white guys trying to kill mother nature.” As he fumes over what MOJO describes as a “staccato stomp,” Young pays tribute to the youth that are “fighting to save Mother Nature.” They are demonstrating, taking a stand for themselves, and recognize the importance of saving the planet, even if their parents or grandparents do not share their urgency. Later, Young sings about “Mother Nature pushing Earth in a baby carriage.” It’s his way of calling attention to how the environment nurtures life. Crazy Horse has been around for fifty years, backing up Young when he called on them. Young feels like cosmic forces align when he plays with the Horse. He can sing and talk about things that other people may not want to support. Beginning in 2015, Young worked with Lukas Nelson and the Promise of The Real. They were his backing band for the album, “The Monsanto Years,” which had the agribusiness panicking. They conducted an intelligence operation out of a “fusion center” to figure out whether it was worth it to pursue legal action. (Nelson is the son of country music legend Willie Nelson.)Yet, there is so much history with Crazy Horse, and guitarist Nils Lofgren returned for “Colorado.” He had not been on a Crazy Horse album since 1971. He helped create that feeling of being waist deep in the muck, which permeates “She Showed Me Love.”

    • Most Dutch Turn TV Off, Put Phone Away for Dinner
    • Science

      • How do Russian HIV deniers operate, and would a newly proposed bill banning HIV denial actually stop them?

        At the end of November, Russia’s Health Ministry introduced a bill into the country’s State Duma that would ban HIV denialism. The bill would amend an existing law called “On the Prevention of the Spread of HIV Infections” to forbid the distribution of “inaccurate information about the effect of HIV infection on one’s health.” That information would fall into three possible categories: denying the existence of HIV, denying its relationship with AIDS, and denying the existence of prevention and treatment methods for the virus. HIV denial is not an exclusively Russian phenomenon — supporters of the ideology can be found in Africa and the United States as well — but Russia appears to be the first country with a shot at introducing fines for expressing denialist beliefs and blocking the webpages of deniers themselves. Given that absence of international precedent, it is very difficult to predict the effectiveness and the possible unintended consequences of measures like the new denial ban. Alexander Yershov spoke with Pyotr Meylakhs, a senior sociology and public health scholar specializing in HIV denialism at the Higher School of Economics, about the Russian HIV denialist community and about whether the Health Ministry’s new bill will really help correct its falsehoods.

      • The current state of blockchain and where it’s going

        However, private, permissioned ledgers will not be suited to all use cases. There need to be improvements in general to permissionless networks’ capacity to manage more events at a time. This leads us to where the most ambitious work might be happening: consensus mechanisms.

        Getting all participants to come to a consensus on the “truth” of all the transactions (i.e., the changes) that happen on the network and on their order is one of the great difficulties of distributed systems. As a type of distributed system, blockchains inevitably contend with it, too.

        Bitcoin’s solution is to organize a race every 10 minutes to solve a computational puzzle and let the winner settle what transactions happened in the last time period and in which order, which everyone else can then easily verify and agree on. By virtue of the kind of puzzle used, the winner is essentially random, but the problem with this “Nakamoto-style proof of work” is that the puzzles used in this race also require horrendously high computational resources to solve (by design), and the work of everyone but the winner is thrown away after each round.

        While it is secure, proof of work is also energy-consuming and slow.

        What we need are better consensus mechanisms that will allow participants of blockchain networks to come to agreement more efficiently, making it possible for the whole system to process more events per second.

        Ethereum, notably, is working on numerous innovations to solve these limitations. First of all, it plans to let go of proof of work to move to a proof of stake consensus mechanism, often referred to as the Casper protocol. It uses economic incentives and disincentives to get the nodes to secure the network and make cheating (very) costly.

        Another problem a blockchain that can execute smart contracts must contend with is how the execution of code is guaranteed to be correct and what impact this has on the processing capacity of the overall network. Currently, Ethereum requires each validating node to execute the code to verify that the results offered by other nodes are correct. This poses scalability issues, as the greater the success of the Ethereum “world computer,” the more code validators need to check: all the nodes need to agree on the order and the validity of each line of code executed and will inevitably be held back by the slowest node.

        One of the options to alleviate this issue is sharding, a solution where only part of the network executes the code and returns results the rest of the network can verify.

        Pushing this idea further, ZEXE, a project by the team behind Zcash, deals with this situation by making it possible to submit the result of the execution of code along with a cryptographic proof that the result is correct. Other nodes can then take this proof and check it very quickly without redoing the computation. This, combined with bounties for proving results wrong, creates a system where code can be executed by a single node and checked by many, and it makes for a clever way of speeding up the execution of distributed applications (dapps).

        Consensus in distributed systems is not exactly a new research field, but as blockchains have become popular, there has been renewed interest in consensus research. I could mention many more (Tendermint, Ouroboros, and Algorand come to mind), but I’ll offer one other interesting approach regarding consensus: consensus agility. For instance, Hyperledger Sawtooth can change consensus on the fly, “putting all blockchain configuration on the chain itself.” This makes it possible to start a network using a given consensus mechanism and switch to a different, more adapted one when the network and its users have changed, say going from a small-scale deployment to a large consortium.

        This is starting to shed light on an important aspect of the evolution of blockchains: modularity. While the first projects were very tightly integrated, over time, efforts have been made to separate the different layers: networking, consensus, application, and even information storage.

    • Amazon

      • AWS announces new ARM-based instances with Graviton2 processors

        AWS, the cloud division of Amazon, just announced the next generation of its ARM processors, the Graviton2. This is a custom chip design with a 7nm architecture. It is based on 64-bit ARM Neoverse cores.

        Compared to first-generation Graviton processors (A1), today’s new chips should deliver up to 7x the performance of A1 instances in some cases. Floating point performance is now twice as fast. There are additional memory channels and cache speed memory access should be much faster.

        The company is working on three types of Graviton2 EC2 instances that should be available soon. Instances with a “g” suffix are powered by Graviton2 chips. If they have a “d” suffix, it also means that they have NVMe local storage.

      • Gravitons reign, yo: A screaming comes across the sky and all across the Neoverse

        The first generation of Arm-based EC2 servers, dubbed A1, used AWS’s Graviton1 processor line, which debuted a year ago. Based on 16 64-bit Arm Cortex-A72 cores clocked at 2.3GHz, they were designed to provide cost savings over x86-based microprocessors for specific applications like web servers, microservices, data and log processing, and other workloads suited to small cores and limited memory requirements.

      • Finally: AWS Gives Servers A Real Shot In The Arm

        Finally, we get to test out how well or poorly a well-designed Arm server chip will do in the datacenter. And we don’t have to wait for any of the traditional and upstart server chip makers to convince server partners to build and support machines, and the software partners to get on board and certify their stacks and apps to run on the chip. Amazon Web Services is an ecosystem unto itself, and it owns a lot of its own stack, so it can just mike drop the Graviton2 processor on the stage at re:Invent in Las Vegas and dare Marvell, Ampere, and anyone else who cares to try to keep up.

      • Datacoral announces HIPAA compliance, Data & Analytics competency and Amazon Linux 2 certification

        Today at AWS re:Invent, Datacoral, a provider of data pipeline infrastructure, announced three newly achieved AWS and government standard milestones that reinforce long term commitments to data security and AWS best practices. Datacoral has achieved HIPAA compliance, earned its Data & Analytics competency as an APN Advanced Technology Partner, and certified their support for Amazon Linux 2.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • The rise, disappearance, and retirement of Google co-founders Larry Page and Sergey Brin

          In that context, it’s important to look back at the big moments in both men’s careers and how the actions they took have had an outsized impact not just on the tech industry, but on the internet and society itself. What Page and Brin have built will likely last for decades to come, and knowing how Google got to where it is today will be an important piece in the puzzle of figuring out where it goes in the future.

        • CERN selects Juniper Networks to increase data centres capacity

          The European Organization for Nuclear Research (CERN) has deployed Juniper Networks networking solutions to increase the capacity of its data centres and technical network to adapt to increasing research requirements.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • The Foundational Era of Open Source

                Between 2012 and 2015, though, we passed into a new, modern era of open source software that I call the Foundational era of open source. Open source projects were given to community-owned, non-profit foundations to manage and nourish—organizations such as the Linux Foundation, the folks behind Cloud Native Computing Foundation and the Continuous Delivery Foundation; Cloud Foundry Foundation; The Apache Foundation; and the Eclipse Foundation (one of the early entrants, even if IBM did come to dominate it) took over the stewardship of many open source projects.

                This has ushered in a truly golden age of open source software that has seen open source become the dominant form of software in the world. The Foundational era of open source has flourished for several reasons. For one, now multiple commercial entities can contribute code without worrying that it is for the exclusive benefit of just one company. What’s more, these foundations have a mix of vendors, practitioners and large enterprise users that really do allow for the democratization of open source at levels not seen before. Also, there is a process of incubation to graduation that these projects are put through that help them evolve and grow.

        • Security

          • Ubuntu Linux Gets Intel Microcode Update to Fix CPU Hangs

            Canonical has released a new Linux Intel microcode update for Ubuntu that fixes an issue causing Intel Skylake CPUs to hang after a warm reboot.

            On November 12th, 2019, new Intel microcodes were released to mitigate a vulnerability discovered in the Transactional Synchronization Extensions (TSX) feature in Intel processors and a vulnerability in Intel Xeon processors that could lead to a denial of service attack from a local privileged user.

          • Security updates for Wednesday

            Security updates have been issued by CentOS (389-ds-base, ghostscript, kernel, and tcpdump), Debian (libonig), Fedora (clamav, firefox, and oniguruma), openSUSE (calamares, cloud-init, haproxy, libarchive, libidn2, libxml2, and ucode-intel), Scientific Linux (SDL and tcpdump), Slackware (mozilla), and Ubuntu (haproxy, intel-microcode, and postgresql-common).

          • Samba Patch Caps Busy Year for IBM i Security

            IBM last week patched a moderately severe security flaw in IBM i’s Samba implementation that could enable hackers to access data they really shouldn’t be able to access. The disclosure caps a rather busy second half of the year for security patches on IBM i that saw 26 emergency PTFs and Yum updates for Node.js, Python, the Apache HTTP Server, OpenSSL, ISC Bind, IBM Navigator, and even Db2 Mirror for IBM i.

            On November 26, IBM issued this security bulletin to let people know about the new flaw in the Samba client. The flaw could allow a hacker to not only access files and folders on the affected server that are outside of the SMB network pathnames, but to also create files outside of the working directory, according to IBM’s description. The flaw, which carries a CVSS Base Score of 5.3, was fixed with a series of PTFs for IBM i 7.2, 7.3, and 7.4.

            It was the second patch that month, with the first coming on November 4, when IBM issued a security bulletin that discussed four separate vulnerabilities in Python that impact IBM i versions 7.2 through 7.4. All of the Python vulnerabilities are in the open source programing language, which runs on IBM i via the PASE Unix runtime, and not in any code that’s unique to IBM i.

          • RSA-240 Factored

            We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits): [...]

          • Senators sound alarm on dangers of ransomware attacks after briefing [iophk: Windows TCO]

            Sen. Gary Peters (D-Mich.), another member of the Cybersecurity Caucus and the top Democrat on the chamber’s Homeland Security and Governmental Affairs Committee, told reporters that while he was not at the briefing on Wednesday, he would support holding a public hearing on ransomware threats.

          • Ransomware attacks on business, government pick up pace

            Ransomware attacks on businesses and governments will continue at a more rapid pace, thanks to newly found security vulnerabilities, according to one global security firm which forecasts further increases in ransomware attacks and VPN “scandals” in 2020 and beyond.

          • ThreatList: A Third of Biometric Systems Targeted by Malware in Q3 [iophk: Windows TCO]

            Kaspersky researchers found that in the third quarter, one in three (37 percent) of computers within the firm’s telemetry that collect, process and store biometric data were targeted by malware attacks. The malware in question included spyware and remote access trojans (RATs), which accounted for 5.4 percent of all computers analyzed; followed by malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and trojan bankers (1.5 percent).

          • Biometric data processing and storage system threats

            Thirdly (and most importantly), biometric data, once compromised, is compromised for good: users cannot change their stolen fingerprints the way they do stolen passwords. What’s more, biometric data may turn out to be compromised for all applications at the same time. An individual will therefore potentially be affected for the rest of his or her life.

            Given all of the issues above, it is remarkable how careless biometric authentication system developers and users are about protecting these systems and the biometric data collected by them against computer attacks.

          • Security updates for Thursday

            Security updates have been issued by Arch Linux (firefox), Fedora (cyrus-imapd, freeipa, haproxy, ImageMagick, python-pillow, rubygem-rmagick, sqlite, squid, and tnef), openSUSE (haproxy), Oracle (microcode_ctl), and Ubuntu (squid, squid3).

          • Aviatrix VPN vulnerability left user endpoints wide open

            Aviatrix, a supplier of open source enterprise virtual private networks (VPNs) to customers including BT, Nasa and Shell, has patched a serious vulnerability in its client that could have given an attacker escalation privileges on a machine to which they already had access.

            The vulnerability was uncovered by Immersive Labs researcher and content engineer Alex Seymour, after noticing that the VPN client was unusually verbose when booting on a Linux machine.

            Its disclosure comes hot on the heels of government warnings about the possibility of state-sponsored threat actors targeting high-profile organisations through VPN vulnerabilities in products from the likes of Pulse Secure, Palo Alto Networks and Fortinet.

          • OpenBSD

            • Authentication vulnerabilities in OpenBSD

              We discovered an authentication-bypass vulnerability in OpenBSD’s authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd, but its real-world impact should be studied on a case-by-case basis. For example, sshd is not exploitable thanks to its defense-in-depth mechanisms.

            • OpenBSD patches authentication bypass, privilege escalation vulnerabilities

              OpenBSD has patched four vulnerabilities including privilege escalation flaws and a remotely exploitable authentication bypass.

              OpenBSD is an open source Unix operating system based on Berkeley Software Distribution (BSD) and built with security in mind. On Wednesday, Qualys Research Labs revealed the existence of four vulnerabilities in the OS that were first privately reported in the interest of responsible disclosure.

            • OpenBSD Multiple Authentication Vulnerabilities

              Multiple authentication vulnerabilities in OpenBSD have been disclosed by Qualys Research Labs. The vulnerabilities are assigned following CVEs: CVE-2019-19522, CVE-2019-19521, CVE-2019-19520, CVE-2019-19519. OpenBSD developers have confirmed the vulnerabilities and also provided a quick response with patches published in less than 40 hours.

            • Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD

              OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework.

            • OpenBSD Hit with Authentication, LPE Bugs

              An authentication bypass and three local privilege-escalation (LPE) bugs have been uncovered in OpenBSD, the Unix-like open-source operating system known for its security protections.

              The most severe of the vulnerabilities is the bypass (CVE-2019-19521), which is remotely exploitable.

              OpenBSD uses BSD authentication, which enables the use of passwords, S/Key challenge-and-response authentication and Yubico YubiKey tokens. In each of these cases, to perform the authentication, the string “/usr/libexec/auth/login_style [-v name=value] [-s service] username class” is used. If an attacker specifies the username “-schallenge” (or “-schallenge:passwd,” the authentication is automatically successful and therefore bypassed.

          • Privacy/Surveillance

            • Legitimised Surveillance: Kim Dotcom’s Case Against GCSB

              Surveillance activities and the law are often at loggerheads. The former specialises in destroying privacy; the latter, in so far as it might be adequate, sometimes furnishes a means of preserving it. When it comes to exposing overly-eager surveillance activity, obstacles arise. Ironically, the privacy of agents, and the sacrosanct nature of their abuse, become points of issue. Public interest tests are employed, often against the public. To expose such conduct might be to compromise the State apparatus altogether.

            • ‘A Damning Indictment’: Global Poll Shows 71% Support Regulation of Tech Giants to Protect Data Privacy

              “People want to see an end to tech companies trampling over our right to privacy.”

            • iPhone 11 Pro phones home with user location even when told not to

              Security researcher Brian Krebs recently showed that the iPhone 11 Pro tracks users’ location even when explicitly told not to. As of iOS 13.2.3, this is still active. While it’s usually only asked in half jest, half conjecture… The question: “Is my iPhone tracking me?” has a disturbing new and verified answer.

            • Amazon let cops see a heatmap of Ring doorbell users in their area

              The folks at Cnet reviewed public documents from the Rolling Meadows Police Department in Illinois that were obtained by privacy researcher Shreyas Gandlur, which showed the US bacon had a heat map of the Ring doorbells being used in a neighbourhood.

            • Ring let police view map of video doorbell installations for over a year

              Public documents from the Rolling Meadows Police Department in Illinois, obtained by privacy researcher Shreyas Gandlur and reviewed by CNET, revealed that police had access to a heat map that showed the concentration of Ring cameras in a neighborhood.

              In its default state, the heat map showed police where Ring cameras are concentrated: the darker the shade, the more the cameras. But when zoomed in, it would show light circles around individual locations, essentially outing Ring owners to police. Police could also type in specific addresses to see the cameras in the surrounding area.

            • Portland, the largest city in Oregon, plans to propose first facial recognition ban affecting private companies

              The potential of the software, however, has also drawn concern from federal lawmakers. In March, a bipartisan bill was introduced by Sens. Brian Schatz (D-Hawaii) and Roy Blunt (R-Mo.) to strengthen consumer protections by prohibiting companies that use facial recognition technology from collecting and resharing data for identifying or tracking consumers without their consent.

              At the state level, California Gov. Gavin Newsom signed a temporary ban on facial recognition technology in police body cameras in October. Detective Lou Turriaga, director of the Los Angeles Police Protective League, opposed the move.

            • Doug Belshaw: Truth, Lies, and Digital Fluency (ITHAKA: Next Wave, December 2019)

              I want to cover the existential threat that surveillance capitalist organisations present society, and how that should feed into our thinking around digital literacies. I’m also pretty dismissive of ‘digital fluency’ as I see it as an unhelpful umbrella term into which people like to fold their hopes, fears, and dreams.

    • Defence/Aggression

      • Goodbye Law and Morality, Welcome Pretend Tough!

        Who needs law, discipline, and morality? These standards mean nothing for a pay-your-doctor-for-an-excuse draft dodger who pretends he is strong and likes tough guys. We have known for years Donald Trump believes that his fame permits him to grab any pussy and do whatever  he wants. Now he boasts that he has liberated a Navy SEAL accused of stabbing to death an Arab teenager already under sedation because of previous injury.  The boy was so skinny that his watch slid easily off his wrist. In no way ashamed of his feat, Chief Petty Officer Edward Gallagher than posed for a triumphal  photo holding his dead victim by the hair. Encouraged by Fox News, the president brags for his base that he has upended the military code of justice to protect the petty officer from punishment. Presumably the two-in-five American voters who support the president are equally indifferent to law, discipline, and basic morality.  They may go to church on Sunday but who knows what they do they rest of the week?

      • Trump Pressured Pentagon to Give $400 Million Wall Contract to Fox News Guest

        The company of a Fox News guest repeatedly praised by President Donald Trump received a $400 million border wall construction contract from the Pentagon.

      • Iraq: New Protester Deaths Despite Order Not to Fire

        Security forces across Iraq are using lethal force against protesters despite orders to stop, Human Rights Watch said today. The orders to stop using live ammunition were issued by Adil Abd Al-Mahdi, who resigned as prime minister on November 29, 2019, but remains in office in a caretaker status. The authorities should take urgent measures to stop security forces from using excessive force against protesters.

      • Gambia: Commission Uncovers Ex-Dictator’s Alleged Crimes

        A Gambian truth commission has heard testimony that former President Yahya Jammeh was responsible for numerous grave crimes during his 22 years in office.

      • NATO Should Be Dissolved

        The three smartest words that Donald Trump uttered during his presidential campaign are “NATO is obsolete.” His adversary, Hillary Clinton, retorted that NATO was “the strongest military alliance in the history of the world.” Now that Trump has been in power, the White House parrots the same worn line that NATO is “the most successful Alliance in history, guaranteeing the security, prosperity, and freedom of its members.” But Trump was right the first time around: Rather than being a strong alliance with a clear purpose, this 70-year-old organization that is meeting in London on December 4 is a stale military holdover from the Cold War days that should have gracefully retired many years ago.

      • End the Wars, Win the Antiwar Vote

        Like anyone else who was around that day, I can tell you exactly where I was on 9/11.

    • Environment

      • You just lived through the warmest decade on record – and it’s only going to get hotter

        Concentrations of carbon dioxide in the atmosphere – the greenhouse gas most responsible for global warming – hit a record level of 407.8 parts per million in 2018 and continued to rise in 2019. Carbon dioxide lasts in the atmosphere for centuries and the ocean for even longer, thus locking in climate change, the WMO said.

        And 2019 itself is on course to be the second- or third-warmest year on record, with 2016 still holding the all-time temperature record.

      • American trash

        Electronics can be hazardous when disposed of improperly, and the Basel Action Network, or BAN, investigates the underground world of the e-waste trade. The nonprofit group secretly embeds trackers in discarded devices, then hands them to recyclers to see where they end up, exposing bad practices in the process. After dropping bugged LCD monitors in Oregon, they followed along as the trackers traced a circuitous route through the summer of 2015 and into the fall.

      • How Supporters of the Green New Deal Are Showing Up for Workers

        Calls for a “just transition” have become central to a robust and revitalized environmental movement in the United States aimed at preventing climate catastrophe. The idea behind a just transition is that, as our economy shifts away from dependence on fossil fuels, the workers in the fossil fuel and related industries should be treated with dignity and respect, and guaranteed good union jobs.

      • New water for old as glaciers vanish

        Voids left as glaciers vanish could be used to store spring snowmelt and rainfall to save the valleys below from summer droughts.

      • Wealthy Countries’ Approach to Climate Change Condemns Hundreds of Millions of People to Suffer

        In Madrid, Spain, the 2019 UN Climate Change Conference—known as COP25—began on December 2. Representatives of the world’s countries gathered to discuss what is decidedly a serious problem for the planet; no one, except dangerous political forces in the neofascist right, denies the reality of climate change. What prevents a transfer from carbon-based fuel to other fuels is not the stubbornness of this or that country. The main problems are three:

      • Iceland Fights Climate Change the Same Way It Beat the Banking Crisis

        What can you do if you’re a smallish island in the North Atlantic with a lot of snow and a melting economy? Quite a lot, it turns out, if you’re prepared to put local people’s needs first.

      • Big Polluters Must Be ‘Held Liable’ for Destruction of Climate, Campaigners Say at COP 25

        “For decades, big polluters have gone to any lengths to block, weaken, and delay policy. That time is over.”

      • Energy

        • Pacific Northwest Fights Fossil Fuel Industry’s Push for Fracked Gas

          As the fossil fuel industry works to turn the Pacific Northwest into a fossil fuel hub, a Thin Green Line stands in its way. Producer Barbara Bernstein’s latest project, “Holding the Thin Green Line,” explores how local communities are fighting the fossil fuel industry’s push for massive fracked gas projects in Washington and Oregon. In part 1, we heard about plans to build the world’s largest methanol refineries in Tacoma and Kalama, Washington. This week we hear part 2, “A View from the Blast Zone,” on the struggle to stop a massive LNG facility that is being built at the Port of Tacoma.

      • Wildlife/Nature

        • Indigenous Leader Davi Kopenawa: Bolsonaro Is Killing My People and the Amazon

          Democracy Now! sat down with Indigenous leader Davi Kopenawa, one of this year’s Right Livelihood Award honorees, along with the organization he co-founded, Hutukara Yanomami Association. Kopenawa is a shaman of the Yanomami people, one of the largest Indigenous tribes in Brazil, who has dedicated his life to protecting his culture and protecting the Amazon rainforest. He says indigenous people in the Amazon are under threat from business interests as well as politicians, including far-right President Jair Bolsonaro, who has a long history of anti-indigenous statements and policies. “He doesn’t like indigenous people. He does not want to let the Yanomami people to live at peace, protected. … What he wants is to extract our wealth to send to other countries.”

        • Climate change is causing birds to shrink, study says

          As the climate warms, birds are shrinking and their wingspans are growing, according to a new study.

        • ‘We Have Met the Enemy and He Is Us’ — December’s Most Important Environmental Books
        • Royal Forests of America

          Medieval kings of England loved to hunt. In the 11th century, William the Conqueror designated certain English forests as his hunting preserves. At a time of large-scale deforestation and land clearance for sheep-grazing, these preserves shielded trees and wildlife from destruction. This ancient method of safeguarding habitat endures in the United States as American hunters play a vital role in the protection of nature.

        • Heartbreaking pictures show starving polar bears fighting over plastic rubbish
      • Overpopulation

    • Finance

    • AstroTurf/Lobbying/Politics

      • Legal Scholar Points to Sondland Testimony as ‘Most Chilling’ Evidence Trump Used Power of Office for Private ‘Political Benefit’

        “A candidate for president should resist foreign interference in our elections, not demand it. If we are to keep faith with the Constitution and our Republic, President Trump must be held to account.”

      • Billionaire Entitlement Run Amok: the Case of Michael Bloomberg

        Michael Bloomberg, according to Forbes Magazine the 9th richest man in the world with a net worth this year of $54.7 billion, isn’t just the real billionaire candidate for President in 2020 (Donald Trump’s net worth is almost certainly not counted in the billions, and could be negative for all we know, since he won’t release his tax records) Bloomberg is also the billionaires’ candidate for president. That is to say, he’s not just rich, he’s their man.

      • Elizabeth Warren: Savior of a Fallen System?

        Elizabeth Warren is a neoliberal in the service of the oligarchs and plutocrats: the few and the wealthy! She stands in a long line of neoliberals who join the contemporary liberal populist parade. Long gone are the New Deal and Great Society days when at least a few social programs were enacted for some. Of course, those programs of the New Deal were generally dependent on race.

      • Is Corbyn for Christmas Just Another Stove Pipe-Dream?

        Incorporating polling over the last week up through Monday night, Jeremy Corbyn’s Labour Party and smaller center-left parties have taken over the lead in twenty-five additional United Kingdom constituency seats in the most recent update to CounterPunch‘s #10at10 election modelling. In order to allow Corbyn a real chance to become Prime Minister, Labour and the Scottish National Party (SNP) will have to repeat that success again through next Monday to give them a chance to close the deal in the final days before next Thursday’s election.

      • Bernie Sanders Has the Backing of Leftists Worldwide

        Leftist leaders from the United Kingdom to South America have a clear ally in the U.S. presidential election. In a crowded presidential primary, Bernie Sanders has distinguished himself from centrists like Joe Biden and Pete Buttigieg and even fellow progressive Elizabeth Warren by calling the ouster of Bolivia’s former President Evo Morales a coup…

      • Bolivia’s Five Hundred-Year Rebellion

        In 1781, the Bolivian indigenous leader Tupac Katari led a rebellion in which La Paz, the Spanish colonial capital of “Upper Peru,” was besieged for 109 days.The siege ended with the arrival of a Spanish army. Katari was captured, he and his wife, Bartolina Sisa, were gruesomely executed, and thousands of indigenous people were massacred. For many years this was treated as a minor event in history books, but in the latter half of the twentieth century Katari and Sisa have been celebrated as symbols of the resistance to oppression by the indigenous majority, and as martyrs in a national revolution whose time has finally come.

      • Indians Shall Not Govern

        It was a fundraiser for Peruvian sick children. Being at the main table, I was seated – uncomfotably- next to a young man who was the embassy envoy, representing one of the most corrupt governments in the Americas. “But it is for a good cause, I shall behave and talk small talk”, I kept telling myself. My good intentions did not last long.

      • Two Balls and No Strikes
      • Feelings Hurt by ‘Two-Faced’ Trudeau and Laughing NATO Leaders, Trump Leaves Summit Early in a Huff

        “There is nothing he hates more than important people laughing at him.”

      • Ukraine? Yes. But Trump Must Also Be Impeached for Obstruction

        When the House Judiciary Committee was preparing to vote on articles of impeachment against a sitting president in the summer of 1974, a former justice of the peace from Watertown set the stage when he declared, “President Nixon’s conduct in office is a case history of the abuse of presidential power.”

      • Can We Get the Money Out of Politics?

        Lost amid the daily news cycle now focused on the impeachment of the president is the fact that money continues to roll in. Democratic candidates are constantly asking donors to help them meet the latest fundraising deadline, while Trump’s presidential rallies and meetings have long doubled as fundraisers.

      • WATCH LIVE: Day 6 of Trump Impeachment Hearings

        Judiciary Committee Chairman Jerrold Nadler said the hearing would offer an opportunity to “discuss the constitutional framework through which the House may analyze the evidence gathered in the present inquiry.”

      • Watergate Teaches Us That Democrats Should Broaden the Impeachment Charges

        The Washington Post reports that as House Democrats prepare to move the impeachment process to the Judiciary Committee, they are now quietly debating the possible expansion of impeachment articles beyond Ukraine.

      • Why so negative? ‘BBC’ gets an inside look at how Russia’s ‘troll factory’ is trying to become a legitimate news empire

        Evgeny Prigozhin has enjoyed a special place in news headlines for several years, but 2019 was a turning point for the Russian catering magnate (who also dabbles in media and mercenaries, among other things). After countless denials that he has any connection to St. Petersburg’s infamous “troll factory” (indicted by the U.S. Justice Department for interfering in America’s 2016 presidential election) or its associated news outlets, Prigozhin recently agreed to chair the board of trustees at “Patriot,” a new organization that unifies four of these very publications: The Federal News Agency, Economics Today, Politics Today, and The People’s News. In a new investigative report for the BBC Russian Service, journalists Andrey Zakharov and Elizaveta Fokht visited Patriot’s headquarters in St. Petersburg and met with its director, Nikolai Stolyarchuk, to learn about the media group’s “positive mission.” Meduza summarizes this article below.

      • Reagan’s Forgotten Iran-Contra Escape May Reveal More About Trump’s Fate Than Watergate

        When the scandal finally broke, it was on the other side of the Atlantic, in a nation that millions of Americans couldn’t pinpoint on a map. Congress had made its intentions clear in the form of legislation, but the White House secretly ignored that to illegally pursue its own controversial agenda.

      • ALEC Is an Incubator for Efforts to Protect White Supremacy, Says New Report

        Ten years ago, a then-state senator with ties to white supremacists named Russell Pearce introduced model legislation to his colleagues in the American Legislative Exchange Council (ALEC) that would later become SB 1070, Arizona’s infamous “show me your papers” law. While legal challenges have largely defanged provisions that authorized police to racially profile Latinx people as undocumented immigrants, SB 1070 and copycats passed in five other states are considered some of the most anti-Latinx and anti-immigrant measures in recent memory.

      • Modern Family Progressive Values Put Conservatives to Shame

        In a recent New York Times’ column, Thomas Edsall defends progressives against Attorney General William Barr and other social conservatives who charge them with wanton destruction of the family. Edsall is right to call out Barr and others for “marketing apocalyptic hogwash” to get Trump reelected, but his argument concedes too much to social conservatives.

      • ‘He Has a Lot of Explaining to Do’: Call Records Show Devin Nunes Spoke With Giuliani Multiple Times Amid Ukraine Scheme

        “Hugely incriminating” was how one commentator described the previously undisclosed call records.

      • Republicans’ Alternative “Report” Does Nothing to Refute Impeachment Report

        After an Autumn of accusation and acrimony that included two damning weeks of testimony from a variety of witnesses, the House Intelligence Committee on Tuesday afternoon released its report documenting the impeachment investigation into the activities of Donald Trump in Ukraine. The information contained within is intended as a baseline for the drafting of articles of impeachment against Trump, a duty that will fall upon Rep. Jerrold Nadler and the members of his House Judiciary Committee shortly.

      • Trump’s Actions Impeachable, Scholars Say, as Democrats Go All In
      • Trump’s Rightward Shift of Federal Courts Advances as Senate Confirms Anti-Choice Sarah Pitlyk
      • Former networks boss Sari Baldauf to replace Risto Siilasmaa as Nokia chair

        She sits on the executive boards of a number of Finnish and European companies including car maker Daimler AG, energy giant Fortum, equity management firm Capman and cyber security company F-Secure. She was chair of the Fortum board until 2018.

        Nokia also nominated Sampo financial group president and CEO Kari Stadigh to become the new vice chairman.

      • [Old] High School Football Players Took a Knee Before a Game, and Opposing ‘Fans’ Threw Trash at Them [iophk: social control media in place of real sources]

        He also said that the white coaches on Denby’s sideline were called “wiggers” and that “grown men and women started spitting on our kids as they walked up the ramp. They were throwing food, cups, and whatever…. They called my student trainer a little monkey and they were saying: ‘Who let them off their leashes? They need to be on a leash. They never should have been here in the first place.’”

        After the game there were scuffles as Denby left the field, as more debris was tossed from the stands.

      • [Old] Detroit Denby coach says Almont fans hurled racial slurs at players during confrontation

        According to Denby coach Deon Godfrey, the racist remarks included the N-word and began as early as when Denby players took a knee during the national anthem before the game.

      • The Tory Election “Campaign” to Date

        The Tory election “campaign” has been precisely that– a non-campaign in which BoJo Johnson has declined to debate with his opponents or be interviewed on TV by a figure (Andrew Neil) noted for asking difficult questions and persisting with them.

      • Britain’s Choice Is Socialism or Barbarism

        I am an American with a partner from England and a daughter with dual United Kingdom-U.S. citizenship. For a Yankee, I follow British politics closely.

      • Jonathan Riddell: Voting SNP in the UK Election

        I’m voting for Owen Thompson and the SNP at the UK election on December 12th. Normally for an election I would look through the manifestos and compare them along with consideration of the candidates and the party leaders to decide. But this election is a single issue election. It was called because the flawed 2016 referendum on EU membership did not ask what people wanted, it asked what they didn’t want (EU citizenship) but because there was no question asking what people did want instead it led to three years of parliament being stuck. The SNP policy is for a double proposal to have a referendum on the UK’s EU membership against the Withdrawal Deal as currently negotiated, and then to have a referendum on Scottish independence. This offers me the best chance to keep my EU citizenship and the freedoms it brings, while offering a good chance to get rid of a corrupt and pointless layer of government.

        As I’ve said before all the political parties let us down in 2016 by not effectively campaigning for EU membership and letting the racists and populists win over. They continue to let us down here on those measures. Not one party proposes to ban political advertising online as done with TV despite the well documented populism that gives. Not one seems to have a commitment to reform the rules of election and referendum campaigns to stop the illegal behaviour that Johnson’s Vote Leave campaign used in 2016. And I’ve never heard anyone point out that asking a referendum question which only says what you don’t want and not what you do want instead is a pointless question.

        But here’s a quick look at the manifestos anyway.

        SNP Good stuff about refendums, no nuclear bombs and critique of why Westminster if broken. The usual vague stuff about ending austerity without defining it and promises for the NHS with no explanation of why that public service deserves them more than every other public service. Various good ideas for things to be devolved like broadcasting or employment law. They do want to fix the voting franchise for UK elections to include non-UK EU citizens and people from age 16. They seem to think the UK government will allow an independence referendum while also de-legitimising the idea that there is no need for anyone to allow Scotland to have a referendum, this is a dangerous stance to take as well as incorrect, no other country considers that it has to ask its neighbour for permission for independence. Climate emergency comes in a bit later in the manifesto than I’d like to see but I suppose there’s not much the SNP can do at the UK level since the right layer of government for this is the EU and Scottish layers. Complying with international law to allow the return of residents of Diego Garcia is pleasingly in there but not on Catalonia. I’ve done door knocking with their candidate Owen Thompson this election who is an experienced politican from local and UK layers and I’m happy to support him.

      • UK general election poll tracker: Latest party odds and polling results in full
    • Censorship/Free Speech

      • Facebook Now Altering Users’ Posts To Add Singapore Government’s ‘Fake News’ Warnings

        Singapore’s “fake news” law continues to pay off for the Singaporean government. It’s already been used to target allegations made by political opposition leaders and now it’s converted Facebook to an extension of the ruling government.

      • State’s Rejection Of Driver’s ‘IMGOD’ Vanity Plate Unconstitutional, Federal Court Rules

        I’m always happy to see someone add to the growing body of First Amendment/vanity license plate case law. Using a very limited amount of space, some applicants have managed to offend the delicate sensibilities of government agencies, even without using the number 5 twice to spell “A55.”

      • Devin Nunes Follows Through And Sues CNN In Laughably Dumb SLAPP Suit

        As he promised last week, Rep. Devin Nunes has now sued CNN for defamation for accurately reporting what the indicted Lev Parnas’s lawyers had told them about Devin Nunes. Rather than state court in Virginia, this time, Nunes’ lawyer, Steven Biss filed the case in the big boy federal court in Virginia. This complaint may be the most laughable one yet of Nunes’ various SLAPP suits, and I should remind you that one of them involves him suing a cow.

      • Content Moderation At Scale Is Impossible: That Time Twitter Nazis Got A Reporter Barred From Twitter Over Some Jokes

        Reporter Jon Schwarz, over at The Intercept, has yet another story of content moderation at scale gone wrong, focusing this time on Twitter and his own account. It seems that a bunch of white supremacists on Twitter got mad at him, found an old joke, taken out of context, reported it en masse, and Twitter blocked him over it. Schwarz’s story is worth reviewing in detail, but I think he gets the wrong message out of it. His take is, more or less, that Twitter doesn’t much care about lowly users, and can’t be bothered to understand the context of things (we’ll get to the details of the spat in a moment)…

      • Swedish Officials Shut Down A$AP Rocky’s Prison Concert Attempt

        A$AP Rocky will be back to perform in Sweden — but a prison concert is now off the table. Sweden’s prison board ruled against the rapper’s appearance. 

      • Tony Robbins Crosses The Atlantic For Some Libel Tourism In Ireland; Files SLAPP Suit Against Buzzfeed

        Tony Robbins is American. Buzzfeed is an American news organization. Last week, Buzzfeed published its sixth story in an investigative series about Robbins, that included a story of Robbins allegedly sexually assaulting a high schooler at a summer camp in California. Which, last I checked [looks around quickly], is also in America. So, you might wonder why it is that Robbins has sued Buzzfeed in Ireland. Robbin’s lawyer, Paul Tweed has tried to defend the decision to sue in Ireland, but I’m having trouble seeing how any of this is convincing:

      • Elon Musk tries to explain Twitter in ‘pedo guy’ defamation case

        Musk was accusing Unsworth “of being a pedophile during what should have been the proudest moment of his life,” Wilson said. In other words, according to Wilson, Musk metaphorically shat in the punch bowl.

      • Putin Signs ‘Foreign Agents’ Law That Threatens Website Closures

        The label will be applied to individuals who collaborate with foreign media outlets and receive financial or other material support from them.

        Should anything a foreign media outlet publish violate Russian regulations, “the new norms allow the Russian government to block the websites of foreign agents or legal entities established by them,” TASS reported.

      • Kid Rock Closing Restaurant Following Tirade Against Oprah Winfrey

        Outspoken artist Kid Rock is closing his restaurant in Detroit in response to a protest against the controversial statements that he made about Oprah Winfrey and others.

    • Freedom of Information / Freedom of the Press

      • Morocco: Landmark Proposals on Individual Freedoms

        The Moroccan parliament should adopt the groundbreaking proposals made by a government-appointed body to enshrine individual freedoms, Human Rights Watch said today. In a memorandum published on October 28, 2019, the National Human Rights Council (also known by its French acronym, CNDH) recommended decriminalizing consensual sex between nonmarried adults and granting more religious freedoms.

      • Duterte Threatens to Shut Down TV Network

        President Rodrigo Duterte ramped up his attack on the Philippine media, vowing to block the renewal of ABS-CBN, the country’s largest and most influential broadcast network.

      • New report: Hungary dismantles media freedom and pluralism

        Hungarian journalists interviewed by the mission described a coordinated system of censorship and content control not seen since the fall of the Communist regime. They point out that Russian disinformation – a strong concern elsewhere in the region – is absent or weak in Hungary given that the public broadcaster, now deformed into a state broadcaster, effectively plays this role, together with the pro-government KESMA media group. Independent journalists are subject to pervasive discrimination by the state, denied access to publicly held information, excluded from official events and prevented or actively hindered from communicating with public officials.

    • Civil Rights/Policing

      • The Remembrance Poppy is Becoming a Weapon Against Immigrants to Canada

        Canada’s “diversity” is famous – or a bit infamous for the redneckers in a country larger than the US who still cannot quite accept that this is an immigrant nation.

      • The Ghost of Jimmy Hoffa Haunts American Labor

        On July 30, 1975, Jimmy Hoffa, the former president of the Teamsters Union, disappeared.

      • ‘Profoundly Disturbing’: William Barr Says Communities That Do Not ‘Respect’ Police Could Lose Protections

        Civil rights advocates viewed the attorney general’s comments as a threat against communities of color that have protested police brutality and killings.

      • Prosecutors propose four-year sentence for student and YouTuber who became public face of protest persecution

        Prosecutors have asked for a four-year prison sentence in the case of 21-year-old Egor Zhukov, a student at the Higher School of Economics, a Meduza correspondent reported from the courtroom.

      • Brazil: Venezuelan Children Fleeing Alone

        Brazilian authorities are failing to provide adequate protection for hundreds of unaccompanied Venezuelan children who are fleeing into Brazil. 

      • Greece: Camp Conditions Endanger Women, Girls

        (Athens) – Women and girls face relentless insecurity in Greece’s overcrowded Moria “hotspot” for asylum seekers and migrants on Lesbos island, Human Rights Watch said today, releasing a video that shows the dire conditions. The Greek government should take immediate action to ensure safe, humane conditions for women and girls in line with their international human rights obligations and standards for humanitarian emergencies.

      • Australia: Press for Release of Vietnam Detainees

        The Australian government should publicly and privately press the Vietnamese government to overturn the convictions of a detained Australian and two of his Vietnamese colleagues.

      • Auditing Algorithms in New York City

        Algorithmic decision-making is becoming the new norm in New York. City agencies use computerized algorithms to make important decisions about New Yorkers’ daily lives, from school assignments to public benefits evaluations and more. But serious concerns persist on how to monitor automated systems and prevent human rights abuses.

      • UN Report Finds Over 7 Million Children Worldwide Are Being Held in Detention

        A damning United Nations report says that 7 million children are deprived of their liberty worldwide, from children imprisoned on the U.S.-Mexico border to the missing children of ISIS fighters. The Global Study on Children Deprived of Liberty says that at least 410,000 of those children are detained in jails and prisons, where violence is “endemic.” The study also found that the number of children detained in the context of armed conflict has dramatically risen. The global study was published in November, on the 30th anniversary of the Convention on the Rights of the Child, the landmark international treaty affirming the world’s commitment to protecting children. It is the most ratified U.N. Treaty in history — the United States is one of the only countries that hasn’t ratified the convention. We’re joined by Manfred Nowak, lead author of the U.N. Global Study on Children Deprived of liberty. Nowak is also a human rights lawyer and U.N. independent expert. He served as the U.N. Special Rapporteur on Torture from 2004 to 2010.

      • A Few Things From the WTO Shutdown I Carry Into the Future
      • Illinois Will Allow Prone, Supine Restraints on Children While Schools Learn to Phase Them Out

        Amending emergency rules put in place two weeks ago, the Illinois State Board of Education says it will again allow schoolchildren to be physically restrained in positions it had banned, though only in crisis situations.

        The change comes after several schools said they could no longer serve some students with behavior issues because of the new restrictions, put in place after publication of a Chicago Tribune/ProPublica Illinois investigation that found overuse and misuse of “isolated timeouts” in public schools across the state.

      • The Russian Orthodox Church now formally opposes new legislation against domestic violence

        The Russian Orthodox Church now formally opposes new draft legislation in Russia that would increase penalties on domestic violence. In an announcement by the Patriarchal Commission on Family Issues and the Protection of Motherhood and Childhood, the Church argues that the bill recently published by the Federation Council “contains a number of legal defects that make its adoption unacceptable.”

      • Local policeman in Arkhangelsk gets suspended sentence for ignoring domestic violence complaints from woman who was murdered

        A former police officer in the Russian city of Arkhangelsk has received a three-year suspended sentence after he ignored complaints from a local woman who said the man she was living with was beating and threatening her.

      • 50 Years Ago Today, Police Murdered Fred Hampton. His Activism Lives On.

        Today marks the 50th anniversary of the Chicago Police Department’s (CPD) assassination of Fred Hampton, the 21-year-old chairman of the Illinois Chapter of the Black Panther Party (BPP).

      • Fred Hampton Lives On, 50 Years After His Assassination

        Fifty years ago today, Chicago police burst into the home of Fred Hampton, chairman of the Illinois chapter of the Black Panthers. They gunned down Mark Clark, who was guarding the door, sprayed the apartment with bullets, and ran into Hampton’s room.

      • Fred Hampton on Racism and Capitalism
      • RIP Fred Hampton: a Black Visionary Assassinated by the FBI

        Fifty years ago this week, a squad of Chicago police officers killed Black Panther leaders Fred Hampton and Mark Clark in a pre-dawn raid on the apartment where they were sleeping. In the decades since, a revealing body of evidence has emerged showing that Hampton was the victim of a political assassination, sanctioned at the highest levels of the U.S. government.

      • ‘Disgraceful Sham’: George Zimmerman Sues Parents of Trayvon Martin, Others for $100 Million

        “Imagine killing an unarmed child and then suing his parents.”

      • George Zimmerman Sues Trayvon Martin’s Parents, Others for $100 Million

        George Zimmerman, the former Florida neighborhood watch volunteer who shot and killed unarmed teenager Trayvon Martin in 2012, is suing the victim’s family, prosecutors, and the media for $100 million in damages.

      • LAPD officer on leave after allegedly seen on camera fondling woman’s corpse, sources say

        Sources say the officer turned off the recording on his body camera and then lifted the sheet off the woman’s body and allegedly began feeling her nipples and fondling her breasts.

        He later turned the body camera recording back on. But the cameras used by the department have a video buffering that saves footage going back for two minutes prior to the recording function being activated.

      • Mass Shootings Are Connected to America’s Legacy of Anti-Indigenous Violence

        But while school administrators, psychologists, and politicians have their own theories for what’s behind the violence, there’s also one crucial detail that’s regularly left out of the conversation: The fact that the United States has a long, bloody history of mass shootings. The truth of the matter is this country was founded on colonial violence — built on the backs of black slaves and the bodies of millions of slain Native peoples.

        David Hogg, a survivor of the February 2018 Parkland mass shooting and one of the cofounders of March for Our Lives, acknowledged this reality during a recent interview with MSNBC host Chris Hayes. “If we want to talk about mass shootings, we have to recognize the massive number of Indigenous mass shootings that were committed by the United States government,” he said.

      • Senegal chaining: Head teacher receives suspended sentence

        Sending children to Koranic schools is common in Senegal, but Human Rights Watch has highlighted “alarming rates” of abuse including rape, forced begging and imprisonment in some institutions.

      • He’s a Liar, a Con Artist and a Snitch. His Testimony Could Soon Send a Man to His Death.

        When Detective John Halliday paid a visit to the Pinellas County Jail on Dec. 4, 1986, his highest-profile murder case was in trouble. Halliday, who was 35 and investigated homicides for the local sheriff’s office, had spent more than a decade policing Pinellas County, a peninsula edged by white-sugar-sand beaches on Florida’s Gulf Coast, west of Tampa. It is a place that outpaces virtually all other counties in the nation in the number of defendants it has sentenced to death. Prosecutors who pursued the biggest cases there in the 1980s relied on Halliday, who embodied the county’s law-and-order ethos. Powerfully built and 6-foot-4, with a mane of dirty blond hair and a tan mustache, he was skilled at marshaling the facts that prosecutors needed to win convictions.

        He had worked the case for the past year and a half, ever since the body of a 14-year-old girl named Shelly Boggio was found, nude, floating in an inland waterway near the town of Indian Rocks Beach. Her murder was singular in its violence. Her body bore 31 stab wounds, many of them to her hands, as if she had tried to shield herself from the ferocity of the attack. She was most likely still alive, the medical examiner determined, when she was dragged into the water and left to drown. Her older sister identified her by the silver ring, eagle-shaped and inset with turquoise, that she wore on her left hand.

    • Internet Policy/Net Neutrality

      • T-Mobile’s ‘Nationwide’ 5G Isn’t Nationwide, Only Slightly Faster Than 4G

        We’ve noted for a while now how mobile carriers don’t seem particularly aware that they’re associating 5G in the minds of American consumers with hype and bullshit. AT&T’s efforts to use bogus phone icons to pretend 4G is 5G; Verizon’s tendency to dramatically overstate availability; scant handset support and annoying surcharges; overly ambitious marketing means that consumers’ first contact with 5G is generally one of disappointment.

      • The FCC Is Opening up Some Very Important Spectrum for Broadband

        Decisions about who gets to use the public airwaves and how they use it impact our lives every day. From the creation of WiFi routers to the public auctions that gave us more than two options for our cell phone providers, the Federal Communications Commission (FCC)’s decisions reshape our technological world. And they’re about to make another one.

        In managing the public spectrum, aka “the airwaves,” the FCC has a responsibility to ensure that commercial uses benefit the American public. Traditionally, the FCC either assigns spectrum to certain entities with specific use conditions (for example, television, radio, and broadband are “licensed uses”) or simply designating a portion of spectrum as an open field with no specific use in mind called “unlicensed spectrum,” which is what WiFi routers use.

    • Digital Restrictions (DRM)

      • The Curse of Outdated DRM Claims Another Victim, ‘Tron: Evolution’

        As of this week, players who owned a legitimate copy of Tron: Evolution they paid for but never played it, no longer can. Tron: Evolution, a tie-in game for the 2010 Tron: Legacy film , used SecurRom, a form of digital rights management (DRM), and publisher Disney hasn’t paid its bill. This means Disney can no longer authenticate purchases and “unlock” copies of the game that people bought but haven’t used yet.

        Players first noticed they couldn’t play the game after purchasing it in October, but a thread on Reddit today brought more attention to the issue.

        “I often buy games on sales, but don’t play them immediately,” user Renusek said on Reddit. “Yesterday I decided to play Tron: Evolution, maybe even practice speedrunning it, so I install the game, try to activate it (game still uses SecuROM DRM) and… the serial key has expired (?!).”

    • Monopolies

      • Microsoft’s JEDI contract move: Those are not the cloud providers you’re looking for [iophk: glorifying illegal, anticompetive behavior]

        It’s not clear whether the president had an active hand in choosing Microsoft over Amazon. What is clear is that Microsoft made itself a viable choice, in part, by tearing a page from its old playbook: Use the power of Windows as a way to force its way into other markets.

        In decades past, Microsoft did that with great success, mowing down competitors in the markets for word processing, spreadsheets, presentation software and others. The ploy hasn’t worked in recent times, though, and Windows is no longer the core of Microsoft. The cloud is. But in this instance, it appears that Windows helped Microsoft land JEDI, which is helping the company in its efforts to catch up to Amazon in cloud market share.

      • Amazon Faces Widening U.S. Antitrust Scrutiny in Cloud Business

        AWS accounted for 60% of Amazon’s operating income in the most recently reported 12 months. The unit’s profitability in recent years has helped keep investors happy even as the company continues to spend heavily to expand both its retail and cloud-computing businesses.

      • Trademarks

        • Author Tries To Trademark The Word ‘Dark’ For All Of Literary Fiction

          For whatever reason, while we see a ton of instances of someone trying to trademark a word or phrase that is absolutely generic and not a source identifier, often it seems some of the most ridiculous instances come from the literary world. Why authors have such a hard time with this is perhaps not entirely mysterious. Steeped in an industry with a tradition of strong views on copyright protections, I suppose it’s a short leap that those in that industry would assume trademark works the same way. After all, journalists make this mistake all the time, so why not authors?

      • Copyrights

        • GEMA Acquires a Majority Stake In Digital Distributor Zebralution

          In an unusual move, the German rights collection agency GEMA has acquired a majority interest in Zebralution, which is a digital distribution company.

        • EU Study Shows Online Piracy is Complex and Not Easy to Grasp

          The European Union Intellectual Property Office (EUIPO) has released a new study which suggests that piracy is dropping in Europe. While the research is limited to site-based piracy, it has some interesting findings. Countries with a lower average income per person visit pirate sites more often, for example. In addition, the study shows that awareness of legal options doesn’t always decrease piracy.

        • Greece Jails First Pirate Site Operator For Five Years

          A man who faced four criminal prosecutions for copyright infringement has become the first person jailed in Greece for running a pirate site. After switching domains and evading enforcement efforts for a decade, the man has now been handed a five-year prison term by an Athens court.

        • Judge Orders Universal Music To Hand Over Critical 2008 Fire Evidence

          A federal judge in California has ordered Universal Music Group (UMG) to provide discovery evidence requested by litigating artists. The order is the latest development in a class action lawsuit filed by artists in response to the fire at the Universal Studios backlot in 2008.

        • Canadian ISP Teksavvy Fights Back Against Overbroad Copyright ‘Blocking Order’ For GoldTV

          A few weeks back, a Canadian court issued a shockingly broad blocking order against GoldTV, an IPTV service that copyright holders allege are engaging in piracy by offering streaming access to unauthorized TV streams. The case itself is interesting in that Bell Media and Rogers Media sued GoldTV’s owners (listed as John Does) as defendants, but then also had all Canadian broadband ISPs listed as “respondents,” including Bell Canada and Rogers Communications — which almost makes this a case where Bell and Rogers are effectively suing themselves. Wacky.

Microsoft Staff Repeatedly Refuses to Tell How Many People Use WSL, Defends Patent Extortion and Blackmail of Linux Instead

Posted in Deception, Free/Libre Software, GNU/Linux, Microsoft at 8:33 am by Dr. Roy Schestowitz

“If you can’t make it good, at least make it look good.”

Bill Gates, Microsoft

Summary: The people who develop WSL (mostly Microsoft employees) get easily irritated when asked how many people actually use this thing; but more interestingly, however, they reveal their disdain for GNU/Linux and support for Microsoft blackmail (for ‘Linux patent tax’)

THE introduction of “Windows Slaughtering Linux” (WSL or WeaSeL for short) happened at an inconvenient time (for us at least) because we were super-busy covering EPO corruption and weren’t able to pay much attention — except in Daily Links — to Microsoft’s ongoing attacks on GNU/Linux. EPO coverage was highly essential at that point.

WSL was a (non) ‘solution’ in search of a problem, except Microsoft’s problem, which is GNU/Linux dominating everything (even laptops now that Chromebooks dominate schools). It happened not far apart from the bribery of the Linux Foundation, which was then happy to promote various WeaSeLs (WSL ‘flavours’).

“Microsoft isn’t the sort of company that keeps quiet when it has something to brag about. Heck, it even distorts and sometimes makes up numbers.”Has anyone noticed how we never hear anything about WSL usage figures (even any blog posts about such usage are rather rare)?

Microsoft isn’t the sort of company that keeps quiet when it has something to brag about. Heck, it even distorts and sometimes makes up numbers. We saw and covered many examples over the years.

Over the past few days I mentioned WeaSeL a few times. The main thread (most interactions) can be found here, but there are a couple dozen or so in total, as they’re sort of fragmented. Yes, that’s how Twitter works (or doesn’t work). Just pasting loads of "tweets" would not make it "journalism", so we’ve prepared a summary/outline, which can be defended by the tweets we’ve seen and collected (copies posted in IRC as well for longterm preservation).

“I never saw or met (or even heard of) anyone who uses WSL. That’s a fact.”My ‘rudest’ tweet wasn’t even particularly rude; it didn’t name anyone and was objective (based on my personal experience and observation). “From what I can gather,” I said, “Microsoft WSL has been an utter failure as hardly anyone uses it, we hardly hear about it anymore. But if the goal was to Googlebomb “Linux” with Vista 10 spam, then it was a success.”

That’s it.

It struck a nerve; I never saw or met (or even heard of) anyone who uses WSL. That’s a fact. And I work in the domain every day, so one might/could think that I at least saw it ‘in the wild’ at some point (or heard about someone who uses it). WSL has been around for years. It’s nothing unprecedented (VMs are better). It’s not something new awaiting adoption. If the WSL team wants to prevent further defections from Vista 10, there’s no evidence that they succeeded. The few people who touched it are likely already attached to Windows. They’re ‘hardcore’ Windows users.

“Current Microsoft employees are attacking former ones for daring to question the alleged ‘success’ of WSL!”People with spare time can read this long thread in Twitter (with context and everything); the gist of it is, Microsoft is failing to provide proof of WSL adoption. Then, it starts calling former Microsoft staff who inquires about these numbers “rude”. Current Microsoft employees are attacking former ones for daring to question the alleged ‘success’ of WSL!

After much insistent querying they ended up asking for more than a month to come up with a way to create spin (they already know the numbers!) and in the process they reveal something even darker. I’ve mentioned patents Microsoft uses for blackmail against GNU/Linux OEMs (companies that distribute Linux devices) — patents which are not publicly listed/disclosed. I cited an example as recent as months ago (a lawsuit by Microsoft — an instance from this year).

“If someone violates a patent,” a Microsoft manager responded, “the patent owner has recourse. If you have issues with patents, then take it up with the PTO and Congress.”

“They’re this hostile towards GNU/Linux and insist it’s OK for Microsoft to blackmail it using patents!”Microsoft lobbies both the PTO and Congress for this blackmail to carry on. Way to shoot oneself in the foot with that reply!

This is nothing amusing! This is like the program manager in charge of EEE against Linux, the WSL team. They’re this hostile towards GNU/Linux and insist it’s OK for Microsoft to blackmail it using patents! And they then pretend to be the victims.

Remember that, at least to them, GNU/Linux is just a nuisance for Microsoft to attempt to ‘tame’ (if not undermine, which is hard, then at least control). Everything these guys said has merely confirmed what we knew all along about WSL’s intentions (and its team’s attitude towards GNU/Linux).

We made copies of over 50 tweets about this. There’s no way to delete such tweets (we would notice and have made local copies in IRC channels).

Notice how almost all of the people in the thread/s are Microsoft employees, both past and present, and one (Hayden Barnes) is employed by Canonical to help Microsoft put Ubuntu in the belly of Vista 10 and send out press releases to promote this spyware.

“It’s worth noting that several former Microsoft employees took my side, insisting it’s actually an attack on GNU/Linux and Microsoft likely lies about it, won’t share numbers (always a bad sign) and so on.”Mitchel Lewis, who does guest posts here (gladly allowing us to syndicate his articles), asked : “Since when is it unprofessional to be shrewd and ask for supporting facts?”

“They are using psychological tricks to paint themselves, who attack GNU/Linux, as the victims,” I responded to him. “I covered dozens examples of these tricks over the years.” Many dozens.

It’s worth noting that several former Microsoft employees took my side, insisting it’s actually an attack on GNU/Linux and Microsoft likely lies about it, won’t share numbers (always a bad sign) and so on.

The only ones trying to battle my claim are full-time WSL folks, i.e. Microsoft people.

“IMO,” Mr. Lewis continued, “this seems more of a situation where people without formal training in logic, rhetoric, and debate resort to deflection, projection, ad hominem and other basic logical fallacies in error when they can’t advance their argument. It’s a central theme of the Platonic dialogues…”

Basically, it’s like a politician saying, “I built a road!”

But none was built.

“Microsoft has long used that “polite criminal” narrative; sure, we committed a crime, but at least we’re polite about it, whereas the law enforcers are “aggressive” and “rude”.”So the politician starts panicking when asked about it repeatedly, only failing to deliver an answer and then attacking the journalists who keep asking about it.

“Stop bullying me!”

People are familiar with brutal cops saying (or shouting) “stop resisting” when they assault people who pose no actual threat.

“Microsoft alumni here,” he added later, “built Exchange Online with a few friends and later dabbled in predictive analytics/defect density to better anticipate failures within Exchange Online. Plz tell me moar aboot statistics.”

“Reversal of narratives is an art form. Bad people have long attempted to portray good people (activists, whistleblowing champions, public interest groups) as malicious, self-serving, arrogant and so on.”Microsoft has long used that “polite criminal” narrative; sure, we committed a crime, but at least we’re polite about it, whereas the law enforcers are “aggressive” and “rude”. “They’re out to get us!”

“Poor Trump…”

The subject of a “witch-hunt”…

His wife claims to be the most bullied person, for… well, supporting the biggest bully in the world.

“…”Mopping Up” GNU/Linux won’t be easy, but if WSL fails, then they will try WSL2, then WSL3… or maybe then leap to WSL10 just for hype’s sake. 10 is a special decimal number.”Reversal of narratives is an art form. Bad people have long attempted to portray good people (activists, whistleblowing champions, public interest groups) as malicious, self-serving, arrogant and so on.

When you choose to work for Microsoft you choose to basically work on attacking companies Microsoft considers to be rivals. Because this has historically been the company’s modus operandi. It’s shameless about it, show internal documents. As James Plamondon, Microsoft’s chief evangelist, once put it (in a written presentation): “Mopping Up can be a lot of fun. In the Mopping Up phase, Evangelism’s goal is to put the final nail into the competing technology’s coffin, and bury it in the burning depths of the earth.”

With GNU/Linux it’s tricker because it’s not a company; bribing groups associated with it takes time and longterm deception (like “Microsoft loves Linux”). It cannot be defeated by takeovers, or even investor ‘activists’ (corporate raiders).

“Mopping Up” GNU/Linux won’t be easy, but if WSL fails, then they will try WSL2, then WSL3… or maybe then leap to WSL10 just for hype’s sake. 10 is a special decimal number. What ever happened to Vista 9?

Harder than fighting an actual company -- Windows Slaughtering Linux (WSL)


Links 4/12/2019: Tails 4.1, UCS 4.4-3 and Proxmox VE 6.1

Posted in News Roundup at 4:20 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Spice up your Linux desktop with Cinnamon

        When GNOME 3 was released, some GNOME users were not ready to give up GNOME 2. The Linux Mint project was so dissatisfied with GNOME 3 that it started its own desktop as an alternative, and thus the Cinnamon desktop was born.

        Cinnamon originally sought to “remix” GNOME 3 so that it looked and acted like the GNOME 2 so many users knew and loved, but eventually, it diverged enough to be a true fork. Today, Cinnamon uses GTK3 libraries and forked versions of key GNOME 3 applications to create a classic GNOME experience.

      • 10 Best Linux Icon Themes You Should Try

        Are you bored with the icon theme set currently installed on your Linux machine? Maybe you think that there aren’t that many nice icons you can try out and that’s why I’m here to change your view on that.

        Here are the top 10 icon themes you should try.

    • Server

      • Amazon Talks Up Big Performance Gains For Their 7nm Graviton2 CPUs

        If Amazon’s numbers are accurate, Graviton2 should deliver a big performance boost for Amazon’s ARM Linux cloud potential. Graviton2 processors are 7nm designs making use of Arm Neoverse cores. Amazon says they can deliver up to seven times the performance of current A1 instances, twice the FP performance, and support more memory channels as well as doubling the per-core cache.

      • AWS announces new ARM-based instances with Graviton2 processors

        AWS has been working with operating system vendors and independent software vendors to help them release software that runs on ARM. ARM-based EC2 instances support Amazon Linux 2, Ubuntu, Red Hat, SUSE, Fedora, Debian and FreeBSD. It also works with multiple container services (Docker, Amazon ECS, and Amazon Elastic Kubernetes Service).

      • Coming Soon – Graviton2-Powered General Purpose, Compute-Optimized, & Memory-Optimized EC2 Instances

        We launched the first generation (A1) of Arm-based, Graviton-powered EC2 instances at re:Invent 2018. Since that launch, thousands of our customers have used them to run many different types of scale-out workloads including containerized microservices, web servers, and data/log processing.

      • AWS EC2 6th Gen Arm Instances are 7x Faster thanks to Graviton 2 Arm Neoverse N1 Custom Processor

        Last year Amazon introduced their first 64-bit Arm-based ECS2 “A1” instances which were found to deliver up to 45% cost savings over x86 Instances for the right workloads.

      • AWS launches Braket, its quantum computing service

        With Braket, developers can get started on building quantum algorithms and basic applications and then test them in simulations on AWS, as well as the quantum hardware from its partners. That’s a smart move on AWS’s part, as it’s hedging its bets without incurring the cost of trying to build a quantum computer itself. And for its partners, AWS provides them with the kind of reach that would be hard to achieve otherwise. Developers and researchers, on the other hand, get access to all of these tools through a single interface, making it easier for them to figure out what works best for them.

      • IBM

        • Red Hat Enterprise Linux 7 and CentOS 7 Receive Important Kernel Security Update

          Marked by Red Hat Product Security as having a security impact of “Important,” the new Linux kernel security update is here to patch two vulnerabilities, namely CVE-2019-14821, an out-of-bounds memory access issue via MMIO ring buffer discovered in Linux kernel’s KVM hypervisor, and CVE-2019-15239, a flaw that could allow a local attacker to trigger multiple use-after-free conditions, which may lead to a kernel crash or potentially in privilege escalation.

          Additionally, the kernel update also addresses several bugs, including missing SCSI VPD information for NVMe drives that breaks InfoScale, NULL pointer dereference at check_preempt_wakeup+0×109, panic in pick_next_task_rt, “Detected Tx Unit Hang” error with adapter reset, broken load balancing over VF LAG configuration, security issues on crypto vmx driver, XFS hangs on acquiring xfs_buf semaphore, single CPU VM hangs during open_posix_testsuite, and many others.

        • Peter Czanik: State of syslog-ng on RHEL 8 / CentOS 8

          Version 3.23.1 of syslog-ng is now available in EPEL 8. EPEL stands for Extra Packages for Enterprise Linux, a repository for RHEL (and CentOS) containing packages not available in RHEL. The packages in the repository are maintained by Fedora package maintainers, not Red Hat, but thanks to their high-quality standards, packages from this repository are often used even by companies, which otherwise do not allow 3rd party repositories.

          As you can see, EPEL 8 does not use the latest available syslog-ng version, but the one available at the time EPEL 8 was created. This means that EPEL 8 will likely contain syslog-ng 3.23.1 forever, that is, until EPEL 8 is EoL. There are rumors, however, that once a new RHEL minor version is available, you will be able to upgrade the syslog-ng package in EPEL.

          The syslog-ng package in EPEL 8 is missing a few features due to missing dependencies. These include all the Java-based destination drivers (HDFS, Elasticsearch, Kafka). Elasticsearch is now also supported by the HTTP destination of syslog-ng. There is a C-based Kafka destination driver in syslog-ng, but as librdkafka is too old in RHEL, it is also unavailable in EPEL.

        • Understanding Red Hat AMQ Streams components for OpenShift and Kubernetes: Part 1

          Red Hat AMQ Streams is an enterprise-grade Apache Kafka (event streaming) solution, which enables systems to exchange data at high throughput and low latency. AMQ Streams is available as part of the Red Hat AMQ offering in two different flavors: one on the Red Hat Enterprise Linux platform and another on the OpenShift Container Platform. In this three-part article series, we will cover AMQ Streams on the OpenShift Container Platform.

          To get the most out of these articles, it will help to be familiar with messaging concepts, Red Hat OpenShift, and Kubernetes.

        • Taking The PCI Express To Malleable Systems

          It took decades for server virtualization to go mainstream, making their way from hardware and software partitions on mainframes three decades ago down to proprietary and Unix systems two decades ago to X86 servers with VMware, XenServer, Microsoft, and Red Hat all doing their part. We are at the very front end of a different kind of server virtualization now, comprised of disaggregation and composability, and hopefully this time around it will not take three decades to mainstream it.

    • Audiocasts/Shows

      • 2019-12-03 | Linux Headlines

        Mozilla launches Firefox 71, the privacy-focused distribution Tails is looking to the future, and elementary OS 5.1 is out.

      • LHS Episode #314: Epic Pie

        Welcome to the 314th installment of Linux in the Ham Shack. In this short-topics episode, the hosts discuss Open Source and the government, YOTA in IARU Region 2, microwave transverters, Docker, the Linux 5.5 kernel, Y2038, JS8Call and much more. Thank you for listening and have an excellent week.

      • Full Circle Weekly News #156
      • ‘Tis the SSHession | LINUX Unplugged 330

        Give the gift of remote support with our neat SSH trick. Also, Cassidy from elementary OS joins us to discuss what’s great about their new release.

        Plus we’ll share some gadget gift ideas, and what we’re building for the holidays.

      • mintCast 323 – Ok, Beta

        In our Innards section, we talk more about Linux Mint and Clem’s comments.

      • Editing A Podcast With Audacity on Linux

        Besides making YouTube videos, I also do a podcast series called “TIC TEK TOE” which I edit myself on a Linux desktop.

    • Kernel Space

      • Linux 5.5 Provides Knob To Toggle ASPM Link States Individually – Better Power-Savings

        ASPM can be a big boost to help power-savings on Linux laptops and desktops as shown by a prominent kernel regression a number of years ago. However, a number of Linux drivers are forced to disable Active State Power Management (ASPM) due to quirky/buggy hardware where it ends up not being sane to enable that power-saving feature by default. But with the Linux 5.5 kernel is support for toggling ASPM link states via sysfs as an easy-to-perform manner for achieving better power-savings with friendly devices.

      • AMDGPU Fixes For Linux 5.5 Include AMDKFD For PowerPC, Fix For Old ATI R100/R200 GPUs

        Following last week’s big batch of DRM graphics driver updates for the Linux 5.5 merge window, AMD and the community engaging in Linux 5.5 testing have now sent in their first round of fixes for this next version of the Linux kernel.

      • Linux 5.5 Begins Plumbing Secure Boot Infrastructure For POWER9

        With the PowerPC changes for the Linux 5.5 kernel comes the initial infrastructure work on preparing to be able to handle a Secure Boot implementation for POWER9 hardware.

        With Linux 5.5 the initial groundwork is laid for supporting POWER9 Secure Boot but the actual IBM POWER9 firmware support for offering this functionality isn’t yet released. As such, moving to Linux 5.5 alone won’t impose any potential Secure Boot restrictions on existing users.

    • Applications

      • REAPER Digital Audio Workstation 6.0 Adds FX Plug-in Embedding, Improved HiDPI Support

        REAPER, a digital audio workstation and MIDI sequencer software for Windows, macOS and Linux, was updated to version 6.0 recently, getting support for embedding small versions of some plugins into the tracks and mixer panels, new auto-stretch timebase, improved support for Retina / HiDPI displays, and more.

        Initially released back in 2005, REAPER (Rapid Environment for Audio Production, Engineering, and Recording) is developed by Cockos, an American digital audio technology company founded by Justin Frankel of Winamp and Gnutella peer-to-peer network fame.

        The music production application had its first native experimental Linux release back in July 2018, and since then it has continued to improve, though it’s still considered experimental on Linux.

      • The 15 Best Document Management Systems for Linux System

        If you have just launched a startup or already own a company, then obviously you need to manage a huge workforce as well as a large collection of documents. The documents or files of a company where different people work collaboratively need to manage uniquely so that anyone can work on them, and users can have better version control. That is when a document management system comes in handy. If the software infrastructure of your organization is based on Linux, then you will need to look for a document management system for your Linux system.

      • Thunderbird Tray Icon Email Notifier Birdtray 1.7.0 Released

        Birdtray, a Thunderbird tray icon for Linux (Xorg) and Windows that shows the number of unread emails, has seen a new major release. For the Birdtray 1.7.0 release, the developers have added translation support, the ability to draw a border around the number of unread emails in the tray, a new Birdtray icon, and more.

        Birdtray is a Firetray (which has been discontinued) alternative that shows Thunderbird in the tray, with an unread email counter on top of the icon; the tray icon can be set to flash when new email are received. However, unlike Firetray, Birdtray is a standalone application, and not a Thunderbird extension. Other Birdtray features include support for multiple email accounts, it can hide and restore the Thunderbird window (so it closes to the tray), and is highly configurable.

      • Daniel Stenberg: Daily web traffic

        By late 2019, there’s an estimated amount of ten billion curl installations in the world. Of course this is a rough estimate and depends on how you count etc.

        There are several billion mobile phones and tablets and a large share of those have multiple installations of curl. Then there all the Windows 10 machines, web sites, all macs, hundreds of millions of cars, possibly a billion or so games, maybe half a billion TVs, games consoles and more.

      • GStreamer 1.16.2 stable bug fix release

        The GStreamer team is pleased to announce the second bug fix release in the stable 1.16 release series of your favourite cross-platform multimedia framework!

        This release only contains bugfixes and it should be safe to update from 1.16.x.

    • Instructionals/Technical

    • Games

      • Feral Interactive are teasing movement on Life is Strange 2 for Linux

        After confirming Life is Strange 2 would get a Linux port back in October of 2018, Feral Interactive haven’t said too much about it until today.

      • A Tofu Tail might have the strangest protagonist I’ve seen in a puzzle game

        A person turned into a block a tofu? What ever will game developers think of next, bonus points for serious oddness here. A Tofu Tail is coming with Linux support next week.

      • In The Valley of Gods from the Firewatch devs ‘on hold’, working at Valve on other projects

        We’re in for a long wait to play In The Valley of Gods, as it seems ValveTime has caught up with the Campo Santo (Firewatch) team that joined Valve back in 2018.

        Around the time Half-Life: Alyx was being rumoured and then announced, it was noticed that the people who were working on In The Valley of Gods had their Twitter bios changed to remove any mention of it. We know why now though, as Polygon got a statement from Campo Santo co-founder Jake Rodkin where they note it’s now “on hold”.

      • Card-battling mechanics with roguelike exploration, Space Grunts 2 is nearing a full release

        As Orangepixel celebrate 15 years of developing games, their latest with Space Grunts 2 is getting ready to leave Early Access.

        They said that Space Grunts 2 is now pretty much feature complete, in regards to the content they had originally planned for it. However, they’re not finished. Orangepixel are still planning to add in some alternate areas and possibly some more cards with a full release expected in early January next year.

      • The open source Nintendo Switch Emulator ‘yuzu’ now has a Vulkan renderer

        The emulation scene never ceases to amaze me. The Nintendo Switch Emulator, yuzu, now had a Vulkan renderer to hopefully boost performance.

        Quite early-on for this emulator, with game compatibility not having progressed far yet but yuzu is a very active project being worked on to improve it all the time.

      • It’s already possible to play Halo: The Master Chief Collection on Linux with Steam Play

        I will admit I am truly surprised at how quickly people managed to find a way to run Halo: The Master Chief Collection on Linux with Steam Play.

        343 Industries included an option to turn off Easy Anti-Cheat, to allow people to play single-player and mess around with modding which was the first thing needed to get it working on Linux. While Easy Anti-Cheat supports Linux, it does not work with Proton/Wine.

      • Horizon Chase Turbo gets a free Rookie Series DLC for the younger or newer racer

        Horizon Chase Turbo, one of the absolute best retro-throwback racers to have have released in a long time just got a bit more accessible to play.

        Aquiris Game Studio have released a free Rookie Series DLC that’s perfect for younger players or anyone really struggling to get to grips with the racer. Really nice to see developers think about making their games more accessible like this. It even comes with a brand new Rookie vehicle, that’s a lot easier to handle.

      • D3D10/11 to Vulkan translation layer DXVK 1.4.6 released

        Want to test it? If you’re using Steam Play Proton, you can download the release bundle from GitHub and simply replace the existing .dll files found in somewhere like:

        path-to-your/SteamLibrary/steamapps/common/Proton 4.11/dist

        Inside there you will see “lib” and “lib64″, for 32bit and 64bit and both have a wine/dxvk folder inside where you can replace the files with new versions. Do so at your own risk but it’s usually harmless. If you mess anything up, to refresh it you can just re-install Proton from the Tools menu in Steam.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • How a Patent on Sorting Photos Got Used to Sue a Free Software Group

          Taking and sharing pictures with wireless devices has become a common practice. It’s hardly a recent development: the distinction between computers and cameras has shrunk, especially since 2007 when smartphone cameras became standard. Even though devices that can take and share photos wirelessly have become ubiquitous over a period spanning more than a decade, the Patent Office granted a patent on an “image-capturing device” in 2018.

          A patent on something so commonplace might be comical, but unfortunately, U.S. Patent No. 9,936,086 is already doing damage to software innovation. It’s creating litigation costs for real developers. The creator of this patent is Rothschild Patent Imaging LLC, or RPI, a company linked to a network of notorious patent trolls connected to inventor Leigh Rothschild. We’ve written about two of them before: Rothschild Connected Devices Innovations, and Rothschild Broadcast Distribution Systems. Now, RPI has used the ’086 patent to sue the Gnome Foundation, a non-profit that makes free software.

        • This Month in Mutter & GNOME Shell | November 2019

          GNOME Shell saw many improvements during November. The commit log was dominated by cleanups, but a few improvements and polishments also found their way into the code.

          The authentication dialog received a batch of bugfixes, many cleanups of deprecated objects and functions landed. The top panel’s application name is now correctly sized by hiding the spinner near it.

          GNOME Shell’s cache of icons and textures received a fix to invalidate properly when dealing with scaling changes. All-day events are properly displayed in the messaging menu now.

          Finally, the Alt-Tab switcher now doesn’t mistakenly show an overflow indicator when the list of windows fits the screen size.

        • GNOME Shell + Mutter Had A Busy November With Some Big Performance Optimizations

          The GNOME developers were particularly busy last month with various improvements to GNOME Shell and Mutter for increasing the usability of the desktop and optimizing its performance / power-savings.

        • GNOME programs go global

          GUADEC not only offers a place for people to enjoy different sessions and workshops, but it’s also a unique opportunity to bring together the GNOME Foundation staff, board members, and Advisory Board for making strategic decisions.

          While GUADEC has historically been in Europe, we are very excited that GUADEC 2020 will take place in Zacatecas, Mexico. This will provide an opportunity for people who have trouble traveling to Europe. By hosting the event on the North American continent, a whole new group of people will be able to join us to celebrate GNOME.

          Another interesting event we have is GNOME.Asia. GNOME.Asia 2019 took place in Gresik, Indonesia between 11 – 13 of October at the Universitas Muhammadiyah Gresik (UMG). This too was a rousing success. It was the biggest event organized by the GNOME community in Asia, with the first day dedicated to workshops and the second and third days for presentations.

          In 2019 we also worked with the KDE community on organizing LAS in Barcelona, Spain. LAS is designed to accelerate the growth of the Linux application ecosystem by bringing together everyone involved in creating a great Linux application user experience. Thanks to the generosity of sponsors and the hard work of the organizing team, attendance was free for everyone.

    • Distributions

      • Reviews

        • MX Linux MX-19 petito feo – The longest mile

          Well, well, well. MX linux MX-19 petito feo is a nice distro. It has a lot of great elements. But … it also has a lot of annoyances as well as problems that weren’t there in the previous edition. Overall, you get very decent connectivity and media out of the box, and the live session data save is a big plus. That said, Samba sharing ease is not there anymore, and the Firefox profile wasn’t ported. Customization was quite annoying, and there were actual application errors.

          I do like MX Linux, and it is improving in many aspects. It feels cleaner, more consistent, the MX Tools package is becoming more useful and powerful, and the application selection is respectable. But these are offset with problems that didn’t exist in the past, and they make me feel that the development team might have found themselves trapped, plateauing. I hope this is a one-time glitch. All in all, 7.75-8/10, definitely worth testing, but for now, I believe Continuum was better put together, by ever so slight margin. Let’s hope this ain’t the end of a long, beautiful run. To be continued.

      • New Releases

        • A Linux distro can now go ‘undercover’ and pretend to be Windows 10

          Kali is a popular security-focused Linux distro, and with its latest version, the OS has gained a surprising new feature – the ability to look like Windows 10.

          This comes courtesy of an ‘undercover’ mode, essentially a theme which turns the desktop into a mock version of Windows 10, complete with a taskbar, windows with a ‘file manager’, and so forth.

        • Latest Kali Linux features an Undercover Windows 10 theme

          The latest version of the Linux distribution Kali Linux features a new “Undercover” theme that turns the interface into one that resembles Microsoft’s Windows 10 operating system.

          Kali Linux is a security-focused Linux distribution based on Debian that is used by security researchers and hackers alike. It features advanced penetration testing and security auditing tools and is maintained by Offensive Security, a security training company.

          The new Undercover theme that the developers integrated into Kali Linux makes the interface look like Windows 10. While it does not match Microsoft’s Windows 10 theme 100%, it may trick anyone who catches a glimpse of the desktop in thinking that Windows 10 is used on the device.

        • Meet “Hera” elementary OS 5.1, here are the new features

          Today, the elementary Team officially announced the release and availability of elementary OS 5.1, codenamed “Hera.” The much-anticipated release comes after over a year of development efforts by the team.

          It includes a host of new features and improvements along with brand new artwork and updated components. Let’s delve into the nuts and bolts of the elementary team’s latest offering.

        • Introducing elementary OS 5.1 Hera

          Last October, we announced elementary OS 5 Juno with wide-ranging updates to provide a more refined user experience, improve productivity for new and seasoned users alike, and take our developer platform to the next level. Today we’re pleased to announce elementary OS 5.1 Hera, the latest major update.

        • elementary OS 5.1 Hera Released. Here’s What’s New

          elementary announced the release of latest OS 5.1 – codenamed “Hera”. Read on to find out what’s in store.

          elementary OS is a “fast, open and privacy-respecting” Linux operating system developed by elementary, inc for non-technical and migrated users from MacOS/Windows. Based on Ubuntu and long term support releases, elementary is often cited as a nice looking operating system with handful set of curated apps developed specifically for you.

          Elementary – in a snapshot – comes with Pantheon desktop environment which is built upon GNOME, applications developed for different user purposes and easy to adopt for any users – be it new/migrated or advanced users.

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Tumbleweed Snapshots Rate Top-Notch, Get Krita, QEMU, Mesa Updates

          Closing out the month, there were two snapshots with version upgrades and one snapshot (20191127) that produced some minor changes to a couple Advanced Linux Sound Architecture (ALSA) packages.

          The first Tumbleweed snapshot for December arrived with the 20191202 snapshot. Updated were also made to ALSA with the update of the versions of alsa-plugins, alsa-utils and asla, which dropped 25 patches and fixed regressions for the UCM parser. GNOME had several package updates for gedit, evolution and more. The 3.34.2 version of gnome-software fixed a potential threading crash when using flatpak and had an upstream fix for fwupd. An updated version of ModemManager 1.12.0, which is a DBus-activated daemon that controls mobile broadband devices and connections, had a large amount of improvements and changes to include adding support for Mobile Station Based Assisted-GPS in addition to Mobile Station Assisted Assisted-GPS. Revision control tool mercurial 5.2 made some backwards compatibility changes and added some new feature extensions with its quarterly release. The update of perl 5.30.1 triggered an issue recorded on the snapshot reviewer because the newer version and patch that came in it is problematic for embedded Perl usage. Several other packages were updated in the snapshot to include qemu 4.1.93, re2 20191101, xen and xorg-x11-server. The one major version change in the snapshot was an update to terminal multiplexer tmux 3.0a; the major release that allows its users to easily switch between several programs in one terminal offers new features like added support for the SD (scroll down) escape sequence and for underscore colors.

        • Etherpad updated

          Please don’t be surprised, if you visit our Etherpad instance at https://etherpad.opensuse.org/ today: the new version also comes with a new theme. All the old pads are still there and should be available under their old URL.

      • Fedora Family

        • Fedora Desktops – Memory Footprints

          There are over 40 desktops in Fedora. Each desktop has it’s own strengths and weaknesses. Usually picking a desktop is a very personal preference based on features, looks, and other qualities. Sometimes, what you pick for a desktop is limited by hardware constraints.

          This article is to help people compare Fedora desktops based on the desktop baseline memory. To narrow the scope, we are only looking at the desktops that have an official Fedora Live image.

      • Debian Family

        • Third Point Release for UCS 4.4

          As always, the errata updates of the past months have resulted in many small and large innovations, which we have collected and released with the release of UCS 4.4-3. I would like to give you an overview of the most important new features and an outlook on what we are currently working on. Important new features include better checking of required resources during installation, avoidance of Windows Explorer crashes with extended file system permissions, documentation of best practices in dealing with Windows printer drivers and printer settings, and improvements to the Samba 4 Connector.

        • Proxmox VE 6.1 released!

          We are very excited to announce the general availability of Proxmox VE 6.1.

          It is built on Debian Buster 10.2 and a specially modified Linux Kernel 5.3, QEMU 4.1.1, LXC 3.2, ZFS 0.8.2, Ceph (Nautilus), Corosync 3.0, and more of the current leading open-source virtualization technologies.

          This release brings new configuration options available in the GUI which make working with Proxmox VE even more comfortable and secure. Editing the cluster-wide bandwidth limit for traffic types such as migration, backup-restore, clone, etc. is possible via the GUI. If the optional package ifupdown2 of the Debian network interface manager is installed, it’s now possible to change the network configuration and reload it in the Proxmox web interface without a reboot. We have improvements to 2-factor authentication with TOTP and U2F.

          The HA stack has been improved and comes with a new ‘migrate’ shutdown policy, migrating running services to another node on shutdown.

          In the storage backend, all features offered by newer kernels with Ceph and KRBD are supported with version 6.1.

          We have some notable bug fixes, one of them being the QEMU monitor timeout issue or stability improvements for corosync. Countless other bugfixes and smaller improvements are listed in the release notes.

        • Tails 4.1 is out

          This release fixes many security vulnerabilities. You should upgrade as soon as possible.

        • Tails 4.1 Anonymous OS Released with Latest Tor Browser, Linux Kernel 5.3.9

          The Tails project released today Tails 4.1, a monthly update to their Debian-based amnesic incognito live system (also known as Anonymous OS) that brings all the latest software updates and various improvements.

          Coming five weeks after Tails OS 4.0, a major release based on the latest Debian GNU/Linux 10 “Buster” operating system series, Tails OS 4.1 is here with a new default OpenPGP key server, namely https://keys.openpgp.org/, which the project says is “more trustworthy than other OpenPGP public key servers.”

          According to the Tails developers, the new default OpenPGP key server doesn’t distribute third-party signatures, references OpenPGP public keys only after sending a confirmation email to the addresses listed in the key, and also blocks OpenPGP certificate flooding attacks.

        • Debian breaking Unison (again) [Ed: Norbert Preining talks about the real issues, even at risk to his speech inside Debian]

          Congratulations – Debian/sid now contains a unison binary that is incompatible with Debian/buster, the stable release. That means, everyone who relies on unison for file synchronization across servers (running buster) and development machines (running sid) is now busted. Trying to use the new binary from sid on buster also doesn’t work, due to GLIBC incompatibility.

        • Ben Hutchings: Debian LTS work, November 2019

          I was assigned 24.5 hours of work by Freexian’s Debian LTS initiative and carried over 0.5 hours from October. I worked 21.25 hours this month, so will carry over 3.75 hours to December.

          I released Linux 3.16.76, rebased the Debian package onto that, and sent out a request for testing.

      • Canonical/Ubuntu Family

        • Canonical Launches Ubuntu Pro for Amazon Web Services

          Ubuntu Pro is built exclusively for Amazon Web Services (AWS) and caters to the needs of (their ever growing) cloud and enterprise customers.

          A series of “Pro” images spanning several LTS versions, going as far back as Ubuntu 14.04 LTS, are being made available on AWS.

          The new images feature all of the optimisations found in Ubuntu’s standard Amazon Machine Images (AMI) plus a raft of additional benefits typically offered through Canonical’s commercial support offering, Ubuntu Advantage.

        • Canonical Announces “Ubuntu Pro” For AWS

          Looking to further capitalize upon the popularity of Ubuntu in the cloud, Canonical today announced Ubuntu Pro premium images for Amazon’s EC2 cloud.

          Ubuntu Pro images for Amazon Web Services covers Ubuntu LTS releases with extra functionality focused on enterprise deployments of Ubuntu in the cloud. The principal benefits of Ubuntu Pro include…

        • Canonical Announces Ubuntu Pro, Premium Images for Amazon Web Services

          Ubuntu Pro, as Canonical likes to call these new premium images for AWS, covers the Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS releases and allows enterprises to purchase longer updates and security maintenance, critical compliance features, as well as broader security coverage with no contract required. The Ubuntu Pro images are supported on Amazon Elastic Compute Cloud (Amazon EC2).

          “The new Ubuntu Pro images will deliver a further optimised experience to our customers, providing additional security and performance to their Ubuntu instances,” said Deepak Singh, VP of Compute Services at AWS. “Available directly through AWS Marketplace, Ubuntu Pro can be purchased, deployed and launched on AWS in a seamless and effortless manner, removing the need for additional provisioning or procurement processes.”

        • Canonical announces Ubuntu Pro for Amazon Web Services

          Canonical today announced the availability of Ubuntu Pro images for Amazon Web Services (AWS). Available via AWS Marketplace, covering Ubuntu 14.04 LTS, 16.04 LTS and 18.04 LTS, these new premium images allow enterprises to purchase extended maintenance, broader security coverage, and critical compliance features by simply selecting and running an image on Amazon Elastic Compute Cloud (Amazon EC2) — with no contract required.

          The new Ubuntu Pro images include all the optimisations in the standard Ubuntu Amazon Machine Images (Amazon AMIs), which Canonical publishes across AWS Regions, plus key security and compliance subscriptions automatically enabled. Customers can purchase Ubuntu Pro directly through AWS for a streamlined procurement process, enabling quicker access to these commercial features offered by Canonical.

        • Canonical Patches Intel Microcode Regression on Ubuntu PCs with Skylake CPUs

          On November 12th, 2019, Canonical published important kernel security updates for all supported Ubuntu Linux releases to address two flaws (CVE-2019-11135 and CVE-2019-11139) discovered by various security researchers in Intel processors using Transactional Synchronization Extensions (TSX), as well as on certain Intel Xeon processors.

          While the first vulnerability could allow a local attacker to expose sensitive information, such as memory contents that were previously stored in microarchitectural buffers, the second issue could allow a local privileged attacker to cause a denial of service (system crash). The intel-microcode version that caused the regression was 3.20191112.

        • Linux Mint 19.3 “Tricia” Xfce – BETA Release

          Linux Mint 19.3 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

        • Linux Mint 19.3 “Tricia” MATE – BETA Release

          Linux Mint 19.3 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

        • Linux Mint 19.3 “Tricia” Cinnamon – BETA Release

          Linux Mint 19.3 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

        • Linux Mint 19.3 Enters Beta With HiDPI Support Finally Nearing Completion, New Default Apps

          Linux Mint 19.3 continues to be based on the Ubuntu 18.04 LTS package set but with its various additions and customizations. Linux Mint 19.3 introduces its “System Reports” functionality for trying to identify missing software packages/drivers, the Language Settings area now allows configuring the user’s time format, and the HiDPI support is finally “almost complete”.. Nearly all of the default applications on Linux Mint 19.3 are HiDPI supportive with just a few items remaining.

        • Linux Mint 19.3 “Tricia” Beta Officially Released with New Apps, Updated Artwork

          The Linux Mint project released today the beta version of the upcoming Linux Mint 19.3 “Tricia” operating system for all official flavors, including Cinnamon, MATE, and Xfce.

          In development since early September, the Linux Mint 19.3 “Tricia” operating system has entered public beta testing today ahead of its official launch later this month around the Christmas holidays.

          This release is based on Canonical’s latest Ubuntu 18.04.3 LTS (Bionic Beaver) operating system and ships with the Linux 5.0 kernel. Just like Ubuntu 18.04 LTS, it will be supported with software updates and security patches until 2023.

          “Linux Mint 19.3 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use,” reads today’s announcement.

        • Linux Mint 19.3 “Tricia” beta approved for release, download now

          FOSS Linux first reported back in October that Mint developers plan to release the Linux Mint 19.3 before Christmas.

          The announcement was made via their November 2019 newsletter. They added that the team is still optimistic about the official release before Christmas. They did also mentioned that the Linux Mint 19.3 Beta release will be made available for download on Tuesday, December 3, 2019.

        • Linux Mint 19.3 Beta XFCE Run Through

          In this video, we are looking at Linux Mint 19.3 Beta XFCE. Enjoy!

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Events

        • Open Source Firmware Conference 2019 Videos Posted

          Taking place back in September at Google and Facebook facilities was the Open-Source Firmware Conference (OSFC 2019). For those not able to attend, video recordings of those talks are now freely available online.

          OSFC 2019 saw the introduction of System76 Coreboot-loaded laptops, AMD getting (back) involved with Coreboot, Oreboot as a Rust-based open-source Coreboot implementation, and Intel to more liberally license some of their firmware-related binaries, among other interesting topics discussed.

        • Richard Hughes: OSFC 2019 – Introducing the Linux Vendor Firmware Service

          A few months ago I gave a talk at OSFC.io titled Introducing the Linux Vendor Firmware Service.

        • GNOME.Asia Summit 2019

          Back from Gresik more than one month, here is my late report for GNOME.Asia Summit 2019.

          This year, GNOME.Asia Summit 2019 was held in Universitas Muhammadiyah Gresik. It’s my seventh GNOME.Asia Summit that I attend.

        • Laura Czajkowski: The Do’s and Don’ts of Booth Duty

          Allow enough time: We are all busy but we must allow enough time to do each event properly. For example, arrive the evening before rather than the morning of the conference. Things often go wrong; let’s give ourselves enough time to fix a delayed flight or lost bag of cables.

          Be punctual!Show up way before the attendees. Remember, you’re on duty as a representative of your organisation, so you should be on the show floor 30 mins before it opens for a final briefing and to find out where everything is.

          Demos: The demo Gods can be cruel. Check your display each morning to make sure it (still) works.

          Dress code: We live in the world of Insta we are professionals., Figure out if your organisation has a preferred way dress code for an event, e.g. if there is a specific t-shirt that needs to be worn for a launch. Trust me when I say this, wear comfortable shoes, I’d go as far as to say bring alternative shoes for different days. Standing is difficult, make it easier on your little twinkle toes!

          Be prepared: If you are in charge of a demo, make sure the laptop is set up and ready the day before, turning up to the event to get it setup or installed is not a good use of your time. Make sure the laptop is charged the night before. Bring your charger with you, not everyone has the same connector and an adaptor if you’re travelling in a different country to be on the safe side!

      • Web Browsers

        • Mozilla

          • Mozilla Firefox 71.0 Released with Native MP3 Decoding

            Mozilla Firefox released the latest stable 71.0 a day ago. Here’s what’s new and how to install it in Ubuntu.


            You’ll be able to upgrade the pre-installed Firefox to the latest 71.0 release in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 19.04, and Ubuntu 19.10, through the Software Updater in 2 or 3 days (check the building page).

          • Firefox 71 rolls out: Windows 10 picture-in-picture video plus wider VPN beta for $4.99

            Mozilla boasts that Enhanced Tracking Protection in Firefox has now blocked one trillion tracking requests since launching in July.

            Firefox users will now see notifications when the browser blocks web-based crypto-miners. Users also get a running tally of blocked trackers in the dashboard behind the shield icon.

          • Firefox 71

            Firefox 71 is available. New features include improvements to the Lockwise integrated password manager and native MP3 decoding.

          • Firefox 71 arrives with better Lockwise and tracker blocking, Picture-in-Picture on Windows

            Mozilla today launched Firefox 71 for Windows, Mac, Linux, Android, and iOS. Firefox 71 includes Lockwise password manager improvements, Enhanced Tracking Protection tweaks, and Picture-in-Picture video on Windows. There isn’t too much else new, possibly because Mozilla is getting ready to speed up Firefox releases to a four-week cadence (from six to eight weeks) next year. The company did, however, share updates on its VPN efforts and Firefox Preview.

            Firefox 71 for desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. The Android version is trickling out slowly on Google Play, and the iOS version is on Apple’s App Store. According to Mozilla, Firefox has about 250 million active users, making it a major platform for web developers to consider.

          • Firefox 72 Enters Development with Picture-in-Picture Support on Linux and macOS

            With the release of Firefox 71 to the stable channel, Mozilla already kicked off the development of the next major release of its open-source and cross-platform web browser, Firefox 72.
            Firefox 72 is now available for public beta testing, which means that we can have an early look at its features and improvements. One of these will certainly please Linux and macOS users as Picture-in-Picture (PiP) support is finally coming to their platforms.

            Picture-in-Picture support has just been added for Windows users in the Firefox 71 release announced earlier today, but with Firefox 72 it also comes to Linux and macOS users, allowing them to detach a video from its web page and watch it in a floating window while working in other tabs.

          • Mozilla Thunderbird 68.3.0 Released for Linux, Windows, and macOS

            Thunderbird continues to be one of the preferred email clients on the desktop, despite most platforms already coming with a native mail app. Windows 10, for example, now bundles a modern Mail app, while macOS integrates its very own email client developed by Apple.

            But despite these, Mozilla Thunderbird remains a leading email client, and the updates released by the parent company every now and then further polish the experience with it on all platforms.

          • Using WebAssembly from .NET with Wasmtime

            Wasmtime, the WebAssembly runtime from the Bytecode Alliance, recently added an early preview of an API for .NET Core, Microsoft’s free, open-source, and cross-platform application runtime. This API enables developers to programmatically load and execute WebAssembly code directly from their .NET programs.

      • FSF

        • Licensing / Legal

          • It All Began With Stallman

            The water we drink was once upon a time free. It was a free gift from nature. Gradually that changed. Even 20 years back people in my village could not believe that in cities they sell water. But now it’s a reality everywhere and soon enough water became a political issue. So lot of movements began to free water from private hands (back to the Commons). Wherever water gets privatised there are people in newly-formed organisations and parties that fight against it. Even though we don’t have a single global movement to free water, we do not say to those who are fighting against water privatisation that “you work is good. But water was free before you began your movement. That’s why others have got chance to fight against privatisation.”

            Is that what you say to people who put their lives at risk in the name of fighting against corporate greed? No sensible person would tell you that. You have to remember that a lot of people lost their lives fighting against water privatisation. We have to respect their effort.

      • Programming/Development

        • Dear anonymous internet user asking for help..

          First, I just consider it rude. You come at me hiding who you are but still expect me to do free work for you. Try doing that in real life. What were you thinking? Not introducing yourself AND using a fake identity?

          Second, I have found that this anonymity also means respondents feel free to simply walk away with no damage to their reputation. You report a complicated bug, I spend some time investigating, ask about details, and I get no response. Some weeks later a very similar question comes in from a fresh email address, likely the same person, still not wanting to do the work to get help.


          As a case in point consider @SwiftOnSecurity. We don’t know who they are, but their contribution is such that “Swift” is able to get a CEO phoned out of bed at 2AM in the morning with a single tweet. Be like Tay.

          “Our corporate policy does not allow us to disclose our use of open source software”

          While I have sympathy for the pain this will cause you individually, my open source policy does not allow me to offer free help to corporations who do not even have the decency to admit that they use my software.

        • The Rust Programming Language Blog: Launching the 2019 State of Rust Survey

          It’s that time again! Time for us to take a look at how the Rust project is doing, and what we should plan for the future. The Rust Community Team is pleased to announce our 2019 State of Rust Survey! Whether or not you use Rust today, we want to know your opinions. Your responses will help the project understand its strengths and weaknesses and establish development priorities for the future.

          Completing this survey should take about 10?15 minutes and is anonymous unless you choose to give us your contact information. We will be accepting submissions until December 16th, and we will write up our findings a month or so afterwards to blog.rust-lang.org

        • Qt 5.14.0 RC released

          Qt 5.14.0 RC is released today. As usual you can get it by using online installer (for new installations) or by using maintenance tool (existing online installation). And in addition there is also offline installers in qt account or download.qt.io for users who can’t use online ones. Delta to beta3 as an attachment.

          Target is to release Qt 5.14.0 12th December so please test RC now & report all new release blockers immediately. Also make sure those are visible in release blocker list (https://bugreports.qt.io/issues/?filter=21539). But remember that Qt 5.14.1 is also coming soon so we can fix most of findings there and fix only real blockers in ’5.14.0′.

        • Qt 5.14 On Track For Releasing Next Week With New Scenegraph Renderer, Better HiDPI

          While missing the original release target of the end of November, The Qt Company is buttoning up Qt 5.14 for debut next week. Today, however, marks the release candidate availability for those wanting to test out this forthcoming Qt5 release prior to more of the development efforts shifting to Qt 6.0.

        • Rust 2020

          Technically speaking, it’s past the deadline for #rust2020 posts, but I’m running late this year, and I’m going to post something anyway. In this post, I am focusing on what I see as the “largest scale” issues, and not on technical initiatives. If I have time, I will try to post a follow-up talking about some of the key technical initiatives that I think we should focus on as well.

        • Python

          • Get Python Package Download Statistics with Condastats

            Hundreds of millions of Python packages are downloaded using Conda every month. That’s why we are excited to announce the release of condastats, a conda statistics API with Python interface and Command Line interface. Now anyone can use this tool to conduct research on usage statistics for Conda packages. This project is inspired by pypistats, which is a Python client and CLI for retrieving PyPI package statistics.

          • Python, Boto3, and AWS S3: Demystified

            Amazon Web Services (AWS) has become a leader in cloud computing. One of its core components is S3, the object storage service offered by AWS. With its impressive availability and durability, it has become the standard way to store videos, images, and data. You can combine S3 with other services to build infinitely scalable applications.

            Boto3 is the name of the Python SDK for AWS. It allows you to directly create, update, and delete AWS resources from your Python scripts.

          • Python and AArch64

            Python runs everywhere, right? All those libraries are just one ‘pip install’ away. And we are used to it. Unless on AArch64.

            On AArch64 when you do pip install SOMETHING you may end with “no compiler installed” or “No lapack/blas resources found.” messages. All due to lack of wheel files generated for this architecture… And even if you have all dependencies installed then building takes more time than it takes to install existing wheel file.

          • Python 3.7.5 : The new Django version 3.0 .

            On December 2, 2019, comes with Django 3.0 Released.

          • PyCoder’s Weekly: Issue #397 (Dec. 3, 2019)

            Guido van Rossum Withdraws From the Python Steering Council

            “Part of my reason is that in the end, SC duty feels more like a chore to me than fun, and one of the things I’m trying to accomplish in my life post Dropbox retirement is to have more fun. To me, fun includes programming in and contributing to Python, for example the PEG parser project.”

          • Excel vs Python: How to Do Common Data Analysis Tasks

            In this tutorial, we’ll compare Excel and Python by looking at how to perform basic analysis tasks across both platforms.

            Excel is the most commonly used data analysis software in the world. Why? It’s easy to get the hang of and fairly powerful once you master it. In contrast, Python’s reputation is that it’s more difficult to use, though what you can do with it is once you’ve learned it is almost unlimited.

          • Mailing lists for my Python IPC packages

            My package sysv_ipc celebrates its 11th birthday tomorrow, so I thought I would give it a mailing list as a gift. I didn’t want its sibling posix_ipc to get jealous, so I created one for that too.

          • Developer Tools & Frameworks for a Python Developer

            Due to the trend for data sciences and popularity on the use of Python to teach computer programming.

            Due to the growing amount of tools and framework used for Python from scripting to building AI there’s always a tool or framework to make Python development easy to get started.

            Below is my list of developer tools and frameworks that are useful for development using Python.

          • Friendly-traceback, Real Python, Pycon, and more

            After an interruption that lasted a few months, I’ve finally been able to return to programming, more specifically working mostly on Friendly-traceback. For those that do not know Friendly-traceback: it aims to replace the sometimes obscure traceback generated by Python with something easier to understand. Furthermore, Friendly-traceback is designed with support for languages other than English so that, in theory, beginners (who are the main target audience for Friendly-traceback) could benefit no matter what their native language is … provided someone would have done the translation into that language, of course.

            As of now, 75 different cases have been tested; you can find them in the documentation. [If you have suggestions for improvements, please do not hesitate to let me know.]

            Recently, a post by Real Python on SyntaxError has given me added impetus to work on Friendly-traceback. I’m happy to report that, other than the cases mentioned dealing with misspelled or missing keywords, all of the other examples mentioned in that post can be analyzed by Friendly-traceback with an appropriate explanation provided. Note that these are not hard-coded examples from that post, so that any similar cases should be correctly identified.

          • Python Bytes Episode #159: Brian’s PR is merged, the src will flow
          • Java vs. Python: Which should you choose?

            Let’s compare the two most popular and powerful programming languages in the world: Java and Python! Both languages have huge community support and libraries to perform almost any programming task, although selecting a programming language usually depends on the developer’s use case. After you compare and contrast, please make sure to answer our poll to share your opinion on which is best.

          • Automatically downloading nursery photos from ParentZone using Selenium

            My son goes to a nursery part-time, and the nursery uses a system called ParentZone from Connect Childcare to send information between us (his parents) and nursery. Primarily, this is used to send us updates on the boring details of the day (what he’s had to eat, nappy changes and so on), and to send ‘observations’ which include photographs of what he’s been doing at nursery.

          • Auto-generating API specifications as OpenAPI, WSDL and Sphinx

            Let’s consider the services below – they represent a subset of a hypothetical API of a telecommunication company. In this case, they are to do with pre-paid cards. Deploy them on your servers in a module called api.py.

            Note that their implementation is omitted, we only deal with their I/O, as it is expressed using SimpleIO.

            What we would like to have, and what we will achieve here, is a website with static HTML describing the services in terms of a formal API specification.

          • GUI Automation using Pyautogui, Python

            PYAUTOGUI is an automation module provided by Python for controlling keyboard and mouse functions via program. This module has almost all the functions which can be performed by keyboard and mouse. We can use these functions to automate mouse and keyboard actions.

          • Beautiful Soup: Build a Web Scraper With Python

            The incredible amount of data on the Internet is a rich resource for any field of research or personal interest. To effectively harvest that data, you’ll need to become skilled at web scraping. The Python libraries requests and Beautiful Soup are powerful tools for the job. If you like to learn with hands-on examples and you have a basic understanding of Python and HTML, then this tutorial is for you.

          • Tensorflow 2.0: Solving Classification and Regression Problems

            After much hype, Google finally released TensorFlow 2.0 which is the latest version of Google’s flagship deep learning platform. A lot of long-awaited features have been introduced in TensorFlow 2.0. This article very briefly covers how you can develop simple classification and regression models using TensorFlow 2.0.

          • Two New Typosquatting Libraries Found on PyPI

            Two new malicious packages were found on the Python Packaging Index (PyPI) that were designed to steal GPG and SSH keys according to ZDNet. The packages were named python3-dateutil and jeIlyfish where the first “L” is actually an I. These two libraries mimicked the dateutil and jellyfish packages respectively.

          • Framework Patterns

            A software framework is code that calls your (application) code. That’s how we distinguish a framework from a library. Libraries have aspects of frameworks so there is a gray area.

            My friend Christian Theune puts it like this: a framework is a text where you fill in the blanks. The framework defines the grammar, you bring some of the words. The words are the code you bring into it.

            If you as a developer use a framework, you need to tell it about your code. You need to tell the framework what to call, when. Let’s call this configuring the framework.

            There are many ways to configure a framework. Each approach has its own trade-offs. I will describe some of these framework configuration patterns here, with brief examples and mention of some of the trade-offs. Many frameworks use more than a single pattern. I don’t claim this list is exhaustive — there are more patterns.

            The patterns I describe are generally language agnostic, though some depend on specific language features. Some of these patterns make more sense in object oriented languages. Some are easier to accomplish in one language compared to another. Some languages have rich run-time introspection abilities, and that make certain patterns a lot easier to implement. A language with a powerful macro facility will make other patterns easier to implement.

            Where I give example code, I will use Python. I give some abstract code examples, and try to supply a few real-world examples as well. The examples show the framework from the perspective of the application developer.

          • Django 3 taps Python async to speed web apps

            Django 3.0, the newest version of the Python framework that allows fast creation of database-backed websites and web services, now supports Python async, one of the most powerful new features in Python to make websites and network services faster.

            Async allows Python programs, especially networking apps, to run more efficiently, but existing applications must be rewritten to use it. Django 3 will only work with Python 3.6 and later versions, the better to work with Python’s async programming features.

            A key way Django provides support for async is via ASGI, a protocol that serves as a standard interface between asynchronous Python applications and async-capable web servers. Previously, Django only supported WSGI, which only supported synchronous web applications. Django 3 will only allow async features to run in an app if it’s deployed as ASGI.

        • Shell/Bash/Zsh/Ksh/awk

          • tee is broken?

            Just found a highly surprising behavior in a core tool I’ve used for decades, so clearly I’m making a note here.


            Answer time! After a tee, a single writer parent feeds two reader children. If a child exits before reading all the data, then when the parent tries to feed that dead child, the parent will get a SIGPIPE. And apparently the default behavior of tee in GNU coreutils (and in the zsh multios redirection) is to give up and to stop feeding all the children at that point. So the second child (wc -l in the examples) ends up with incomplete input. No errors are thrown anywhere, and there’s no indication at all that any data was truncated. Lots of the data is just silently missing.

          • 4 ways to control the flow of your awk script

            There are many ways to control the flow of an awk script, including loops, switch statements and the break, continue, and next commands.

      • Standards/Consortia

        • CSS: An Art, a Science, a Nightmare (Overview of CSS Concepts)

          Some people think CSS is really hard and it’s too much of a hassle to learn. Some people think that since it’s not a programming language (or is it?), it’s so easy that you don’t even have to bother learning it. Ultimately, there’s a lot to CSS, but it doesn’t have to be overwhelming. If you learn a few key concepts, you should feel confident looking at or thinking of any design and turning it into reality.

          I’m going to go over some of the parts of CSS that are important on a daily basis, and give some of tips and tricks I’ve come to learn over the years.

  • Leftovers

    • “Parasite” Reaches Toward a Classless Future We Haven’t Fully Imagined

      Bong Joon-ho’s recently released film Parasite isn’t the classical, one-dimensional depiction of poverty where the wretched of the Earth wait to be saved by those of superior intellect and resources. Most of the characters in the film are poor, very smart and forced by circumstances to be incredibly resourceful.

    • Science

      • Innovation

        The previous article introduced the concept of product lifecycles. Examining the lifecycle model leads to the conclusion that the most profitable approach is to focus on the majority markets and largely ignore the innovators. In fact this is valid – within limits!

        Clayton Christensen addresses this in The Innovator’s Dilemma where he introduces two types of innovation: sustaining innovation, which is innovation directed at solving an existing problem, and disruptive innovation, which involves using new technology to initially create new markets and then to ultimately address mainstream markets.

        The concept can be summarized as sustaining innovation is a problem looking for a solution, while disruptive innovation is a solution looking for a problem. For sustaining innovation you understand the problem that needs to be solved and the challenge is to solve it. You understand the market, the customers and their needs, alternative solutions, and competitors. You can perform valid market research, make financial projections, and apply existing resources, processes, and skills.

        Christensen discovered that existing companies do very well with sustaining innovation. They can tackle extraordinarily complex and difficult technologies and apply them to meeting their customers needs. They can make large investments and overcome seemingly impossible challenges. As an old saying goes, understanding the problem is 80% of the solution.

        On the other hand, Christensen also discovered that successful companies do a poor job of dealing with disruptive technologies. They tend to either ignore a new technology until a competitor has established a strong position or they fail to successfully develop and market products built on the new technologies.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Openwashing

            • News organizations are engaging more proactively in open-source journalism to rebuild trust in news media

              As news media skepticism grows worldwide and digital tools become increasingly robust and available, reporters and news organizations are engaging more proactively in open-source journalism — a practice in which reporters investigate and construct stories based on publicly available data, including via social media, per The New York Times.

              As digital resources and social media have given all people a public, open platform to communicate, user-generated content has become primary source material and created a trail for open-source journalists to investigate. And by performing investigative research in this way, reporters can more easily connect directly to visual evidence on the web, rather than refer to private sources.

          • Entrapment (Microsoft GitHub)

            • It’s Hipp to be square: What happened when SQLite creator met GitHub

              There are two notable points in Hipp’s report. For one, he feels that Git could be improved. He considers the Git Rebase command, which alters or removes the history of a commit, to be harmful. Since Git’s own documentation of Rebase is full of warnings about misuse, this is not surprising, though there are circumstances where it can be useful. Hipp is also keen to see a means of revising the comments on previous check-ins because of the importance of documentation.

        • Security

          • Security updates for Tuesday

            Security updates have been issued by Arch Linux (intel-ucode and libtiff), Debian (exiv2), Oracle (SDL), Red Hat (kernel, patch, and python-jinja2), and Ubuntu (graphicsmagick, linux, linux-aws, linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-lts-xenial, linux-aws, and sqlite3).

          • How to validate your security measures

            In parts one and two of this series, I walked you through hardening your system by identifying unneeded services, and then segmenting and firewalling. Now that you’re all locked down, let’s talk about how we might validate that all of that hard work is actually providing the desired results. In this final installment, we’ll talk about how to scan your network for open ports, and we’ll even touch on vulnerability scanning.

          • Mixcloud Breach Exposes 20 Million Accounts — Mixcloud Responds

            Hackers have managed to breach Mixcloud and expose over 20 million user data accounts. Mixcloud confirmed the breach over the Thanksgiving weekend.

          • Security attacks: 3 habits of the most resilient companies

            What is the difference between a firm that is resilient against cyber threats and one that is vulnerable? What strategies and technologies ensure that a company can continue its day-to-day operations even as it faces a growing list of cyber threats?

            When my team started compiling research to develop PwC’s latest Digital Trust and Insights report, we hoped to answer these questions. We expected to find differences between businesses that are resilient and those that are not, but we were surprised to see the stark differences in the actions and strategies taken by the two groups.

          • Privacy/Surveillance

            • EFF Releases Certbot 1.0 to Help More Websites Encrypt Their Traffic

              San Francisco – The Electronic Frontier Foundation (EFF) today released Certbot 1.0: a free, open source software tool to help websites encrypt their traffic and keep their sites secure.

              Certbot was first released in 2015, and since then it has helped more than two million website administrators enable HTTPS by automatically deploying Let’s Encrypt certificates. Let’s Encrypt is a free certificate authority that EFF helped launch in 2015, now run for the public’s benefit through the Internet Security Research Group (ISRG).

            • Cops Are Running Ring Camera Footage Through Their Own Facial Recognition Software Because Who’s Going To Stop Them

              Ring may be holding off on adding facial recognition tech to its already-problematic security cameras, but that’s not stopping any of its not-exactly-end-users from doing it for themselves.

            • Sen. Cantwell Leads With New Consumer Data Privacy Bill

              There is a lot to like about U.S. Sen. Cantwell’s new Consumer Online Privacy Rights Act (COPRA). It is an important step towards the comprehensive consumer data privacy legislation that we need to protect us from corporations that place their profits ahead of our privacy.

              The bill, introduced on November 26, is co-sponsored by Sens. Schatz, Klobuchar, and Markey. It fleshes out the framework for comprehensive federal privacy legislation announced a week earlier by Sens. Cantwell, Feinstein, Brown, and Murray, who are, respectively, the ranking members of the Senate committees on Commerce, Judiciary, Banking, and Health, Education, Labor and Pensions.

            • FBI says it considers FaceApp and TikTok a ‘potential threat’

              Some of the biggest websites in the world are based in countries considered hostile to Western governments. As well as FaceApp, the crosshairs of the security community are also aimed squarely at Chinese social network TikTok, which has exploded in recent years leading to questions over whether there are any of those legendary back doors we love so much.

            • Google Co-Founders Step Down From Management Roles

              The co-founders of Google are stepping down as executives of its parent company, Alphabet, ending a remarkable two decades during which Larry Page and Sergey Brin shaped a startup born in a Silicon Valley garage into one of the largest, most powerful — and, increasingly, most feared — companies in the world.

            • Google Founders Give Up on Being the Warren Buffett of Tech

              Larry Page and Sergey Brin created the Alphabet Inc. holding company in 2015 to give themselves more time to invest in new tech businesses and handed responsibility for Google to Sundar Pichai. The model was inspired by Buffett’s approach of allocating capital to disparate businesses and letting independent CEOs decide how to run the operations.

            • Google Founders Larry Page and Sergey Brin Stepping Down at Alphabet

              Page and Brin started their web search engine in 1998 from a research project at Stanford University, turning it into one of the largest and most-profitable businesses on earth. Page served as the first CEO before the board brought on Eric Schmidt to led the company from 2001 to 2011. Page returned as CEO after that and oversaw Google’s expansion into far-flung areas, including high-speed fiber internet service and longevity research, as well as expensive flops such as its push into social networking. Brin, meanwhile, oversaw the company’s skunkworks lab developing self-driving cars and the doomed Google Glass wearable tech.

            • Google co-founders Larry Page and Sergey Brin relinquish control of Alphabet to CEO Sundar Pichai

              “With Alphabet now well-established, and Google and the Other Bets operating effectively as independent companies, it’s the natural time to simplify our management structure. We’ve never been ones to hold on to management roles when we think there’s a better way to run the company. And Alphabet and Google no longer need two CEOs and a President. Going forward, Sundar will be the CEO of both Google and Alphabet,” Page and Brin wrote.

            • Larry Page and Sergey Brin Hand Over Alphabet’s Reins

              Page and Brin aren’t totally out of the picture. The two cofounders will remain employees of Alphabet and retain their seats on the board, where they together control 51.3 percent of the voting power, according to the most recent regulatory filings. In other words, they still effectively control the company, though they will no longer be running it day to day.

            • Google Founders Sergey Brin And Larry Page Step Down From Top Roles

              The restructuring at the top of Google comes as at time of increased turmoil for the Internet giant.

              Google, the company that was known for the motto “don’t be evil,” has been known for its open and freewheeling culture, with employees encouraged to speak out. But lately, management has been cracking down on dissent and criticism.

              Google fired four engineers last week for accessing internal information. But the workers said they lost their jobs over their labor-organizing efforts. They said they will file a complaint with the National Labor Relations Board.

              Last year, thousands of Google workers around the world walked out in protest of sexual harassment and bad behavior by executives.

            • Google co-founders Larry Page and Sergey Brin step down from parent firm

              The pair will leave their respective roles as Alphabet’s CEO and president but will remain on the company’s board.

              Google’s CEO Sundar Pichai will become Alphabet’s CEO too, a statement said.

            • Google Founders Resign From Alphabet Leadership, Sundar Pichai Becomes CEO

              Google CEO Sundar Pichai is adding another responsibility to his job: Pichai will also be the CEO of parent holding company Alphabet going forward, taking the helm from co-founder and longtime CEO Larry Page.

              Additionally, co-founder Sergey Brin will be resigning from his post as the president of Alphabet. Brin and Page jointly announced the leadership change in a blog post Tuesday afternoon, writing: [...]

            • Facebook Gives Workers a Chatbot to Appease That Prying Uncle

              The answers were put together by Facebook’s public relations department, parroting what company executives have publicly said.

              And the chatbot has a name: the “Liam Bot.” (The provenance of the name is unclear.)

              “Our employees regularly ask for information to use with friends and family on topics that have been in the news, especially around the holidays,” a Facebook spokeswoman said. “We put this into a chatbot, which we began testing this spring.”

            • SMS Replacement is Exposing Users to Text, Call Interception Thanks to Sloppy Telecos

              The Rich Communication Services (RCS) standard is essentially the replacement for SMS. The news shows how even as carriers move onto more modern protocols for communication, phone network security continues to be an exposed area with multiple avenues for attack in some implementations of RCS.

              “I’m surprised that large companies, like Vodafone, introduce a technology that exposes literally hundreds of millions of people, without asking them, without telling them,” Karsten Nohl from cybersecurity firm Security Research Labs (SRLabs) told Motherboard in a phone call.

            • What to Consider Before Trading Your Health Data for Cash

              Financial rewards and gift cards are tantalizing incentives, but you shouldn’t make the choice to trade away your health data without considering the potential issues first.

            • EU to Check How Facebook, Google Use Data: Spokeswoman

              “The Commission has sent out questionnaires as part of a preliminary investigation into Google’s and Facebook’s data practices,” a Commission spokeswoman told AFP.

              “These investigations concern the way data is gathered, processed, used and monetised including for advertising purposes,” she added.

              The Commission did not say who exactly the questionnaires were sent to. It is a step that could lead to a formal investigation.

            • China Implements Mandatory Facial Recognition Scans For New Cell Phone Users

              The government claims that the new requirement will prevent fraud for citizens, but critics see it as the furthering of invasive surveillance measures.

    • Defence/Aggression

      • America’s Potemkin War in Afghanistan
      • US Navy Places $22 Billion Cyber Monday Order for Nuclear Submarines, But Who Is Asking How We Gonna Pay For It?

        “$22 billion could fund a lot of kids learning,” said Albert Lee, a Democrat running for Congress in Oregon. “We need an education race; not a wasted arms race.”

      • Russian taxi service reforms free ride program for domestic violence victims after non-victimized men take advantage

        The taxi hailing service Citymobil was lauded among Russian activists for offering free rides in Moscow to the Nasiliu.net (No to Violence) women’s center. However, a Citymobil representative has now announced that the promotion code for the free taxis will only be made available to those who call Nasiliu.net asking for help escaping domestic violence.

      • We talked to the Russian lawmaker who’s leading the fight against domestic violence from inside the system

        On November 29, Russia’s Federation Council published the draft text of new legislation that would impose additional penalties on domestic violence. Lawmakers have introduced similar bills in the past, but not a single initiative has survived the parliament’s revisions process. Now, the current bill is also showing signs of failure: Women’s rights advocates who helped develop the legislation reported that the text omits several key components they supported. Throughout this process, the legislator leading the charge for more stringent protections against domestic violence has been Oksana Pushkina. Pushkina, who spent 30 years as a media celebrity at predominantly Kremlin-supportive outlets before entering politics in 2015, has been the singular voice for feminist causes in multiple State Duma debates. Meduza special correspondent Sasha Sulim spoke with her shortly before the draft text of the domestic violence bill was revealed. We translated several excerpts of their conversation.

    • Transparency/Investigative Reporting

      • How to fight lies, tricks,and chaos

        I don’t want to blame people who fall for these tricks. A lot of the problems are exacerbated by companies, governments, and other factors that individuals can’t control. But the internet is full of grifters, tricksters, and outright liars who rely on people’s basic trust to amplify their message. It’s worth slowing down and carefully navigating their traps — to avoid spreading an alarming false rumor, getting angry at a group of people for something they didn’t do, or perpetuating an honest misunderstanding.

    • Environment

      • Greta Thunberg Has Sailed Back to Europe for Climate Talks

        From Stockholm, Sweden, we’re covering the 40th Anniversary of the Right Livelihood Awards, widely known as the “Alternative Nobel Prize.” This year’s recipients include 16-year-old Swedish climate activist Greta Thunberg, who arrived Tuesday in Lisbon, Portugal, after traveling for three weeks across the Atlantic in the 48-foot catamaran La Vagabonde, refusing to fly because of the high carbon footprint of air travel. Thunberg was on her way to attend COP25 in Santiago, Chile, when the conference was abruptly relocated due to mass demonstrations against a proposed subway fare hike. She sounded a rallying cry to fellow youth climate activists as she made landfall in Lisbon, promising to ensure that young people have a seat at the table at the upcoming climate summit in Madrid. “We will continue to make sure within those walls, the voices of the people … especially from the global South — are being heard,” she says.

      • Dammed Good Questions About the Green New Deal

        Hydroelectric power from dams might be the thorniest issue that proponents of the Green New Deal (GND) have to grapple with. Providing more energy than solar and wind combined, dams could well become the key backup “renewable” if it otherwise proves impossible to get off of fossil fuels fast enough.

      • The Hottest Years

        This year has been one of the hottest on record, as the world comes to the end of a decade of “exceptional” heat, the World Meteorological Organisation has said.The past decade, from 2010 to 2019, has almost certainly been the warmest in records dating back to the 19th century, and the past five years from 2015 have also been the hottest on record, the UN body said.

      • After Hottest Decade Since Records Began, WMO Warns World May Face 5°C Rise by Century’s End

        The impacts of the climate crisis “are real and happening now and place huge pressures on communities and countries,” climate scientists said.

      • Massive Attack To Help Study Carbon Footprints of Concerts While on Tour

        Trip hop legends Massive Attack have announced that they will be taking climate scientists on tour with them to study the carbon footprints of music concerts.

      • ‘People Are Underestimating the Force of Angry Kids’: Greta Thunberg Returns to Europe for Climate Summit

        At COP 25, Thunberg said, “we will continue the fight there to make sure that within those walls the voices of the people are being heard.”

      • Energy

        • Meet the Big Polluters Sponsoring COP25

          This week, the 2019 UN Climate Change Conference (COP25) will descend upon Madrid following an ad-hoc relocation from Santiago, Chile, after huge protests erupted against the government.

        • The Radioactive Legacy We Are Leaving Our Children

          After 70 years of building and operating nuclear power plants across the world, governments are bequeathing to future generations a radioactive legacy.

        • As Nation Transfixed by Impeachment, Trump Quietly Provides Offshore Drilling Industry ‘Sweetheart Giveaway’

          Former lobbyist turned Secretary of the Interior David Bernhardt, says critic, probably assumed gift “to his former oil and gas client would slip by unnoticed.”

        • “Green Amendment” Movement Demands Constitutional Right to Clean Environment

          By the end of the 1960s, according to former Pennsylvania state legislator Franklin Kury, Pennsylvania had already undergone decades of “brazen” environmental exploitation at the hands of the coal, steel and iron industries.

        • Oil is the New Data

          Another coworker, who had flown in the night before, warned us not to worry if we found ourselves in jail. Don’t panic if you find yourself in jail. Give me a call and we’ll bail you out. Maybe she was joking.

          The flight itself was uncanny. I was flying in from Frankfurt, but it felt a lot like a local American flight to somewhere in the Midwest. The plane was filled with middle-aged American businessmen equipped with black Lenovo laptops and baseball caps. The man next to me wore a cowboy-esque leather jacket over a blue-collared business shirt.

          After I landed in Atyrau’s single-gate airport, I located my driver, who was holding a card with my name on it. He swiftly led me into a seven-seater Mercedes van and drove me to my hotel, one of the only hotels in the city. Everyone from the flight also seemed to stay there. The drive was short. The city was overwhelmingly gray. Most of it was visibly poor. The hotel was an oasis of wealth.

          Across from the hotel was another one of these oases: a gated community with beige bungalows. This was presumably where the expats who worked for Chevron lived. There was a Burger King and a KFC within walking distance. Everyone spoke a bit of English.

          Security was taken extremely seriously. Each time we entered one of Chevron’s offices, our passports were checked, our bags were inspected, and our bodies were patted down. Video cameras were mounted on the ceilings of the hallways and conference rooms. We were instructed to travel only using Chevron’s fleet of taxis, which were wired up with cameras and mics.

          All of this — Atyrau’s extreme security measures and the steady flow of American businesspeople — comes from the fact that the city is home to Kazakhstan’s biggest and most important oil extraction project. In 1993, shortly after the fall of the Soviet Union, the newly independent nation opened its borders to foreign investment. Kazakhstan’s state-owned energy company agreed to partner with Chevron in a joint venture to extract oil.

          The project was named Tengizchevroil, or TCO for short, and it was granted an exclusive forty-year right to the Tengiz oil field near Atyrau. Tengiz carries roughly 26 billion barrels of oil, making it one of the largest fields in the world. Chevron has poured money into the joint venture with the goal of using new technology to increase oil production at the site. And I, a Microsoft engineer, was sent there to help.

      • Wildlife/Nature

        • Indigenous Land Protectors Are Defending the Amazon and Paying With Their Lives

          This week we’re on the road in Stockholm, Sweden, where we’re covering the 40th Anniversary of the Right Livelihood Award, widely known as the “Alternative Nobel Prize.” One of this year’s recipients of the award is Yanomami indigenous leader Davi Kopenawa and the organization he co-founded, Hutukara Yanomami Association. The Right Livelihood Foundation has praised them for “their courageous determination to protect the forests and biodiversity of the Amazon, and the lands and culture of its indigenous peoples.” The award comes as indigenous forest protectors and uncontacted tribes in Brazil are increasingly under attack. Last month an indigenous forest protector named Paulo Paulino Guajajara was shot dead in the Amazon by illegal loggers. It was the latest incident in a wave of violence targeting indigenous land protectors since the election of Brazil’s far-right president Jair Bolsonaro last year. One month ago, human rights groups warned in an open letter that the Amazon’s last uncontacted indigenous people face “genocide,” amid raging fires and mounting incursions into their territories. Brazil’s Indigenous Missionary Council says the number of invasions of indigenous territories has doubled under Bolsonaro — with more than 150 such incidents since January. We speak with Fiona Watson, advocacy and research director for Survival International. The organization is a 1989 winner of the Right Livelihood Award for its work protecting the Amazon.

        • Scientists: Trophy Hunting ‘Not Irreplaceable’ for Conservation Funding
    • Finance

    • AstroTurf/Lobbying/Politics

      • WTO Shutdown: The Kids Are Alright
      • Study Says Russian Trolls Didn’t Have Much Influence On Election; But It’s More Complicated Than That

        Since the election, I’ve been pretty firmly in the camp that believes that those who rushed to blame social media and things like (well documented) Russian attempts to interfere in the election via social media, have been vastly blown out of proportion. It’s resulted in silly things like famous comedians suggesting that if Mark Zuckerberg allows Russians trolls to try to influence another election Zuck should go to jail. That’s just silly. Much of it, to me, seems to be people who expected one outcome in the 2020 election casting blame towards something they could latch onto. Did Russian trolls try to use social media to influence the election? Absolutely. Did the results of the 2016 Presidential election surprise the politically savvy? Absolutely. Does that single correlation mean anything? There’s been little evidence to suggest there is, even as many people assume their must be.

      • Middle America: The Danger for Democrats

        The debate among pundits in Washington, D.C., over which Democratic candidate should run against Donald Trump has come down to an argument over who is less appealing to Midwestern voters—the increasingly out-of-it, gaffe-prone Joe Biden, or scary socialists Bernie Sanders and Elizabeth Warren.

      • Kamala Harris to End Her 2020 Presidential Campaign, Leaving Third Way Dems ‘Stunned and Disappointed’

        Harris leaves the race after failing to gain traction with voters.

      • ‘Standing With Bernie Because Bernie Stands With Us’: Iowa’s Largest Progressive Group Endorses Sanders

        “We’re committed to using this endorsement to lift up our people and planet first demands and take on the corporate power that wants to maintain the ‘business as usual’ status quo.”

      • ‘He’s Just…Erased’: PBS 2020 Segment Finds Time for Klobuchar, Sestak, and Bullock—But Completely Ignores Bernie Sanders

        It was like watching “manufacturing consent in action,’ said Current Affairs editor Nathan Robinson.

      • Bernie Sanders Has the Backing of Leftists Worldwide

        Leftist leaders from the United Kingdom to South America have a clear ally in the U.S. presidential election. In a crowded presidential primary, Bernie Sanders has distinguished himself from centrists like Joe Biden and Pete Buttigieg and even fellow progressive Elizabeth Warren by calling the ouster of Bolivia’s former President Evo Morales a coup, praising Brazil’s former President Luiz Inácio Lula da Silva and drawing parallels between his campaign and mass protests in Chile, Lebanon and Iraq.

      • A Very Sick Man

        Oh man. The Stable Genius just fell off the world stage at London’s NATO meeting. His wee brain frazzled, his pupils amphetamine-huge, he ranted, rambled, raved: Macron was “very, very nasty,” in Syria “I’ve taken the oil,” “the whole situation with nuclear has to be dealt with very strongly,” Adam Schiff is “a deranged human being,” one day Repubs will impeach a Dem….

      • Declaring ‘No One Is Above the Law,’ House Intelligence Committee Releases Trump Impeachment Report

        Rep. Ro Khanna (D-Calif.) tweeted in response to the report that “the House Judiciary Committee should accept the Intelligence Committee report and immediately start drawing up articles of impeachment.”

      • ‘I try not to exaggerate my own significance’ Ex-lawmaker and former pro-Kremlin youth activist Robert Schlegel explains why he left Russia to raise his kids in Germany

        In early December, journalists learned that once State Duma deputy and former “Nashi” pro-Kremlin youth group activist Robert Schlegel received German citizenship after moving his family to Munich, where he was working for the cyber-protection company “Acronis.” As a lawmaker, Schlegel voted for legislation that banned Americans from adopting Russian orphans, he introduced a bill to make it a felony for mass media outlets to publish fake news, and he co-authored Russia’s so-called “Google tax.” According to the newspaper Süddeutsche Zeitung, which first reported Schlegel’s new place of work, Acronis promptly fired him because of his past at Nashi. Schlegel responded in writing to a few questions from Meduza, saying that he’s currently in Bhutan (in South Asia).

      • Trump Ridiculed for Claiming Unnamed ‘Legal Scholars’ Praised Calls With Ukraine Leader as ‘Absolutely Perfect’

        “Amazing how these people never have names.”

      • Complicity With Imperialism Is Holding Back the Anti-Trump Resistance

        In their efforts to dump President Trump, many Democrats and other liberal critics of Trump have been recycling the same imperialist ideology that produced him.

      • Trump Foundation Gave Away No Money in the Year Before Its Shutdown

        New tax returns for the Donald J. Trump Foundation reveal the charitable organization raised no money and gave none away in the year leading up to President Donald Trump’s agreement to shut down the controversial charitable vehicle.

      • ‘Steaming Nonsense’: Republican Report Claiming Trump Did Nothing Wrong Panned for Ignoring Facts and Witness Testimony

        “Republicans are entirely unperturbed by Trump’s use of his office to solicit foreign interference in the next election on his behalf.”

      • The Left Is Finally Winning the War of Ideas

        Good ideas are like viruses. They grow and spread despite our best efforts to stop them. And yes, our bulbous, awkward species does indeed work very hard to catch and kill good ideas.

      • The New Republican Party
      • The Signature Wound of America’s Wars

        When an announcement of a “Moral Injury Symposium” turned up in my email, I was a bit startled to see that it came from the U.S. Special Operations Command. That was a surprise because many military professionals have strongly resisted the term “moral injury” and rejected the suggestion that soldiers fighting America’s wars could experience moral conflict or feel morally damaged by their service.

      • Trump Is Waging War on America’s Diplomats

        Last year, just before Halloween, Lewis Lukens, the deputy chief of mission at the U.S. embassy in London, visited a pair of English universities where he spoke about the importance of international cooperation, beseeching students not to “swipe left” on the historic “special relationship” between the U.K. and America. The speeches were—according to a copy of the remarks that Lukens provided to GQ—fairly anodyne, reprising all the things Americans and Brits had learned from each other, all the ways we’ve helped each other over the years, disagreements notwithstanding. At the time, things between the two countries had been strained—in part because President Trump had attacked British leaders, including Prime Minister Theresa May and London Mayor Sadiq Khan—but Lukens, the second-most-senior American diplomat to the United Kingdom, had a request for the students who had gathered to see him: “Don’t write off the special relationship.”

        A week later, Lukens says, his boss, the U.S. ambassador Woody Johnson, an heir to the Johnson & Johnson fortune and a Trump political appointee, told him that he was done, firing Lukens from his post seven months ahead of when he was scheduled to leave for a new assignment. After nearly 30 years as a foreign service officer, his State Department career was over. The reason? Lukens says he had unwittingly committed a fatal error in his speech: He had mentioned former president Barack Obama.

    • Censorship/Free Speech

      • Moscow’s Higher School of Economics shuts down student journal for critical article on academic who ran for office with government support

        The student funding committee at Moscow’s prestigious Higher School of Economics (HSE) has issued a decision stripping the Doxa student journal of its status as a student organization. Oleg Solodukhin, an advisor to the university’s rector who also leads the committee, broke the news to MBK Media.

      • UNC Gave Racists $2.5 Million To Settle A Lawsuit That Hadn’t Been Filed Yet, And The Racists Are Abusing The DMCA To Hide The Details

        Last Wednesday, right before Thanksgiving, some very odd news broke about the University of North Carolina giving the Sons of Confederate Veterans $2.5 million and a bullshit confederate statue that had been torn down by protesters in 2018. The Sons of Confederate Veterans have a history of promoting racist ideas and movements, with a special focus on promoting Confederate monuments and symbols — symbols of support for slavery from a bunch of literal traitors — as well as promoting historical revisionism about the US Civil War. Contrary to the belief of some, those monuments — including the one at UNC — were put up many years after the Civil War, and were frequently put in place as a show of racist attitudes and beliefs, not as a historical remembrance. There’s a reason so many places are choosing to take those down.

      • Want To See Pete Davidson Do Standup? There’s An NDA You Have To Sign First…

        I never stop being surprised at how often the topic of comedy and comedians makes it on our pages. Between strange concepts like comedians claiming copyright on stand-up jokes and a more violent war sometimes waged on the technology audience members carry around in their pockets, it really does feel like those in comedy should have, you know, a better sense of humor about all of this.

    • Freedom of Information / Freedom of the Press

      • CIA spying on Assange’s lawyers exposes criminal operation against WikiLeaks founder

        The revelations are further proof that the drive to extradite and prosecute Julian Assange constitutes an illegal frame-up, beginning with the false accusations of sexual assault that were concocted to serve as a pretext to detain Assange in the first place. The entire political and media establishment in the US and the UK, with support from Australia, Sweden and Ecuador, as well as “left” politicians like Jeremy Corbyn and Bernie Sanders, has conspired to slander Assange as a monster, leaving him to rot in London’s Belmarsh Prison, where he has been subjected to what UN Rapporteur Nils Melzer calls “torture.”

      • WikiLeaks editor Kristinn Hrafnsson: “If Julian is taken to that Devil’s Island across the Atlantic, his life is lost”

        I can only speculate when it comes to the intrigues of politics here, but we all know that there is pressure from the US. We see the great pressure that is placed on the UK government to play the role of the lapdog of the US empire. I can imagine that similar things apply on this end.

        But this is totally unacceptable and the general public here must demand that it end, not just on the obvious humanitarian basis, but also because of the principles that are at stake here, which are gradually being recognised.

        People are seeing that this is not just an attack on the person of Julian Assange. It is an attack on journalism and the foundation of our democracies. There has to be a push on the government here to take action and do everything in its power to stop this nonsense.

      • Australian MPs plan to visit ailing Julian Assange in British jail

        Some federal parliamentarians plan to travel to Britain to visit jailed WikiLeaks founder Julian Assange, who the organisation’s editor-in-chief, Kristinn Hrafnsson, says is in poor health and “losing weight rapidly”.

        Independent MP Andrew Wilkie, who co-chairs a group of parliamentarians working to bring Mr Assange home, said the MPs hoped to meet with Mr Assange, his legal team and British parliamentarians during the trip early next year.


        In a speech at the National Press Club on Tuesday, Mr Hrafnsson said Mr Assange was being targeted for releasing embarrassing information about US misconduct.

        “Julian has sacrificed everything so that whistleblowers can shine light on this kind of serious wrongdoing, so the public can understand truths about our world, and for the principles of press freedom,” Mr Hrafnsson said.

        The charges against Mr Assange in the US relate to WikiLeaks receiving and publishing thousands of classified cables on the wars in Iraq and Afghanistan.

      • US efforts to extradite Julian Assange akin to rendition, WikiLeaks editor says

        The planned extradition and prosecution of Julian Assange by the United States is a “new form of forced rendition” and a “dangerous precedent” for press freedom, according to the WikiLeaks editor-in-chief, Kristinn Hrafnsson.

        Ahead of a private briefing for Australian parliamentarians on Tuesday afternoon, Harfnsson, an Icelandic-based investigative journalist, told the National Press Club in Canberra the “forced rendition” of Assange was not occurring “with a sack over the head and an orange jumpsuit but with the enabling of the UK legal system and with the apparent support of the Australian government”.

        “I strongly believe that resolving this issue has important international implications,” Hrafnsson said. “Prolonging it creates an enabling environment for the deterioration of press freedom standards globally”.

    • Civil Rights/Policing

      • ‘They Want Us Afraid:’ Fired Google Workers Fight Back Against Tech Giant With NLRB Complaint

        “They count on the fear, the sadness, and the anger that we are all feeling to stop us all from exercising our rights. But what they didn’t count on is the strength, the resolve, and the solidarity of Googlers and our allies.”

      • Critics Decry ‘Publicity Stunt With Genuine Consequences’ as Trump Deploys ‘Surge’ of Park Rangers to Patrol Southern Border

        “Building a despicable wall through our spectacular borderlands isn’t enough for Trump.”

      • Desperate Asylum Seekers Running Through Traffic at Border Crossing

        For months, asylum seekers have been prohibited from filing their claims at U.S. border crossings under a much-criticized Trump administration policy. Now some are sprinting down vehicle lanes or renting cars to try to make it inside the U.S.

      • ICE Says Students Duped By Its Fake College Sting Should Have Known It Was A Sting

        Those assholes at ICE are still at it. For most of the past year, ICE’s fake college sting has resulted in a long string of arrests, but not very many prosecutions.

      • Brown University Committee Votes to Divest From Companies Complicit in Human Rights Abuses in Palestine

        The vote comes eight months after 69 percent of student voters supported a referendum to divest from companies profiting from military occupation.

      • California Sheriff’s Dept. Manages To Piss Off Local Prosecutor By Consistently Mishandling Evidence

        Hey, it’s only people’s freedom on the line. Why try harder?

      • How McKinsey Helped the Trump Administration Detain and Deport Immigrants

        Just days after he took office in 2017, President Donald Trump set out to make good on his campaign pledge to halt illegal immigration. In a pair of executive orders, he ordered “all legally available resources” to be shifted to border detention facilities and called for hiring 10,000 new immigration officers.

        The logistical challenges were daunting, but as luck would have it, Immigration and Customs Enforcement already had a partner on its payroll: McKinsey & Company, an international consulting firm brought on under the Obama administration to help engineer an “organizational transformation” in the ICE division charged with deporting migrants who are in the United States unlawfully.

      • Russian Activist Faces Unfounded Pornography Charges

        A Russian feminist and LGBT activist is under house arrest for allegedly distributing pornography. It’s yet another example of Russia using unfounded accusations and vague laws to intimidate certain activists.

      • Violence and the State

        The state rests its power on a monopoly of violence. Indeed, in the final analysis a state is nothing but a monopoly of violence. Even when a state does good things, like tax to provide healthcare, it ultimately depends on its ability to employ violence to enforce the collection of the tax. Arrest and imprisonment is, absolutely, violence. We may not recognise it as violence, but if you try to resist arrest and imprisonment you will quickly see that it is violence. Whether or not blows are struck or arms twisted to get someone there, or they go quietly under threat, confining somebody behind concrete and steel is violence.

      • After Trump reversed Obama’s restrictions on private federal prisons, states started banning them instead

        22 states do not use private prison contractors, and three more have just passed legislation banning them: Nevada, Illinois and California (Colorado and Minnesota have pending legislation on the matter).

        The finance sector has cut private prisons’ lines of credit, with Jpmorgan Chase, Wells Fargo, Bank of America, BNP Paribas, Suntrust, Barclays and Bank of America cutting off customers like GEO Group.

        In response, private prisons have created a media relations group called Day 1 Alliance (D1A) whose focus is “spreading its message by engaging with the media…[to counter] the false, distorted rhetoric that activists and some politicians use against this industry and the facts on the ground.”

      • Amazon Workers to Protest Outside Jeff Bezos’ Penthouse on Cyber Monday

        Last week, Amazon warehouse workers demonstrated outside the massive Amazon fulfillment center on Staten Island’s Eastern Shore—known as JFK8—and presented their first public list of demands to management. In their petition, which was signed by more than 600 Staten Island Amazon employees, workers asked for increased break times from 15 to 30 minutes on 10-hour shifts, and free public transportation to and from work. Some workers commute up to three hours from as far away as the Bronx and Queens.

        Monday’s march at Bezos’ penthouse is being organized by many of the same labor organizations that helped to organize the protest at JFK8, and is meant to put more pressure on the company to improve its workers’ conditions.

    • Monopolies

      • DOJ Wimps Out On Wireless Sector eSIM Antitrust Investigation

        Last year, the DOJ announced it had launched an investigation into whether AT&T, Verizon and a telecommunications standards organization had conspired to make it harder for consumers to switch mobile carriers. At the heart of the controversy was eSIM, a technology that’s supposed to make it easier than ever to switch carriers without consumers needing to buy and install a new SIM card. With eSIM, user identification technology of a traditional SIM card is instead transferred to the device’s processor or modem itself. Ideally, that could let a consumer switch carriers within just a few seconds.

      • Viagogo’s $4 Billion StubHub Acquisition Faces Regulatory Challenge

        The FanFair Alliance has filed an official complaint with the British Competition and Markets Authority (CMA) relating to Viagogo’s $4 billion purchase of StubHub from eBay.

      • Green Party announces end to “throwaway economy” and create a “Repair Cafe” in every community

        The launch takes place at the Goodlife Centre, Southwark; a community focused studio and workshop space. The Party will announce two key policies: a “Right to Repair” and “Repair Cafes”.

      • Facebook at Risk of 30% Drop From U.S. Regulations, Citi Warns

        Citigroup transferred coverage of Facebook to analyst Jason Bazinet, who told clients that the company “likely” faces three long-term threats from the U.S. government: being forced to unwind the Instagram acquisition, having to offer a fully private service to paying customers and complying with potential new U.S. rules mirroring the EU’s General Data Protection Regulation. These risks collectively could shave $55 to $60 from the share price, or about 30% of its current value, Bazinet warned.

      • Copyrights

        • Archivists Are Trying to Make Sure a ‘Pirate Bay of Science’ Never Goes Down

          Two seedbox companies (services that provide high-bandwidth remote servers for uploading and downloading data), Seedbox.io and UltraSeedbox, stepped in to support the project. A week later, LibGen is seeding 10 terabytes and 900,000 scientific books thanks to help from Seedbox.io and UltraSeedbox.

        • Safeguarding User Freedoms in Implementing Article 17 of the Copyright in the Digital Single Market Directive: Recommendations from European Academics

          On 17 May 2019 the new Directive (EU) 2019/790 on copyright and related rights in the Digital Single Market was officially published (DSM Directive). Article 17 (ex-Article 13) is one of its most controversial provisions. Article 17(10) tasks the Commission with organising stakeholder dialogues to ensure uniform application of the obligation of cooperation between online content-sharing service providers (OCSSPs) and rightholders, and to establish best practices with regard to appropriate industry standards of professional diligence.

          This document offers recommendations on user freedoms and safeguards included in Article 17 of the DSM Directive – namely in its paragraphs (7) and (9) – and should be read in the context of the stakeholder dialogue mentioned in paragraph (10).

        • Procedural implications of Google obtaining certiorari for its appeal of Oracle’s Java-Android copyright victory

          Assuming that Oracle defends its copyrightability win, the case will then hinge on “fair use.” Here, Oracle needs affirmance of a judgment as a matter of law (JMOL) that the Federal Circuit found Judge Alsup in San Francisco should have entered (but didn’t, as he did hardly anything throughout the years that didn’t disadvantage Oracle).

          Google’s “fair use” opportunity is that U.S. courts generally afford immense deference to jury verdicts. The standard for JMOL is very high. I still believe, as my longstanding readers know, that JMOL was perfectly warranted here. If the Supreme Court views it the same way, after affirming copyrightability, then the case will go back to the trial court for a determination of remedies. In that context, it may just be about damages. Oracle could seek an injunction, but Google has meanwhile changed its open-source licensing strategy for Android.

        • Russia Blocks Shutterstock Domain, Restricting Access to Legitimate Copyrighted Content

          Russia’s website blocking system, which is frequently used to prevent access to copyright-infringing content, is now blocking access to legitimate copyrighted images on Shutterstock. According to telecoms watchdog Roscomnadzor, an image considered insulting to the state resulted in image.shutterstock.com and two IP addresses being blocked by the country’s ISPs.

        • Europol Seizes Over 30,000 Copyright Infringing Domains, But Which Ones?

          A coalition of international law enforcement agencies, including Europol, has announced its annual round of domain name seizures. Over 30,000 domain names were taken over this year, including some that were dedicated to online piracy. While these figures are impressive, no major pirate sites are missing in action.

        • What’s New in the Noosphere?

          But the global commons is also home to what’s called the noosphere—all the resources and artifacts created by human reason and scientific thought, such as music, art, language, and research.

        • Genius Sues Google and LyricFind for $50 Million Over Stolen Lyrics

          Lyrics website Genius is suing Google and its partner Lyricfind for $50 million, claiming that the companies are knowingly copying song lyrics from its site as well as employing anti-competitive practices.

        • K-Pop Star and Actor Cha In-ha Found Dead at 27

          K-pop star and actor Cha In-ha was found dead at the age of 27, making him the third K-pop star to die in the last few months.

Google Tightens Its Noose

Posted in Google at 5:00 am by Dr. Roy Schestowitz

Two decades later

Do know evil? Bye, Google

Summary: Now it’s official! Google is just a bunch of shareholders looking to appease the Pentagon at all costs

Europeans Still Need to Save the European Patent Office From Those Who Attack Its Patent Quality

Posted in Deception, Europe, Patents at 4:35 am by Dr. Roy Schestowitz

It’s a collective responsibility for the betterment of society and the sciences. The public awareness (of these underlying issues) continues to grow, but solutions aren’t there yet.

Patent quality paper
Screening for Patent Quality: Examination, Fees, and the Courts

Summary: Patent quality is of utmost interest; without it, as we’re seeing at the EPO and have already seen at the USPTO for a number of years, legal disputes will arise where neither side wins (only the lawyers win) and small, impoverished inventors or businesses will be forced to settle outside the courts over baseless allegations, often made by parasitic patent trolls (possessing low-quality patents they don’t want scrutinised by courts)

BACK in 2006 when this site was born (I had already been writing about patents for a number of years before that) our focus was on software patents in the US and their impact on GNU/Linux. In 2007 we broadened our scope a bit; we looked at USPTO-granted patents that affected not only GNU/Linux and covered various other threats to GNU/Linux, for example OOXML (proprietary, pseudo ‘standards’). It was only in 2007 that we started talking about software patents in Europe, in light of the 2005 directive (predating this site) and whatever followed. Back then the UPC (not yet known as UPC) was a concept, not an actual thing. It became known (renamed) as “EU”/”Community” Patent and later came words like “unitary” and “unified” (who would ever oppose unity, union, unison and so on?). In 2008 we started focusing on what Brimelow had done, especially loopholes “as such”; seeing the great harms caused by software patents in the US, we were baffled by this policy. It wasn’t until Battistelli came to the helm that software patents were granted in droves. António Campinos may call them “AI” or “4IR” or whatever, but we know what these are. Even the US would not allow such patents (35 U.S.C. § 101 would prevent them going far down the legal pipeline).

“Even the US would not allow such patents (35 U.S.C. § 101 would prevent them going far down the legal pipeline).”The decline of patent quality in Europe isn’t a problem but a growing crisis. Some of the most ridiculous patents motivated us to start a European “stupid patent of the month” series — a series we didn’t keep going for very long (lack of time and resources are to blame). Fake patents are being granted by the European Patent Office (EPO) — maybe more so than by NPOs — and in Germany some of these patents are proving to be of use to nobody but lawyers. They also have negative impact on climate. Renewables Now covered what we had seen in 4 sites beforehand (including a press release) when it said (earlier this week, yesterday to be precise):

A court in Germany has handed a victory to Huawei Technologies Co Ltd in one patent infringement case brought by Israel-based photovoltaic (PV) inverter supplier SolarEdge Technologies Inc (NASDAQ:SEDG), while deferring the hearing for another case due to insufficient evidence.

The Chinese company informed last week that the Mannheim regional court had dismissed SolarEdge’s lawsuit against Huawei over infringement on the patent regarding optimiser and inverter architecture.

It had to actually go to court. That’s extremely expensive. Huawei Technologies can easily afford that, but maybe not SolarEdge Technologies. SolarEdge staff must have thought they had real “gold” in their hands, only to realise that they had been granted a fake European Patent (EP) or Invalid Patent (IP). Remember that all these patents on energy efficiency may mean fewer companies/products/people will be energy-efficient (without breaking the law or infringing patents, assuming these patents are legitimate in the first place). Yesterday we saw this article entitled “Chesco company takes patented attic energy efficiency product international” and it mentions the EPO. Shouldn’t there be some exemptions where public interest (e.g. climate crisis) conflicts with patents? Surely the lawyers want lots of patents in every area (here for example we have the patent maximalists celebrating PPH and EPO broadening scope/reach of impact), but at what cost? Or whose cost?

“Shouldn’t there be some exemptions where public interest (e.g. climate crisis) conflicts with patents?”The EPO is rapidly becoming INPI — an NPO that doesn’t bother with examination. SUEPO warned about this as long as 3 years ago. Now, with CQI, the EPO is getting closer to this. When all applications are presumed valid the majority of European Patents may prove to be presumed invalid. Francois Pochart, Lionel Martin and Thierry Lautier (August Debouzy, France) have just published this piece about “Implementation Of Opposition Proceedings Against A French Patent”. Promoted in Mondaq, the piece says that “[a]s it stands, those opposition proceedings [are] at the crossroads between the EPO opposition proceeding (reserved for EPO professional representatives)…”

Here’s how it works:

From a strategic point of view, the opposition will be an additional tool for third parties. We will therefore be able to consider the best choice to make against a French patent: (i) file an opposition before the French PTO, (ii) bring an action for a declaration of invalidity before the Paris First Instance Court or (iii) wait to be summoned for infringement before the Paris First Instance Court to file a counterclaim for a declaration of invalidity. In this respect, it may be noted that, as it stands, the action for invalidity would take precedence over the opposition (the opposition being suspended if an action for invalidity is pending, Article R. 613-44-7, 2°) and that it is not yet clearly provided that the alleged infringer may intervene in a pending opposition (Article R. 411-32 only refers to a “voluntary intervention” at the appeal stage, but without regulating it). It may also be noted that the parties would have the opportunity to jointly request the suspension of the opposition proceedings for a period of one year (more precisely, “for a period of four months renewable twice”, Article R. 613-44-7 paragraph 2), which could be used to negotiate – this is the cooling-off period that is already known in trademark matters.

It can already be noted that the proposed proceedings provide a strong incentive to oppose French patents through a straw man, preferably located abroad. Indeed, an opposition via a straw man, made possible by the absence of interest to act (Articles L. 613-23 and R. 613-44), allows the real opponent to avoid an authority of res judicata in the event of subsequent action for invalidity (Article R. 615-1 A). In addition, the fact that the straw man resides abroad also allows the real opponent to artificially extend several delays in the opposition proceeding by two months (Article R. 411-43).

With regard to the transitional provisions, while the entry into force of the provisions relating to the opposition proceedings is scheduled for 1st April 2020, the taking into account of inventive step during the examination proceedings should only take place on 22 May 2020 (i.e. one year after the promulgation of the PACTE law). This means that only patent applications filed on or after May 22, 2020 will benefit from an inventive step examination. Given the usual time limits for examination before the French PTO, the first French patents granted after an inventive step examination will therefore probably be granted from 2023 onwards. Consequently, French patents granted before 2023 – without examination of inventive step before the French PTO – could be the subject of an opposition including inventive step as a ground for opposition. For a patent whose written opinion attached to the preliminary search report (delegated by the French PTO to the EPO) mentions a lack of inventive step, it would then be “easy” to file an opposition on the basis of the preliminary search report alone. To avoid such a case, applicants ought to “regularize” the scope of their securities, either by amending the claims or filing a divisional application just before grant 5, or by filing a request for limitation shortly after grant (being specified that opposition proceedings would then prevail over limitation).

In other words, both potential opponents of French patents and patent holders – and especially the latter – must prepare now for the implementation of those opposition proceedings.

Well, the opposition proceedings are like a late safety net and one that cannot quite compensate for rushed or erroneous examination. Proper examination can take a lot of time and effort — hence the relative ‘slowness’ of the EPO before the Battistelli era. It’s better not to grant a patent at all than to grant one in error, but to those who profit from litigation — including totally baseless and frivolous lawsuits — any patent will do, even invalid patents (IPs).

Suffice to say, to EPO patent zealots (the management) and the litigation ‘industry’ the courts are an ‘obstacle’ because they throw out all those IPs, thereby reducing clients’ confidence in EPs and in litigation (foreseeing low chances of success).

“UPCA languished to its death.”So what have EPO zealots and litigation zealots been pursuing? An alternative legal system where judges can be appointed for lenience and presumption of EP validity.

Thankfully, as of this moment, all these efforts have failed rather badly. Seeing the low quality of patents and lack of legal oversight at the EPO (in Haar, not even Munich anymore), progress has been halted since 2017. UPCA languished to its death. Dr. Thorsten Bausch has just said that “the UPCA would have to be amended in order to allow the UK to still become (or stay) a member. Even Margot Fröhlinger, who can certainly not be accused of being overly UPCA-sceptic, conceded that much…”

Is she still around at all? Fröhlinger’s name shows up just about nowhere anymore. She lied to people all around the world for many years, speaking the two famous lies about the UK and even worse. Bausch has also compared UPC promises to Berlin Airport, as we did last week. Here’s what he said earlier (yesterday evening): [via]

Yet perhaps it is possible that a court “common to the Contracting Member States” may also be common to the Contracting Member States and the UK, at least if and when the UK accepts that it is “subject to the same obligations under Union law as any national court of the Contracting Member States” to the extent that patents are concerned. And in any case, there is no doubt that where there is a political will, there will be a way. A report by the Policy Department for Citizens’ Rights and Constitutional Affairs, which was commissioned by the JURI committee of the European Parliament also came to the conclusion that „it seems not per se legally impossible that the UK can stay within the UPCA, even when not an EU Member State“. Of course, there are some ifs and buts, but the big message of this opinion work is clear – nothing is impossible.

But would a UPC including judges from non-member states, domiciled in part outside the EU and established by an international treaty not again be “an international court which is outside the institutional and judicial framework of the European Union” which the CJEU rejected in its opinion C1/09? Well, let’s leave this question for another day and consider instead the (political) realities of the day.

It seems to me that all adamant supporters of the UK’s participation in the UPCA should now better be busy canvassing for their respective most promising local candidate of Labour, LibDem, SNP or the Green party to avoid the worst, and I have no doubt that many of them will. But if they are unable to convince the majority of their countrymen that Brexit is not such a great idea and the Conservatives win the general election in December, then the odds are indeed that the UK will leave the EU on 31.1.2020. Which means, at least in my view, that the UPCA would have to be amended in order to allow the UK to still become (or stay) a member. Even Margot Fröhlinger, who can certainly not be accused of being overly UPCA-sceptic, conceded that much, and the literal wording of Article 1 leaves no other option, as I think.


Thus, the UK intends to stay part of the UPCA during the “implementation” (transition) period, which ends on 31.12.2020 according to the currently agreed version of the UK Withdrawal Agreement. But what will happen thereafter? Beyond this is subject to negotiations does not sound to me like a very strong commitment. And who knows which surprises the UK-US negotiations about a much desired Free Trade Agreement will still bring us. In view thereof, would it really be sensible for Germany to ratify the UPCA in early 2020, provided that the Federal Constitutional Court dismisses the constitutional complaint? In this case, the Mr. Ramsay and the UPC Preparatory Committee would resume its preparations, judges, including judges from the UK, would be appointed etc. – and just about when the court is ready, the UK might (have to) exit the UPCA again, namely if the “negotiations” alluded to by the UK representative fail. And then we have the salad.

I consider that it is exactly such a nightmare scenario that has prompted the German Ministry of Justice to state that Germany will ratify the UPCA “in a responsible fashion”. Which can only mean that we first need clarity about the political will in regard to the UPC from both the EU side and the UK side post Brexit (if Brexit happens at all – hope dies last), before Germany will (or at least) should deposit its instrument of ratification. Any other procedure would be pretty hazardous.

Therefore, I would now be bold enough to dare bet that the new Berlin airport will open before the UPCA enters into force. Just to recap: The opening of the BER airport was originally foreseen for 2011, which date has meanwhile shifted to 31.10.2020. Conversely, the UPCA was signed on 19 February 2013, thus I would not be surprised if we were to see the UPC’s opening around 2022, perhaps even later. It might still open earlier than Stuttgart 21, though, if this is a consolation for any one. The opening of Stuttgart 21 was originally planned for 2019, which date first shifted to 2021 and now to 2025.

There are already some comments of interest, but Bausch’s articles tend to be no worse than the comments (unlike his colleagues at that blog). “Concerned observer” called it a “balanced article on the UPC.”

He or she is absolutely right on point when asserting that a lot of coverage on this topic has been what China, the Democratic Party and then Trump dubbed “fake news” (in that order; the concept is not new). This is why we’ve spent so much effort responding to Team UPC’s lies over the years. To quote the whole comment:

It is sad to say that the UPC is a topic upon which one hardly ever sees balanced reporting. Without wanting to be too cynical, I have noticed that an awful lot of the “unbalanced” (ie speculative and/or presumptuous) reporting derives from quarters that have a direct financial interest in the success of the UPC project. Whilst this is perhaps to be expected, I find it extremely disheartening that those outside of such quarters (including individuals and organisations that only really have an enthusiasm for the IDEA of a unitary patent and court) tend not to recognise the “unbalanced” reporting for what it is. For example, my experience is that wildly optimistic (and presumptuous) predictions regarding the timing and content of the BVerfG’s ruling on the constitutional complaint have largely been reported / accepted without even the slightest suggestion of a raised eyebrow.

Looking back on earlier UPC-related articles on this blog, it strikes me that the strategy adopted by UPC proponents has been remarkably similar to tactics adopted by many modern politicians: namely, keep going with arguments that suit your cause even in the face of developments and/or overwhelming evidence which mean that your arguments do not hold water. The main argument that I am thinking of here is the alleged ability of the UK to participate in the UPC post-Brexit… where is has long been evident to me that the proponents of the UPC simply have no answer to questions relating to compliance with EU law (and, in particular, Article 267 TFEU and the principle of sincere cooperation). Given the refusal to engage with such questions, despite the alarming implications of those questions for the viability of the UPC system, I can only conclude that the strategy adopted by UPC proponents aims not at winning hearts and minds but instead at establishing a fait accompli that they hope the CJEU will be reluctant to dismantle… irrespective of the threats posed by the UPC to the integrity of the EU legal order.

Perhaps I can inject a note of realism here.

Firstly, the BVerfG has not yet decided the four EPO-related cases that have a higher rank in the 2019 list of cases to be decided by the 2nd senate. All of those cases were listed for decision in 2017 and 2018 (and two were listed for decision in 2016). Given their relevance to the case relating to the UPC, it would make sense for the BVerfG to decide the EPO-related cases first. Since 2016, of the cases assigned to Dr Huber, only between one and three appearing on the preview for a particular year have been decided in that year. Assuming that the BVerfG will decide the cases in a logical order, and at its customary rate, it is reasonable to conclude that even the prediction of someone as well informed as Dr Huber should be taken with a pinch of salt (ie as perhaps more of an optimistic than a realistic prediction). Thus, a decision within the first quarter of 2020 cannot be guaranteed.

Secondly, if Mr Johnson secures a majority in Parliament, it is safe to say that he is very unlikely to request either a further extension to the Article 50 deadline OR an extension of the “implementation period”. In practical terms, this outcome would significantly increase the likelihood of a “no-deal” Brexit, either in February 2020 or January 2021.

Especially given the glacial pace of the BVerfG, as well as the current position of the German government, does anyone seriously believe that the UPC will be up-and-running BEFORE January 2021? Last I checked, not even Mr Ramsey was that optimistic (http://patentblog.kluweriplaw.com/2019/11/28/if-german-complaint-is-dismissed-unified-patent-court-could-be-operation-early-2021/).

Thus, upon a realistic assessment, the chances of the UPC ever opening for business are not as high as some might (still!) be trying to lead us to believe. However, as you note, it seems that only pedants such as you and I worry about the legality of retaining the UK in the UPC system post-Brexit. I can therefore make a prediction relating to the UPC in which I have almost 100% confidence … namely, unless and until the constitutional complaint is upheld, the majority of the patent profession in Europe will continue to hold an unrealistic view on the prospects for the UPC. I await with interest to establish whether this prediction proves to be accurate.

If one counts the very earliest proposal of a UPC-like system, it probably goes back to 2005, i.e. about 15 years ago. We’ve spotted mentions as old as 13 years ago, but we know prior ones exist (just need further digging/researching). The way things stand, the EPO continues granting loads of IPs instead of EPs and courts throw these out — a similar situation to what happened in the United States and continues to this date.

We Never Accepted and Will Never Accept Corporate Money

Posted in FSF, GNU/Linux, IBM, Red Hat at 4:01 am by Dr. Roy Schestowitz

The new “campaign contributions”

Patrons of FSF

Summary: Corporate money is a unique problem because of its magnitude and the fact that it’s impersonal; shareholders can only ever accept its supposed justifications if they’re receiving something in return (of proportional worth to the payment/transaction)

THE FSF is a fine organisation in a lot of ways; there are limits to it — sure! — and we’ve named some of them earlier this year. Those who are upset at the FSF because it says nothing about systemd may not have paid attention to the potential impact of money (or the risk of losing that money). It is not a new problem. A decade ago it was openly discussed.

In 2017 (latest tax year published by ProPublica) “contributions” amounted to 94.3% of total revenue at the FSF (“FREE SOFTWARE FOUNDATION INC”). Membership dues were at $658,988, and “other contributions, gifts, grants, and similar amounts not included above” were at $635,709, i.e. about half of the whole. So that’s a lot of financial impact for the latter; the total revenue was at $1,373,574 that year and expenses at $1,233,394, so that latter component is very much essential (to avert very considerable downsizing). Here’s a snapshot of the summary:

FSF finances

We’re not trying to bash the FSF; we’re just pointing out that financial dependence on anything other than FSF staff (or members without vested interests or disproportionate contributions) may inevitably lead to self-censorship. Many people still remember the millions of dollars Microsoft paid the Linux Foundation, but how many people can recall similar payments to the BSDs? If they don’t speak out against Microsoft abuses (much/anymore), think about potential causes/motivations. Also remember Red Hat's stance on Stallman.


Links 3/12/2019: elementary OS 5.1 Hera, Plasma 5.17.4, Firefox 71

Posted in News Roundup at 11:50 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Paul’s 2019 Holiday Gift Guide
    • Meemaw’s 2019 Holiday Gift Guide
    • Mind Your Step #4: Holiday Gift Guide 2019
    • Buying for a Linux Fan? Check Out Our Epic Christmas Gift Guide

      There are just 22 days left until Christmas — already? so soon!! — at the time of writing this, so you’ll need to move fast and buy your gifts now to ensure that they arrive in time to be wrapped, fondled, and stashed under the xmas tree.

      Now, the Linux gift ideas that follow are not based on anything other than my own subjective tastes, i.e. this is stuff I’ve seen and thought: “heh, that looks like something I wouldn’t be annoyed to receive”.

    • Linux and the first-time developer’s journey

      Any electronic design engineer practicing today will be familiar with open source software. Nowadays, it is likely that the question of using an open source operating system is always on the agenda at a new project kick-off meeting.

      Linux is clearly a popular solution. In fact, it has been reported that Linux is used on every supercomputer in the Top500 project. Thanks to its tie-in with Android, it is also one of the most widely deployed general-purpose operating systems. Its open nature means that anyone can take Linux and configure it for use on a particular hardware platform, which has also made it popular for embedded applications.

    • Server

      • Helm Package Manager for Kubernetes Moves Forward

        The official release of version 3.0 of the Helm package manager for Kubernetes is designed to make it easier for IT organizations to discover and securely deploy software on Kubernetes clusters more easily.

        Taylor Thomas, a core contributor to Helm who is also a software developer for Nike, says for the last year the committee that oversees the development of Helm under the auspices of the Cloud Native Computing Foundation (CNCF) has been structuring the package manager to rely more on the application programming interfaces (APIs) that Kubernetes exposes to store records of installation. Helm Charts, which are collections of YAML files describing a related set of Kubernetes resources, now can be rendered on the client, eliminating the need for the Tiller resource management tool resident in the previous release of Helm that ran on the Kubernetes cluster.

        In addition to providing a more secure way to render Helm Charts, Thomas says this approach provides a more streamlined mechanism for packaging software using Helm. Helm 3.0 also updates Helm Charts and associated libraries.
        Additionally, a revamped Helm Go software development kit (SDK) is designed to make Helm more accessible, with the aim of sharing and reusing code the Helm community has open-sourced with the broader Go community, says Thomas.

      • Gardener Project Update

        Last year, we introduced Gardener in the Kubernetes Community Meeting and in a post on the Kubernetes Blog. At SAP, we have been running Gardener for more than two years, and are successfully managing thousands of conformant clusters in various versions on all major hyperscalers as well as in numerous infrastructures and private clouds that typically join an enterprise via acquisitions.

        We are often asked why a handful of dynamically scalable clusters would not suffice. We also started our journey into Kubernetes with a similar mindset. But we realized that applying the architecture and principles of Kubernetes to productive scenarios, our internal and external customers very quickly required the rational separation of concerns and ownership, which in most circumstances led to the use of multiple clusters. Therefore, a scalable and managed Kubernetes as a service solution is often also the basis for adoption. Particularly, when a larger organization runs multiple products on different providers and in different regions, the number of clusters will quickly rise to the hundreds or even thousands.

        Today, we want to give an update on what we have implemented in the past year regarding extensibility and customizability, and what we plan to work on for our next milestone.

      • What is Cloud Native?

        Cloud native is more than just a buzzword, though. It’s an approach used by some of the largest organizations on the planet, including Walmart, Visa, JP Morgan Chase, China Mobile, Verizon and Target, among others. Cloud native is an approach that enable developers and organization to be more agile, providing workload portability and scalability.

      • What is Kata Containers and why should I care?

        Kata Containers can significantly improve the security and isolation of your container workloads. It combines the benefits of using a hypervisor, such as enhanced security, and container orchestration capabilities provided by Kubernetes.

        Together with Eric Erns from Intel, we have recently performed a webinar in which we presented the benefits of using Kata Containers in a Charmed Kubernetes environment. In this blog, we aim to highlight the key outcomes from this webinar.

      • IBM

        • CentOS 8 Stream – the distro streampunk

          CentOS 8 Stream looks like a nice, smart project. Whether it’s going to grant the intended users, i.e. not desktop folks, the necessary levels of flexibility and stability and modernity, well, time shall tell. But it is a sensible idea, because at the moment, the choice is one between austerity and unpredictability.

          I am testing from the desktop angle, so the considerations are definitely different – and the benefits smaller if any. But then, I’m thinking. Could I perhaps commit this to some production or semi-production desktop machine, and see whether it offers long-term value? In general, I don’t like the concept of using third-party repositories on systems used for serious work, but I’m tempted enough to see how well this pans out. Hm, we shall see. The end, cliffhanger style.

        • New Eclipse MicroProfile book provides introduction to enterprise Java microservices

          Fellow Red Hat associates Cesar Saavedra, Pavol Loffay, Jeff Mesnil, Antoine Sabot-Durand, Scott Stark, and I have written a book on Eclipse MicroProfile, called Hands-On Enterprise Java Microservices with Eclipse MicroProfile.

          This 256-page book provides an introduction to microservices and why they are important, and it showcases Eclipse MicroProfile as a way to implement so-called 12-factor apps.

        • APIs as a Product: Get the value out of your APIs

          APIs continue to spread, as seen in this 2019 report from ProgrammableWeb, which shows a 30% increase over last year’s growth rate. More regulations are enforcing the use of APIs to open up companies and foster innovation. Think of the Payment Services Directive version two (PSD2), open banking, and the public sector releasing 0pen data APIs. With such an abundance of APIs, it becomes increasingly crucial to get the value out of your APIs and differentiate yourself from the growing competition. It’s time to design and manage your APIs as a Product.

        • Did you know that Red Hat Enterprise Linux for public clouds has management included?

          To get started with Insights, the first thing you’ll need to do is create a Red Hat customer portal login if you don’t already have one using these instructions. This will give you access to the Red Hat Customer Portal and cloud.redhat.com which includes the Insights dashboard. Next, use the Getting Started page to enable the Insights client.

        • Registration for Red Hat Summit 2020 now open!

          One of the most exciting days of the year is finally here. Registration for Red Hat Summit 2020 is now open!

          We’re heading back to San Francisco and the Moscone Center on April 27-29, 2020, where we expect thousands of customers, partners and technology industry leaders from around the world to come together for a high-energy week of innovation, education and collaboration.


          For the past 15 years, Red Hat Summit has delivered inspirational, educational and actionable content, industry-shaping news, and insight into best practices from customers and partners from around the world and across industries. Attendees also have the chance to talk to the teams who produce the technologies they depend on, and learn more about Red Hat’s product roadmap.

        • Data science, orchestration, and more Ansible news

          November’s wander-around-the-web has turned up some interesting Ansible stories. It’s fascinating to explore Ansible development through data, as Greg Sutcliffe does in his blog linked below. On the YouTubes this month, we found a couple of really interesting talks.

        • An idiot’s guide to Kubernetes, low-code developers, and other industry trends

          As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

        • A blueprint for OpenStack and bare metal

          The bare metal cloud is an abstraction layer for the pools of dedicated servers with different capabilities (processing, networking or storage) that can be provisioned and consumed with cloud-like ease and speed. It embraces the orchestration and automation of the cloud and applies them to bare metal workload use cases.

          The benefit to end users is that they get access to the direct hardware processing power of individual servers and are able to provision workloads without the overhead of the virtualization layer—providing the ability to provision environments in an Infrastructure-as-code methodology with separation of tenants and projects.

        • APIs as a Product: Get started in no time

          In the previous article, APIs as a Product: Get the value out of your APIs, we presented a new approach called “APIs as a Product” to maximize the value of your APIs. In this article, we show how to quickly get started with APIs as a Product using the new features of Red Hat 3scale API Management 2.7.

          To showcase the power of 3scale 2.7’s new features, combined with the awesomeness of the open source communities Apicurio and Microcks, we will design two APIs as a Product and show how we can compose both products in 3scale to get the resulting API as a Product.

          Let’s look at the well-known Petstore example. Imagine for a moment that the first steps of the API Design Thinking process led to this rough definition of the customer’s needs:

        • Kubernetes reality check: 3 takeaways from KubeCon

          Well over half the attendees were conference first-timers. On the one hand, lots of new blood is a sign of a healthy community. On the other hand… well, I’ll let one such first-timer, consultant and industry analyst Keith Townsend, speak for himself: “I’m not shy in saying I don’t know what’s going on at this keynote. It’s not aimed at me or people like me for sure. To use a metaphor – it feels like I’ve been dropped in the middle of an industry conference like the American Medical Association. There are some words and concepts I understand, but overall I’m lost. And there are very few IT topics,” he noted on Twitter.

          Enterprise distributions can help to abstract away some of this complexity by making opinionated choices about components and otherwise packaging the cloud-native ecosystem into a more consumable form.

        • Testing in production: From DevTestOops to DevTestOps

          DevNation tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about testing in production from Alex Soto, Red Hat Software Engineer.

          DevOps has grown in popularity in recent years, particularly in software companies that want to reduce lead time to be measured in days/weeks instead of months/years. To make sure your software does the right things and does those things right, you need to test it implacably. Many companies, however, see the testing phase as a bottleneck that slows product release. To change that, we need a new approach — making the release process of an application a testing process and involving QA from the beginning.

        • Red Hat CodeReady Workspaces 2: New tools to speed Kubernetes development

          We are pleased to announce the release of Red Hat CodeReady Workspaces 2.0. Based on Eclipse Che, its upstream project CodeReady Workspaces is a Red Hat OpenShift-native developer environment enabling cloud-native development for developer teams.

        • What we risk when we open up to customers (and why it’s worth it)

          Customer empowerment is one consequence of digital transformation. And as we explained in the first part of this series, it’s a powerful one. Empowering customers can deepen their relationship with your organization—but it won’t work if they don’t trust you.

          In this article, we’ll explain how acting openly can create that foundation of trust—and why it can lead to business success.

        • Blockchain in 2020: 5 trends to watch

          If you’re looking for a one-word summary of corporate blockchain efforts in 2019, try “experimentation.” The hype is subsiding and more businesses are actively trying to figure out how they can actually use the technology to their benefit.

          “2019 has continued what 2018 started – enterprises experimenting,” says George Spasov, blockchain architect and co-founder at LimeChain. “The finger-dipping exercises of the last year have encouraged further experimentation this year, while dragging along new experimenters.”

        • IT burnout: A personal story

          I really didn’t notice it taking a toll on me at the time but, looking back, I started showing symptoms of burnout fairly early. However, it was easy to push aside with the excitement of moving to new roles with increasing responsibility and continuing my aggressive pursuit of learning. Before I knew it, several years had passed and I was officially burnt out.

          “Burnout” isn’t just being bored or tired at your job; it’s a serious issue with real consequences. The Mayo Clinic defines burnout as “a special type of work-related stress — a state of physical or emotional exhaustion that also involves a sense of reduced accomplishment and loss of personal identity.”

          While burnout is not an official medical diagnosis, it goes hand in hand with underlying medical conditions such as depression and anxiety, which could make symptoms worse.

          I wasn’t officially diagnosed with clinical depression until 2012 but I’ve been dealing with it my entire life (and by “dealing with it,” I mean completely ignoring it, which I do not recommend.) It wasn’t until I started taking medication and seeing a therapist that I realized how much burnout was affecting my everyday life.

    • Audiocasts/Shows

      • 2019-12-02 | Linux Headlines 59

        Lutris gets a shot of cash from Epic Games, Django unchains version 3, and the Qt folks have a new marketplace.

      • Kali Linux 2019.4 overview | The Most Advanced Penetration Testing Distribution, Ever.

        In this video, I am going to show an overview of Kali Linux 2019.4 and some of the applications pre-installed.

      • Podcast.__init__: Making Complex Software Fun And Flexible With Plugin Oriented Programming

        Starting a new project is always exciting because the scope is easy to understand and adding new features is fun and easy. As it grows, the rate of change slows down and the amount of communication necessary to introduce new engineers to the code increases along with the complexity. Thomas Hatch, CTO and creator of SaltStack, didn’t want to accept that as an inevitable fact of software, so he created a new paradigm and a proof-of-concept framework to experiment with it. In this episode he shares his thoughts and findings on the topic of plugin oriented programming as a way to build and scale complex projects while keeping them fun and flexible.

      • Pikachu, FOSS Decade, .ORG vs Girl Scouts, Drake, and Perineum Sunning

        TIK TEK TOE, episode 007. Marcel and Evan discuss Ryan Reynold’s continued redemption with Detective Pikachu, martial arts movies, VR arcades, whether a decade starts on a 0 or 1, what kind of decade FOSS has had, or is about to have had, the Internet Society and .ORG vs the Girl Scouts (our money is on the Girls Scouts), on-demand culture, Drake (yeah, that Drake), and perineum sunning.

        Once you’re done listening, or right now for that matter, please (pretty please, even) make sure you share this podcast with your friends, family, neighbours, enemies . . . just share and recommend. Also, if you can spare a few extra keystrokes, be sure to leave us a comment and tell us how we’re doing.

      • Brunch with Brent: Rocco | Jupiter Extras 36

        Brent sits down with Rocco of Big Daddy Linux for a conversation about the origins of Linux Spotlight, some shared behind-the-scenes podcasting perspectives, and just how great we feel about our linux community.

    • Kernel Space

      • XFS For Linux 5.5 Brings Quite A Few Changes

        The XFS file-system is seeing a large number of changes for the in-development Linux 5.5 kernel.

        Darrick Wong characterized the changes for this release as having “changed quite a few things” and indeed the list is much longer than we are used to seeing out of a proven and mature file-system.

      • Linux 5.5 Livepatching Tracks The System State For Better Patch Handling/Compatibility

        With the Linux 5.5 livepatching support comes system state tracking in order to better handle different kernel live patches over time that could potentially clash with one another. Patches altering shadow variables and callbacks could lead to cases where live-patches cannot be reverted easily or not jive with future live-patches, but the system state tracking is designed to track those state changes so there is the ability to revert complex patches later on.

      • Graphics Stack

        • Think Silicon® demonstrates early preview of Industry’s first RISC-V ISA based 3D GPU at the RISC-V Summit

          Think Silicon, recognized for the successful ultra-low power NEMA® GPU-Series for MCU driven SoCs, announced the demonstration of the industry’s first RISC-V ISA based 3D GPU — the NEOX|V™. Attendees at the RISC-V Summit, in San Jose, California, will have the first opportunity to witness this new GPU innovation designed for the rapid deployment of Computer Graphics, Machine Learning and open GPGPU compute framework applications.

          Offering a myriad of flexible possibilities, NEOX|V ™ IP is designed to be easily configured for applications such as computer graphics, machine learning, vision/video processing and general-purpose compute. The new offering provides a platform for implementation in multiple embedded and external devices across many consumer and industrial vertical markets including Graphics, Compute, and AI for IoT/Edge/Compute.

        • NEOX V Announced By Think Silicon As First RISC-V 3D GPU

          While there has been the Libre RISC-V community-driven effort to create a RISC-V graphics processor that basically amounts to a RISC-V core with vector extensions/improvements and running a Vulkan software implementation (though they are now reportedly eyeing POWER instead of RISC-V), Think Silicon has announced the first actual RISC-V ISA based 3D graphics processor.

        • ELCE Lyon: Everything Great About Upstream Graphics

          At ELC Europe in Lyon I held a nice little presentation about the state of upstream graphics drivers, and how absolutely awesome it all is. Of course with a big focus on SoC and embedded drivers. Slides and the video recording

        • Mesa Adds Option For Changing Intel’s OpenGL Driver Default

          While originally Intel planned to transition their OpenGL driver default to the modern “Iris” Gallium3D driver rather than the longstanding “i965″ DRI driver for Mesa 19.3, that was pushed back to Mesa 20.0 for introduction in Q1’2020. In aiming to make that revised milestone a reality, a new option has been added to Mesa 20.0 with the Meson build system for being able to indicate the Intel OpenGL driver preference.

          The plan is for Mesa 20.0 to default to their new Gallium3D driver with Broadwell “Gen8″ graphics and newer, including Icelake “Gen11″. It’s with Tiger Lake “Gen12″ graphics where there is only support being implemented anyhow on this Gallium3D driver and not the older i965 OpenGL driver. As it stands right now when building Mesa, the i965 driver is used by default and then an environment variable allows overriding the driver to load in order to use Iris Gallium3D.

        • Arm’s Mali T720 Now Stable With Panfrost Gallium3D On Mesa 20.0

          The Panfrost Gallium3D driver that is the open-source OpenGL community-led driver for supporting Arm Mali Midgard/Bifrost architectures now has stable support for the T720 GPU.

          The T720 is now enabled in Mesa 20.0-devel with the GPU support being equal to that of the already supported T760 and alongside other Mali GPUs like the T820/T860.

    • Applications

      • HomeBank: How To Add New Categories And Create Split Transactions

        Although I primarily use GnuCash to track my family’s personal finances, I decided to try HomeBank as a secondary program. HomeBank was a pleasant surprise; it is easily configured, has a friendly interface, can generate nice charts and reports, and is accompanied by good documentation. If GnuCash seems too complex or intimidating for your needs, HomeBank just might be the alternative that hits the sweet spot.

        If you are brand new to HomeBank, a good starting point is Meemaw’s article in the March 2012 issue of The PCLinuxOS Magazine, called “Linux Financial Apps: HomeBank”.

        Her tutorial covers what is probably ver. 4.4 of the program. HomeBank’s interface and behavior have not changed drastically since then. However, I should mention that the term “wallet” is no longer used to refer to files.

      • Five best open source Backup utilities for Linux

        Data loss is a common threat we all face these days. Disk failure or other user mistakes might result in data loss. Losing data is more hazardous for a data center which stores tons of information every day. There are so many backup Utilities available in the market which makes it confusing to choose the best one among the numerous options. This article will help you select the most appropriate free backup utility for Linux that might fit your needs.

      • Repo Review: Photo Filmstrip

        PhotoFilmStrip is a nice program for easily creating video slideshows of your photos. It supports audio tracks, panning and zooming, and has a few transition and image effects. The interface is quite well designed, making the program quick and easy to use.


        I really like how PhotoFilmStrip makes it very easy to quickly produce a high quality slideshow of your favorite photos. It’s definitely far simpler than doing it all manually in dedicated video editing software. I recommend PhotoFilmStrip to anyone looking for a quick and easy solution to photo slideshows.

      • nbdkit new eval plugin and ip filter

        nbdkit is our flexible toolkit for building block devices. I just added a couple of new features which will appear in the next stable release, nbdkit 1.18.

        Previously I’ve talked on this blog and gave a talk at FOSDEM about how you can write block devices in shell script using nbdkit-sh-plugin. But that requires you to use an extra file for the script. What if opening an extra file is too much work? Well now you can specify the script directly on the nbdkit command line using the new eval plugin.

      • Phoronix Test Suite 9.2 Released For Open-Source, Cross-Platform Benchmarking

        Phoronix Test Suite 9.2-Hurdal is available today as the newest quarterly feature release to the Phoronix Test Suite for automated, cross-platform and open-source benchmarking.

      • VLC 3.2.3 media player update adds new player redesign and more

        VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files, and various streaming protocols this week the latest update in the form of VLC 3.2.3 has started rolling out. Bringing with it a new user interface design for the audio and video player together with an improved TV interface as well as additional keyboard shortcuts within the Chrome OS.

    • Instructionals/Technical

    • Games

      • DXVK 1.4.6 Released With More Game Fixes For Direct3D 10/11 Over Vulkan

        DXVK 1.4.6 has fixes to fix rendering issues and the like with American Truck Simulator, Euro Truck Simulator 2, Final Fantasy XIV, and Warcraft III: Reforged. In the case of Warcraft III: Reforged, DXGI features should now allow DXVK to run the game. DXVK 1.4.6 also has crash fixes for mode changes or when closing a game as well as an issue where CPU-limited performance could degrade over time.

      • Imperator: Rome has a big Livy update released and the free Punic Wars DLC

        What could be a true turning point for Paradox Development Studio and Paradox Interactive with Imperator: Rome, a new update “Livy” is out along with the free Punic Wars DLC.

      • Neverwinter Nights: Enhanced Edition continues advancing, cross-play with consoles now up

        You have to hand it to the developers at Beamdog, they certainly support their revamped RPG classics for a long time. Neverwinter Nights: Enhanced Edition just got a big update too!

        The 1.79 stable patch is live and it comes alongside the launch of Neverwinter Nights: Enhanced Edition on PS4, Xbox One and Nintendo Switch and so Beamdog have enabled PC (Linux, macOS and Windows) online cross-play with Xbox (in January) and Switch (live now) but not the PS4.

      • Vatican priest spins-up ‘less toxic’ Minecraft server

        Father Robert Ballecer, a former tech blogger turned God-lover, decided he wanted to combine his two big passions and asked his Twitter followers (all 23,000 of them) what game he should create a server for. Minecraft won with 64 per cent, and so the server at minecraft.digitaljesuit.com was born.

        Ballecer’s aim is to create something a bit less ‘toxic’ than many of the mainstream servers out there.

      • Build a busy hive and make lots of honey in Hive Time, releasing this month

        A totally scientifically inaccurate depiction of hive dynamics! In Hive Time you’re responsible for growing your hive, making that sweet-sweet honey and producing a Queen before the current one dies.

      • Incredibly clever puzzle-platformer The Pedestrian releasing January 2020 with Linux support

        Skookum Arts have finally given their seriously clever puzzle-platform The Pedestrian a release date, coming to Linux on January 29, 2020.

        After testing an early build this year, which you can still try yourself on itch.io, I was instantly hooked. Such a brilliant idea. You control the person symbol you usually see on signs and you go running from sign to sign, rearranging and reconnecting signs in order to solve puzzles. Honestly, it’s absolutely fantastic with an awesome atmosphere.

      • Kharon’s Crypt – Even Death May Die heads to Early Access with a new trailer

        Kharon’s Crypt – Even Death May Die, a nonlinear dungeon crawler inspired by old Nintendo Game Boy Color games and Zelda is getting closer to an Early Access release and they have a sweet new trailer.

        This is another that was crowdfunded on Kickstarter (listed on our dedicated page) back in October of 2017. Playing as Kharon, you are a being thought to be death itself. Your mission is to escape from your crypt, where you had been sealed by a deranged king that wanted to elude death.

      • Try the free text adventure Kyle is Famous and try not to laugh

        Help Kyle prepare for an important interview with a guest on their hit TV show in Kyle is Famous, a somewhat absurd and free text adventure.

        Full text adventures like this are not something I usually go for personally, however Kyle is Famous ticks a few boxes. It has some truly ridiculous humour that’s hard not to enjoy, it’s also quite short and with multiple endings you can go back and have another quick run to see what happens.

      • Arsenal Demon, a fast-paced arena-survival FPS lands on Linux

        Wall running, long jumping and lots of pew-pew is what you will be doing in Arsenal Demon. It’s a newish arena-survival FPS and it’s now available on Linux too. It launched on Steam in October, with Linux (and macOS) getting support in mid-November.

        Much like an older favourite of mine called Devil Daggers, the overall idea is simple: you’re pushed into an arena and you have to survive as long as possible. Beat your last time, beat everyone else you know too. It’s ridiculously fast, it’s exciting and you get to customize your Arsenal Demon too.

      • Testing Google Stadia on Chromium (vs Chrome) on Linux

        Shortly after I had finished uploading my video where I wanted to see how well Google Stadia would work on Linux, somebody followed up with a question on whether it would work with Chromium, the open source browser on which Chrome is built. I didn’t actually know the answer, but I was willing to test it out, and I did, and I recorded it. :-)

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.17.4

          Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.17.4. Plasma 5.17 was released in October 2019 with many feature refinements and new modules to complete the desktop experience.

        • KDE Plasma 5.17.4 Desktop Environment Released with Nearly 50 Fixes, Update Now

          Highlights of KDE Plasma 5.17.4 include better compilation support with Qt 5.14, removal of deprecated API in KWindowSystem, fix for broken multimedia control on lock screen, the ability for the Folder view to use the selected text color for selected items in full representation, improved default layout for Workspace KCM, several Weather applet improvements, and new DesktopEntry for notifyrc, and disabled systeminfo test on systems without uname in Dr Konqi.

          All users are urged to update their installations as soon as possible to the KDE Plasma 5.17.4 point release, which will soon be available from the stable software repositories of your favorite GNU/Linux distributions. The next and last maintenance update in the KDE Plasma 5.17 desktop environment series will be KDE Plasma 5.17.5, due for release on January 7, 2020.

      • GNOME Desktop/GTK

        • GNOME Shell Hackfest 2019

          This October I attended the GNOME Shell Hackfest 2019 in the Netherlands. It was originally just planned as a small hackfest for core Shell developers, but then us designers decided to crash the party and it became a pretty big thing. In the end we were about 15 people from lots of different companies, including Red Hat, Endless, Purism, and Canonical. The venue was the Revspace hackerspace in Leidschendam, which is somewhere between the Hague and Leiden.

          The venue was very cool, with plenty of hackerspace-y gadgets and a room with couches and a whiteboard, which was perfect for the design team’s planning sessions.

    • Distributions

      • Kali Linux Gets New Desktop Environment & Undercover Theme

        Offensive Security, maintainer of the Kali Linux penetration-testing platform, has released a new version of the widely used open source project.

        Key improvements in Kali Linux 2019.4 include a brand-new default desktop environment, a unified user interface, and an undercover feature that allows security researchers to use the pen-testing tool in a public setting without tipping their hand.

        With the new release, Offensive Security has moved Kali Linux from Gnome to Xfce, a lightweight, open source desktop environment for Linux, BSD, and other Unix-like operating systems. The move is designed to improve performance and the user experience for pen-testers, according to Offensive Security.

      • Hiding The Hidden: Kali Linux 2019.4 Unleashed

        By the way, the update in-place from the previous version (2019.3) works swimmingly. However, the single bug-a-boo that I experienced was the necessity to drop postgresql10 for the latestest iteration of same; but that’s picking nits, now ain’t it guvnor? And, then there’s the Kali Undercover…plus, not to forget – Kali-Docs is now on Markdown. Savoire-Faire is Everywhere!

      • Kali Linux Adds ‘Undercover’ Mode to Impersonate Windows 10

        Kali Linux is popular among ethical hackers and pen testers alike, commonly used by researchers and red teamers to perform security tests. Last week, Kali Linux released version 2019.4 to the public, and the newest version boasts a new ‘undercover’ mode in which users can convert the Linux desktop to look like a Windows 10 device. Kali Linux’s reputation is the driving force behind this ‘undercover’ mode, as it may be suspicious to run Kali Linux in a professional or public setting. The new model solves this issue by offering users the option to make it appear as though they are running Windows rather than Linux.

      • elementary OS

        • Why use the Pantheon desktop for Linux Elementary OS

          Would you pay $20 for a Linux desktop? I would, and in fact, I regularly choose to pay more than that when I download free software! The reason I do this is that open source is worth it. For a copy of Elementary OS, US$ 20 happens to be the default asking price (you can download it for $1 or even $0 if you can’t afford anything more). What you get in return is an excellent and heavily curated distribution that ships with its own Pantheon desktop design.

          You may find Pantheon included in a software repository, as it is open source, but more likely, you’ll have to download and install Elementary Linux to experience it. If you’re not ready to install Elementary on your computer as the main OS, you can install it into a virtual machine, like GNOME Boxes.

          The Pantheon desktop is clean, attractive, and features many of the little things many users want in a desktop but could never quite get from the usual Linux desktops.

        • elementary OS 5.1 ‘Hera’ Linux Distro is Here
        • elementary OS 5.1 ‘Hera’ Linux distro is here

          elementary OS has long been viewed by many as the future of Linux on the PC thanks to its beautiful desktop environment and overall polished experience. Development of the Ubuntu-based operating system has been frustratingly slow, however. This shouldn’t be surprising, really, as the team of developers is rather small, and its resources are likely much less than those of larger distributions such as the IBM-backed Fedora or Canonical’s Ubuntu. And that is what makes elementary OS so remarkable — its developers can make magic on a smaller budget.

          Today, the latest version of the operating system is released. Code-named “Hera,” elementary OS 5.1 is now available for download. Support for Flatpak is now baked in — this is significant, as the developers explain it is “the first non-deb packaging format we’ve supported out of the box.” The Linux kernel now sits at a very modern 5.0. One of the most important aspects of elementary OS, the AppCenter, is now an insane 10 times faster than its predecessor. Wow.

        • elementary OS 5.1 Hera Released, This is What’s New

          This major update to elementary OS carries a wealth of changes and improvements, including native support for Flatpak, a faster App Centre store front, and many thoughtful refinements to the system’s bespoke UI.

          A free update for existing elementary OS users, the Hera uplift also introduces Linux Kernel 5.0 courtesy of Ubuntu’s recent LTS hardware enablement stack update.

          To learn more about what’s new in the elementary OS 5.1 release, and how to download it to try for yourself, keep reading!

          elementary OS 5.1 Hera

          The bulk of the changes being offered in the elementary OS 5.1 update aren’t strictly new as they’ve been iteratively pushed out via software updates to the elementary 5.0 Juno release.

          But the sum total of those updates is enough to create a distinct, separate version number with new .iso images for folks to download. Think of it like an Ubuntu point release, in that sense.

        • elementary OS 5.1 “Hera” Officially Released with Flatpak Support, New Greeter

          The elementary team proudly announced today the official availability of the elementary OS 5.1 “Hera” operating system, a major update that adds many improvements and new features, as well as updated components and fresh new artwork.

          elementary OS 5.1 “Hera” is the culmination of one year of hard work, during which the development team implemented out-of-the-box Flatpak support to make it easier and secure for users to install third-party apps that are not available in the AppCenter, but are essential for their everyday tasks.

          For this, elementary OS 5.1 comes with Sideload, a new, in-house built graphical utility that lets you install Flatpak apps with single click. In addition, elementary OS 5.1 adds Flatpak support to the AppCenter so that users can manage Flatpak apps alongside regular applications from the official repositories.

        • Meet The Linux Desktop That’s More Elegant Than Mac And Windows 10

          It’s no secret I have a distaste for Windows 10. Its telemetry, endless nagging, broken updates and general bloat pushed me to Linux last year. My opinion about macOS is less critical. I still utilize it for the occasional music production tasks, and it respects my privacy far better than Microsoft’s desktop OS. Unfortunately, the macOS experience hasn’t evolved much, and with each new update Apple continues its forced obsolescence of older hardware. But there’s a Linux alternative that exudes pure desktop elegance and runs like a dream on older machines. It emphasizes a clean workflow and thoughtful design in every single pixel. Yea, it’s time to pay attention to elementary OS.

          You’ve probably heard of Ubuntu, one of the most popular Linux distributions out there. Well, elementary OS is based on the stable version of Ubuntu (meaning you’ll get a thoroughly tested kernel and software) but it makes substantial tweaks to its presentation by using a custom Desktop Environment called Pantheon.

          At first blush, elementary OS (and by extension, the Pantheon desktop) may remind you of macOS — it may even comfortably feel like it — but when you start to dig in and use it, the differences become clear. It’s not only easier, but far more elegant.

          Today the developers behind elementary OS introduced version 5.1, which I’ve been testing for the last week. It brings several substantial improvements, and manages to outclass macOS (and every other Linux distribution available) in a few key areas.

      • New Releases

        • CAINE 11.0 “Wormhole” is out!

          CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project
          Currently the project manager is Nanni Bassetti (Bari – Italy).
          CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.

      • Screenshots/Screencasts

      • PCLinuxOS/Mageia/Mandriva/OpenMandriva Family

        • Mageia 6 End of Life – Time to Upgrade

          As you know, Mageia 7 was released this summer, followed shortly after by Mageia 7.1. It is time to say goodbye to Mageia 6 – updates have stopped, including security updates.
          As usual, before the upgrade, do a backup of your data and documents.

        • [PCLinuxOS] Screenshot Showcase
        • PCLinuxOS Family Member Spotlight: Revoluz

          Why and when did you start using Linux?
          2006 Open-Suse, 6 Months later PCLinuxOS my only distro.

          What specific equipment do currently use with PCLinuxOS?
          Office, Graphics, Multimedia – Jack-Audio, HTML Website build and not so often anymore, 3D CAM

          Do you feel that your use of Linux influences the reactions you receive from your computer peers or family? If so, how?
          Trying to make people curious by talking about it.

          What would you like to see happen within PCLinuxOS that would make it a better place. What are your feelings?
          That Mini Live CD correspond to the Sinn Mini, only for the wide hardware compatibility and peripherals such as printers and scanners.

      • SUSE/OpenSUSE

        • Software Development, Microservices & Container Management – Part III – Why Kubernetes? A Deep Dive into Kubernetes world

          Together with my colleague Bettina Bassermann and SUSE partners, we will be running a series of blogs and webinars from SUSE (Software Development, Microservices & Container Management, a SUSE webinar series on modern Application Development), and try to address the former questions and doubts about K8s and Cloud Native development and how it is not compromising quality and control.

        • Epic Performance with New Tuning Guide – SUSE Linux Enterprise Server on AMD EPYC* 7002 Series Processors

          EPYC is AMD’s flagship mainstream server microprocessors and supports 1-way and 2-way multiprocessing. The first generation was originally announced back in May 2017 and replaced the previous Opteron server family with the introduction of the Zen microarchitecture for the mainstream market.

        • Content Lifecycle Management in SUSE Manager

          Content Lifecycle management is managing how patches flows through your infra in a staged manner. In ideal infra, latest patches will always be applied on development servers. If everything is good there then those patches will be applied to QA servers and lastly to production servers. This enables sysadmins to catch issues if any and hence preventing patching of prod system which may create downtime of live environments.

          SUSE Manager gives you this control via content lifecycle. In this, you create custom channels in SUSE Manager for example dev, qa and prod. Then you register your systems to those channels according to their criticality. Now whenever channels gets the new patches it will be available to respective systems (registered to those channels) to install. So if you control channels you control the patch availability to systems.

          In content lifecycle management, suse manager enables you to push patches to channels manually. Like on first deploy all latest patches will be available to dev channels and hence dev systems. At this stage, if you run update commands (zypper up, yum update) they will show latest patches only on dev servers. QA and prod servers wont show any new patches.

      • Fedora Family

        • Event Report: CCOSS’19

          CCOSS stands for “Cumbre de Contribuidores de Open Source Software” (Contributors Summit in Open Source Software). It is the first event in Mexico dedicated to improving accessibility for latin tech practitioners to contribute to world-leading open source technologies, focusing on delivering content in Spanish & providing hands-on mentoring opportunities.

        • Latinoware 2019

          In its 16th edition, Latinoware started on Wednesday (27) and continued until Friday (29), with a program of over 300 activities. The Latin American Congress of Free Software and Open Technologies at the Rafain Palace Hotel & Convention, in Foz do Iguaçu, attracted over 2700 of participants, including children, students, professionals and even older people, interested in the different topics addressed.

      • Debian Family

        • Sparky 2019.12

          There are new live/install media of Sparky 2019.12 “Po Tolo” available to download, which is based on the testing branch of Debian “Bullseye”.

          • system upgraded from Debian testing “Bullseye” repos as of December 1, 2019
          • Calamares installer 3.2.17
          • Linux kernel 5.3.9 as default (5.4.1 & 5.3.14 in Sparky unstable repos)

          No reinstallation is required if you have Sparky 2019.xx (of the line 6) installed, simply make full system upgrade.

        • Tails Anonymous OS Promises Secure Boot Support and More Robust Upgrades in 2020

          The Tails project, which develops the Debian-based Tails amnesic incognito live operating system, has announced today some of their major plans for 2020 to improve the anonymous OS used by NSA whistle-blower Edward Snowden to stay hidden online.

          In 2020, the Tails project plans to release numerous updates to its Tails anonymous OS, some of which will be major ones implementing big new features like support for Secure Boot to offer better compatibility with more hardware components, thus making it easier to start Tails on PCs and Macs.

          While Secure Boot support is planned for July 2020, when the Tails 4.9 release should hit the streets, the project also aims to deal with the manual upgrades as soon as January 2020. These manual upgrades have been bugging users for a long time now, but Tails wants to make the upgrade process less painful, lighter and more robust.

        • Our plans for 2020

          On October 7, we launched our donation campaign by explaining why supporting Tails is more important than ever. On October 31, we summarized what we did in 2019 to make Tails easier to adopt by new users. Today we pass on to you our plans for 2020.

          But first, we are pleased that the donation campaign has been pretty successful so far. We received around 50 000 € already, which is 69% more than last year. Still, these good results are due to some large donations and fewer people have been donating so far, 16% less than in 2018. We hope that after reading this post many of you will consider donating to Tails.

        • The Debian Janitor

          There are a lot of small changes that can be made to the Debian archive to increase the overall quality. Many of these changes are small and have just minor benefits if they are applied to just a single package. Lintian encourages maintainers to fix these problems by pointing out the common ones.

          Most of these issues are often trivially fixable; they are in general an inefficient use of human time, and it takes a lot of effort to keep up with. This is something that can clearly be automated.

          Several tools (e.g. onovy’s mass tool, and the lintian-brush tool that I’ve been working on) go a step further and (for a subset of the issues reported by lintian) fix the problems for you, where they can. Lintian-brush can currently fix most instances of close to 100 lintian tags.

          Thanks to the Vcs-* fields set by many packages and the APIs provided by hosting platforms like Salsa, it is now possible to proactively attempt to fix these issues.

          The Debian Janitor is a tool that will run lintian-brush across the entire archive, and propose fixes to lintian issues via pull request.

      • Canonical/Ubuntu Family

        • Lubuntu Focal Fossa 20.04 LTS Wallpaper Contest

          The Lubuntu Team is pleased to announce we are running a Focal Fossa wallpaper competition, giving you, our community, the chance to submit, and get your favorite wallpapers included in the Lubuntu 20.04 LTS (Long Term Support) release.

        • Ubuntu Weekly Newsletter Issue 607

          Welcome to the Ubuntu Weekly Newsletter, Issue 607 for the week of November 24 – 30, 2019. The full version of this issue is available here.

        • Ubuntu 19.10 offers ‘integrated’ AI/ML developer experience

          Autumn (or Fall, depending on your level of Americanization) was a busy period… so busy in fact that the Computer Weekly Open Source Insider blog saw a number of milestone advancements go whizzing past.

          Among those news items we’re catching up on as we approach the Christmas silly season is the latest update from Canonical on Ubuntu.

          Canonical is positioning Ubuntu as (in its view) an operating system (OS) of choice for ‘most’ (it was clear not to say all) public cloud workloads, as well as the emerging categories of ‘smart gateways’, self-driving cars and advanced robots.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • OSI

        • October 2019 License-Discuss Summary

          We would like to introduce (and thank!) Amol Meshram, who has joined us here at the OSI to provide monthly summaries of both the License-Discuss and License-Review mailing lists. We hope these reports provide you with a helpful snapshot of the monthly activities on the lists, keeping you up to date with the latest topics, while also providing a reference point for further discussion. Of course all suggestions are welcome as we continue to enhance our reporting. We will try our best to include the feedback from OSI community members to make the summaries as accurate as possible and the discussions lively and fruitful.

        • October 2019 License-Review Summary

          Carlo Piana is not in favour of The Vaccine License and feels it is a trolling exercise. Filli Liberandum suggested to Carlo Paina to read the mailing list code of conduct. In furtherance to it, Filli Liberandum explained why there is a necessity of acknowledging The Vaccine License by OSI board and its members.
          Anand Chowdhary based on his experience of adding privacy compliance under twente open source license pointed out that there are better ways to protect privacy of individuals like local/national/international regulation instead of protecting it through open source license. He is of the opinion that there are better ways to advocate for vaccination and open source license is not the better way to advocate for it.
          Filli Liberandum countered to Anand Chowdhary by citing example of Cryptography Autonomy License of Mr. Lindstrom which ask for some release of data as a condition and head of OSI has publicly accepted this condition. Pamela Chestek brought into notice of Filli Liberandum that OSI did not endorse the view of Simon Phipps (referred head of OSI by Filli) on Cryptography Autonomy License data condition clause. Simon Phipps is member of the board along with others. Simon Phipps views on CAL are personal.
          Filli Liberandum raised a concern with respect to archives as it is stuck in a plaintext mode.
          Simon Phipps suggested to Filli Liberandum to familiarize with License-review process and change the tone of message and requested to leave moderating to the moderators to which Filli agreed and responded that here onwards Filli will directly reach out to concerned members.
          Gil Yehuda responded to Fil that Licenses usually do ask for things in return and appreciated the efforts of Fil in writing The Vaccine License, while considering the OSD. Gil raised an important point of enforceability of The Vaccine License in the real life scenario. Gil is of the opinion that one can right a blog and promote the importance of the idea instead of restricting it with copyright license. To buttress claim, Gil cited article written by Selam G which convinced Gil to support Free Software Movement. The reason behind citing this article is to explore other platforms instead of publishing work under copyright license.

          Carlo Piana responded to Fil that The Vaccine License is discriminatory and non-enforceable in nature. Carlo thinks that vaccination can be achieved through local authorities instead of enforcing it through copyright license. Carlo believes one should provoke reactions rather than genuine attempt of having a license approved.
          Josh Berkus agrees with Carlo on provoking reactions from members on license instead of attempting for approving the license. Josh suggested to take this submission as a use case and put it on opensource.org for future reference.
          Carlo Piana is of the same view that opensource.org should take this submission as a use case for future submissions to avoid duplication of work.
          Bruce Perens is also of the opinion that a direct law on vaccination will be more effective than a license. Similarly, Bruce also wrote two blog posts on the issue of “ethical” licenses wherein Bruce referred the proposed The Vaccine License.
          Grahame Grieve replied to Bruce’s blog post and appreciated the efforts of writing blog post on ethical license and also the basic arguments put forwards by Bruce. But Grahame bothered by the lack of ethics in the Vaccine License, judging vaccine license solely based on enforceability clause. Similarly, Grahame wanted to know whether the lawyers, courts and violators laugh at license and is there any precedent on when someone gives something of value away, on the condition that it not used in a particular way? Bruce Perens replied to all the queries of Graham Grieve. Firstly, Bruce Perens claims blog post argument is based on law instead of license terms. Secondly, Bruce has experience in handling litigation for various reasons and Bruce wants other should not get into litigation for same cause of action. Lastly, Bruce said Lawyers, courts and violators laugh at license and this whole exercise will be term as a ‘‘copyright misuse’’.
          Kevin P. Fleming replied to Graham and pointed that The Vaccine License does not talk about goals instead it focusses on action to be performed which is not in sync with the use of the software. Similarly, Kevin is of the opinion that The Vaccine License violates the OSD 5. To this Grahame Grieve countered by saying if The Vaccine license is applied to health software then in such scenario would Kevin change his opinion.
          Van Lindberg appreciated various aspect of the Vaccine License and efforts put forward by Fil in creating the vaccine license. But Van feels the Vaccine License does not qualify for OSS because it imposes conditions which are logically separate from and wholly unrelated to scope intellectual property rights that are licensed. Similarly, Van attempted to answer the question on what scope of action can be required of a license? Van observed if restrictions are closely related to the exercise of the intellectual property rights granted under license then such restrictions make sense and compatible with OSD.
          Filli Liberandum replied to analysis of Van and requested to reverse engineer the rules from the approved licenses which Fil believe will lead us to conclusion that the Vaccine License attempt is not an accidental in nature.
          Josh Berkus feels that The Vaccine License is very good example for ‘’unrelated conditions’’ license which can be referred in future as a textbook example to differentiate between what kind of licenses OSS supports and what can’t be supported by OSS license.

      • Web Browsers

        • Mozilla

          • Firefox 71 Released with Native MP3 Decoding, Other Changes

            Among them: native MP3 decoding on Linux, Windows and macOS systems. This is a particularly big feature and is made possible by patents on the MP3 technology expiring.

            For Linux users, this changes means that Firefox does not have to rely on third-party packages like gstreamer to play mp3 content (e.g., a podcast) in the browser.

            The Lockwise password manager (requires a Firefox account) gains support for subdomains and makes breach alerts available to those using the browser with a screen reader enabled.

            Another feature in Firefox 71 is the new Kiosk mode aimed at enterprise users. Launching Firefox with the –kiosk flag at the command line will open the app in an immersive fullscreen mode.

          • Firefox 71: A winter arrival

            Another release is upon us: please welcome Firefox 71 to the stage! This time around, we have a plethora of new developer tools features. These include the web socket message inspector, console multi-line editor mode, log on events, and network panel full text search!

            And as if that wasn’t good enough, there are important new web platform features available, like CSS subgrid, column-span, Promise.allSettled, and the Media Session API.

          • Mozilla Firefox 71 Is Now Available to Download for Linux, Windows, and macOS

            The upcoming Firefox 71 web browser is now available to download for all supported platforms, including Linux, Windows, and macOS, ahead of tomorrow’s official launch.
            Firefox 71 has entered development in late October and it promises to introduce a new “–kiosk” command-line parameter that opens the web browser in full-screen mode (a.k.a. kiosk mode), a redesigned about:config internal configuration page, as well as Picture-in-Picture (PiP) support on Windows.

            “Windows users now have the ability to pop out videos on the web into an always-on-top video player using the Picture-in-Picture feature! For most videos, this can be accomplished by hovering the video with the mouse, and clicking on the Picture-in-Picture toggle,” explained Mozilla in the preliminary release notes.

          • TenFourFox FPR17 available

            TenFourFox Feature Parity Release 17 final is now available for testing (downloads, hashes, release notes). Apologies for the delay, but I was visiting family and didn’t return until a few hours ago so I could validate and perform the confidence testing on the builds. There are no other changes in this release other than a minor tweak to the ATSUI font blacklist and outstanding security patches. Assuming all is well, it will go live tomorrow evening Pacific time.

            The FPR18 cycle is the first of the 4-week Mozilla development cycles. It isn’t feasible for me to run multiple branches, so we’ll see how much time this actually gives me for new work. As previously mentioned, FPR18 will be primarily about parity updates to Reader mode, which helps to shore up the browser’s layout deficiencies and is faster to render as well. There will also be some other minor miscellaneous fixes.

          • [Older] Firefox at 15: its rise, fall, and privacy-first renaissance

            There’s a good chance you are reading this in Google’s Chrome web browser, which commands 65% of the global market (and about 50% in the U.S.), according to Statcounter. Only about 4% to 5% of web surfers now go online through Firefox, the open-source browser from the California-based Mozilla foundation. But the web was much different when Firefox launched 15 years ago on November 9, 2004, and the browser began a fast rise to prominence.

            When Firefox hit the scene, Internet Explorer had more than 90% market share, having felled Netscape Navigator. Given that it was the default browser on Windows, which commanded a similar share of the operating system market, its monopoly seemed like it could be permanent. But Firefox quickly caught on, and eventually grew to command about a third of the market at its height in 2009. While it’s unlikely to recapture such former glory, Firefox has been experiencing something of a renaissance, not just by improving speed and features, but by putting user control over privacy front and center.

            Fifteen years on, it’s hard to imagine how radical Firefox was at the time of its debut. Instead of coming from a megacorporation like Microsoft (or today, Google), Firefox was built by volunteers around the world who gave their code away for free. “Open source was well known for developers,” says Mitchell Baker, who cofounded the Mozilla Project back in 1998 and is today the chairwoman of the Mozilla Corporation and Mozilla Foundation. “But the common wisdom of the time was that open source was only for the geeks. You could build [tools] for developers but not consumer products out of it.”

          • Help Test Firefox’s built-in HTML Sanitizer to protect against UXSS bugs

            I recently gave a talk at OWASP Global AppSec in Amsterdam and summarized the presentation in a blog post about how to achieve “critical”-rated code execution vulnerabilities in Firefox with user-interface XSS. The end of that blog posts encourages the reader to participate the bug bounty program, but did not come with proper instructions. This blog post will describe the mitigations Firefox has in place to protect against XSS bugs and how to test them.

            Our about: pages are privileged pages that control the browser (e.g., about:preferences, which contains Firefox settings). A successful XSS exploit has to bypass the Content Security Policy (CSP), which we have recently added but also our built-in XSS sanitizer to gain arbitrary code execution. A bypass of the sanitizer without a CSP bypass is in itself a severe-enough security bug and warrants a bounty, subject to the discretion of the Bounty Committee. See the bounty pages for more information, including how to submit findings.

          • Botond Ballo: Developing Mozilla C++ code with clangd and VSCode

            I’ve long been a fan of smart editors which have a semantic understanding of the code you’re editing, and leverage it to provide semantics-aware features such as accurate code completion (only offering completions for names that are actually in scope), go-to-definition, find references, semantic highlighting, and others.

            When I joined Mozilla six years ago, my choice of editor for C++ code was Eclipse CDT, because based on experience and research, this was the most fully-featured option that was cross-platform and open-source. (Depending on who you ask, Visual Studio, XCode, and CLion have, at various times, been described as matching or exceeding Eclipse CDT in terms of editor capabilities, but the first two of these are single-platform tools, and are three all proprietary.)

            This assessment was probably accurate at that time, and probably even for much of the intervening time, but in recent years Eclipse CDT has not aged well. The main reason for this is that Eclipse CDT has its own C++ parser. (For brevity, I’m using “parsing” here as an umbrella term for lexing, preprocessing, parsing, semantic analysis, and all other tasks that need to be performed to build a semantic model of code from source.) C++ is a very complex language to parse, and thus a C++ parser requires a lot of effort to write and maintain. In the early days of CDT, there was a lot of investment, mostly from commercial vendors that packaged CDT-based IDEs, in building and maintaining CDT’s parser, but over time, the level of investment has faded. Meanwhile, the C++ language has been gaining new features at an increasing rate (and the Mozilla codebase adopting them — we’re on the verge of switching to C++17), and CDT’s parser just hasn’t been able to keep up.

          • 71.0 Firefox Release

            Version 71.0, first offered to Release channel users on December 3, 2019

          • Firefox 71 Available With New Kiosk Mode, New Certificate Viewer

            Today marks the last Mozilla Firefox feature update of 2019 with the release of Firefox 71.0.

            Firefox 71.0 introduces a –kiosk CLI switch for launching Firefox in a full-screen kiosk mode, a redesigned about:config area, a new certificate viewer, new server timing information is exposed via Firefox’s Developer Tools, partial support for the Media Session API, native MP3 encoding is enabled for all desktop platforms, and various other developer enhancements.

          • Mozilla and Google remove Avast extensions from add-on stores

            A month ago I wrote about Avast browser extensions being essentially spyware. While this article only names Avast Online Security and AVG Online Security extensions, the browser extensions Avast SafePrice and AVG SafePrice show the same behavior: they upload detailed browsing profiles of their users to uib.ff.avast.com. The amount of data collected here exceeds by far what would be considered necessary or appropriate even for the security extensions, for the shopping helpers this functionality isn’t justifiable at all.


            Spying on your users is clearly a violation of the terms that both Google and Mozilla make extension developers sign. So yesterday I reported these four extensions to Mozilla and Google. Quite surprisingly, as of today all of these extensions are no longer listed on either Mozilla Add-ons website or Chrome Web Store. That was a rather swift action!

            It remains to be seen how this will affect millions of existing extension users. At least Mozilla didn’t add Avast extensions to the blocklist yet, stating that they are still talking to Avast. So the extensions will remain active and keep spying on the users for now. As to Google, I don’t really know where I can see their blocklist, any hints?

          • Multilingual Gecko Status Update 2019

            Welcome to the fourth edition of Multilingual Gecko Status Update!

            In the previous update we covered the work which landed in Firefox 61-64.

            At the time, we were landing Fluent DOM Localization APIs, still adding mozIntl features, and we had close to 800 strings migrated to Fluent.

            I indicated that 2019 should be quieter, and in result I reduced the update frequency to just one this year.

          • Questions About .org

            Last month, the Internet Society (ISOC) announced plans to sell the Public Interest Registry (PIR) — the organization that manages all the dot org domain names in the world — to a private equity firm named Ethos. This caught the attention of Mozilla and other public benefit orgs.

            Many have called for the deal to be stopped. It’s not clear that this kind of sale is inherently bad. It is possible that with the right safeguards a private company could act as a good steward of the dot org ecosystem. However, it is clear that the stakes are high — and that anyone with the power to do so should urgently step in to slow things down and ask some hard questions.

            For example: Is this deal a good thing for orgs that use these domains? Is it structured to ensure that dot org will retain its unique character as a home for non-commercial organizations online? What accountability measures will be put in place?

            In a letter to ISOC, the EFF and others summarize why the stakes are high. Whoever runs the dot org registry has the power to: set (and raise) prices; define rights protection rules; and suspend or take down domains that are unlawful, a standard that varies widely from jurisdiction to jurisdiction. It is critical that whoever runs the dot org registry is a reliable steward who can be held accountable for exercising these powers fairly and effectively.

          • Updates on Firefox Private Network

            We are continuing our beta testing of the Firefox Private Network extension that we released earlier this year. The extension hides your Firefox browsing activity and location. This prevents eavesdroppers on public Wi-Fi from spying on the actions you take online by masking your IP address and routing your traffic through our partner’s secure servers. It also protects you from internet service providers collecting or selling data on your browsing activity. And it hides your locations from websites and data collectors that profile you to target ads.

            There will be no changes for test pilots who have already started using the extension by logging in with their Firefox account. For those who are not yet using the extension, we invite you to join the Test Pilot program and try it out. When you sign up or log in with a Firefox account and become one of our beta testers, you’ll get 12 hours of protected browsing for free this month. We are continuing to explore the best way to deliver browser-level protection to our users and we welcome your feedback and input each step of the way.

          • Mozilla Future Releases Blog: Firefox Preview Beta reaches another milestone, with Enhanced Tracking Protection and several intuitive features for ease and convenience

            In June we made an announcement, that left us — just like many of our users — particularly excited: we introduced Firefox Preview, a publicly available test version of our upcoming best in class browser for Android that will be fueled by GeckoView. GeckoView is Mozilla’s own high-performance mobile browser engine, which enables us to deliver an even better, faster and more private Firefox to Android device owners. Hundreds of thousands of users have downloaded and tested Firefox Preview since it became available.

            Over the past 5 months we’ve been working diligently on improvements to the app. We’ve been listening closely to user feedback and are basing app development on users’ requests and needs; one very recent example is our support for extensions through the WebExtensions API. We will still continue to test Firefox Preview Beta and we’re expecting to launch as a final product in the first half of 2020. Today, we want to provide an update on our progress, and share some of the amazing new features we’ve added to Firefox Preview since the beta release of 1.0.

          • Marco Zehe: 12 years at Mozilla

            Today marks my 12th anniversary working for Mozilla. I started on December 3, 2007, as a contractor, and moved to a full employment 13 months later, in January 2009. So in January this year, I was employed there 10 years.

            I wrote about my work anniversary once before. Some things have changed since then, some have not. I am still working on Firefox accessibility, doing, unfortunately, less blogging than I used to (current series excepted), and am doing more engineering and less evangelism in general.

            To many, especially in Silicon Valley, it is strange, yes even bewildering, for someone to stay in one employment relationship for that long. However, if you look at people with disabilities, the number of long term employments is generally higher than with the rest of the population working in the same field. The answer is quite simple: Regardless of the U.S., Canada or Europe, finding employment as a person with a disability is much harder than if you’re not disabled. As a consequence, we tend to hang on to our jobs much longer, do less job hopping.

          • News from Firefox on Mobile, Private Network and Desktop

            As the year comes to a close, we look back at what we’ve accomplished. As recently noted in the press, this year may be the mark of our privacy-renaissance. We’ve built additional privacy protections in the browser which included blocking third party tracking cookies and cryptomining by default and created an easy-to-view report which shows the trackers that follow you and collect your online browsing habits and interests. To date, we’ve blocked more than 1 Trillion tracking requests that attempt to follow you around the web! Privacy has always been part of our DNA. We’ve always believed our role is and has always been to help give people more control over their online lives.

          • Firefox 71 Officially Released with Native MP3 Decoding on Linux, Windows & Mac

            Mozilla officially released today the Firefox 71 web browser for all supported platforms, including Linux, Windows, and macOS, a release that adds various improvements and new features.
            While we already took an early look at Firefox 71, which our readers could download since yesterday, Mozilla has published more details release notes that highlight a much-improved built-in password manager that can now recognize subdomains and automatically fill domain logins and provide breach alerts from Firefox Monitor for users with screen readers.

            Furthermore, the integrated Enhanced Tracking Protection, which was enabled by default in the Firefox 69 release, now offers users more information about the actions it takes by displaying notifications when Firefox blocks cryptominers, as well as a running tally of blocked trackers in the protection panel, which users can access by clicking the address bar shield.

      • SaaS/Back End/Databases

        • Vendors move away from open source database software licensing

          Database vendors have started to use their own open source style licenses in a bid to stave off cannibalization by large cloud players such as Amazon Web Services.

          The promise of open source database software is that users can freely use the code as they choose. Open source isn’t just a marketing hook, but rather a well-defined set of licenses that have been approved as open source by the Open Source Initiative (OSI) and are compliant with the Open Source Definition.

          Many database vendors have long used an open core model, in which the foundational model is an open source licensed code base, with added enterprise-grade features for reporting, scalability and management available under a proprietary license.

      • BSD

        • First release candidate for NetBSD 9.0 available!
          On behalf of the NetBSD project, it is my pleasure to announce the first
          (and hopefully only) release candidate of NetBSD 9.0.
          Many changes have been made since 8.1.  Here are a few highlights:
           - Support for Arm AArch64 (64-bit Armv8-A) machines, including
             "Arm ServerReady"  compliant machines (SBBR+SBSA)
           - Enhanced hardware support for Armv7-A
           - Updated GPU drivers (e.g. support for Intel Kabylake)
           - Enhanced virtualization support
           - Support for hardware-accelerated virtualization (NVMM)
           - Support for Performance Monitoring Counters
           - Support for Kernel ASLR
           - Support several kernel sanitizers (KLEAK, KASAN, KUBSAN)
           - Support for userland sanitizers
           - Audit of the network stack
           - Many improvements in NPF
           - Updated ZFS
           - Reworked error handling and NCQ support in the SATA subsystem
           - Support a common framework for USB Ethernet drivers (usbnet)
          Since the start of the release process four months ago a lot of improvements
          went into the branch - more than 500 pullups were processed!
          This includes usbnet (a common framework for usb ethernet drivers), aarch64
          stability enhancements and lots of new hardware support, installer/sysinst
          fixes and changes to the NVMM (hardware virtualization) interface.
          Binaries of NetBSD 9.0_RC1 are available for download via our Fastly
          (or from ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-9.0_RC1/, or one of
          its mirrors)
          Those who prefer to build from source can either use the netbsd-9-0-RC1
          tag or follow the netbsd-9 branch.
          Please help us out by testing 9.0_RC1.  We love any and all feedback.
          Report problems through the usual channels (submit a PR or write to the
          appropriate list).  More general feedback is welcome at releng%NetBSD.org@localhost.
          Your input will help us put the finishing touches on what promises to be a
          great release!
        • NetBSD 9.0 RC1 Released With 64-Bit Arm Support, Updated ZFS + Other Improvements

          NetBSD 9.0 is around the corner and finally presenting 64-bit Arm (AArch64) support as well as other long overdue hardware support like Intel Kabylake graphics.

          NetBSD 9.0 is a big step-up for this BSD operating system with better support for modern Arm and x86_64 Intel/AMD hardware. There is also updated ZFS file-system support, the kernel finally supports kernel address space layout randomization, and other kernel features added. Out today is NetBSD 9.0 RC1 as what is expected to be the only release candidate.

      • FSF

        • Mark J. Wielaard: A public discussion about GNU

          There is now a public discussion about GNU governance issues as described in this LWN article: Rethinking the governance of the GNU Project. We have had private discussion about GNU governance issues for the last couple of decades between GNU maintainers, but that never resulted in actual change. And recent events made things a bit more urgent. Since the Chief GNUisance is no longer the president of the FSF. The FSF is now asking for feedback on how their relationship with the GNU project should go forward with respect to fiscal sponsorship, technical infrastructure, promotion, copyright assignment, and volunteer management. So we need to answer a lot of questions.

        • Wielaard: A public discussion about GNU

          Mark Wielaard has posted a summary of the discussion thus far on the governance of the GNU project.

        • FSFE

          • FSFE Resignations and expulsions

            The last two FSFE e.V. members resigned immediately after the 2019 annual meeting decided to pursue a vendetta against the former fellowship representative.

            These resignations don’t reflect any wrongdoing on the part of the members who have departed, they reflect the fact FSFE e.V. itself is being consumed by foolish vendettas.

          • FSFE General Assembly formally adopts Stasi policies to harass a former volunteer

            When we read the (defamation redacted by satire) minutes of the 2019 FSFE annual meeting, we see the same thing: a motion has been passed deciding that the community elected representative has to be blamed for everything that is wrong in the world. The text of the motion is irrelevant: the key point is that bunch of supposedly grown-up German males are getting together to whine about a volunteer who resigned over a year ago. This is no accidental slip of gaslighting: the minutes show that 11 people travelled to Essen on 12 October 2019, meeting at the LinuxHotel and making a formal resolution to continue in the footsteps of the GDR’s secret police. The minutes do not include any positive plans for the next 12 months: just some administrative changes and the resolution to pursue a vendetta. Would Stasi predecessors feel a tingle of pride reading the unredacted version of the document, dripping with character assassination?

            This is even more despicable because the volunteer in question resigned at a time of personal tragedy and asserted that he is grieving for the loss of a family member. Hounding a volunteer who resigned at a time like that shows an utter lack of humanity.

            Corrupt elements of the FSFE management were already running evil campaigns like this in private emails before the Fellowship migrated to the fsfellowship.eu mailing list in May. In a #MeToo moment for Free Software, the former community representative called them out, leaking this quote from Herr Matthias Kirschner, FSFE president.

      • Programming/Development

        • The Qt Marketplace has landed!

          Today marks a very special day for us as we are finally able to present you the Qt Marketplace. We have been working very hard for the past year to build the marketplace and to onboard the first set of fantastic extensions with the help of our great community. Huge thanks for everyone involved in the process! To make this our joint effort for #Qt we would like to invite you for populating it with all the fantastic extensions including Qt Creator Plugins, tools and modules … that has been done with Qt.

        • The Qt Company Launches Qt Marketplace For Free + Paid Qt Extensions / Add-Ons

          While there is the KDE Frameworks that offers a wonderful set of complementary extensions/add-ons to the Qt5 tool-kit, for those looking for more Qt5 extensions, The Qt Company has launched “The Qt Marketplace” as a source for both free and paid extensions.

          Qt Marketplace offers extensions to add additional functionality around the tool-kit, new Qt Creator Plugins, tools, modules, and more. There are 100+ extensions at launch including Felgo that offers additional Qt APIs, Incredibuild as a network-based build system for Qt Creator, Froglogic to help with testing Qt programs, KDAB’s KUESA workflow software, and various KDE add-ons.

        • Properly managing your .gitignore file

          There’s not a single month where I don’t have to explain this. I thought it’d be a good opportunity to write about this .gitignore file so everyone is up to date on this magic file.

        • Introduction To Version Control System

          If you are a programmer or developer and working on software applications or any website, you will definitely require some versioning system to track the changes. Version Control System is also referred as SCM (Source Code Management) tools or RCS (Revision Control System).

          Version control is a method or a category of software tools that helps to keep a track of changes in the code so that if something goes wrong, we can make comparisons in different code versions and can easily revert to previous versions. It is very helpful when multiple developers are continuously working or changing the source code.

        • Sony Spresense 6-core MCU Development Board Now Supports Java
        • Cheat sheet for Java syntax

          No matter how often you write code, though, there’s bound to be something you don’t use often enough to type without a reference. Maybe you can’t remember whether to include or import or how to parse incoming arguments. There are a few ways to bridge such a gap: you can use a robust IDE and let it autocomplete the obvious parts, or you can keep a cheat sheet handy to get a little control over all that dizzying syntax.

          While Java’s too big to be contained on a two-page cheat sheet, whether you’re new to programming or you only dip into Java every once and a while, this cheat sheet gets you up and running. Perhaps most importantly, it provides you with added context for what you’re trying to remember. You don’t have to blindly choose between prompts from your IDE for a private or public method; you can get clarity instead. And let our cheat sheet inspire you to create your own as you go. The next time you stumble over syntax that’s not covered on this cheat sheet, open up a notebook or a text file and jot down the solution. When you get enough good ones, let us know what they are, and who knows? Maybe a sequel can be arranged!

        • Excellent Free Tutorials to Learn C++

          C++ was designed by Bjarne Stroustrup with its first release in 1983. It’s a statically typed, free-form, multi-paradigm, portable, compiled, general-purpose programming language. C++ is regarded as an intermediate-level language, as it has a combination of both high-level and low-level language features. C++ was designed for systems and applications programming, extending the C programming language. Hence the name C++, the increment operator is written as ++.

          C++ remains a popular programming language. For example, it is heavily used in embedded systems, banking, and telecommunications.

          It is a superset of C that retains the efficiency and notational convenience of C, while providing facilities for stronger type checking, multiple inheritance, data abstraction, exception handling operator overloading, generic programming, and object-oriented programming. C++ has influenced many other languages including C#, Java, and the development of C.

        • syscall call-from verification

          The full commit details are well worth reading, as is the manual page for the (new) msyscall(2), and some associated discussion on tech@.

        • Deciding when to collect garbage

          In this article we’ll take a look at the different techniques that can be used to decide when to collect garbage, how to implement such a technique, and what techniques a few programming languages out there use.

        • Remi Collet: Install PHP 7.4 on CentOS, RHEL or Fedora
        • Daniel Stenberg: libcurl video tutorial

          I’ve watched how my thirteen year old son goes about to acquire information about things online. I am astonished how he time and time again deliberately chooses to get it from a video on YouTube rather than trying to find the best written documentation for whatever he’s looking for. I just have to accept that some people, even some descendants in my own family tree, prefer video as a source of information. And I realize he’s not alone.

          So therefore, I bring you, the…

          libcurl video tutorial

          My intent is to record a series of short and fairly independent episodes, each detailing a specific libcurl area. A particular “thing”, feature, option or area of the APIs. Each episode is also thoroughly documented and all the source code seen on the video is available on the site so that viewers can either follow along while viewing, or go back to the code afterward as a reference. Or both!

          I’ve done the four first episodes so far, and they range from five minutes to nineteen minutes a piece. I expect that it might take me a while to just complete the list of episodes I could come up with myself. I also hope and expect that readers and viewers will think of other areas that I could cover so the list of video episodes could easily expand over time.

        • Perl / Raku

          • 2019.48 Released Advent

            Thanks to the tireless efforts of release managers Aleks-Daniel Jakimenko-Aleksejev and Samantha McVey, this week finally saw a new Rakudo Compiler release again: 2019.11. For packagers, this is the first release that is fully relocatable. Kudos to the 65 contributors to this release! And kudos to Claudio Ramirez to immediately supply packages for many Linux distributions that now also support relocatable builds!

        • Python

          • Django 3.0 Released

            You can get Django 3.0 from our downloads page or from the Python Package Index. The PGP key ID used for this release is Carlton Gibson: E17DF5C82B4F9D00.

            With the release of Django 3.0, Django 2.2 has reached the end of mainstream support. The final minor bug fix release (which is also a security release), 2.2.8, was issued today. Django 2.2 is an LTS release and will receive security and data loss fixes until April 2022. All users are encouraged to upgrade before then to continue receiving fixes for security issues.

          • Seems SimpleParse needs work for 3.8

            So as I work through all the OpenGLContext projects to get automatic (or near automatic) releasing, SimpleParse wound up failing on the 3.x branches with a weird xml test failure. But with Python 3.8 the C code just won’t import at all. Seems there was a change in Python 3.8 where it does a load-time test for functions in the module and the hand-coded C module triggers it. So I’ll have to spend some time on that before I can get the whole stack releasing.

          • PyCharm 2019.3 is out now

            Interactive widgets for Jupyter notebooks, MongoDB support, and code assistance for all Python 3.8 features. Download the new version now, or upgrade from within you IDE.

          • Pandas: How to Read and Write Files

            Pandas is a powerful and flexible Python package that allows you to work with labeled and time series data. It also provides statistics methods, enables plotting, and more. One crucial feature of Pandas is its ability to write and read Excel, CSV, and many other types of files. Functions like the Pandas read_csv() method enable you to work with files effectively. You can use them to save the data and labels from Pandas objects to a file and load them later as Pandas Series or DataFrame instances.

          • Casual Python, Part 11
          • Functional programming design pattern: Nested Iterators == Flattening

            This is pretty common in devops world. You might be looking at all repositories of in all github organizations. You might be looking at all keys in all AWS S3 buckets under a specific account. You might be looking at all tables owned by all schemas in a database.

            It’s helpful — for the moment — to stay away from taller tree structures like the file system. Traversing the file system involves recursion, and the pattern is slightly different there. We’ll get to it, but what made this clear to me was a “simpler” walk through a two-layer hierarchy.

            The nested for-statements aren’t really ideal. We can’t apply any itertools techniques here. We can’t trivially change this to a multiprocessing.map().

          • Add scrollable regions with QScrollArea

            When you start building apps that display long documents, large amounts of data or large numbers of widgets, it can be difficult to arrange things within a fixed-size window. Resizing the window beyond the size of the screen isn’t an option, and shrinking widgets to fit can make the information unreadable.

            To illustrate the problem below is a window in which we’ve created a large number of QLabel widgets. These widgets have the size Vertical Policy set to Preferred which automatically resizes the widgets down to fit the available space. The results are unreadable.

          • A Manga Book on CircuitPython and Mu

            Our paths had crossed via Twitter while the book was written and I was rather pleased to see the origin story for the name “Mu” got a mention since I shared it with Mitsuharu in a tweet. As you’ll read below (and in typical fashion for me), there are many layers to my reason for the choice of name.

          • Giving Tuesday 2019

            For the first time the PSF is participating in Giving Tuesday! This event is held annually the Tuesday after Thanksgiving – this year on December 3rd, 2019. The global celebration runs for 24 hours and begins at midnight local time.

      • Standards/Consortia

        • Email authentication: SPF, DKIM and DMARC out in the wild

          Email authentication has had a turbulent history – SMTP did not have a native form of authentication when it was designed, and all modern authentication methods are built on top of that system. This was not a problem in the 1980s because there were simply too few people emailing – the only ones using it were universities and corporations actively involved in building the internet. Since then we’ve got a variety of tools to attempt to verify emails, including SPF, DKIM, and DMARC, and I wanted to explore the actual usage of these authentication methods by the most popular sites and companies in the world – specifically, the top 100 domains and the Fortune 500 companies.

  • Leftovers

    • Science

      • The Early History of Usenet, Part VII: Usenet Growth and B-News

        For quite a while, it looked like my prediction — one to two articles per day — was overly optimistic. By summer, there were only four new sites: Reed College, University of Oklahoma (at least, I think that that’s what uucp node uok is), vax135, another Bell Labs machine — and, cruciallyy, U.C. Berkeley, which had a uucp connection to Bell Labs Research and was on the ARPANET.

        In principle, even a slow rate of exponential growth can eventually take over the world. But that assumes that there are no “deaths” that will drive the growth rate negative. That isn’t a reasaonable assumption, though. If nothing else, Jim Ellis, Tom Truscott, Steve Daniel, and I all planned to graduate. (We all succeeded in that goal.) If Usenet hadn’t shown its worth to our successors by then, they’d have let it wither. For that matter, university faculty or Bell Labs management could have pulled the plug, too. Usenet could easily have died aborning. But the right person at Berkeley did the right thing.

        Mary Horton was then a PhD student there. (After she graduated, she joined Bell Labs; she and I were two of the primary people who brought TCP/IP to the Labs, where it was sometimes known as the “datagram heresy”. The phone network was, of course, circuit-switched…) Known to her but unknown to us, there were two non-technical ARPANET mailing lists that would be of great interest to many potential Usenet users, HUMAN-NETS and SF-LOVERS. She set up a gateway that relayed these mailing lists into Usenet groups; these were at some point moved to the fa (“From ARPANET”) hierarchy. (For a more detailed telling of this part of the story, see Ronda Hauben’s writings.) With an actual traffic source, it was easy to sell folks on the benefits of Usenet. People would have preferred a real ARPANET connection but that was rarely feasible and never something that a student could set up: ARPANET connections were restricted to places that had research contracts with DARPA. The gateway at Berkeley was, eventually, bidirectional for both Usenet and email; this enabled Usenet-style communication between the networks.

    • Hardware

    • Health/Nutrition

      • Insurance Industry Is Clearly ‘Terrified,’ Says Sanders, As Lawmakers Admit Lobbyists Helped Them Write Attacks on Medicare for All

        “We are taking on the big-money interests who have an army of lobbyists trying to defeat Medicare for All.”

      • 80% of adolescents don’t even spend an hour on physical activity, at risk of heart disease: WHO study

        An alarming highlight in the study is the fact that India, along with Bangladesh and the United States (US), ranks the lowest in physical activity among boys, while the Philippines has taken the last place in overall physical activity among teenagers.

      • Top Democratic Consultants Have Worked for Anti-Medicare for All Campaign

        As health insurance, pharmaceutical and hospital companies fight to prevent more politicians from backing Medicare for All, the industry’s front group has turned to top Democratic consulting firms and pro-business nonprofits for help, according to its 2018 tax return. The array of consultants includes presidential candidate Joe Biden’s pollster.

      • United States v. Gilead Sciences, Inc.

        Last month, the United States government, acting on behalf of its Department of Health and Human Services (HHS), filed suit in Delaware against Gilead Sciences, Inc. and Gilead Sciences Ireland UC for infringing four patents covering inventions developed by scientists at the Centers for Disease Control and Prevention. The patents all cover methods for a type of medical regimen known as “pre-exposure prophylaxis” (PrEP) for the prevention of HIV.


        Still further, the Complaint goes to significant length to explain that Gilead provided absolutely no support in developing the inventions, aside from providing certain drug compounds under an MTA. Indeed, the Complaint addresses and squarely shoots down Gilead’s public statement claiming credit for the development of the PrEP regimine.

        The Complaint notes the significant benefits achieved by Truvada® and Descovy® for treating established HIV infections, but focuses on the efforts that were being made in the 1990s and 2000s to discover a way to prevent HIV infection from becoming established. In particular, the Complaint provides a great summary of the substantial — yet unsuccessful — R&D that had been and was being undertaken to develop a vaccine and/or post-exposure prophylaxis treatment of HIV prior to the invention, as well as the reasons why PrEP was then-deemed unachievable. In this respect, the Complaint is like a great survey article on the history of HIV treatment research, but the document is written in a much more readable manner than most survey articles.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • OmniOS Community Edition r151032e, r151030ae

              OmniOS Community Edition weekly releases for w/c 2nd of December 2019 are now available.

            • OmniOS Updated With Latest Intel Microcode, Better LX Zones Support For Newer Distros

              OmniOS r151032e ships with the newest Intel CPU microcode in order to address the JCC Erratum issue, there is a fix for supporting USB hard drives greater than 2TB, OpenJDK has been updated, better support for recent Linux distribution releases within LX Zones, ZFS fixes, fixes to the SMB support, and various other fixes. LX Zones is a SmartOS/OmniOS feature for running Linux software in a lighterweight-than-a-VM environment.

            • A picture is worth a thousand base pairs

              Prospective users of these tools can find plentiful educational resources online, including video tutorials. The UCSC Genome Browser has two archived and searchable listservs, or electronic mailing lists: one for website and data questions, the other for queries on setting up and maintaining Genome Browser mirrors. JBrowse users can ask questions on Github or on the software’s open instant-messaging channel, but Holmes suggests contacting the developers directly. “We have some developers who really like getting feedback from users,” he says.

        • Security

          • Even PDF s can contain JavaScript macros! Why? Adobe Why? – how to disable JavaScript in PDF files

            90% of companies DO NOT NEED JavaScript or macros to run in PDF

          • Rendering McAfee web protection ineffective

            Now that I’m done with Kaspersky, it’s time to look at some other antivirus software. Our guest today is McAfee Total Protection 16.0. Let’s say this up front: it’s nowhere near the mess we’ve seen with Kaspersky. It doesn’t break up your encrypted connections, and the web protection component is limited to the McAfee WebAdvisor browser extension. So the attack surface is quite manageable here. The extension also uses native messaging to communicate with the application, so we won’t see websites taking over this communication channel.

            Of course, browser extensions claiming to protect you from online threats have some rather big shoes to fill. They have to be better than the browser’s built-in malware and phishing protection, not an easy task. In fact, McAfee WebAdvisor “blocks” malicious websites after they already started loading, this being not quite optimal but rather typical for this kind of extension. I also found three issues in the way McAfee WebAdvisor 6.0 was implemented which made its protection far less reliable than it should be.


            A bug in the way McAfee WebAdvisor deals with malicious frames made it trivial for websites to avoid blocking. Also, I found ways for websites to unblock content programmatically, both for top-level and frame-level blocking.

            In fact, the way unblocking top-level content was implemented, it allowed arbitrary websites to open special pages. Browsers normally prevent websites from opening these pages to avoid phishing attacks or exploitation of potential security vulnerabilities in browser extensions. McAfee WebAdvisor allowed websites to circumvent this security mechanism.

          • A Window into Malicious Advertising – 61% of malvertising targets Windows devices

            Bad ad campaigns are targeting Windows more often than any other operating system. But should we be surprised? Let’s first define a bad ad campaign.

            A bad ad campaign is merely a series of online ads linked to a common threat set, designed to have a malicious effect on the end-user. These campaigns are designed to redirect the user to malicious sites or to trick the user into downloading a piece of malware. Now we are ready to look at the data. Let’s dive in!

            The below chart shows all of the new, uniquely defined bad ad campaigns DEVCON observed from July 11 – November 22, 2019.

          • 61% of malicious ads target Windows users

            Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.

          • IPFire on AWS: Update to IPFire 2.23 – Core Update 138

            We are very happy that from week to week, we are gaining more customers for IPFire in the cloud – where you now can manage your network just as you do it in your own data centre.

            In contrast to Amazon’s own features, IPFire is easier to manage, performs just as well, but brings you even more features like standard IPsec VPNs, OpenVPN for on-the-road connectivity to the cloud, Intrusion Prevention for your cloud servers, detailed logging and reporting and many more features.

          • Canonical Releases Major Kernel Security Update for Ubuntu 19.10 and 18.04 LTS

            Canonical released major kernel security updates for all of its supported Ubuntu Linux operating system series to address up to 15 security vulnerabilities.
            The biggest kernel security patch released in December 2019 is for Ubuntu 19.10 (Eoan Ermine) and Ubuntu 18.04 LTS (Bionic Beaver) and fixes 12 vulnerabilities affecting Linux 5.3′s OverlayFS and ShiftFS drivers, the Wi-Fi driver stack, ARM Komeda display driver, VirtualBox guest driver implementation, ADIS16400 IIO IMU driver, and Intel OPA Gen1 Infiniband driver.

            Issues discovered in the AMD Audio CoProcessor driver, Qualcomm FastRPC driver, Cascoda CA8210 SPI 802.15.4 wireless controller driver, AMD Display Engine driver, and Chelsio T4/T5 RDMA driver were also addressed in this new kernel security update. The majority of these flaws could allow a local attacker to cause a denial of service (memory exhaustion or system crash).

          • A bug in Microsoft’s login system put users at risk of account hijacks

            Microsoft has fixed a vulnerability in its login system, which security researchers say could have been used to trick unsuspecting victims into giving over complete access to their online accounts.

            The bug allowed attackers to quietly steal account tokens, which websites and apps use to grant users access to their accounts without requiring them to constantly re-enter their passwords. These tokens are created by an app or a website in place of a username and password after a user logs in. That keeps the user persistently logged into the site, but also allows users to access third-party apps and websites without having to directly hand over their passwords.

            Researchers at Israeli cybersecurity company CyberArk found that Microsoft left open an accidental loophole which, if exploited, could’ve been used to siphon off these account tokens used to access a victim’s account — potentially without ever alerting the user.

          • Privacy/Surveillance

            • Labor says it will fix encryption laws it voted for last year

              This time last year, the Australian Labor Party waved through the government’s encryption Bills, formally known as the Assistance and Access Bill, and threw out the line that it to keep the nation safe.

              “Let’s just make Australians safer over Christmas,” then Labor leader Bill Shorten said at the time.

            • Now even the FBI is warning about your smart TV’s security

              If you just bought a smart TV on Black Friday or plan to buy one for Cyber Monday tomorrow, the FBI wants you to know a few things.

              Smart TVs are like regular television sets but with an internet connection. With the advent and growth of Netflix, Hulu and other streaming services, most saw internet-connected televisions as a cord-cutter’s dream. But like anything that connects to the internet, it opens up smart TVs to security vulnerabilities and hackers. Not only that, many smart TVs come with a camera and a microphone. But as is the case with most other internet-connected devices, manufacturers often don’t put security as a priority.

            • FBI Issues Warning of the Risks of Using Smart TVs

              It was really hard to avoid all the Black Friday and Cyber Monday deals, wasn’t it? You may have even been tempted with some great deals on smart TVs, whether as a gift or as a purchase for yourself.

              Knowing this, it seems the Federal Bureau of Investigation (FBI) picked a curious time to issue a warning to consumers about smart TVs. Just before Black Friday, the bureau posted a warning to its website about the risks and dangers of owning a smart TV.

            • Chinese companies want to help shape global facial recognition standards

              The use of facial recognition technology is continuing to expand, despite concerns about its accuracy and fairness and about how it could be used by governments…

            • Egyptian Government Plans To Track The Movement Of 10 Million Vehicles With Low-Cost RFID Stickers

              Just under three years ago, Techdirt wrote about China’s plan to install satnav tracking devices on vehicles in Xinjiang. That was just one of several early signs of the human rights abuses happening there. Today, people are finally waking up to the fact that the indigenous turkic-speaking Uyghur population is subject to some of the harshest oppression anywhere on the planet. Tracking huge numbers of vehicles might seem to be a typically over-the-top, money-no-object Chinese approach to total surveillance. Unfortunately, there are signs the idea is starting to spread, as this story in RFID Journal explains:

            • Ring Coyness About Adding Facial Recognition Tech To Its Cameras Doesn’t Extend To Its Marketing Materials

              Ring may say it’s not getting into the facial recognition business, but its internal documents say otherwise. The company has a head of facial recognition tech in its Ukraine office. And its answers to Senator Edward Markey’s questions make it clear Ring hasn’t ruled out adding this tech to its doorbell cameras. Specifically, the company said it had no plans at the present but was always looking to “innovate” to meet “customer demand.”

            • Wireless ISP Starry Says It Will Apply California’s Privacy Requirements Nationwide

              Like Microsoft, wireless startup Starry — the brain child of Aereo creator Chet Kanojia — has decided to view the public’s desire for solid privacy rules as a marketing opportunity instead of something to ceaselessly undermine or whine about.

            • EFF Report Exposes, Explains Big Tech’s Personal Data Trackers Lurking on Social Media, Websites, and Apps

              San Francisco—The Electronic Frontier Foundation (EFF) today released a comprehensive report that identifies and explains the hidden technical methods and business practices companies use to collect and track our personal information from the minute we turn on our devices each day.Published on Cyber Monday, when millions of consumers are shopping online, “Behind the One-Way Mirror” takes a deep dive into the technology of corporate surveillance. The report uncovers and exposes the myriad techniques—invisible pixel images, browser fingerprinting, social widgets, mobile tracking, and face

            • Facebook launches tool that transfers your pics to Google Photos

              The Facebook Transfer Tool can be found in the menus of your account, if it is available – but remember right now that only means users in Ireland. A full international roll-out based on feedback from this trial will occur sometime next year.

              Facebook plans to roll out integration with other services in the future, such as Flickr and Apple Photos, giving you a consistent way of shifting your loyalties whilst keeping your memories.

            • Instagram is broken. It also broke us.

              Lately that conversation has gotten louder and more complicated. Influencers, models, and celebrities — the people who Instagram was supposed to work best for — are realizing that they have been made complicit in an app that feeds its users a poison of narcissism and envy and prevents them from ever logging off. They try to reveal what happens outside the camera frame; that no, their lives aren’t perfect either; that Instagram makes them feel bad, too. They share posts about authenticity and honesty and their quiet struggles with mental health that live directly next to posts devoted to toned ab muscles and champagne on yachts, which then makes the whole thing feel fake.

            • Putin signs legislation dramatically raising fines on tech companies that refuse to work with Russian law enforcement

              Vladimir Putin has signed legislation that steeply raises the fines on Internet companies that repeatedly refuse to surrender decryption keys to the Federal Security Service. According to the new law, the Russian state can now fine tech firms between 2 and 6 million rubles ($31,100 and $93,340) for declining to share information that would allow the FSB to read users’ private correspondence.

            • Google Wants Us To Trust It With Our Medical Records We Never Knew They Had

              For all of its faults, you do have to praise Android’s open ecosystem, especially when compared to Apple’s tightly controlled App Store. Virtually anyone with a modicum of programming ability can create an app and upload it to the Google Play store. But that openness makes it especially easy for bad apps to quite regularly find their way into the official Google Play store. Plus, third-party app stores and malicious website can harbor even more nastiness in the form of malware. It is a problem that has plagued the Google Play store, and Android in general, since its inception.

              According to an article from Wired.com, Google has enlisted help from three antivirus firms who have extensively monitored Android malware for years. They are ESET, Lookout and Zimperium. In partnership with Google, they have formed an alliance, called the App Defense Alliance. They will scan new apps in the Google Play store before they go live, in an effort to help prevent malware from ever appearing in the Play store.

              Since each member of the alliance has different methods and approaches for scanning apps, together they should be able to detect trojans, adware, ransomware, banking malware, and phishing attacks before the apps are allowed to go live in the Play store.

              Even though a friendly relationship has existed between Google and the other members of the alliance for over two years, the coordinated effort is just now getting off the ground. So, it remains to be seen how much of a dent can be made in the growing Android malware problem.

              But then, it is a start to taming the wild, wild west that the Google Play store has become.

            • De-Googling Yourself, Part 7

              Android Inc. was founded in Palo Alto, California, in October 2003 by Andy Rubin, Rich Miner, Nick Sears and Chris White. Rubin described the Android project as “tremendous potential in the development of smarter mobile devices, more aware of its owner’s location and preferences.” The company’s first intentions were to develop an advanced operating system for digital cameras, and that was the basis of its April 2004 investor presentation. The company then decided that the camera market was not big enough for its goals, and five months later it had diverted its efforts and was launching Android as an operating system for mobile devices, which would rival Symbian and Microsoft Windows Mobile.

              Rubin struggled to attract investors from the start, and Android, Inc. was facing eviction from its office.

              In July 2005, Google acquired Android Inc. for at least $50 million (US). Its key employees, including Rubin, Miner and White, joined Google as part of the acquisition. Not much was known about the secret Android at the time, with the company providing few details beyond that it was producing mobile software. At Google, the team led by Rubin developed a mobile platform with the Linux kernel. Google, then, marketed the platform to handset makers and carriers with the promise of providing a flexible and upgradeable system. Google had “aligned a number of hardware components providers and software partners and signaled operators that they were open to varying degrees of cooperation.”

              Android is the world’s top selling operating system on smartphones since 2011 and tablets since 2013. As of May 2017, it has more than two billion monthly active users, the largest installed base of any operating system, and by December 2018, the Google Play Store has over 2.6 million apps, indicating the platform’s undisputed success. Thanks to Android’s “open” nature, many other operating systems have been based on it (FireOS, Indus OS, LeWa OS, LineageOS, MIUI, OmniROM, OxygenOS, Paranoid Android, Replicant, and others).

            • A Cartoon Intro To DNS over HTTPS

              Both the browser and the server know the combination to that lock, but no one in between does.

              With this, even if the messages go through multiple routers in between, only you and the web site will actually be able to read the contents.

              This solves a lot of the security issues. But there are still some messages going between your browser and the server that aren’t encrypted. This means people along the way can still pry into what you’re doing.

              One place where data is still exposed is in setting up the connection to the server. When you send your initial message to the server, you send the server name as well (in a field called “Server Name Indication”). This lets server operators run multiple sites on the same machine while still knowing who you are trying to talk to. This initial request is part of setting up encryption, but the initial request itself isn’t encrypted.

              The other place where data is exposed is in DNS. But what is DNS?

            • Why AI will never replace human picture descriptions

              Yes, a bold statement, I know, but this piece by Dr. Elizabeth Fernandez made my conviction even stronger.

              For some years now, there have been advancements in computer-generated image recognition. That recognition nowadays goes far beyond optical character recognition. Face recognition, objects, some scenes are things that software such as the Facebook algorithms, Microsoft’s Seeing AI and Google’s image recognition will cope with. In the case of some celebrities, Microsoft’s offering will, for example, even put names to faces.

              Google’s service now also ties into Chrome,. In the case of a missing alternative text, users can right-click and request that the image be processed by Google’s artificial intelligence. The result will then be filled in so screen readers will pick it up. For the new Chromium-based Edge browser by Microsoft, that service is disabled, but I guess Microsoft will soon put something similar in place using their backend that Seeing AI also uses.

              Especially this browser integration has led to fears that this will make web developers lazy and make them describe their images less. I am convinced that this fear will not be necessary. Some managers or other decision makers may try, but they’ll fail.

    • Defence/Aggression

      • Trump Was Right Before He Was Wrong: NATO Should Be Obsolete

        The three smartest words that Donald Trump uttered during his presidential campaign are “NATO is obsolete.”

      • Negligible and largely useless Why women’s rights advocates in Russia have turned against the draft version of their law against domestic violence

        On November 29, Russia’s Federation Council published the draft text of new legislation that would impose additional penalties on domestic violence. Lawmakers have introduced similar bills in the past, but not a single initiative has survived the parliament’s revisions process. The new legislation was co-authored by State Duma deputy Oksana Pushkina and has support from Federation Council Chairwoman Valentina Matviyenko, State Duma Speaker Vyacheslav Volodin (Pushkina has even called him the draft law’s “protective charm”), and Human Rights Commissioner Tatyana Moskalkova. Several women’s rights organizations also helped develop the legislation. The campaign to impose stricter punishments on violence in the home has provoked opposition from Vladimir Zhirinovsky (the leader of the right-wing political party LDPR) and some conservative movements, like the Christian Orthodox group “Forty Times Forty.” After lawmakers finally submitted the bill to the upper house of Russia’s parliament, women’s rights advocates who helped develop the legislation reported that the text omits several key components they supported. The version ultimately introduced to Russia’s Federation Assembly is largely useless, activists say, and panders to “radical conservative groups.”

      • White Supremacy as “Patriotism” – Validated Independent News

        Thomas Rousseau founded Patriot Front in 2017, when he was age eighteen, and in just two years the group has gained three hundred followers who actively seek to “reclaim America.” Patriot Front quietly discourages mass acts of violence, but instead pushes for members to spread propaganda that promotes American fascism and hate. As Pete Simi, a professor at Chapman University and an expert on white supremacists in the US, told ProPublica, “It is very common for the leadership of these groups to disqualify violence, while doing things that are encouraging violence… It is part of their strategy to avoid liability, while simultaneously promoting hate. When they say they are not violent, this is a lie. They are promoting violence by their goals.”

      • American Exceptionalism Is Killing the Planet

        Ever since 2007, when I first started writing for TomDispatch, I’ve been arguing against America’s forever wars, whether in Afghanistan, Iraq, or elsewhere. Unfortunately, it’s no surprise that, despite my more than 60 articles, American blood is still being spilled in war after war across the Greater Middle East and Africa, even as foreign peoples pay a far higher price in lives lost and cities ruined. And I keep asking myself: Why, in this century, is the distinctive feature of America’s wars that they never end? Why do our leaders persist in such repetitive folly and the seemingly eternal disasters that go with it?

      • Slipknot Cancels Knotfest Mexico City Because of Security Concerns

        Slipknot and Evanescence decided to abruptly cancel Knotfest in Mexico City because of problems with a security barricade. Which turned out to be a very, very bad idea.

      • Woman in India Gang Raped, Murdered

        The 27-year-old veterinarian had called her family to say she was stranded with a flat tire in India’s Hyderabad city, and that a truck driver and his friends had offered to help. Then she stopped answering her phone. Later her family learned she had been gang raped and murdered.

      • Pak violates ceasefire for 2nd consecutive day in Poonch

        The Pakistan army on Saturday targeted forward posts and villages along the Line of Control in Jammu and Kashmir’s Poonch district, violating the ceasefire for the second consecutive day, a defence spokesperson said.

      • Iraqi Assyrians Warn Sweden of ‘Islamist Rule’

        “If Islamists gain power, they will not treat you according to human rights, but according to Sharia law”, she stressed. “Love the Muslims, but be aware. Jesus says we should be cunning as snakes and innocent as doves”, she concluded, urging not to yield to any pressure. Pastor Basil (also a pseudonym), who has met thousands of Yazidis and Christians fleeing from Daesh*, recalled the Muslim concept of taqiya, a precautionary dissimulation or denial of religious belief. According to him, it is frequently utilised by radical Muslims as well to hide their true intent.

        “This means that radicals ‘lie low’ and adapt to a more non-religious society to gain power”, he said, warning of sleeper cells ready for action, while acting to “take over” once a parliamentary majority is in place. According to Islamologist Rickard Lagervall of Lund University and Jönköping University, it is unlikely that Islamists would take over in Sweden any time soon, since they are a minority. Another reason is that Islamists are a divided group that includes not only Daesh sympathisers and jihadists, but also “puritan” Salafists who, he suggested, avoid politics. In addition, “ordinary” Muslims are a fragmented group as well, he stressed.

    • Environment

      • At COP 25 Kickoff, Spain’s Socialist Leader Rips ‘Fanatics’ Like Trump Who Deny Climate Crisis

        Spanish Prime Minister Pedro Sánchez kicked off COP 25 in Madrid, Spain on Monday by condemning the “handful of fanatics” who continue to deny the reality of the climate crisis as it wreaks havoc across the globe and threatens to render large swathes of the planet uninhabitable.

        Sánchez, leader of the Socialist Workers’ Party (PSOE) and proponent of a Green New Deal for Spain, did not condemn any nations or world leaders by name. But Sánchez implored the international community to combat “alternative facts,” an apparent shot at the administration of U.S. President Donald Trump.

      • COP25, Social Movements and Climate Justice

        Social movements were organising their opposition to COP25—in which those most affected by climate violence would be sidelined—even before the popular mobilisation started in Chile and Sebastián Piñera suspended the talks.

      • Green Groups at COP 25 Warn Against Market-Driven Solutions to Climate Emergency

        “Now is not the time to offer an escape route to polluting Northern country governments and big oil.”

      • UN Climate Convention Switch From Chile to Spain May Hinder Climate Justice

        In October, as scientists, policymakers and civil society leaders geared up to travel to Chile for the 25th Conference of the Parties of the U.N. Framework Convention on Climate Change (COP 25), which begins today, the country was making headlines for different reasons.

      • Long-Lived Storm Clobbers Eastern U.S.

        A seemingly endless winter storm that hindered travel across most of the country over the long holiday weekend is delivering a last wallop as it swoops through the Northeast, dumping heavy snow, shuttering hundreds of schools and bedeviling commuters in the region Monday.

      • Condemning Inaction of Rich Nations, Oxfam Unveils Report Showing Climate-Related Disasters Displaced 200 Million People Since 2008

        “People are taking to the streets across the globe to demand urgent climate action. If politicians ignore their pleas, more people will die, more people will go hungry, and more people will be forced from their homes.”

      • Energy

        • Environmental Protection Politics: an Interview with William Ruckelshaus on the Difficulty of Making Public Policy Changes

          U.S. Environmental Agency (EPA) founding administrator William D. Ruckelshaus died Nov. 27, 2019. EPA was created in 1970; Ruckelshaus served as its head until 1973. A decade later he returned briefly to head the agency during the Reagan administration. As part of a series of events celebrating EPA’s 35th anniversary in April 2006, Indiana University’s School of Public and Environmental Affairs hosted Ruckelshaus in Bloomington for a lecture and panel discussion. Prior to those events he met with journalists to answer questions.

        • Turning Point in Climate Activism? Germans Block Coal Mines With Their Bodies

          Deutsche Welle reports that that more than 1,000 green activists made their way past police lines and blocked trains at 3 important coal mines in eastern Germany on Saturday. A few clashes took place between police and protesters. | By Juan Cole

        • China’s Climate Paradox: A Leader in Coal and Clean Energy

          As world leaders gather in Spain to discuss how to slow the warming of the planet, a spotlight falls on China — the top emitter of greenhouse gases.

        • [Old] United States Spend Ten Times More On Fossil Fuel Subsidies Than Education

          The fossil fuel lobby has actively worked in many countries to protect their subsidies and avoid the imposition of carbon taxes. Doing so protects their profits.

          US spent on these subsidies in 2015 is more than the country’s defense budget and 10 times the federal spending for education

        • Years Before Exxon Valdez, Documents Show Exxon’s Imperial Oil Prioritized Public Image Over Spill Impacts

          Nearly two decades before the Exxon Valdez catastrophe in Alaska, the Arrow oil spill became a public relations black eye for Imperial Oil, a Canadian subsidiary of Exxon, and internal company documents published today by DeSmog and the Climate Investigations Center reveal that the company viewed the environmental disaster more in the context of improving its public image than improving safety measures that would reduce these types of environmental risks.

        • New Documents Reveal Exxon-owned Canadian Oil Giant’s Shifting Climate Change PR

          “Public concern regarding environmental problems is being translated into legislation rapidly,” Imperial Oil warned in an annual research planning document dated January of that year. “The present trend in legislation will require substantial expenditures to reduce emissions and waste discharge for all facilities and reduce the impact on the environment of the products we sell.”

        • The Imperial Oil Files: New Collection Adds to Climate and Energy Research Archives On Science and Denial

          These documents add new context to the groundbreaking investigative reporting by Inside Climate News, and the Columbia School of Journalism in partnership with the Los Angeles Times, that revealed the #ExxonKnew conspiracy. Those journalistic efforts exposed the facts that Exxon’s own climate science research had confirmed the role of fossil fuels in driving global warming, and that the company pivoted away from that advanced knowledge, choosing instead to spend tens of millions of dollars funding climate science denial campaigns.

      • Wildlife/Nature

        • U.S. Plan on Killing Birds in New York

          The U.S. Department of Agriculture’s Wildlife Services arm has put together a plan titled “Reducing Bird Damage in the State of New York” which includes a “preferred alternative” that involves continuing its both “nonlethal and lethal bird management techniques.” The “lethal techniques…may include the use of shooting, live capture and euthanasia, avicides” and “nest/egg destruction.”

        • Humanity Is Riding Delusion to Extinction

          Horses sporting gas masks. That, of all things, has been on my mind lately. Bear with me, now. Gaze at the ever-so-cockamamie photo. A horse, wearing a gas mask. Nothing so illustrates the rank absurdity and irrationality of the human condition. It was during World War I—which killed an unheard-of nine million soldiers in just four years—that the armies of Europe still employed horses in an age of machine guns, airplanes (eventually), tanks and poison gas attacks. Rather than call a halt to the inane slaughter in the trenches, the world’s great powers fought that wildly nationalistic war to its macabre conclusion. One result was horses in gas masks. That was only a hundred years ago.

        • When Should We Consider A Species Recovered?
        • Palm Oil in Snack Foods Could Be Destroying the World’s “Orangutan Capital”

          Picture a rhinoceros in the rainforest, add a herd of elephants, families of orangutans swinging through the treetops and tigers prowling the understory, and there is only one place in the world you could be.

        • Conservation pays its way handsomely

          Money does grow on trees. The conservation of a native forest is natural capital, its cash value often reaching trillions of dollars.

      • Overpopulation

        • Some Say Jason Momoa Went Too Far Shaming Humanity And Calling It A Disease At The UN Climate Summit

          Greta Thunberg and her speech has sent ripples of awareness all over the globe. Her message has been heard and it has moved people to come out of their comfort zone and do something for the planet. But it is not only Greta’s speech that has kept the attention of people. Many actors have come out in support of Greta and are trying their bit to influence others to save the planet.

          Jason Momoa aka Aquaman has made a speech in the UN which is quite similar and powerful in an address at the United Nations. He spoke at the Small Islands Event on 27th September and his message coincided with that of Greta – that our world leaders were not using their powers for environmental welfare. However, he did not only blame the politicians. He blamed Humanity as a whole – he called it a disease.

    • Finance

      • What Seattle Has Wrought

        A year after the WTO protests rocked Seattle, Alexander Cockburn and I assessed the damage to global capitalism and its emissaries in the Democratic Party – JSC

      • Bolivia: the Danger of Neoliberalism With Fascist Characteristics

        A relevant article by Thierry Meyssan has been published that reveals the deep historical fascist/catholic links leading up to the coup in Bolivia and the danger that may lie ahead as a result. It is important to be aware of this in order to provide informed solidarity with the people of Bolivia and a sharper analysis of the inevitable US intervention in Latin America.

      • ‘For the Grandparents Who Need Money… For the Struggle!’: Tear-Gassed Kids in Chile Explain Why They Protest

        The gas, said one, “doesn’t allow us to breathe, so we’re only feeling so-so.”

      • What Would It Cost to Buy the 2020 Election?

        Gracie Mansion, the official residence of New York’s mayors since 1942, hosted billionaire Michael Bloomberg for three terms.

      • New Analysis Details ‘Aggressive’ Tax Dodging of Six Silicon Valley Giants—Totaling Over $100 Billion

        Among the tech companies studied, Amazon “stands out as the business with the poorest tax conduct,” according to the U.K.-based Fair Tax Mark.

      • For Banks, Data on Your Spending Habits Could be a Gold Mine

        There’s a powerful new player watching what you buy so it can tailor product offerings for you: the bank behind your credit or debit card.

      • Misuse of Police and Jails to Respond to Medical and Economic Problems – Validated Independent News

        The Prison Policy Initiative study reported that, in 2017, 4.9 million individuals were arrested and booked. Of those, 3.5 million were arrested only once that year, while nearly 930,000 were arrested twice; and nearly 430,000 were arrested three or more times. Those arrested multiple times were, according to the study, disproportionately Black, low-income, less educated, and unemployed. Noting that the vast majority were arrested for non-violent crimes, the study recommended that instead of incarceration, “public investments in employment assistance, education and vocational training, and financial assistance” would better address the conditions that led marginalized individuals to have contact with the police in the first place.

      • Prison Telecom Monopolies Bring Their ‘Innovation’ To Prison Ebooks

        Over the last few decades, companies like Securus have managed to obtain a pretty cozy, government-supported monopoly over prison phone and teleconferencing services. Like any monopoly, this has pretty traditionally resulted in not only sky high rates upwards of $14 per minute for phone calls, but comically poor service as well. Because these folks are in prison, and as we all know everybody in prison is always guilty, drumming up enough sympathy to convert into political momentum has long proven difficult. Recent efforts to do something about it were scuttled by FCC boss Ajit Pai, whose former clients included Securus.

      • UK Election: How Propaganda Props Up Britain’s “Particularly Extreme Form of Capitalism”

        The establishment British media, be it the BBC or the privately-owned Sky News, have marginalized ordinary Britons who are critical of the neoliberalism, known as “capitalism.” They and their allies in the right-wing print media have done so, in large part, by slandering the political representatives of the poor as “Marxist lunatics” and so on. But now, even elements of the establishment are beginning to recognize that the neoliberal system is collapsing itself.

      • Wages Have Risen Due to Minimum Wage Increases and the Fed’s Obama-Era Policies

        There are a lot of things — like high health care costs, unaffordable housing and crushing student loan debt — which are not going right for people right now. However, it is worth noting one important way in which things are going in the right direction. The low current unemployment rate, coupled with minimum wage increases in many states and cities, is leading to real wage gains at the middle and bottom end of the wage ladder.

      • America’s Got Talent Under Investigation Over Gabrielle Union Firing

        In reaction to all the controversy generated by the firing of Gabrielle Union from America’s Got Talent, SAG-AFTRA is now investigating the show.

      • Mayor Pete Is Wrong — Free Public College Could Unite the Country

        A new ad from the Pete Buttigieg campaign reignited a social media debate that first began when Sen. Amy Klobuchar criticized free public college for all in the November Democratic debate. Klobuchar had warned that universal higher education was bad because it could mean “sending rich kids to college for free.” Buttigieg’s ad replicates Klobuchar’s critique, but added that free public higher education for all would “[turn] off half the country.”

      • Bangladesh: Rohingya Children Denied Education

        (Bangkok) – The government of Bangladesh is blocking aid groups from providing any meaningful education to Rohingya children in refugee camps and banning the children from attending schools outside the camps, Human Rights Watch said in a report released today. The government should urgently lift the restrictions that unlawfully deprive almost 400,000 Rohingya refugee children of their right to education.

      • Threat to Our Digital Rights Revealed in US-UK Trade Talks Leak

        eaked documents from trade talks between the UK and US make it clear that our online interactions and digital products will be priorities for the negotiations. The UK grandly declares, “We do not want to just go back to existing [digital] trade texts, no matter how ambitious—we want to go beyond.”

      • New law makes Germany “crypto heaven”

        The German parliament today passed a bill allowing banks to sell and store cryptocurrencies from next year.

        The new legislation will come into force on 1 January 2020, and will require current custody providers and crypto exchanges operating in the country to take steps, before the end of the year, to apply for a German license.

        The law will not only put Germany, the world’s fourth biggest economy, at the forefront of regulation in cryptocurrencies, but heralds a milestone in the adoption of cryptocurrencies.

        “Germany leads the way in crypto regulation, for sure. This leads to institutional investors coming to Germany, as they want security and regulation,” Sven Hildebrandt, partner at German crypto consultancy DLC, told Decrypt. “Germany is well on its way to becoming a crypto-heaven.”

    • AstroTurf/Lobbying/Politics

      • Chris Hedges: Electoralism Won’t Save Us
      • Non-Intervention: an Imperfect Solution to a Terrible Problem

        On November 27, US president Donald Trump signed the Hong Kong Human Rights and Democracy Act.

      • Facebook CEO Zuckerberg Dodges When Pressed About Details of White House Dinner With Trump

        “No better example of Facebook’s power than Zuckerberg being asked here whether Trump lobbied him, rather than whether he lobbied Trump.”

      • The Right Thing To Do

        For the start of another week at the circus, a warm, wise, movingly real moment with Elizabeth Warren to give us hope. At an Iowa event, a high school girl, tremulous with fear and feeling, asked Warren for a moment in her life when she struggled with acceptance; her own voice cracking, Warren told a story about her divorce…

      • From Crying ‘Witch Hunt’ to a Guilty Plea, Calls for Trump Ally Duncan Hunter to Resign Immediately

        The California Republican spent months claiming he was the victim of a “witch hunt” before saying Monday he would plead guilty

      • Deporting Workers Makes America Less Safe

        On Oct. 12, construction worker Delmer Joel Ramirez Palma was working on the Hard Rock Hotel in New Orleans when the structure collapsed, killing three workers and injuring dozens more. He survived a fall of three flights by swinging on a rope, although he sustained serious injuries.

      • Pelosi Frustrates Progressives by Stalling Pro-Labor Bill While Pushing Trump’s Trade Deal

        “Grinding my teeth so hard they snap off at the roots.”

      • Nancy Pelosi Buries Historic Labor Bill to Appease Centrists

        For the first time in decades, the House of Representatives has a rare chance to rewrite American labor laws, in ways that would actually help workers. Among other benefits, a new bill would abolish right-to-work laws that cripple union organizing, create penalties for employers that punish workers for organizing, and set out rules to eliminate delays in negotiating union contracts.

      • Professor Sounds Alarm on Democracy’s Self-Cannibalism – Validated Independent News

        As “the institutions that have traditionally saved people from their most undemocratic impulses” have declined in the era of social media, unconscious biases, selective listening, and irrational behavior cause people to “drift toward the simple solutions right-wing populists worldwide offer: a deadly mix of xenophobia, racism, and authoritarianism,” Shenkman reported. Though Rosenberg’s position was controversial in the conference, the rise of his hypothesis remains a grave concern.

      • Youth-Led Protests Topple Iraqi Prime Minister as Demonstrations Continue
      • Corporate Media’s Mantra Is ‘Anyone But Sanders or Warren’

        Anyone who’s been paying attention should get the picture by now. Overall, in subtle and sledgehammer ways, the mass media of the United States—owned and sponsored by corporate giants—are in the midst of a siege against the two progressive Democratic candidates who have a real chance to be elected president in 2020.

      • Bloomberg’s Baggage
      • WTO Shutdown: ‘Victory Belongs to the People’
      • Ukraine, the New Cold War and the Politics of Impeachment

        In October 2019, with the impeachment of Donald Trump already underway, wealthy ‘centrist’ Democratic Party donors began to fret over the Democrat’s prospects in the 2020 election. Since then Michael Bloomberg and Deval Patrick, both Wall Street Democrats with deep pockets, have entered the race. Meanwhile, the Senate impeachment schedule will keep Bernie Sanders and Elizabeth Warren in Washington— and away from the campaign trail, well into the early state primaries.

      • As Impeachment Enters Endgame, Republicans Will Likely Escalate Ugliness

        House Democrats said they planned to move quickly on impeachment and it appears they really meant it. It’s hard to believe that the process has come this far in just eight weeks, but Nancy Pelosi and the rest of the House leadership seem determined to get this thing over with as soon as possible, so it’s rushing toward completion before we can even catch our breath. (I’m on record disagreeing with that strategy if it means ignoring the gigantic body of evidence pointing to corruption and the obstruction of justice documented in the Mueller report. But nobody asked me my opinion, so…)

      • ‘Getting, But Waiving, Due Process’: Despite Cries of Unfairness, Trump Refuses Impeachment Hearing Invite

        “If he has a defense, we on House Judiciary—along with the American people—are eager to hear it,” said. Rep. Pramila Jayapal.

      • Lisa Page Speaks: ‘There’s No Fathomable Way I Have Committed Any Crime at All’

        “It’s very painful to see to places like the FBI and the Department of Justice that represent so much of what is excellent about this country, not fulfilling the critical obligation that they have to speak truth to power,” she tells me. “The thing about the FBI that is so extraordinary is that it is made up of a group of men and women whose every instinct is to run toward the fight. It’s in the fiber of everybody there. It’s the lifeblood. So it’s particularly devastating to be betrayed by an organization I still care about so deeply. And it’s crushing to see the noble Justice Department, my Justice Department, the place I grew up in, feel like it’s abandoned its principles of truth and independence.”

      • ‘I decided to take my power back’: Ex-FBI lawyer Lisa Page speaks out on Trump’s ‘sickening’ attacks

        But in a rare interview, Page, 39, told The Daily Beast that she could no longer silently stomach the president’s attacks on her. She said “the straw that broke the camel’s back” came when Trump repeatedly called her name at an Oct. 11 rally in Minneapolis in what she described as a “demeaning fake orgasm” while mocking her and Strzok, who were engaged in an extramarital affair.

        “I had stayed quiet for years hoping it would fade away, but instead it got worse,” she says. “It had been so hard not to defend myself, to let people who hate me control the narrative. I decided to take my power back.”

        “I’m done being quiet,” she said Sunday night in a tweet linking to the Daily Beast interview.

      • Facebook’s Mark Zuckerberg says the social network should not be ‘censoring politicians’

        King also asked Zuckerberg about his dinner with President Donald Trump at the White House three weeks ago and whether Trump lobbied him against banning political ads. ” No … I think some of the stuff that people talk about or think is discussed in these discussions are not really how that works,” Zuckerberg said. “I also want to respect that it was also a private discussion.”

      • Ethereum founder Vitalik Buterin supports petition to release arrested dev

        Griffith was arrested by the FBI at Los Angeles International Airport on 28th November after travelling to North Korea, one of the “United States’ foremost adversaries,” to attend and present a paper at the Pyongyang Blockchain and Cryptocurrency Conference.

        The US Department of State denies Griffith had permission for his trip and it’s alleged he formulated plans “to facilitate the exchange of cryptocurrency between the DPRK and South Korea,” in violation of sanctions against the DPRK.

      • Tariq Ali on UK Elections, Jeremy Corbyn and the Rise of the Extreme Right
      • Who owns the news? The 24 companies that control the world’s biggest news outlets

        Our latest study shows the current state of media consolidation in the United States, the U.K., Australia, and the globe.

        We started off by identifying the top 50 most visited news websites in the world as of September 2019, using data from web traffic analysis company Alexa, and market intelligence provider SimilarWeb. We then determined the parent companies behind each of these 50 outlets and identified all of the properties in their online media portfolios to create an accurate picture of the concentration of media around the world.

        In order to map out who owns the news in the United States, in the U.K. and in Australia, we isolated the 20 companies with the most popular websites in each geography and filled in the gaps by adding up-and-coming digital media companies. Once this step was complete, we worked our way backwards to identify all of the web properties in their portfolios and the parent companies behind them.

        For news sites that are owned by investment firms with a majority stake, the CEO or director of the investment firm was listed as the highest-level owner. For news sites that are owned or directly (or indirectly) controlled by the government (as is the case of the BBC, who since 2017 has had its board members selected by the UK government), the head of government was listed as the highest-level owner.

      • Newsweek Reporter Jessica Kwong Fired Over ‘Inaccurate’ Trump Thanksgiving Story

        Jessica Kwong, a reporter for Newsweek, has been fired after her inaccurate reporting of how President Donald Trump spent his Thanksgiving. Wong had reported that Trump was spending his Thanksgiving golfing, but he was actually making an impromptu, surprise trip to Afghanistan to spend time with deployed troops.


        Kwong has not sent out a tweet since correcting her false story. It will be interesting to see if she comments on the events that reportedly led to her ousting from the company.

        And on the flip side of things, we know this certainly will fuel Trump’s fake news narrative moving forward.

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

      • Death of crusading journalist topples Malta prime minister

        Hours earlier, nearly 20,000 Maltese protested outside a courthouse in the capital, Valletta, demanding that he step down in the largest such turnout of nearly daily protests in recent weeks. “As prime minister, I promised two years ago that justice would be done in the case of the murder of Daphne Caruana Galizia,” Muscat said, beginning his speech, adding that “today I am here to tell you that I kept my word.”

        But the slain reporter’s family contended Muscat’s departure won’t satisfy those in the nation who are determined that corruption and cronyism between politicians and business figures be rooted out. “People will be out in the streets again tomorrow,” tweeted one of her sons, Matthew Caruana Galizia, who is also a journalist.

      • Inside Belmarsh: John Pilger Visits Julian Assange

        The world’s most famous political prisoner continues to resist, despite a system conceived specifically to break him down. John Pilger reports.

    • Civil Rights/Policing

      • The New ‘Black Codes’

        The police forces in impoverished urban communities, equipped with military-grade weapons and empowered to harass and kill largely at will, along with mass incarceration, are the principal tools for the social control of the poor. There is little pretense of justice and even less of protection and safety.

      • Can Plantations be Redeemed?

        Thomas Jefferson may have written that all men were created equal in the Declaration of Independence. But he, along with so many of his fellow plantation owners, was still complicit in the institution of slavery.

      • Oregon Supreme Court Shuts Down Pretextual Traffic Stops; Says Cops Can’t Ask Questions Unrelated To The Violation

        The Supreme Court’s Rodriguez decision took a lot of fishing line away from law enforcement officers. Thousands of traffic statutes are violated every day. (Or not broken, in some cases.) All an officer needed to do was follow someone around until they violated one and then turn the traffic stop into a Q&A session with an eye on obtaining consent to search drivers, passengers, and vehicles.

      • Virginia Prisons Thwarted Muslim Inmates’ Rights to Observe Ramadan – Validated Independent News

        In one case, Muslim prisoners known to be fasting were not served breakfast before sunrise; in another prison, fasting inmates were forced to wait at least an hour after sunset to receive dinner.

      • Tinder Lets Known Sex Offenders Use the App. It’s Not the Only One.

        Susan Deveau saw Mark Papamechail’s online dating profile on PlentyofFish in late 2016. Scrolling through his pictures, she saw a 54-year-old man, balding and broad, dressed in a T-shirt. Papamechail lived near her home in a suburb of Boston and, like Deveau, was divorced. His dating app profile said he wanted “to find someone to marry.”

        Deveau had used dating websites for years, but she told her adult daughter the men she met were “dorky.” She joked about how she could get “catfished” if a date looked nothing like his picture. Still Deveau, 53, wanted to grow old with someone. The two were — in the popular dating platform’s jargon — “matched.”

      • We Are Investigating Sexual Violence and Dating Apps

        Columbia Journalism Investigations and ProPublica analyzed more than 150 incidents of sexual assault involving dating apps, culled from a decade of news reports, civil lawsuits and criminal records.

      • Russian trans woman sentenced to likely fatal three years in prison for posting manga on social media

        A court in the Russian city of Bryansk has sentenced a local doctor named Michelle to three years in prison, a term experts say is likely to result in her death. Michelle, a 53-year-old transgender woman, was convicted of “distributing pornography depicting minors,” which can carry a term of up to six years in Russia. Maria Chashchilova, an attorney for the Moscow Community Center for LGBT Initiatives (MCC), told Novaya Gazeta about the sentence on November 30.

      • Beyond Prisons: Instead Of Calling The Cops

        In a followup to the last episode, “Stop Hugging Cops,” Beyond Prisons hosts Brian Sonenstein and Kim Wilson share some resources and discuss alternatives to calling the police.

        We talk about the chain reaction that is created by bringing the police to a community or into an individual’s life, and we suggest ways to scrutinize the impulse to call the police. Brian also calls on White people to consider what it means for them to call the police on Black and Brown people and offers some thoughts for how white people can do better in situations that generally don’t require intervention.

      • Read this before you sign your nikah nama

        Hearing these stories, I have to ask: how is it that the majority of women end up scribbling their names thoughtlessly on one of the most momentous civil contracts they’ll ever agree to without so much as reading it?

        And just what is in that nikah nama of yours?

        I sat down with some lawyers to find out.

      • Trump Has Made the Military Safe for War Criminals

        While Spencer’s resistance to Trump’s actions is admirable, it was also rooted more in turf protection than in condemnation of the moral enormity of Trump’s embrace of war criminals. “This was a shocking and unprecedented intervention in a low-level review,” Spencer wrote in The Washington Post after his firing. “It was also a reminder that the president has very little understanding of what it means to be in the military, to fight ethically or to be governed by a uniform set of rules and practices.”

      • Secret Service Report Reveals That School Shootings Are Often Preventable

        The majority of attackers, according to the report, “experienced stressors, exhibited concerning behaviors and made their intentions to attack others known.” “These are not sudden, impulsive acts where a student suddenly gets disgruntled,” said Lina Alathari, the head of the NATC, in an interview with the Associated Press. “The majority of these incidents are preventable.”

      • Plicido Domingo Calls Sexual Harassment Claims a ‘Nightmare’

        In the first full interview he has given since sexual harassment charges partially derailed his career, legendary operatic tenor Plicido Domingo maintained his innocence, calling the accusations a “nightmare.”

      • Infographic: How many complaints about torture in Russian prisons result in criminal cases?
    • Internet Policy/Net Neutrality

      • Take action to save .org and prosecute those who sold out the internet

        If you are familiar with the .org heist, then like me, you’re probably pissed off. Here’s how you can take action: all of these organizations are 501c3 non-profits. The sale of a non-profit to a for-profit entity like this is illegal without very specific conditions being met. Additionally, this kind of behavior is not the sort the IRS likes to see in a tax-exempt organization. Therefore, we can take the following steps to put a stop to this: [...]

    • Monopolies

      • Patents

        • Ninth Circuit schedules oral argument in FTC v. Qualcomm for February 13, 2020 (San Francisco)

          The United States Court of Appeals for the Ninth Circuit will hear oral argument from appellant Qualcomm and appellee the Federal Trade Commission (FTC) in the antitrust matter originating from the Northern District of California on Thursday, February 13, 2020, at 9:30 AM Pacific Time.

          The court’s website does not yet list the circuit judges on the panel. In this case, the composition of the panel will play a far greater role than in most antitrust cases as Qualcomm has managed, through lobbying and PR and with help from its former lawyer and forever-loyal supporter Makan “Macomm” Delrahim (Antitrust Assistant Attorney General), to politicize a case that actually raises business issues without any ideological dimension.

        • Patent case: Crane Payment Innovations Inc. vs. Giesecke+Devrient Currency Technology GmbH, EPO

          Where an expression in a granted claim, taken literally and in isolation, would have the effect of excluding all of the disclosed embodiments from the scope of protection, but where a definition of the expression may be derived from the patent itself which would locate (at least some of) the disclosed embodiments within the ambit of the claim, and provided this definition is not manifestly unreasonable having regard to the normal meaning of the words used in the expression, then in judging compliance with the requirements of Art. 123(3) EPC, the scope of protection should normally be considered to include at least that which would fall within the terms of the claim understood according to this definition.

        • Paris Court Grants Anti-Anti-Suit Injunction in IPCom v. Lenovo

          First, the Paris Court rejected Lenovo’s objection that proceedings on the same subject matter are already pending in California (lis pendens). The case pending in California is an action in chief, while the request in France concerns a preliminary injunction. In addition, the subject matter of the California case are the conditions of a FRAND license, whereas the subject matter of the French proceedings is about “maintaining the patentee’s freedom of action and the exercise of the patentee’s exclusive rights”.

          Second, the Paris Court sets forth that an anti-suit injunction by an EU member state against the courts of another member state would be contrary to public policy (ordre public), because of the “mutual trust in the judicial systems of EU member states” (see CJEU C-159/02 – Turner/Grovit). Conversely, an anti-suit injunction coming from a non-EU jurisdiction can be recognized as valid, but only if its purpose is to enforce a contractual jurisdiction clause or an arbitral clause. In all other cases–

          the anti-suit injunction constitutes an interference in the jurisdiction of the courts and has the effect of indirectly disregarding the exclusive power of each state to freely define the international jurisdictional competence of their courts.

          Given that, in the case at hand, Lenovo and Motorola are not seeking an anti-suit injunction to enforce a jurisdiction clause or an arbitral clause, but to prevent the patentee from exercising its exclusive rights, IPCom has been granted the requested anti-anti-suit-injunction, but such injunction will apply only to the French part of EP268.


          It will be worth keeping an eye on the future developments of this case, and not only for IP civil procedure aficionados. It is noteworthy that in the pending US proceedings, the US Department of Justice (Antitrust Division) filed on 25 October 2019 a Statement of Interest (available here) on the antitrust aspects of the anti-suit injunction (arguing that the anti-suit injunction sought by Lenovo and Motorola did not have a basis in antitrust law). Whether this further aspect will now become moot (because Lenovo and Motorola withdraw their respective requests in compliance with the Paris Court’s decision) remains to be seen.

        • Software Patents

          • Conversant v Apple

            On 29 November 2019, the Patents Court of England and Wales handed down it decision revoking Conversant’s UK patent relating to an improved user interface on smartphone devices. Unlike earlier infringement actions brought by Conversant against Huawei and ZTE in the UK, this action brought against Apple (and various of its subsidiaries) concerned a non standards-essential patent.

            Against the backdrop of the early smartphones which required a rather involved process of navigating a sequence of menus to access a desired application, the invention involved the idea of using an “application summary window” on a smartphone to provide a list of several commonly used functions within that application and/or stored data commonly accessed for it. The devices alleged to infringe were various models of Apple’s iPhone running various versions of its IOS operating system (in particular, the functionality called “Widgets” and “Home Screen Quick Action Windows”, which allow users to view summary data or access certain features of applications quickly, was said to infringe). Apple counterclaimed that the patent was invalid on the basis of two items of prior art, AgrEvo-obviousness and added matter. Ultimately, the court held the patent to be infringed but invalid over an early smartphone device called SIMON produced by IBM in 1994 (the AgrEvo-obviousness and added matter attacks were dismissed). The main point which is likely to be of interest to patent practitioners relates to the identity of the skilled person in circumstances where a patentee has applied to amend its patent.

      • Trademarks

        • AG Bobek suggests broadening possibility to submit new arguments and evidence before General Court in trade mark opposition proceedings

          One of many lessons this Kat learned from his mentor at the law firm where he started his career was this: in trade mark opposition proceedings at the European Union Intellectual Property Office (EUIPO), be sure to file all your evidence at the Board of Appeal stage at the very latest. Once proceedings reach the General Court (GC), filing new arguments and evidence is more or less categorically excluded. This rule will be familiar to trade mark practitioners and is indeed reflected in many decisions of the Court of Justice of the European Union (CJEU) and the GC [see e.g. C-29/05 P, par. 54 and T-346/04, par. 19].

          However, the recent Opinion of Advocate General (AG) Bobek in case C-702/18, Primart Marek Łukasiewicz v. EUIPO [here] suggests this rule might be subject to significant exceptions. In short: AG Bobek argues that certain matters of fact or law are inextricably linked to the assessment to be carried out by the EUIPO. It may form an opinion on these matters, even if parties do not present arguments on it. The opinion of AG Bobek suggests that parties may present new arguments and evidence on such matters even before the General Court.


          After finding the appeal admissible, the AG began with an analysis of Article 76(1) of Regulation 207/2009, the Community Trade Mark Regulation [now Article 95 of Regulation 2017/1001]. He concluded that this provision ”cannot be read as obliging the Board of Appeal to refrain from examining matters of law or fact that, despite not having been specifically raised by one of the parties, are inextricably linked to those raised by the parties.” [par. 48].

          The AG then turned to Article 188 of the Rules of Procedure of the General Court, which states that the appeal before the GC “may not change the subject matter of the proceedings before the Board of Appeal.” He found that this provision “cannot be interpreted as barring the parties from questioning EUIPO’s assessment with regard to elements of law or fact which that office was required to consider (if need be, of its own motion) and was able to adjudicate upon” [par. 55]. The distinctiveness of the earlier mark is an example of such an element in that it is inextricably linked to the assessment of likelihood of confusion.

          Drawing on the GC’s decision in Hooligan, AG Bobek distinguished two types of arguments that could be made in the context of distinctiveness of an earlier mark. On the one hand, there are arguments that EUIPO cannot assess without evidence from the parties: an example is increased distinctiveness as a result of reputation. If parties do not make these arguments before the EUIPO, it cannot take them into account of its own motion and parties are also barred from making the argument before the GC [par. 63].

        • Are two different whales conceptually identical? Fourth Board of Appeal finds likelihood of confusion despite some visual dissimilarities between marks

          Can simple things become difficult? In a recent decision, the Fourth Board of appeal reaffirmed a basic truth: if your sign has the same concept of another, then there is conceptual identity between these two.

          Having recognized that there are indeed differences between the signs, in this case the Board affirmed that such differences constituted minor elements of secondary importance which the average customer would not be likely to identify or remember.


          The earlier EUTM had been registered since 2016 for certain goods in Classes 18, 24 and 25 (clothing for women, men and children, footwear, slippers, pants, underwear, suits, shorts, trousers, shirts, sweaters, jackets, parkas, socks, underwear, swimming costumes, robes, gloves, belts, hats, and caps).

          The Opposition Division found that there was a likelihood of confusion pursuant to Article 8(1)(b) of Regulation 2017/1001 (EU Trade Mark Regulation (EUTMR) in respect of the goods covered by the earlier EUTM. It also held that the signs were visually similar to an above average degree as well as conceptually identical because they both depicted a whale.

        • The implementation in France of the EU Directive relating to trade marks

          The new law will be completed by a Decree that will provide implementing Regulations. The new law will come into force the day after the publication of the Decree, which is currently under examination before the Conseil d’Etat (French Council of State) and, at the latest, on December 15, 2019, with respect to all Articles of the law, except those relating to cancellation actions, which will come into force on April 1st, 2020.

          The new enactment constitutes a substantial transformation of French trade mark law, modernizing the available trade mark protection mechanisms, as part of the implementation of the EU Directive, whose goal is to harmonize EU national trade mark laws.


          - invalidation actions based on relative grounds, except for actions based on a design, a copyright, or a right of personality (surname, pseudonym, or image);

          However, the territorially competent IP specialized courts will have jurisdiction when–

          -the cancellation action is based on a design, copyright or right of personality;

          -the cancellation action is a counterclaim as part of ongoing proceeding before the court (for example, an ongoing infringement or unfair competition action);

          -provisional or injunctive measures have been requested from the court; or

          -seizure based on infringement was carried out.

          The above are only what we may consider the main innovations found in the new French Trade Mark Law; however, the new legislation involves many substantial changes to the current practice, to which not only practitioners will have to adapt, but also the Trade Mark Office itself as well as the competent courts through the application and interpretation of the new law.

      • Copyrights

        • Copyright: When the Case Summaries are “Official” Works Authored by the State

          Here, we have “official” annotated code created by Lexis but guided by a mandated state committee. And, as a work-made-for-hire, the State is legally seen as the author for copyright purposes. The crux of the copyright claim here is in the summaries of judicial decisions citing to the Georgia code. Although those summaries do not have the force of law, they are the “official” annotations legally authored by the state.


          All this is easy for activities of U.S. judges and legislators because U.S. Gov’t works are not copyrightable under the Statute. In the state law perspective, we get into a difficult line drawing problem with Justice Breyer’s approach understanding when a judge or legislator is acting in “some other abstract capacity” (using the words of Justice Gorsuch).

          In the end, Georgia’s attorney warned the judges not to “blow up” the current system that allows for copyright protection of the official code. Reminds me of an attack on casebooks from a few years ago. WSJ Blog.

        • Pirate Bay Replaced Its Iconic Logo to Get Some Extra Revenue

          The Pirate Bay has delivered some interesting logo changes in recent weeks. The torrent site temporarily swapped the good-old pirate ship to promote a VPN, a file-hosting service, and a blockchain project. While the site hasn’t explained its motives it is, at least in part, an attempt to earn some additional income.

        • Cox Can Use ‘Copyright Alert System’ Evidence in Piracy Case, Court Rules

          The so-called six-strikes anti-piracy scheme in the United States may be dead, but it’s about to be used as prime evidence in the lawsuit between ISP Cox and several music labels. A federal court in Virginia has denied a request from the labels to exclude the matter from trial, during which Cox is expected to argue that its own anti-piracy measures went even further than the industry-approved alternative.

        • Premier League Piracy Case Ends In ‘Record Damages’, Suspended Sentences

          The Premier League says it has secured one of the highest copyright-related damages awards in Thailand’s history after targeting individuals behind a major ‘piracy network’ in Asia. A British man and a Thai national pleaded guilty to infringement, paid the Premier League around GBP

        • Copyright Troll Threatens Criminal Charges In Germany Against Domain Registrar

          I’ve discussed in the past how problematic it is when people don’t recognize the differences between edge providers and infrastructure providers when it comes to internet services. Usually it’s policymakers (or the press) getting these things confused, but we’ve certainly seen our fair share of attempts by copyright maximalists to use this confusion to their advantage. However, this may be the first I recall of seeing a copyright trolling operation trying to effectively do the same.

Laundering the Reputation of Criminals: That’s an Actual Job

Posted in Bill Gates, Deception, Microsoft at 6:59 am by Dr. Roy Schestowitz

Bill Gates and Laundering of Reputation

Summary: An important reminder that the manufactured, paid-for (media is being bribed) image of Bill Gates is the product of the PR industry he enlisted to distract from his endless crimes

« Previous entries Next Page » Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts