EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

01.21.18

Links 21/1/2018: Wine 3.0 Coverage, KaOS 2018.01, Red Hat Among ‘Admired Companies’

Posted in News Roundup at 6:32 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • How Live Patching Has Improved Xen Virtualization

    The open-source Xen virtualization hypervisor is widely deployed by enterprises and cloud providers alike, which benefit from the continuous innovation that the project delivers.

    In a video interview with ServerWatch, Lars Kurth, Chairman of the Xen Project Advisory Board and Director, Open Source Solutions at Citrix, details some of the recent additions to Xen and how they are helping move the project forward.

  • The Gravity of Kubernetes

    Most new internet businesses started in the foreseeable future will leverage Kubernetes (whether they realize it or not). Many old applications are migrating to Kubernetes too.

    Before Kubernetes, there was no standardization around a specific distributed systems platform. Just like Linux became the standard server-side operating system for a single node, Kubernetes has become the standard way to orchestrate all of the nodes in your application.

    With Kubernetes, distributed systems tools can have network effects. Every time someone builds a new tool for Kubernetes, it makes all the other tools better. And it further cements Kubernetes as the standard.

  • Welcome to 2018

    The image of the technology industry as a whole suffered in 2017, and that process is likely to continue this year as well. That should lead to an increased level of introspection that will certainly affect the free-software community. Many of us got into free software to, among other things, make the world a better place. It is not at all clear that all of our activities are doing that, or what we should do to change that situation. Expect a lively conversation on how our projects should be run and what they should be trying to achieve.

    Some of that introspection will certainly carry into projects related to machine learning and similar topics. There will be more interesting AI-related free software in 2018, but it may not all be beneficial. How well will the world be served, for example, by a highly capable, free facial-recognition system and associated global database? Our community will be no more effective than anybody else at limiting progress of potentially freedom-reducing technologies, but we should try harder to ensure that our technologies promote and support freedom to the greatest extent possible.

    Our 2017 predictions missed the fact that an increasing number of security problems are being found at the hardware level. We’ll not make the same mistake in 2018. Much of what we think of as “hardware” has a great deal of software built into it — highly proprietary software that runs at the highest privilege levels and which is not subject to third-party review. Of course that software has bugs and security issues of its own; it couldn’t really be any other way. We will see more of those issues in 2018, and many of them are likely to prove difficult to fix.

  • Desktop

    • My Linux story: Coding not required

      For more than 15 years, I have earned a living working exclusively with open source products. How did I get here?

      In many ways, my journey started before Linux existed. In college, I had friends who were admins in the engineering computer lab. Although I did not do too well in my CS programming classes, as a hobby and to spend time with my friends I learned about newgroups, ftp sites, and Unix systems. As a data aide student intern, I realized I made a good translator between the astronomers and the C programmer computer support staff. I could read just enough code to identify the problem, but not enough to actually fix it.

  • Audiocasts/Shows

    • Pixel C Android tablet remembered – Unleaded Hangouts

      Pixel C Android tablet remembered. This Android powered Google offering may be no more, however we take the time to remember the Google Pixel C. I’m joined by Mike Stone for this special edition of Unleaded.

    • Command Line Heroes – get your no-cost RHEL developer subscription

      Red Hat has announced Command Line Heroes (CLH), an original podcast from Red Hat. Hosted by Saron Yitbarek, developer, and the founder of CodeNewbie, Command Line Heroes is about geeks, hackers, developers, programmers, and all sorts of passionate open source builders, makers, and users.

  • Kernel Space

    • Experimental KPTI Support For x86 32-bit Linux

      For the Kernel Page Table Isolation (KPTI) support currently within the Linux kernel for addressing the Meltdown CPU vulnerability it’s currently limited to 64-bit on the x86 side, but for the unfortunate souls still running x86 32-bit operating systems, SUSE is working on such support.

    • AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16

      With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD’s Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline.

      Going back to the end of 2016 have been Linux patches for Secure Encrypted Virtualization while with Linux 4.16 it will finally be part of the mainline kernel and supported with KVM (Kernel-based Virtual Machine) virtualization.

    • Deadline scheduler part 2 — details and usage

      Linux’s deadline scheduler is a global early deadline first scheduler for sporadic tasks with constrained deadlines. These terms were defined in the first part of this series. In this installment, the details of the Linux deadline scheduler and how it can be used will be examined.

      The deadline scheduler prioritizes the tasks according to the task’s job deadline: the earliest absolute deadline first. For a system with M processors, the M earliest deadline jobs will be selected to run on the M processors.

      The Linux deadline scheduler also implements the constant bandwidth server (CBS) algorithm, which is a resource-reservation protocol. CBS is used to guarantee that each task will receive its full run time during every period. At every activation of a task, the CBS replenishes the task’s run time. As the job runs, it consumes that time; if the task runs out, it will be throttled and descheduled. In this case, the task will be able to run only after the next replenishment at the beginning of the next period. Therefore, CBS is used to both guarantee each task’s CPU time based on its timing requirements and to prevent a misbehaving task from running for more than its run time and causing problems to other jobs.

    • New Sound Drivers Coming In Linux 4.16 Kernel

      Due to longtime SUSE developer Takashi Iwai going on holiday the next few weeks, he has already sent in the sound driver feature updates targeting the upcoming Linux 4.16 kernel cycle.

      The sound subsystem in Linux 4.16 sees continued changes to the ASoC code, clean-ups to the existing drivers, and a number of new drivers.

    • Varlink: a protocol for IPC

      One of the motivations behind projects like kdbus and bus1, both of which have fallen short of mainline inclusion, is to have an interprocess communication (IPC) mechanism available early in the boot process. The D-Bus IPC mechanism has a daemon that cannot be started until filesystems are mounted and the like, but what if the early boot process wants to perform IPC? A new project, varlink, was recently announced; it aims to provide IPC from early boot onward, though it does not really address the longtime D-Bus performance complaints that also served as motivation for kdbus and bus1.

      The announcement came from Harald Hoyer, but he credited Kay Sievers and Lars Karlitski with much of the work. At its core, varlink is simply a JSON-based protocol that can be used to exchange messages over any connection-oriented transport. No kernel “special sauce” (such as kdbus or bus1) is needed to support it as TCP or Unix-domain sockets will provide the necessary functionality. The messages can be used as a kind of remote procedure call (RPC) using an API defined in an interface file.

    • Statistics for the 4.15 kernel

      The 4.15 kernel is likely to require a relatively long development cycle as a result of the post-rc5 merge of the kernel page-table isolation patches. That said, it should be in something close to its final form, modulo some inevitable bug fixes. The development statistics for this kernel release look fairly normal, but they do reveal an unexpectedly busy cycle overall.

      This development cycle was supposed to be relatively calm after the anticipated rush to get work into the 4.14 long-term-support release. But, while 4.14 ended up with 13,452 non-merge changesets at release, 4.15-rc6 already has 14,226, making it one of the busiest releases in the kernel project’s history. Only 4.9 (16,214 changesets) and 4.12 (14,570) brought in more work, and 4.15 may exceed 4.12 by the time it is finished. So far, 1,707 developers have contributed to this kernel; they added 725,000 lines of code while removing 407,000, for a net growth of 318,000 lines of code.

    • A new kernel polling interface

      Polling a set of file descriptors to see which ones can perform I/O without blocking is a useful thing to do — so useful that the kernel provides three different system calls (select(), poll(), and epoll_wait() — plus some variants) to perform it. But sometimes three is not enough; there is now a proposal circulating for a fourth kernel polling interface. As is usually the case, the motivation for this change is performance.
      On January 4, Christoph Hellwig posted a new polling API based on the asynchronous I/O (AIO) mechanism. This may come as a surprise to some, since AIO is not the most loved of kernel interfaces and it tends not to get a lot of attention. AIO allows for the submission of I/O operations without waiting for their completion; that waiting can be done at some other time if need be. The kernel has had AIO support since the 2.5 days, but it has always been somewhat incomplete. Direct file I/O (the original use case) works well, as does network I/O. Many other types of I/O are not supported for asynchronous use, though; attempts to use the AIO interface with them will yield synchronous behavior. In a sense, polling is a natural addition to AIO; the whole point of polling is usually to avoid waiting for operations to complete.

    • Linux Foundation

    • Graphics Stack

      • Mesa 17.3.3 Released With RADV & ANV Vulkan Driver Fixes

        Mesa 17.3.3 is now available as the latest point release for the Mesa 17.3 stable series.

        This bi-weekly point release to Mesa presents several RADV Vega/GFX9 fixes, various Intel ANV Vulkan driver fixes, a DRI3 fix, and random fixes to the OpenGL drivers like RadeonSI, Etnaviv, and even Swrast.

      • R600g “Soft” FP64 Shows Signs Of Life, Enabling Older GPUs To Have OpenGL 4 In 2018

        Most pre-GCN AMD graphics cards are still limited to OpenGL 3.3 support at this time due to not supporting FP64. Only the HD 5800/6900 series on R600g currently have real double-precision floating-point support working right now so at present they are on OpenGL 4.3 rather than 3.3, but those other generations may be catching up soon thanks to the “soft” FP64 code.

      • AMDGPU DC Gets More Raven Ridge Improvements, Audio Fixes

        Harry Wentland of AMD has sent out the latest batch of patches for the AMDGPU DC display code stack. Fortunately it lightens up the DRM driver by about six thousand lines thanks to removing some unused code.

        Besides gutting out a chunk of unused code, the DC code has a few audio fixes (no word yet on supporting newer audio formats with DC), fixes on driver unload, a “bunch” of continued Raven Ridge display updates, and various other code clean-ups.

      • AMDGPU Firmware Blobs Updated For Video Encode/Decode

        There are updated AMDGPU microcode/firmware files now available for recent Radeon GPUs.

        The updated firmware files now available via the main linux-firmware.git repository are centered around the video blocks: UVD video decoding, VCE video encode, and the new VCN video encode/decode block with Raven Ridge.

      • Intel Exploring Cgroups Support For DRM Driver Management

        An Intel open-source driver developer has posted preliminary patches taking Cgroups v2 to DRM driver management.

      • OpenSWR Rasterizer Improvements Land Ahead Of Mesa 18.0

        Besides Intel and Radeon OpenGL/Vulkan driver improvements squeezing into Mesa Git ahead of the imminent Mesa 18.0 code branching, the Intel-developed OpenSWR has landed its latest improvements.

    • Benchmarks

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Linux and Qt in Automotive? Let’s meet up!

        For anyone around the Gothenburg area on Feb 1st, you are most welcome to the Automotive MeetUp held at the Pelagicore and Luxoft offices. There will be talks about Qt/QML, our embedded Linux platform PELUX and some ramblings about open source in automotive by yours truly ;-)

      • What about AppImage?

        I see a lot of people asking about state of AppImage support in Discover.

        It’s non-existent, because AppImage does not require centralized software management interfaces like Discover and GNOME Software (or a command-line package manager). AppImage bundles are totally self-contained, and come straight from the developer with zero middlemen, and can be managed on the filesystem using your file manager

        This should sound awfully familiar to former Mac users (like myself), because Mac App bundles are totally self-contained, come straight from the developer with zero middlemen, and are managed using the Finder file manager.

    • GNOME Desktop/GTK

      • 5 of the Best Linux Dark Themes that Are Easy on the Eyes

        There are several reasons people opt for dark themes on their computers. Some find them easy on the eye while others prefer them because of their medical condition. Programmers, especially, like dark themes because they reduce glare on the eyes.

        If you are a Linux user and a dark theme lover, you are in luck. Here are five of the best dark themes for Linux. Check them out!

      • GNOME Rolls Out The GTK Text Input Protocol For Wayland

        GNOME developers have been working on a new Wayland protocol, the “gtk_text_input” protocol, which now is implemented in their Mutter compositor.

        Separate from the zwp_text_input protocol, the gtk_text_input protocol is designed for representing text input and input methods associated with a seat and enter/leave events. This GNOME-catered protocol for Mutter is outlined via this commit with their protocol specification living in-tree to Mutter given its GNOME focus.

      • Wine, Mozilla, GNOME and DragonFly BSD

        While GNOME is moving to remove desktop icon support in version 3.28, Ubuntu 18.04 LTS will continue to ship with an older version of Nautilus (3.26) in an effort to keep this age-old practice alive, at least for its upcoming LTS release.

        In more GNOME-related news, version 3.28 of the Photos application will include a number of enhancements to its photo-editing arsenal, such as shadows and highlight editing, the ability to alter crop orientation, added support for zoom gestures and more. For a complete list, visit the project’s roadmap.

  • Distributions

    • The 5 Best Linux Distributions for Development

      When considering Linux, there are so many variables to take into account. What package manager do you wish to use? Do you prefer a modern or old-standard desktop interface? Is ease of use your priority? How flexible do you want your distribution? What task will the distribution serve?

      It is that last question which should often be considered first. Is the distribution going to work as a desktop or a server? Will you be doing network or system audits? Or will you be developing? If you’ve spent much time considering Linux, you know that for every task there are several well-suited distributions. This certainly holds true for developers. Even though Linux, by design, is an ideal platform for developers, there are certain distributions that rise above the rest, to serve as great operating systems to serve developers.

    • New Releases

      • KaOS 2018.01 KDE-focused Linux distro now available with Spectre and Meltdown fixes

        It can be difficult to find a quality Linux distribution that meets your needs. This is partly because there are just too many operating systems from which to choose. My suggestion is to first find a desktop environment that you prefer, and then narrow down your distro search to one that focuses on that DE. For instance, if you like KDE, both Kubuntu and Netrunner are solid choices.

        With all of that said, there is another KDE-focused Linux distro that I highly recommend. Called “KaOS,” it is rolling release, meaning you can alway be confident that your computer is running modern packages. Today, KaOS gets its first updated ISO for 2018, and you should definitely use it to upgrade your install media. Why? Because version 2018.01 has fixes for Spectre and Meltdown thanks to Linux kernel 4.14.14 with both AMD and Intel ucode.

      • KaOS Linux Gets First ISO Snapshot for 2018 with Spectre and Meltdown Patches

        The development team behind the KaOS Linux operating system have released today the first ISO snapshot for 2018, bringing all the latest software and security updates.

        First thing first, the KaOS 2018.01 installation snapshot includes patches for the Meltdown and Spectre security vulnerabilities publicly disclosed earlier this month by shipping with the latest Linux 4.14.14 kernel built with Retpoline support. Intel and AMD microcode firmware updates are also present.

    • OpenSUSE/SUSE

      • Tumbleweed Rolls Forward with New versions of Mesa, Squid, Xen

        This week provided a pretty healthy amount of package updates for openSUSE’s rolling distribution Tumbleweed.

        There were three snapshots released since the last blog and some of the top packages highlighted this week are from Mesa, Squid, Xen and OpenSSH.

        The Mesa update from version 17.2.6 to 17.3.2 in snapshot 20180116 provided multiple fixes in the RADV Vulkan driver and improvements of the GLSL shader cache. The Linux Kernel provides some fixes for the security vulnerabilities of Meltdown in version 4.14.13 and added a prevent buffer overrun on memory hotplug during migration for KVM with s390. The snapshot had many more package updates like openssh 7.6p1, which tightened configuration access rights. A critical fix when updating Flatpak packages live was made with the gnome-software version 3.26.4 update. File systems package btrfsprogs 4.14.1 provided cleanups and some refactoring while wireshark 2.4.4 made some fixes for dissector crashes. Xen 4.10.0_10 added a few patches. Rounding out the snapshot, ModemManager 1.6.12 fixed connection state machine when built against libqmi and blacklisted a few devices to include some Pycom devices.

      • openSUSE Tumbleweed Rolls To Mesa 17.3, Linux 4.14.13

        OpenSUSE has continued rolling in the new year with several key package updates in January.

        Exciting us a lot is that openSUSE Tumbleweed has migrated from Mesa 17.2 to now Mesa 17.3. Mesa 17.3.2 is the version currently in openSUSE’s rolling-release.

      • openSUSE Tumbleweed Users Receive Important Mesa Linux Graphics Stack Update

        Four snapshots were released this week for OpenSuSE Tumbleweed, which is a rolling release GNU/Linux distribution where users install once and receive updates forever. Probably the most important change added in these snapshots was related to the graphics stack, which was updated to Mesa 17.3.2, a release that neede to be split into two parts to improve the build performance of the distribution.

        “In order to improve the distro build performance, Mesa was split into two parts to be built. Users that updated their system using “–no-recommends” did not get Mesa-dri auto-installed, resulting in the graphical system possibly not starting up. Simply install Mesa-dri for now manually (dependency chain fixes are underway),” said Dominique Leuenberger in the mailing list announcement.

    • Slackware Family

      • What’s new for January? Plasma5 18.01, and more

        When I sat down to write a new post I noticed that I had not written a single post since the previous Plasma 5 announcement. Well, I guess the past month was a busy one. Also I bought a new e-reader (the Kobo Aura H2O 2nd edition) to replace my ageing Sony PRS-T1. That made me spend a lot of time just reading books and enjoying a proper back-lit E-ink screen. What I read? The War of the Flowers by Tad Williams, A Shadow all of Light by Fred Chappell, Persepolis Rising and several of the short stories (Drive, The Butcher of Anderson Station, The Churn and Strange Dogs) by James SA Corey and finally Red Sister by Mark Lawrence. All very much worth your time.

    • Red Hat Family

    • Debian Family

      • TLCockpit v0.8

        Today I released v0.8 of TLCockpit, the GUI front-end for the TeX Live Manager tlmgr. I spent the winter holidays in updating and polishing, but also in helping me debug problems that users have reported. Hopefully the new version works better for all.

      • Google’s Linux workstations are switching from Ubuntu to Debian

        Like many companies, Google uses a variety of operating systems in-house. macOS and Windows are used by a large number of employees, a modified build of Debian Linux is used on its servers (as of 2014, at least), and Chrome OS and Android devices are commonplace. In work environments where Linux is needed, Google uses a customized version of Ubuntu 14.04 called ‘Goobuntu,’ which has never been released publicly.

      • Derivatives

        • Canonical/Ubuntu

          • In a Snap, Slack Comes to Linux. Here’s How To Install It

            While binaries for Slack have been available for Ubuntu and Fedora, other Linux operating systems are not so lucky. To overcome this, Canonical has released Slack as a Snap, which allows Slack to be installed and used on a greater variety of Linux distributions.

            Snapcraft is a command line tool that allows you to install containerised applications called Snaps on many different Linux distribution. As these Snap containers contain all the required dependencies that a program needs to run, it makes it very easy to create and distribute a single container that works on a variety of Linux versions.

          • Linux Users Can Now Download Slack as a ‘Snap’

            Slack is one step closer to becoming the workplace staple for businesses across the globe. The software is now available for use on Linux environments, bundled as a Snap – an application package for opensource systems.

            Tens of millions of users across the world run Linux on their systems, opting for one among its many distribution avatars. In comparison, Slack reported that over 6 million active profiles used the app daily last year, 2 million of them with paid subscriptions. The new release could open Slack up to a whole new set of customers.

          • Slack has arrived on Linux thanks to Canonical Snap

            CANONICAL HAS made the wishes of its users come true again as it brings another major app to Linux users for the first time.

            This time it’s popular team platform Slack. The secret sauce is Ubuntu’s “Snap” packages, a form of containerisation which puts an app into a little bubble that makes it run in the Linux environment. At Christmas, the technique was used to bring a desktop Spotify to Linux for the first time.

            The important thing here is that Snaps, first launched in 2016, run on any Linux distro, not just Canonical’s own Ubuntu. Named specifically were Linux Mint, Manjaro, Debian, ArchLinux, OpenSUSE and Solus. Not only that, they work across desktop, server, cloud and IoT.

          • Your first robot: Introduction to the Robot Operating System [2/5]

            This is the second blog post in this series about creating your first robot with ROS and Ubuntu Core. In the previous post we walked through all the hardware necessary to follow this series, and introduced Ubuntu Core, the operating system for IoT devices. We installed it on our Raspberry Pi, and used it to go through the CamJam worksheets. In this post, I’m going to introduce you to the Robot Operating System (ROS), and we’ll use it to move our robot.

  • Devices/Embedded

Free Software/Open Source

  • Open source casino tech biz TGG enters Cambodia

    The firm provides “all essential source codes with open API [application program interface] for game designers to create customisable premium content for casino operators, enabling the operators to focus on making the best possible gaming experience for their players worldwide without additional investment in information technology infrastructure,” added its release.

  • Events

  • Web Browsers

    • Mozilla

      • Firefox Quantum Eats RAM Like Chrome

        For a long time, Mozilla’s Firefox has been my web browser of choice. I have always preferred it to using Google’s Chrome, because of its simplicity and reasonable system resource (especially RAM) usage. On many Linux distributions such as Ubuntu, Linux Mint and many others, Firefox even comes installed by default.

        Recently, Mozilla released a new, powerful and faster version of Firefox called Quantum. And according to the developers, it’s new with a “powerful engine that’s built for rapid-fire performance, better, faster page loading that uses less computer memory.”

      • Mozilla Communities Speaker Series #PrivacyMonth

        As a part of the Privacy Month initiative, Mozilla volunteers are hosting a couple of speaker series webinars on Privacy, Security and related topics. The webinars will see renowned speakers talking to us about their work around privacy, how to take control of your digital self, some privacy-security tips and much more.

      • “Ewoks or Porgs?” and Other Important Questions

        You ever go to a party where you decide to ask people REAL questions about themselves, rather than just boring chit chat? Us, too! That’s why we’ve included questions that really hone in on the important stuff in our 2nd Annual Firefox Census.

      • These Weeks in Firefox: Issue 30
      • TenFourFox FPR5 available

        TenFourFox Feature Parity Release 5 final is available for testing (downloads, hashes, release notes). There are no other changes other than the relevant security updates and the timer resolution reduction for anti-Spectre hardening. Assuming no major issues, it will become live on Monday evening Pacific time.

      • Mozilla mandates that new Firefox features rely on encrypted connections

        Mozilla this week decreed that future web-facing features of Firefox must meet an under-development standard that requires all browser-to-server-and-back traffic be encrypted.

        “Effective immediately, all new features that are web-exposed are to be restricted to secure contexts,” wrote Mozilla engineer Anne van Kesteren in a post to a company blog. “A feature can be anything from an extension of an existing IDL-defined object, a new CSS property, a new HTTP response header, to bigger features such as WebVR.”

      • Rogue Chrome, Firefox Extensions Hijack Browsers; Prevent Easy Removal

        Any malware that hijacks your browser to serve up ads or to redirect you to random websites can be annoying. Even more so are extensions that take control of your browser and prevent you from landing on pages that can help you get rid of them.

        Security researchers at Malwarebytes recently discovered extensions for Chrome and Firefox that display precisely that behavior. According to the security vendor, the extensions are designed to hijack browsers and then block users from removing them by closing out pages with information on extensions and add-ons, or by steering users to pages where extensions aren’t listed. Rogue extensions like these are often an overlooked attack vector that can leave organizations exposed to serious threats.

  • Pseudo-Open Source (Openwashing)

  • Funding

  • FSF/FSFE/GNU/SFLC

    • Future directions for PGP

      Back in October, LWN reported on a talk about the state of the GNU Privacy Guard (GnuPG) project, an asymmetric public-key encryption and signing tool that had been almost abandoned by its lead developer due to lack of resources before receiving a significant infusion of funding and community attention. GnuPG 2 has brought about a number of changes and improvements but, at the same time, several efforts are underway to significantly change the way GnuPG and OpenPGP are used. This article will look at the current state of GnuPG and the OpenPGP web of trust, as compared to new implementations of the OpenPGP standard and other trust systems.

      GnuPG produces encrypted files, signed messages, and other types of artifacts that comply to a common standard called OpenPGP, described in RFC 4880. OpenPGP is derived from the Pretty Good Privacy (PGP) commercial software project (since acquired by Symantec) and today is almost synonymous with the GnuPG implementation, but the possibility exists for independent implementations of the standard that interoperate with each other. Unfortunately, RFC 4880 was released in 2007 and a new standard has not been published since then. In the meantime, several extensions have been added to GnuPG without broader standardization, and a 2017 IETF working group formed to update RFC 4880 ultimately shut down due to lack of interest.

      GnuPG 2 is a significantly heavier-weight software package than previous GnuPG versions. A major example of this change in architecture is GnuPG 2′s complete reliance on the use of the separate gpg-agent daemon for private-key operations. While isolating private-key access within its own process enables improvements to security and functionality, it also adds complexity.

      In the wake of the Heartbleed vulnerability in OpenSSL, a great deal of scrutiny has been directed toward the maintainability of complex and long-lived open-source projects. GnuPG does not rely on OpenSSL for its cryptographic implementation, instead it uses its own independent implementation: Libgcrypt. This leads to the question of whether GnuPG’s cryptographic implementation is susceptible to the same kinds of problems that OpenSSL has had; indeed the concern may be larger in the case of GnuPG.

    • Foundations of Amateur Radio – Episode 137

      I’ve been playing with a wonderful piece of software called GNU Radio, more on that in a moment.

  • Public Services/Government

    • Barcelona chooses Linux, Apple’s Lisa OS goes open source, and more news
    • Barcelona Opts for Breath of Open Source Fresh Air

      Barcelona city officials have voted to shut the door on Microsoft Windows in favor of the Linux operating system and open source technology.

      The city hopes to save money from proprietary software license fees and to build a specialized library of open source applications targeting the needs of government workers. Its goal is to encourage specialized open source solutions throughout governmental agencies in Spain.

      The city last fall unveiled the Barcelona Digital City Plan to improve government-provided online services. The plan also supports urban technology and smart-city projects and promotes open data.

  • Programming/Development

    • An introduction to the BPF Compiler Collection

      In the previous article of this series, I discussed how to use eBPF to safely run code supplied by user space inside of the kernel. Yet one of eBPF’s biggest challenges for newcomers is that writing programs requires compiling and linking to the eBPF library from the kernel source. Kernel developers might always have a copy of the kernel source within reach, but that’s not so for engineers working on production or customer machines. Addressing this limitation is one of the reasons that the BPF Compiler Collection was created. The project consists of a toolchain for writing, compiling, and loading eBPF programs, along with example programs and battle-hardened tools for debugging and diagnosing performance issues.

      Since its release in April 2015, many developers have worked on BCC, and the 113 contributors have produced an impressive collection of over 100 examples and ready-to-use tracing tools. For example, scripts that use User Statically-Defined Tracing (USDT) probes (a mechanism from DTrace to place tracepoints in user-space code) are provided for tracing garbage collection events, method calls and system calls, and thread creation and destruction in high-level languages. Many popular applications, particularly databases, also have USDT probes that can be enabled with configuration switches like –enable-dtrace. These probes are inserted into user applications, as the name implies, statically at compile-time. I’ll be dedicating an entire LWN article to covering USDT probes in the near future.

Leftovers

  • Drone comes to the rescue of two swimmers in Australia

    One day, they may yet turn against us, but for now, they’re still our allies: A drone rescued two teenage swimmers in distress off the course of New South Wales in Australia, according to a new report. The drone spotted two teenagers in trouble around a half-a-mile out from shore, and then dropped a flotation device it carries for the purpose to give them something to hang on to (via Verge).

  • A drone has rescued two people from rough seas off the coast of Australia

    Lifeguards testing out new drone technology in Australia have saved two people stranded off the coast of New South Wales state, as spotted by Quartz. The drone footage shows a birds-eye view of the ocean before the drone ejects the yellow floatation device, which inflates when it hits the water. The two teenage boys were caught about 700 meters (0.4 miles) offshore at Lennox Head in a swell of around three meters (9.8 feet). They were able to grab onto the floatation device and swim to shore.

  • A drone was just used to rescue swimmers, and it recorded the whole event

    Lifeguards used a drone to rescue two teenagers from rough seas off the northern coast of New South Wales in Australia today (Jan. 18).

    The lifeguards happened to be piloting the new technology when they received a distress signal and deployed a drone to search for the struggling swimmers. Footage relayed from the drone camera (which can be viewed here) caught two people in distress near Lennox Head in the northern coastline of the state. The video shows the drone releasing a flotation device, which the two teenagers swam toward and clung onto as they are pounded by waves. Ben Franklin, parliamentary secretary for Northern New South Wales, said the whole process only took 70 seconds, compared to the six minutes it usually takes a lifeguard to rescue swimmers.

  • Science

    • China enters the battle for AI talent

      A mountainous district in western Beijing known for its temples and mushroom production is tipped to become China’s hub for industries based on artificial intelligence (AI). Earlier this month, the Chinese government announced that it will spend 13.8 billion yuan (US$2.1 billion) on an AI industrial park — the first major investment in its plan to become a world leader in the field by 2030.

    • Information engine operates with nearly perfect efficiency

      Physicists have experimentally demonstrated an information engine—a device that converts information into work—with an efficiency that exceeds the conventional second law of thermodynamics. Instead, the engine’s efficiency is bounded by a recently proposed generalized second law of thermodynamics, and it is the first information engine to approach this new bound.

      The results demonstrate both the feasibility of realizing a “lossless” information engine—so-called because virtually none of the available information is lost but is instead almost entirely converted into work—and also experimentally validates the sharpness of the bound set by the generalized second law.

    • State of US science enterprise report shows US leads in S&E as China rapidly advances

      According to the National Science Foundation’s (NSF) Science and Engineering Indicators2018 report released today, the United States is the global leader in science and technology (S&T). However, the U.S. global share of S&T activities is declining as other nations — especially China — continue to rise.

    • China declared world’s largest producer of scientific articles

      For the first time, China has overtaken the United States in terms of the total number of science publications, according to statistics compiled by the US National Science Foundation (NSF).

      The agency’s report, released on 18 January, documents the United States’ increasing competition from China and other developing countries that are stepping up their investments in science and technology. Nonetheless, the report suggests that the United States remains a scientific powerhouse, pumping out high-profile research, attracting international students and translating science into valuable intellectual property.

    • Breakthrough study shows how plants sense the world

      Only a small portion of these sensing proteins have been studied through classical genetics, and knowledge on how these sensors function by forming complexes with one another is scarce. Now, an international team of researchers from four nations—including Shahid Mukhtar, Ph.D., and graduate student Timothy “TC” Howton at the University of Alabama at Birmingham—has created the first network map for 200 of these proteins. The map shows how a few key proteins act as master nodes critical for network integrity, and the map also reveals unknown interactions.

      “This is a pioneering work to identify the first layer of interactions among these proteins,” said Mukhtar, an assistant professor of biology in the UAB College of Arts and Sciences. “An understanding of these interactions could lead to ways to increase a plant’s resistance to pathogens, or to other stresses like heat, drought, salinity or cold shock. This can also provide a roadmap for future studies by scientists around the world.”

    • Breaking the Zimmermann Telegram

      Running, Lieutenant Nigel De Grey decided as he narrowly avoided colliding with another paper-laden trolley, was not something that the corridors of the Admiralty Old Building had been designed for.

      Nor was it something that the Royal Navy approved of from its junior officers, apparently. This was clear from the angry shouts of the people he dodged as he raced down the building’s narrow back corridors.

      Right now though De Grey didn’t care. It was 17th January 1917 and Europe had been locked in a bloody stalemate for almost three years, but the scrap of paper he held in his hand might well change the outcome of the Great War.

  • Hardware

    • Designing Customizable Self-Folding Swarm Robots

      Robot swarms generally come in two flavors. You’ve got your homogenous swarms, made up of tens or hundreds or sometimes thousands of identical robots. You’ve also got your heterogenous swarms, made up of a handful (or possibly a few tens) of robots that aren’t all identical, and may in fact be significantly different. Heterogeneity is appealing, because robots are bad multitaskers, and with a heterogenous swarm you can deploy a bunch of specialists instead. Problem is, designing, constructing, and then deploying a bunch of specialists is way harder than when you’re only dealing with one type of generalist robot, which is why we don’t see large heterogeneous swarms.

    • Years after predicted “death,” game consoles are doing better than ever
  • Health/Nutrition

    • The Trump Administration Continues the Racist and Disastrous War on Pot

      The majority of Americans support legalizing marijuana. The Marijuana Justice Act will do just that.

      If polling is correct, pot no longer gives Americans fits. Recent Gallup polls indicate that 64 percent of Americans approve of legalizing marijuana — the highest level of public support in almost 50 years. Nevertheless, we have an administration that is tone deaf to the will of the people and insists on reinstituting failed policies of decades past.

      But there are members of Congress who are listening. Earlier this week, Reps. Barbara Lee (D-Calif.) and Ro Khanna (D-Calif.) introduced the Marijuana Justice Act in the House of Representatives. Both agree that legalizing marijuana under federal law is an important step to confronting and eroding the harms that the failed war on drugs has had on people across the country, disproportionately Black and brown communities.

      In addition to legalization, the bill would cut federal funding for state law enforcement and prison construction if a state disproportionately arrests and incarcerate people of color for marijuana offenses. It also would retroactively apply to those currently serving sentences and allow people in federal prison for marijuana offenses to go to court and ask a judge to reduce their sentence.

    • ‘A Marijuana-Related Charge Can Still Impact Somebody for Life’

      But Attorney General Jeff Sessions’ stance is reflected in his declaration, “Good people don’t smoke marijuana.” His recent move, rescinding Obama-era guidance that had federal prosecutors take a laissez-faire approach to states, should probably be understood in that light.

      What are the possible impacts of Sessions’ animus, and what—or who—is missing from the current conversation about marijuana and its legal status? Art Way is a senior director for national criminal justice reform strategy at the Drug Policy Alliance, and state director for DPA’s Colorado office.

    • A Cheap and Easy Blood Test Could Catch Cancer Early

      A simple-to-take test that tells if you have a tumor lurking, and even where it is in your body, is a lot closer to reality—and may cost only $500.

      The new test, developed at Johns Hopkins University, looks for signs of eight common types of cancer. It requires only a blood sample and may prove inexpensive enough for doctors to give during a routine physical.

    • Antimicrobial Resistance The “Scariest” Public Health Issue, Needs Financial R&D Incentives, Industry Says

      On the eve of the annual January World Health Organization Executive Board meeting, an alliance of pharmaceutical industries launched its first report on efforts made to curb antimicrobial resistance. The alliance also organised a conference on the report and on challenges of antimicrobial resistance, in particular the need for research and development incentives so that the industry can continue its efforts sustainably. Some light was also shed on the need to support access to diagnostics, and lower their prices.

  • Security

    • Meltdown and Spectre Linux Kernel Status – Update

      I keep getting a lot of private emails about my previous post previous post about the latest status of the Linux kernel patches to resolve both the Meltdown and Spectre issues.

      These questions all seem to break down into two different categories, “What is the state of the Spectre kernel patches?”, and “Is my machine vunlerable?”

    • Security updates for Friday
    • Seeking SOS Fund Projects

      I’m spending some time over the next few days looking for the next round of projects which might benefit from an SOS Fund security audit.

    • Strong Incident Response Starts with Careful Preparation

      Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.

    • The Intel Management Engine: an attack on computer users’ freedom

      Over time, Intel imposed the Management Engine on all Intel computers, removed the ability for computer users and manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer’s memory.

    • What Is WPA3, and When Will I Get It On My Wi-Fi?

      WPA2 is a security standard that governs what happens when you connect to a closed Wi-Fi network using a password. WPA2 defines the protocol a router and Wi-Fi client devices use to perform the “handshake” that allows them to securely connect and how they communicate. Unlike the original WPA standard, WPA2 requires implementation of strong AES encryption that is much more difficult to crack. This encryption ensures that a Wi-Fi access point (like a router) and a Wi-Fi client (like a laptop or phone) can communicate wirelessly without their traffic being snooped on.

    • We Didn’t Pull CPU Microcode Update to Pass the Buck
    • Red Hat Will Revert Spectre Patches After Receiving Reports of Boot Issues

      Red Hat is releasing updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot.

      “Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot,” the company said yesterday.

      “The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd,” Red Had added.

    • Another Face to Face: Email Changes and Crypto Policy

      The OpenSSL OMC met last month for a two-day face-to-face meeting in London, and like previous F2F meetings, most of the team was present and we addressed a great many issues. This blog posts talks about some of them, and most of the others will get their own blog posts, or notices, later. Red Hat graciously hosted us for the two days, and both Red Hat and Cryptsoft covered the costs of their employees who attended.

      One of the overall threads of the meeting was about increasing the transparency of the project. By default, everything should be done in public. We decided to try some major changes to email and such.

    • Some Basic Rules for Securing Your IoT Stuff

      Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked [sic] IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

    • A look at the handling of Meltdown and Spectre

      The Meltdown/Spectre debacle has, deservedly, reached the mainstream press and, likely, most of the public that has even a remote interest in computers and security. It only took a day or so from the accelerated disclosure date of January 3—it was originally scheduled for January 9—before the bugs were making big headlines. But Spectre has been known for at least six months and Meltdown for nearly as long—at least to some in the industry. Others that were affected were completely blindsided by the announcements and have joined the scramble to mitigate these hardware bugs before they bite users. Whatever else can be said about Meltdown and Spectre, the handling (or, in truth, mishandling) of this whole incident has been a horrific failure.

      For those just tuning in, Meltdown and Spectre are two types of hardware bugs that affect most modern CPUs. They allow attackers to cause the CPU to do speculative execution of code, while timing memory accesses to deduce what has or has not been cached, to disclose the contents of memory. These disclosures can span various security boundaries such as between user space and the kernel or between guest operating systems running in virtual machines. For more information, see the LWN article on the flaws and the blog post by Raspberry Pi founder Eben Upton that well describes modern CPU architectures and speculative execution to explain why the Raspberry Pi is not affected.

    • Addressing Meltdown and Spectre in the kernel

      When the Meltdown and Spectre vulnerabilities were disclosed on January 3, attention quickly turned to mitigations. There was already a clear defense against Meltdown in the form of kernel page-table isolation (KPTI), but the defenses against the two Spectre variants had not been developed in public and still do not exist in the mainline kernel. Initial versions of proposed defenses have now been disclosed. The resulting picture shows what has been done to fend off Spectre-based attacks in the near future, but the situation remains chaotic, to put it lightly.

      First, a couple of notes with regard to Meltdown. KPTI has been merged for the 4.15 release, followed by a steady trickle of fixes that is undoubtedly not yet finished. The X86_BUG_CPU_INSECURE processor bit is being renamed to X86_BUG_CPU_MELTDOWN now that the details are public; there will be bug flags for the other two variants added in the near future. 4.9.75 and 4.4.110 have been released with their own KPTI variants. The older kernels do not have mainline KPTI, though; instead, they have a backport of the older KAISER patches that more closely matches what distributors shipped. Those backports have not fully stabilized yet either. KPTI patches for ARM are circulating, but have not yet been merged.

    • Is it time for open processors?

      The disclosure of the Meltdown and Spectre vulnerabilities has brought a new level of attention to the security bugs that can lurk at the hardware level. Massive amounts of work have gone into improving the (still poor) security of our software, but all of that is in vain if the hardware gives away the game. The CPUs that we run in our systems are highly proprietary and have been shown to contain unpleasant surprises (the Intel management engine, for example). It is thus natural to wonder whether it is time to make a move to open-source hardware, much like we have done with our software. Such a move may well be possible, and it would certainly offer some benefits, but it would be no panacea.

      Given the complexity of modern CPUs and the fierceness of the market in which they are sold, it might be surprising to think that they could be developed in an open manner. But there are serious initiatives working in this area; the idea of an open CPU design is not pure fantasy. A quick look around turns up several efforts; the following list is necessarily incomplete.

    • Notes from the Intelpocalypse

      Rumors of an undisclosed CPU security issue have been circulating since before LWN first covered the kernel page-table isolation patch set in November 2017. Now, finally, the information is out — and the problem is even worse than had been expected. Read on for a summary of these issues and what has to be done to respond to them in the kernel.
      All three disclosed vulnerabilities take advantage of the CPU’s speculative execution mechanism. In a simple view, a CPU is a deterministic machine executing a set of instructions in sequence in a predictable manner. Real-world CPUs are more complex, and that complexity has opened the door to some unpleasant attacks.

      A CPU is typically working on the execution of multiple instructions at once, for performance reasons. Executing instructions in parallel allows the processor to keep more of its subunits busy at once, which speeds things up. But parallel execution is also driven by the slowness of access to main memory. A cache miss requiring a fetch from RAM can stall the execution of an instruction for hundreds of processor cycles, with a clear impact on performance. To minimize the amount of time it spends waiting for data, the CPU will, to the extent it can, execute instructions after the stalled one, essentially reordering the code in the program. That reordering is often invisible, but it occasionally leads to the sort of fun that caused Documentation/memory-barriers.txt to be written.

    • OnePlus admits 40,000 customers were affected by credit card breach

      The findings of its ongoing investigation, which it’s carrying out with a third-party security firm, reveal that malicious script was injected into the OnePlus.net payment page code, and allowed the as-yet-unknown attackers to see customer’s credit card numbers, expiration dates, and security codes.

  • Defence/Aggression

    • NBC’s Erdoğan escape claim during coup attempt deserves top fake news award, Assange says

      WikiLeaks founder Julian Assange on Thursday pointed out the fake news regarding defeated coup in Turkey was not mentioned in U.S. President Donald Trump’s self-proclaimed “Fake News Awards”.

      “The most serious case of recent fake news is not on Trump’s #FakeNewsAwards list. NBC substantially assisted the military coup in Turkey which killed hundreds,” Assange wrote on his official Twitter account.

      Gülenist Terror Group (FETÖ) and its U.S.-based leader Fetullah Gulen orchestrated the defeated coup on July 15, 2016, which left 250 people martyred and nearly 2,200 others injured.

    • Trump Is Turning the State Department into a Global Weapons Dealer

      The Trump administration will soon announce its next move in the ongoing assault on diplomacy and human rights currently taking place in the United States. Through a plan dubbed “Buy American,” the administration is calling for U.S. attachés and diplomats to play a larger role in the sale of U.S. weapons, effectively solidifying their role as lobbyists for the arms industry rather than agents of diplomacy.

      This means the State Department, the agency that is meant to foster diplomatic relations and maintain peaceful engagement with other countries, will now openly operate as a weapons dealer. The administration is essentially forcing the State Department to undermine itself, as seeking out and expanding opportunities for increased weapons sales are certainly not conducive to fostering peaceful global relations.

    • Regime Change and Globalization Fuel Europe’s Refugee and Migrant Crisis

      Anti-establishment political forces in the both the United States and Europe have seized on the issue of illegal immigration, seen by many voters as a threat to both economic well-being and cultural identity, as a key components of their electoral strategies. While Donald Trump has made the wall with Mexico one of his priorities and has worked to uphold a ban on immigration from a number of Muslim nations, in Europe, numerous political parties have been following this script for many years.

  • Transparency/Investigative Reporting

    • ‘Granting Ecuadorian citizenship to Assange won’t sway UK’

      A former Ecuadorian President has said the current administration’s decision to grant citizenship to WikiLeaks Founder Julian Assange “will not convince the British to let him exit the UK”.

      “If that was the Foreign Ministry’s strategy, they’re quite naive.

  • Environment/Energy/Wildlife/Nature

    • The trend continues, 2017 one of the hottest years on record

      2017 was once again one of the hottest years on record, ranked as the second-warmest by NASA and third-warmest by the National Oceanic and Atmospheric Administration.
      The findings “continue the planet’s long-term warming trend,” according to NASA. A trend that is driven predominately by human activity through carbon dioxide emissions.

      Temperature records for the planet, monitored independently by both agencies, go back to 1880. The announcement came at a joint press conference on Thursday in Washington.
      The hottest year on record remains 2016, while 2015 ranks second according to NOAA and third by NASA, which means the top three years have been the most recent three.

  • Finance

    • ‘Entire aisles are empty’: Whole Foods employees reveal why stores are facing a crisis of food shortages

      Whole Foods is facing a crush of food shortages in stores that’s leading to empty shelves, furious customers, and frustrated employees.

      Many customers are blaming Amazon, which bought Whole Foods in August for $13.7 billion. Analysts have speculated that the shortages could be due to a spike in shopper traffic in the wake of the acquisition.

    • UMich Confidence Tumbles – Economic Conditions Hit 14-Month Low

      Tax reform was spontaneously mentioned by 34% of all respondents; 70% of those who mentioned tax reform thought the impact would be positive, and 18% said it would be negative.

      The disconnect between the future outlook assessment and the largely positive view of the tax reform is due to uncertainties about the delayed impact of the tax reforms on the consumers. Some of the uncertainty is related to how much a cut or an increase people, especially high income households who live in high-tax states, face.

      Six-in-ten consumers reported that the pace of economic growth had recently improved in early January. While the majority expected good economic times during the year ahead, half of all consumers anticipated a growth slowdown during the next five years.

    • Chinese investment in the US crashed in Trump’s first year in office

      Chinese investment in the United States plummeted in 2017, a product of policies stemming both from Beijing and Washington. The drop comes after 2016’s record levels of foreign direct investment (FDI) from China in the US, and looks set to continue this year.

      According to research firm Rhodium Group, in 2017 Chinese investment in the United States reached $29 billion in consummated deals, marking a 35% decrease from the year prior.

    • What Silicon Valley Tech Jobs Pay the Highest Salaries?

      Indeed.com just released its 2017 Silicon Valley salary survey, looking at which tech jobs command the highest average pay over the past year, according to job openings posted on the job search firm’s web site from November 2016 through October 2017.

      Product development engineer claimed the number one spot, with an average salary of US $173,570, and director of product management was just a few dollars behind, with an average salary of $173,556.

  • AstroTurf/Lobbying/Politics

    • Why People Dislike Really Smart Leaders
    • Twitter says it exposed nearly 700,000 people to Russian propaganda during US election

      Twitter this evening released a new set of statistics related to its investigation on Russia propaganda efforts to influence the 2016 US presidential election, including that 677,775 people were exposed to social media posts from more than 50,000 automated accounts with links to the Russian government. Many of the new accounts uncovered have been traced back to an organization called the the Internet Research Agency, or IRA, with known ties to the Kremlin.

    • Keeanga-Yamahtta Taylor: Democratic Party Faces Reckoning for Purging Sanders Supporters

      As President Trump completes his first year in office, activists in cities across the country will hold mass protests Saturday on the first anniversary of the historic Women’s March. This comes as a slew of lawmakers have joined members of the Black Congressional Caucus in backing a resolution to censure President Trump over his racist comments in which the president reportedly used an expletive to refer to African nations, El Salvador and Haiti. Several Democratic lawmakers say they will also skip the State of the Union address on January 30 over Trump’s racist remarks. Meanwhile, Trump himself denies being a racist, claiming on Sunday that he is “the least racist person.” To discuss Trump’s first year in office, the direction of the Democratic Party and where racial justice movements go from here, we are joined by Keeanga-Yamahtta Taylor, assistant professor of African American studies at Princeton University. She is the author of “From #BlackLivesMatter to Black Liberation” and editor of a new collection of essays titled “How We Get Free: Black Feminism and the Combahee River Collective.”

    • House Spending Bill Changes Law to Let Trump Administration Secretly Shift Intelligence Money

      The House spending bill released Wednesday would allow President Donald Trump, or people under him, to secretly shift money to fund intelligence programs, a break with 70 years of governing tradition.

      Since 1947, section 504 of the National Security Act has mandated that the administration inform Congress if it intends to shift money from one intelligence project to another, if the new project has not been authorized by Congress. That notification can be — and almost always is — done in secret, but it is at least a minimal check on executive power.

      The spending bill currently under consideration, known as a continuing resolution, or CR, breaks with that tradition, allowing funds to “be obligated and expended notwithstanding section 504(a)(1) of the National Security Act of 1947.”

    • Who Trump Is Putting in Power
    • Watchdogging a Nonprofit Watchdog

      Earlier this week, we published a story with the Chicago Sun-Times that identifies a right-leaning public policy organization as the primary source of money behind Project Six, a Chicago-based nonprofit that investigates government waste, fraud and abuse.

      Project Six is led by former Chicago City Council inspector general Faisal Khan, who says the group is independent and nonpartisan — even though 98 percent of the funds it received during its first year came from the Illinois Policy Institute. The institute’s crusades for small government, lower taxes and reduced labor-union power are highly influential within the state Republican Party.

      Determining who funded Project Six took several steps, as well as some luck.

    • Russian Politician Who Reportedly Sent Millions to NRA Has Long History in Spain

      As the Spanish police investigated the presence of a notorious Russian organized crime group on the resort island of Mallorca in 2012, they realized that a key figure described by some of the suspects as their “godfather” was a powerful Moscow politician: Alexander Torshin.

      Spanish prosecutors decided in the summer of 2013 to arrest Torshin, who was then a senator, officials say. Police set up an operation to capture him during a visit to Mallorca, but he mysteriously canceled the trip at the last minute, apparently as the result of a tip, authorities said. Torshin was never charged, while the other suspects were convicted of money laundering. Last year, he publicly denied any wrongdoing in the Spanish money-laundering case.

    • The Stormy Daniels story should be a bigger deal

      Donald Trump’s personal lawyer formed a private company just before the 2016 election to pay $130,000 in exchange for a porn star’s silence about her alleged 2006 relationship with the now-President of the United States, according to the Wall Street Journal.

      That seems like a big story, no? And yet, while it’s drawn some attention — particularly in the wake of the Journal’s latest reporting Thursday about the private company — it appears to not be moving the needle much with the public.

    • A record $107 million was raised for Trump’s inauguration. So where did it all go? No one will say.

      Nearly a year after President Trump’s inauguration, the committee that raised a record $106.7 million for the event has not disclosed how much surplus money it still has or provided a final accounting of its finances.

      “We must decline comment at this time,” Kristin Celauro, a spokeswoman for the inaugural committee’s chairman, Thomas Barrack, said this week in response to a USA TODAY inquiry about the committee’s finances.

      Barrack, a California investment manager and longtime Trump friend, has said consistently that remaining funds would go charity. He announced plans in September to give $3 million to three non-profit groups —The American Red Cross, the Salvation Army and Samaritan’s Purse — to help with hurricane relief efforts and said the committee planned more contributions “that serve America’s agenda.”

    • Election season in Russia: violent acts and criminal cases against rights defenders, political activists

      Russia’s presidential elections are drawing close and the machinery of repression, which is working overtime, has apparently no intention to stop. We continue to cover these events.

  • Censorship/Free Speech

    • Sudan Jails Journalists in New Sign of Repression

      Press advocates said Friday that the arrests, carried out by Sudan’s National Intelligence and Security Service, reflected an increasingly repressive censorship in the vast African nation, where news media independence has long been under assault.

    • Catalan teacher denies hate speech accusations at court
    • Facebook to start ranking news outlets on community trust

      Publishers with higher ratings will get priority in users’ news feeds, a move that the company says will cut down on “sensationalism, misinformation and polarization” in the media.

    • Facebook is going to start surveying users to determine trustworthy news sources
    • 5 Questions About Facebook’s Plan to Rate Media by ‘Trustworthiness’

      But we don’t know who will be responsible for this yet. This should be a public matter, given its import to the public sphere.

    • Facebook’s Latest Fix for Fake News: Ask Users What They Trust

      The vetting process will happen through Facebook’s ongoing quality surveys — the same surveys it uses to ask whether Facebook is a force for good in the world and whether the company seems to care about its users. Now, Facebook will ask users if they are familiar with a news source and, if so, whether they trust the source.

    • Southwest’s Bullshit Lawsuit Over A Site That Made $45 Helping People Book Cheaper Flights

      In the past, I’ve been a pretty big fan of Southwest Airlines. On many routes it has been my first choice for flights. However, after digging into a new lawsuit the company filed earlier this month, I’m pretty close to swearing off Southwest forever. I can’t support this kind of bullshit legal bullying. First off, Southwest does have a bit of history legally bullying sites that improve the Southwest experience. Back when your seating on Southwest really depended on how close to 24 hours prior to your flight that you checked in, there were a few services that would automate checking you in at exactly the 24 hour mark, and Southwest sued to shut them down. The company has also threatened tools that merely scraped Southwest fares — which could be kind of useful, since Southwest doesn’t share its shares with popular flight info aggregators like Kayak and Expedia.

      It is somewhat questionable whether or not Southwest actually has a legal right to block that — pricing info is not covered by copyright — but there are lots of attempts these days to twist laws to argue that merely putting something in a terms of service is enough to create a legal obligation.

      Enter a new site: SWMonkey.com. The idea behind the site is fairly simple. Because Southwest Airlines (unlike basically every other airline) actually has no fees to change your flight, if you spot your same flight available for less, you can call Southwest and basically exchange your ticket for the new ticket and get credit for future flights (and sometimes even cash back). Southwest, of course, relies heavily on the idea that not many people take advantage of this. SWMonkey’s clever idea was to monitor price changes for you, and alert you if the price on your flight dropped significantly. The site charged a $3 fee if it could save you $10 or more.

    • The Rapid Rise of Censorship in Southeast Asia

      The number of blocked sites, as documented by independent internet monitors, is on the rise in nearly every Southeast Asian nation, part of a wider downturn in freedom of information across the region. What started out as a move to limit access to certain “illicit” sites, such as those hosting pornography or copyrighted content, has morphed into broad, unchecked power by each country’s internet governing agencies to block access to sites with little, if any, oversight, and increasingly, arrest citizens for what they post on social media.

      “Censorship is on the rise and internet freedom is declining in Southeast Asia,” said Madeline Earp, Asia research analyst with Freedom House. “We [are] seeing that with some specific tactics – website blocking, arrests, cyber attacks, other rights violations.”

    • Russian Censorship Scandal Forces Ministry to Reissue Paddington 2 License

      A British family comedy about a friendly bear has sparked an unlikely scandal over government discrimination against foreign films in Russia this week.

      Russian cinemas were left dumbfounded after the Culture Ministry delayed issuing a screening license for “Paddington 2,” one day before it was scheduled to be released in theaters. The ministry said it delayed the Jan. 18 screening until Feb. 1 because of another film scheduled to premiere on the same day, the film’s distributor told the Kommersant business daily.

    • New Climate Censorship Tracker Comes Online

      Columbia University and the Climate Science Legal Defense Fund today launched an online tracker of the Trump administration’s crackdown on climate science.

      The project, called the Silencing Science Tracker, has so far assembled 96 entries of federal restrictions or prohibitions on climate science since November 2016. The database is built from media reports, and it’s searchable by agency, date and type of action.

      More than half the entries are listed as censorship, either from government restriction or researchers who are self-censoring. Other instances include targeted personnel changes, budget cuts and other federal actions aimed at minimizing or hindering climate research. The project also links to resources for whistleblowers and legal help.

    • Trump has tried to restrict science almost 100 times already.

      The online resource is a joint project of Columbia’s Sabin Center for Climate Change Law and the Climate Science Legal Defense Fund, a non-profit originally created in 2011 to defend scientists from what at the time seemed like the biggest threat facing the climate science community: legal attacks against individual scientists by conservative groups. The group’s priorities have shifted somewhat since Trump’s election. “Political and ideological attacks on science have a long and shameful history, and such attacks are the most dangerous when carried out or condoned by government authorities,” said Lauren Kurtz, CSLDF’s executive director.

      To be included in the Silencing Science Tracker, a federal government action must have the effect of “prohibiting scientific research, education or discussion, or the publication or use of scientific information,” the site says. The tracker divides actions into six broad categories, and includes Trump’s appointments of unqualified nominees to science-related posts, the removal of various climate references from executive agency websites, and suspensions on scientific research. The category with the most entries is “government censorship,” which includes 40 instances when the administration changed website content, restricted public communication by scientists, or made data more difficult to access.

    • The Constant Pressure For YouTube To Police ‘Bad’ Content Means That It’s Becoming A Gatekeeper

      For many, many years we’ve talked about how people were wrong to say that the internet “cut out middlemen” because there are still plenty of middlemen around. Instead, what was important was that the type of middlemen were changing. Specifically, we were moving from an age of gatekeepers to an age of enablers. And the difference here is profound. Gatekeepers keep out most people who want to use their platforms. Think: record labels or movie studios. Most people who wanted to become musicians just a couple of decades ago were not able to. Record labels would not sign them, and without a recording deal, your chance of making any money was just about nil. A few people were signed, a very few of those that signed would make lots of money, the rest would make a little money, and everyone who didn’t sign would make basically nothing. The “curve” of how much money people made trying to become musicians was not very smooth. You had a few at the top end, and a giant cliff down to basically zero if you couldn’t get past the gatekeeper.

      But the internet changed that in a massive way. Anyone could start using the various internet platforms to release their content, to build an audience, and to make some money. There remain complaints from some that the amount most users make isn’t very much, but that ignores that under the previous gatekeeper system, that amount was almost certainly zero for the vast majority of people who wished to make money from their creative endeavors. With various internet services — Kickstarter, Patreon, Spotify, YouTube, etc. — artists could at least make more than zero.

      There has been some fear that yesterday’s enablers would turn into tomorrow’s gatekeepers. Unfortunately, one of the most disturbing aspects of what’s happening with the internet these days is that more and more people seem to be pressuring these enabling services to become gatekeepers and to lock out smaller creators, out of this new fear that some people shouldn’t be allowed to use these platforms to make any money at all.

    • The Pentagon Papers Team Tells How The Times Defied Censorship

      Four alumni of The New York Times met Tuesday on Facebook Live to recount the dramatic events surrounding our 1971 publication of the Pentagon Papers, a watershed moment in the history of press freedom.

      The Washington Post’s publication of the Pentagon Papers returned to the national spotlight with the release last week of the feature film “The Post.” But The Times was the first to publish portions of the Papers, starting June 13, 1971. We published three articles over a period of two days before a federal court ordered us to stop. On July 1, 1971, we resumed publication after winning a landmark Supreme Court decision.

    • Palestinians fight Facebook, YouTube censorship

      Amid an ever-shrinking space for dissenting Palestinian voices, a new initiative sets out to recover some of the ground lost online.

      Sada Social, a group launched in September by three Palestinian journalists, aims to document “violations against Palestinian content” on social networks such as Facebook and YouTube, and to liaise with its executives to restore some of the pages and accounts that have been shut down.

  • Privacy/Surveillance

    • The omnipresent Seth Moulton is reluctant to explain his NSA vote

      Whether he’s trolling the president on Twitter or lambasting him on cable news, the congressman from the North Shore has been one of the most vocal critics of the year-old Trump administration, on grounds of both policy and character. In a radio interview over the summer, Moulton said Trump “lies all the time.” In the spring he called for the resignation of Attorney General Jeff Sessions.

    • The NSA knows who you are just by the sound of your voice—and their tech predates Apple and Amazon

      For technology users who have marveled at the ability of Siri or Alexa to recognize their voice, consider this: The National Security Agency has apparently been way ahead of Apple or Amazon.

      The agency has at its disposal voice recognition technology that it employs to identify terrorists, government spies, or anyone they choose — with just a phone call, according to a report by The Intercept. The disclosure was revealed in a recently published article, part of a trove of documents leaked by former NSA contractor Edward Snowden.

      The publication wrote that by using recorded audio, the NSA is able to create a “voiceprint,” or a map of qualities that mark a voice as singular, and identify the person speaking. The documents also suggest the agency is continuously improving its speech recognition capabilities, the publication noted.

    • Julian Assange Senses ‘Political Propaganda’ as Amazon’s Alexa Becomes Feminist

      Amazon’s virtual assistant Alexa has just received an enhanced personality: now, not only can she give you the correct answers, but can even offer a response in case of insults and personal attacks. Creators also expect that she could potentially express her own opinions on certain political issues, a move that has prompted criticism.

    • Aadhar Services Suspended In AP?
    • Analog Equivalent Privacy Rights (12/21): Our parents bought things untracked, their footsteps in store weren’t recorded

      Yes, this kind of people tracking is documented to have been already rolled out citywide in at least one small city in a remote part of the world (Västerås, Sweden). With the government’s Privacy Oversight Board having shrugged and said “fine, whatever”, don’t expect this to stay in the small town of Västerås. Correction, wrong tense: don’t expect it to have stayed in just Västerås, where it was greenlit three years ago.

    • The Last Government Shutdown Rocked The NSA. Another Will Only Increase The Suffering.
    • NSA failed to preserve some data related to surveillance court case: report
    • NSA erased surveillance data related to pending lawsuits: Report
    • NSA deleted surveillance data it pledged to preserve

      The National Security Agency destroyed surveillance data it pledged to preserve in connection with pending lawsuits and apparently never took some of the steps it told a federal court it had taken to make sure the information wasn’t destroyed, according to recent court filings.

    • NSA Deleted Surveillance Data It Promised To Keep

      According to recent court filings viewed by Politico, The National Security Agency destroyed surveillance data it had promised to preserve in connection with pending lawsuits. Additionally, the NSA reportedly did not take steps it had told a federal court it was taking in order to ensure that the information was not destroyed. The NSA told U.S. District Court Judge Jeffrey White in a filing this week that it did not preserve internet communications that were intercepted between 2001 and 2007, as part of a set of court orders regarding surveillance efforts during the Bush administration. “NSA senior management is fully aware of this failure, and the Agency is committed to taking swift action to respond to the loss of this data,” NSA’s deputy director of capabilities wrote in a court document.

    • AT&T prevails in fight for classified NSA IT contract

      AT&T has prevailed in a bid protest battle over a lucrative and classified National Security Agency contract.

      The $2.5 billion ontract is part of NSA’s work to recompete the multi-billion dollar Groundbreaker IT infrastructure contract held by CSRA.

    • Trump signs bill extending NSA’s warrantless surveillance
    • Trump signs renewal of NSA’s surveillance program
    • Trump Signs Bill Renewing Warrantless NSA Surveillance
    • Trump signs bill renewing NSA’s internet surveillance program
    • Trump Signs Bill Renewing NSA’s Internet Surveillance Programme
    • Trump renews NSA internet surveillance program for six more years
    • Trump Signs Bill Renewing NSA’s Internet Surveillance Program
    • NSA surveillance programs live on, in case you hadn’t noticed

      For all the controversial issues US lawmakers have debated lately, there was one bill that made it through both houses of Congress and on to President Donald Trump with little fanfare.

      There was so little fuss around its passing, you might be surprised to hear the law renews two government surveillance programs that less than five years ago caused public outcry and panic.

      They’re the US National Security Agency’s Prism and Upstream programs, both of which former NSA contractor Edward Snowden revealed to journalists in 2013. The law that authorizes those programs were set to expire Friday, but Congress renewed them with little difficulty.

      Did privacy advocates put up a fight? Yes. But what debate there was focused on reforming a narrow aspect of the programs, and that effort made too few inroads in Congress to get results.

    • EFF Asks Ninth Circuit Appeals Court To Strengthen Privacy Protections Of Smart Phones At The Border

      The Electronic Frontier Foundation (EFF) urged the U.S. Ninth Circuit Court of Appeals to require federal agents to obtain a warrant before conducting highly intrusive searches of electronic devices at the border by requiring federal agents to obtain a warrant if they want to access the contents of travelers’ phones.

      “The Ninth Circuit four years ago issued an important ruling requiring officials to show they have reasonable suspicion of criminal activity to forensically search digital devices. While that was an improvement over the government’s prior practice of conducting suspicionless searches, the court didn’t go far enough,” said EFF Staff Attorney Sophia Cope. “We are now asking the Ninth Circuit to bar warrantless device searches at the border.”

    • Dark Caracal: Good News and Bad News

      Yesterday, EFF and Lookout announced a new report, Dark Caracal, that uncovers a new, global malware espionage campaign. One aspect of that campaign was the use of malicious, fake apps to impersonate legitimate popular apps like Signal and WhatsApp. Some readers had questions about what this means for them. This blog post is here to answer those questions and dive further into the Dark Caracal report.

      First, the good news: Dark Caracal does not mean that Signal or WhatsApp themselves are compromised in any way. It only means that attackers found new, insidious ways to create and distribute fake Android versions of them. (iOS is not affected.) If you downloaded your apps from Google’s official app store, Google Play, then you are almost certainly in the clear. The threat uncovered in the Dark Caracal report referred to “trojanized” apps, which are fake apps that pretend to look like real, trusted ones. These malicious spoofs often ask for excessive permissions and carry malware. Such spoofed versions of Signal and WhatsApp were involved in the Dark Caracal campaign.

    • Forget About Siri and Alexa — When It Comes to Voice Identification, the “NSA Reigns Supreme”

      AT THE HEIGHT of the Cold War, during the winter of 1980, FBI agents recorded a phone call in which a man arranged a secret meeting with the Soviet embassy in Washington, D.C. On the day of his appointment, however, agents were unable to catch sight of the man entering the embassy. At the time, they had no way to put a name to the caller from just the sound of his voice, so the spy remained anonymous. Over the next five years, he sold details about several secret U.S. programs to the USSR.

    • Can you hear me now?: NSA can find & track people with ‘voice-matching technology’

      Declassified documents reveal the National Security Agency has been using secret “speaker recognition” technology to identify people by their unique “voiceprint” for more than a decade.

      The NSA has been recording and gathering private phone calls for years, but it used to be difficult for the agency to identify unknown speakers. In the past, signals intelligence (SIGINT) transcribers worked on the same targets for years before they became familiar enough with a speaker’s unique voice to be able to verify their identity.

    • Congress demanded NSA spying reform. Instead, they let you down

      For the first time in five years, since the Edward Snowden disclosures that exposed the NSA’s mass surveillance powers and programs, lawmakers had an opportunity this month to rein in and reform the bulk of the government’s powers.

    • Senate Passes Legislation That Allows NSA to Keep Spying on Americans

      The Senate affirmed the legality of the NSA’s warrant-free surveillance activities on Thursday with a six-year renewal of Section 702 of the Foreign Intelligence Surveillance Act.

      Section 702 allows the NSA to obtain the communications of foreign targets for national security purposes. This law provided the legal backing for the PRISM program that Edward Snowden brought to national attention in 2013 when he leaked classified NSA documents.

      The legislation passed with a 65-34 vote.

    • #FISA: Senate passes bill to give NSA 6 more years of warrantless surveillance on Americans

      The U.S. Senate today passed a bill that will renew the National Security Agency’s warrantless internet surveillance program for six years with no substantive changes. It’s bad news, say privacy and security advocates, but not a surprise.

      The re-up gives NSA powers that were first granted in response to the September 11 terrorist attacks. Opponents argued that FISA section 702, as the section of law is known, allows the NSA and other agencies to spy on Americans in a way that violates principles protected by the U.S. Constitution.

    • Lebanese security agency turns smartphone into selfie spycam: researchers

      Lebanon’s General Directorate of General Security (GDGS) has run more than 10 campaigns since at least 2012 aimed mainly at Android phone users in at least 21 countries, according to a report by mobile security firm Lookout and digital rights group Electronic Frontier Foundation (EFF).

      The cyber attacks, which seized control of Android smartphones, allowed the hackers [sic] to turn them into victim-monitoring devices and steal any data from them undetected, the researchers said on Thursday. No evidence was found that Apple (AAPL.O) phone users were targeted, something that may simply reflect the popularity of Android in the Middle East.

    • In the age of algorithms, would you hire a personal shopper to do your music discovery for you?
  • Civil Rights/Policing

    • Is the Porn Industry Doing Enough For Performers’ Mental Health?

      But the rash of sudden, consecutive deaths has prompted some performers to call for change in an industry with a low barrier to entry, minimal oversight and nearly non-existent job security despite extreme working conditions. Unlike pre-Internet porn stars, performers today face the added pressures of social media interactions, increased competition without increased pay and a demand for more physically taxing sex scenes – all of which can exacerbate existing mental health or substance abuse issues. So is the adult industry doing enough to protect its performers?

    • EXCLUSIVE: Snap Threatens Jail Time for Leakers

      The chief lawyer and general counsel of Snapchat’s parent company, Michael O’Sullivan, sent a threatening memo to all employees last week just before The Daily Beast published an explosive story with confidential user metrics about how certain Snapchat features are used.

    • Jeffrey Sterling, Convicted of Leaking About Botched CIA Program, Has Been Released From Prison

      JEFFREY STERLING, THE former CIA agent convicted under the Espionage Act for talking to a New York Times reporter, has been released from prison after serving more than two years of his 42-month sentence, and is now in a halfway house.

      Sterling’s case drew nationwide attention because the Obama-era Department of Justice unsuccessfully tried to force the reporter, James Risen, to divulge the identity of his sources for “State of War,” a book in which he revealed the CIA had botched a covert operation against Iran’s nuclear program. Risen reported that instead of undermining the Iranians, the CIA had provided them with useful information on how to build a nuclear bomb. (Risen is now The Intercept’s senior national security correspondent and directs First Look Media’s Press Freedom Defense Fund.)

      The case had a racial dimension, too. Sterling, who had joined the agency in 1993, was one of the few black undercover operatives at the CIA. After several years of what he believed was discriminatory treatment, he filed a complaint against the agency, and then a lawsuit. The CIA fired Sterling in 2002, and his lawsuit was blocked by the courts after the government argued successfully that proceeding with the suit would expose state secrets.

    • Trump Administration to Deny Temporary Work Visas to Haitians

      The Trump administration has removed Haitians from eligibility under a pair of U.S. visa programs that offer immigrants a chance to work in low-wage jobs. In a regulatory filing, the Department of Homeland Security said this week Haitians will no longer be allowed to obtain H-2A agricultural and H-2B non-agricultural temporary work permits. In explaining its move, the DHS cited what it called “high levels of fraud and abuse” committed by Haitians. In November, President Trump ended temporary protected status—or TPS—for nearly 60,000 Haitians, many of whom came to the United States after the devastating 2010 earthquake in Haiti.

    • Trump’s Pick to Oversee Civil Rights in Schools Has a History of Attacking Civil Rights

      Marcus is laissez-faire about enforcing laws to protect marginalized groups, but crusades against those who criticize Israel.

      The Senate committee overseeing education voted yesterday, on party lines, to confirm President Trump’s nominee to run the Department of Education’s Office for Civil Rights. His nomination will now proceed to the full Senate for a final confirmation vote. Given the significance of the role in the protection of the rights of young people, senators should take a close look at Kenneth L. Marcus’s record before voting.

      While the ACLU does not support or oppose any nomination for any government office, we strongly urge all senators to oppose moving forward on the nomination at least until they have had a meaningful opportunity to review and debate Marcus’s full record on civil rights.

      Marcus’s past actions raise serious concerns about whether he will responsibly exercise his authority to protect the civil rights of students. In previous government positions, he has led political attacks on programs designed to ameliorate the historic effects of discrimination. More recently, he has played a central role in advocating for the suppression of student speech — particularly speech critical of Israel.

    • Dashcam Recording Instantly Undercuts Officers’ Concocted Reason For A Traffic Stop

      Dashcams — unlike body cameras — have been around for years. So while it might be understandable an officer could forget his actions are being documented by his new-ish body camera– say, when he heads into an alley to plant evidence — it’s difficult to draw the same conclusion when an officer apparently forgets his dashcam is recording his bogus traffic stop.

      In a criminal case resulting in suppressed evidence, Officer William Davis of the Dayton (OH) Police seems to have done exactly that. His bogus traffic stop resulted in the discovery of marijuana and a firearm, but none of that matters now. What was captured by his cruiser’s dashcam undercut his assertions and sworn testimony. That has lead to an Ohio appeals court’s memorable decision, in which it’s declared the lower court was correct to rely on dashcam footage — rather than the officer’s testimony — when the two narratives diverged. (via FourthAmendment.com)

    • Chinese SWAT team detains outspoken rights lawyer Yu Wensheng hours after he called for constitutional reform

      Chinese authorities detained a prominent human rights lawyer on Friday, people familiar with the case said, just hours after he provided journalists with a letter calling for constitutional reform.

  • Internet Policy/Net Neutrality

    • Apple’s Incoherent App Approval Process Strikes Again, Net Neutrality App Banned For No Real Reason

      Neither Apple nor Verizon were willing to comment about the apparently arbitrary ban, raising obvious questions about transparency. These sort of tools are, it should go without saying, going to be important as the government increasingly makes it clear it has zero real intention of protecting consumers from lumbering, predatory telecom duopolies eager to abuse a lack of sector competition for additional financial gain. With government now sitting on its hands in fealty to telecom providers, the onus is on the consumer to do due diligence regarding their own connections.

      According to FCC boss Ajit Pai, public shame alone is supposed to help hold ISPs accountable in the wake of federal apathy to the net neutrality violations caused by a lack of broadband competition:

  • Intellectual Monopolies

    • Miami Law Startup Students Can Now Appear Before The USPTO

      Professor Dan Ravicher, who has represented startup companies and investors since for over two decades, leads the Startup Practicum. He is also a registered patent attorney, who has prosecuted, licensed and litigated patents and other intellectual property like software copyrights. Ravicher is an entrepreneur himself, founding businesses in various industries.

    • Teaching IP to kids with Ed Shearling, Kitty Perry and friends

      Many people have puzzled over how to educate the public about intellectual property. This task is even harder when trying to educate children. The UK IPO believes it has found a solution…

      Children like cartoons, so they made a cartoon about IP told through the story of Nancy (a French bulldog) and her gang of meerkats. There are lots of videos and other resources in the series but the episode which caught the attention of the BBC concerns logos…

    • UK Begins Absolutely Bonkers ‘Education’ Of Grade Schoolers About Intellectual Property And Piracy

      Several years ago, a music industry transplant into Parliament, Mike Weatherley, made a glorious push to get the government to invade primary schools in the country to teach them that piracy is the worst thing in the world and intellectual property laws are super cool. Children as young as seven years old would be subjected to “educational information” provided by the government on the “proper” use of the internet. This was not the first attempt at pushing copyright propaganda on kids. In fact, we’ve reported on many of these, going all the way back to 2003 — and many of the programs have been mockable, including the infamous Captain Copyright.

    • UK Government Teaches 7-Year-Olds That Piracy is Stealing

      The UK Government has expanded its copyright curriculum for small children, targeting them from the age of just five years old. By using cartoon videos with fictitious characters such as Kitty Perry, Ed Shealing, and Justin Beaver, it aims to educate kids on key intellectual property issues, including illegal downloading.

    • Google, Tencent Agree to Share Patents in Global Tech Alliance

      Alphabet Inc.’s Google and Tencent Holdings Ltd. have agreed to share patents covering a range of products and technologies, an alliance between two of the world’s largest corporations.

      The cross-licensing deal comes with an understanding that the search giant and Tencent — the world’s second largest and fifth largest company, respectively — will team up on developing future technologies. The agreement may smooth the U.S. company’s business in China while helping Tencent’s push to expand beyond its dominant position on the mainland.

      The agreement is a typical industry arrangement between corporations designed to minimize patent infringements, with the U.S. company signing similar deals with Samsung Electronics Co. and others.

    • Patent Deal Struck Between Google And Tencent
    • Google and China’s Tencent in patent cross-licensing deal
    • Alphabet’s Google Signs Patent Licensing Deal With Tencent
    • China: Tencent and Google to Share Patents of Products, Technologies
    • Google takes a big step in China and Tencent joins the patent licensing world in major cross-licence deal

      Google and Tencent have announced a patent cross-licence deal that they say will pave the way for future technology collaboration. The pact is said to be “long term” and covering “a wide range of products and technologies”. Beyond that there are no details, including on whether the licence is royalty-bearing.

      [...]

      For Alphabet’s Google business, the patent cross-licence is its first in China. In the region, Google did deals with Android partners Samsung and LG back in 2014. Last year it agreed to a licence as part of a $1.1 billion buy-out of the HTC research team working on its Pixel devices. In China, where many of the biggest makers of Android devices are now based, only Coolpad was announced as a member of the Android Networked Cross-License (PAX).

    • Prosecution history – as relevant as any inventor evidence?

      Readers interested in patent law will be familiar with last summer’s decision of the UK Supreme Court in Actavis v Eli Lilly [2017] UKSC 48. This has raised a number of issues, including whether the Supreme Court decision opens the door to greater use of the file history in the UK.

    • Trademarks

      • easyGroup loses trade mark fight against EasyRoommate

        A property letting business called EasyRoommate does not infringe any of the easy trade marks owned by Sir Stelios Haji-Ioannou’s easyGroup, according to a judgment by Mr Justice Arnold in the England and Wales High Court

    • Copyrights

      • Sequel To ‘Man From Earth’ To Be Released On Pirate Sites By Its Creators

        While we cover much here in terms of content creators actually embracing what the internet can do for them rather than fighting what is essentially mere reality, some stories truly do stand out more than others. If you aren’t familiar with the story of the film The Man From Earth, you should read up on it because it’s plainly fascinating. The sci-fi film was directed by Richard Schenkman on a fairly barebones budget and set for the sort of release that these types of independent films tend to get.

        And then somebody put a screener DVD up on The Pirate Bay and the film became known in a way it never would have otherwise.

      • EFF Tells Court That Boing Boing Linking To Playboy Images Is Not Infringement

        Back in November, we wrote about a fairly crazy case in which Playboy Enterprises was suing the blog Boing Boing for copyright infringement, over a post by Xeni Jardin, linking to a collection of all Playboy centerfold images on Imgur (and a video version on YouTube). As we wrote in our post, this seemed like a very strange hill for Playboy to die on, given that Boing Boing clearly did not post the images, but merely linked to them, meaning that it was pretty clearly not infringement. There were some really strange arguments in the complaint, and the initial reporting on it that we saw was really bad — falsely claiming the lawsuit said that Boing Boing “stole every centerfold ever.” But, of course, there was no stealing at all. Just linking.

      • Now Another Judge Smacks Around A Guardaley Shell Company Acting As A Copyright Troll

        While we were just discussing Judge Zilly in California smacking around one of the front-attorneys for a shell-company of the infamous Guardaley company (which pretends to be able to detect copyright infringement from Germany) another case was working its way through the courts. Judge Zilly focused his efforts on just how little evidence there is for the actual existence of many of the shell and parent companies that show up with Guardaley evidence, as well as whether or not Guardaley’s “experts” even actually “exist.” This other case in Oregon seems to have pointed out that yet another Guardaley front company can’t even get the basics of standing in copyright law right and may well have tried to fool the court into thinking it had standing when it didn’t.

      • Linking Is Not Copyright Infringement, Boing Boing Tells Court

        The popular blog Boing Boing has asked a federal court in California to drop the copyright infringement lawsuit filed against it by Playboy. With help from the EFF, Boing Boing argues that its article linking to an archive of hundreds of centerfold playmates is clearly fair use. Or else it will be “the end of the web as we know it,” the blog warns.

      • Hollywood Asks New UK Culture Secretary To Fight Online Piracy

        Stan McCoy, president of the Motion Picture Association’s EMEA division, has penned an open letter to the UK’s new culture secretary Matt Hancock. McCoy implies that more can be done to tackle online piracy, including dealing with pirate sites and illicit streaming devices. Considering the UK already has a considerable track record tackling all of these things, an eyebrow or two might be raised.

01.19.18

Links 19/1/2018: Linux Journalism Fund, Grsecurity is SLAPPing Again

Posted in News Roundup at 4:56 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • $25k Linux Journalism Fund

    Linux Journal’s new parent, Private Internet Access, has established a $25k fund to jump-start the next generation of Linux journalism—and to spend it here, where Linux journalism started in 1994.

    This isn’t a contest, and there are no rules other than the ones that worked for journalism before it starting drowning in a sea of “content”.

  • Private Internet Access and Linux Journal set up $25,000 fund to reward experienced and aspiring writers
  • NHS used Linux project to negotiate with Microsoft: claim

    Britain’s National Health Service appears to have used a project set up to create a Linux alternative for its employees’ smartcards — and later, hopefully, a desktop alternative to Windows — to bargain with Microsoft and obtain an enterprise-wide desktop deal.

  • Desktop

    • Introducing my new friend: a Slimbook

      I have been following Slimbook for some time now. As you probably know, they ship a KDE laptop that is very cool, with KDE Neon pre-installed. They have attended to a couple of events I have attended to so I have been able to test their laptops, get feedback from buyers and ask them questions directly. The fact that they are a Spanish company was a beautiful surprise, We do not have that many hardware integrators and vendors in Spain.

      But what definitely caught my attention was the fact that they pay a lot of attention to the software. They ship the laptops with Linux pre-installed. Ok, that is not new any more. But they do pre-install several different distros. Now, that’s uncommon. But news do not stop there.

  • Kernel Space

    • Linux Foundation

    • Graphics Stack

      • Android Support Removed from Intel Graphics Driver Debugging Tool for Linux

        For those unfamiliar with intel-gpu-tools, it’s a collection of tools for GNU/Linux distribution that allows the debugging the official Intel graphics driver for Intel GPUs. Tools include a GPU hang dumping program, performance microbenchmarks for regression testing the DRM, as well as a performance monitor.

        The latest release, intel-gpu-tools 1.21, adds quite a bunch of changes, including automatic loading of DRM modules when opening a DRM device, much-improved GPU quiescing code to more thoroughly flush pending work and old data, as well as production support for the Meson build system while automake is still kept around.

      • X.Org Server Finally Adapted To Better Deal With 16:9 & 16:10 Displays

        In 2018 the X.Org Server will introduce better support for 16:9 and 16:10 ratio monitors!

        While 16:9 has been the most common aspect ratios for TVs and monitors for about the past decade and 16:10 ratio displays were popular in the early 2000′s, the X.Org Server is finally being adapted in moving past the time of being focused on supporting 4:3 aspect ratio CRT monitors.

    • Benchmarks

      • 16-Way Graphics Card Comparison With Radeon On ROCm, NVIDIA With Initial 2018 Linux Drivers

        Towards the end of December AMD quietly released ROCm 1.7.60 as the newest version of their Radeon Open Compute stack complete with their maturing OpenCL implementation. With the improvements there plus NVIDIA recently introducing their 390 Linux driver series (390.12 Beta currently), I ran some fresh Linux OpenCL GPU compute benchmarks on a variety of AMD and NVIDIA graphics cards for those curious how the current performance stacks up.

  • Applications

  • Desktop Environments/WMs

    • GNOME Desktop/GTK

      • GNOME Photos App Improves Its Editing Tools

        The next stable release of GNOME Photos includes a number of core improvements, including new photo editing features. As a Shotwell alternative Photos is …Well, it’s getting there. It handles the basics well enough, letting you import and browse photos, sort them into albums, and share them via email.

  • Distributions

    • New Releases

      • Educational-Oriented Escuelas Linux 5.6 Distro Released with LibreOffice 6.0

        Based on the latest release of the Ubuntu-based and Enlightenment-focused Bodhi Linux operating system, Escuelas Linux 5.6 is powered by the Linux 4.14.13 kernel, which includes patches against the Meltdown and Spectre security vulnerabilities, and comes with a bunch of up-to-date educational apps.

        These include the OnlyOffice 4.8.6 office suite (only for the 64-bit edition), Vivaldi 1.13, Chromium 63, Google Chrome 63, and Mozilla Firefox 57 “Quantum” web browsers, Geogebra 5.0.414 geometry, algebra, statistics, and calculus app, latest Adobe Flash Player 28 plugin, and the upcoming LibreOffice 6.0 open-source office suite.

    • Red Hat Family

      • Red Hat global survey finds field services operations bullish on emerging technologies

        For many industries, from transportation to utilities, manufacturing and more, field workers are pivotal to the success of business operations, the satisfaction of customers, and the growth of the bottom line. Field workers are now at the forefront of digital transformation where artificial intelligence (AI), smart mobile devices, the Internet of Things (IoT) and business process management (BPM) technologies have created new opportunities to better streamline and transform traditional workflows and workforce management practices.

      • Finance

      • Fedora

        • Fedora Makes Progress On Their New Modularity Concept

          After abandoning their Fedora Server 27 Modular Edition work last year, Fedora developers interested in modularizing Fedora packaging have drawn up new plans that are now approved by the Fedora Council.

          At Wednesday’s Fedora Council meeting, the new Fedora modularization plan was approved. The goal outlined by “Objective: Fedora Modularization — The Release” is “Modularity will transform the all-in-one Fedora OS into an operating system plus a module repository, which will contain a wide selection of software easily maintained by packagers. This iteration of the Objective focuses on the second part — providing a wide selection software in various versions — while laying the groundwork for the first.”

          The new Fedora Modular plans no longer involve modularizing the entire distribution but rather “traditionally built packages” will remain and only components benefiting from modular features would be modularized. The components targeted are things like database servers, web servers, Node.js, etc, where users may prefer sticking to one particular version of a program and not upgrade until it’s end-of-life or has other particular reasons to want to move on to a newer version.

        • PHP version 7.1.14RC1 and 7.2.2RC1
    • Debian Family

      • Google moves to Debian for in-house Linux desktop

        Google has officially confirmed the company is shifting its in-house Linux desktop from the Ubuntu-based Goobuntu to a new Linux distro, the DebianTesting-based gLinux.

        Margarita Manterola, a Google Engineer, quietly announced Google would move from Ubuntu to Debian-testing for its desktop Linux at DebConf17 in a lightning talk. Manterola explained that Google was moving to gLinux, a rolling release based on Debian Testing.

      • Building packages with Meson and Debhelper version level 11 for Debian stretch-backports

        Enforce the build to pull-in meson from stretch-backports, i.e. a meson version that is newer than 0.40.0.

      • Not being perfect
      • Derivatives

        • Canonical/Ubuntu

          • Canonical Wants to Stick to Older Nautilus for Desktop Icons in Ubuntu 18.04 LTS

            As you may be aware, upstream GNOME team decided to remove the handling of desktop icons from the Nautilus file manager, moving it to the GNOME Shell user interface through an extension. The change will take effect with the upcoming GNOME 3.28 desktop environment, due for release on March 14, 2018.

            Now that Ubuntu switched to GNOME as default desktop environment, the change will affect all upcoming releases of the operating system, starting with Ubuntu 18.04 LTS (Bionic Beaver), which is currently under heavy development.

          • Slack comes to Linux as a snap

            Slack’s ambition to become the default, go-to place for employees chat to each other and link into hundreds of other applications to get work done is getting one more step up today by becoming available on a new platform. From today, Slack will be available as a Snap, an application package that’s available across a range of open-source-based Linux environments.

          • Slack now available as a Snap for Linux

            At the end of last year, the Linux desktop scored a huge win when Spotify became available as a Snap. If you aren’t familiar with Snaps, please know that they are essentially software packages designed to run as a container on any Linux distro. Not only does it make installing software packages easier for users, but it makes things simpler for developers too. Ultimately, Snaps have the potential to solve the big fragmentation problem in the Linux desktop community.

          • Slack Is Now Available as a Snap for Ubuntu and Other Linux Distros

            Canonical and Slack announced today that the popular Slack team collaboration and communication platform is now available as a Snap for Ubuntu and other Snappy-enabled GNU/Linux distributions.

            With the promise of making your working life simpler, more productive and pleasant, Slack is used by numerous organizations and businesses to increase the productivity of their employees. It’s an all-in-one platform that offers messaging, planning, calendaring, budgeting, code reviewing, and many other tools.

            “Slack brings team communication and collaboration into one place so you can get more work done, whether you belong to a large enterprise or a small business. Check off your to-do list and move your projects forward by bringing the right people, conversations, tools, and information you need together,” reads project’s page.

          • Canonical brings Slack to the snap ecosystem

            Canonical, the company behind Ubuntu, today announced the first iteration of Slack as a snap, bringing collaboration to open source users.

            Slack is an enterprise software platform that allows teams and businesses of all sizes to communicate effectively. Slack works seamlessly with other software tools within a single integrated environment, providing an accessible archive of an organisation’s communications, information and projects.

            In adopting the universal Linux app packaging format, Slack will open its digital workplace up to an-ever growing community of Linux users, including those using Linux Mint, Manjaro, Debian, ArchLinux, OpenSUSE, Solus, and Ubuntu.

          • Want to Install Slack on Ubuntu? It’s Now Easier Than Ever

            You can easily install Slack on Ubuntu as a Snap application from the Ubuntu Software app. The popular app lets people chat and collaborate in realtime.

  • Devices/Embedded

    • SBC kit runs Linux on a quad -A53 i.MX8M SoC

      CompuLab released details and pricing for its “SBC-iMX8 Evaluation Kit.” The sandwich-style SBC includes an i.MX8M-based CL-SOM-iMX8 module, and provides WiFi, BT, GbE, USB 3.0, PCIe, HDMI 2.0, and more.

      Earlier this week when we reported on CompuLab’s CL-SOM-iMX8 compute module, there were only a few details on the board’s SBC-iMX8 Evaluation Kit. Now, Compulab has posted a product page and a price, which for single units including the COM, start at $415.

    • RF-enabled Raspberry Pi add-on brings Google Assistant to gizmos, speakers, and robots

      JOY-iT and Elector have launched a $42 “Talking Pi” RPi add-on that enables Google Home/AIY compatible voice activation of home automation devices linked to the Pi’s GPIO, and includes a mic board, PWM servo controls, and support for a 433MHz SRD radio.

      Elektor has begun selling a $42, open source voice control add-on board that is programmable via the Google Assistant SDK. Built by Germany based JOY-iT, and marketed by Conrad Business Supplies, the RF-enabled Talking Pi enables voice control of home automation equipment such as smart lights, power sockets, and other gizmos via addressable extensions to the Raspberry Pi’s GPIO.

Free Software/Open Source

  • Jio is committed to use open source technology: Akash Ambani

    Speaking at the India Digital Open Summit 2018, Akash Ambani, Director of Reliance Jio Infocomm, said that open source is very important for his company.

    “The year 2017 was the tipping point for AR and VR globally. In India, AR and VR are in the initial stages of adoption but at Jio, we believe it will grow at a 50 percent compounded rate for the next five years,” Akash said.

    He also spoke on the evolution of artificial intelligence and blockchain.

  • Pseudo-Open Source (Openwashing)

    • VMware and Pivotal’s PKS Distribution Marries Kubernetes with BOSH [Ed: It looks like Swapnil Bhartiya has been reduced to Microsoft propaganda and other openwashing puff pieces sponsored by proprietary software giants. We have given up on several writers who used to support GNU/Linux. Seeing their activity, it seems as though they ended up with neither gigs nor credibility (used to get far more writing assignments from LF, often for Microsoft openwashing).]
  • Licensing/Legal

    • Linux’s Grsecurity dev team takes blog ‘libel’ fight to higher court

      Open Source Security, Inc., the maker of the Grsecurity Linux kernel patches, suffered a setback last month when San Francisco magistrate judge Laurel Beeler granted a motion by defendant Bruce Perens to dismiss the company’s defamation claim, with the proviso that the tossed legal challenge could be amended.

      The code biz and its president Brad Spengler sued Perens over a blog post in June in which Perens said that using the firm’s Grsecurity software could expose customers to a contributory infringement claim under the terms of the Linux kernel’s GPLv2 license.

      Open Source Security contends that statement has damaged its business.

    • Israel’s Information and Communications Technology Authority Bows to Pressure to Comply with Affero GPL

      Under pressure from open source advocates, the Israeli Information and Communications Technology (ICT) Authority recently shared its first open source software, extensions made by the ICT Authority to the CKAN data portal platform to help make the platform usable in Hebrew.

      The CKAN software is an open source data portal platform used since 2016 by the ICT Authority to make Israeli government data open and available on its government database website. The CKAN software is licensed under the GNU AGPL Version 3 license, an “ultra-strong” open source license that requires users of modified versions of CKAN software to offer its source code, even in the absence of distribution, to users interacting with software over the Internet.

    • Xiaomi Violating GPL 2.0 License With Mi A1 Kernel Sources

      Xiaomi is in violation of the GPL 2.0 license of the Linux Kernel project by still not releasing the kernel sources for the Mi A1 Android One and has been publicly criticized on the matter by established Android developer Francisco Franco earlier this week. While the smartphone was released in September and the Chinese consumer electronics manufacturer’s official policy is to publicize kernel sources for its devices within three months of their market launch, the Android One edition of the Mi A1 remains undetailed in this regard. Mr. Franco — best known for his work on the Franco Kernel, one of the most popular custom OS cores in the Android ecosystem — had some harsh words for the company on Twitter, calling its laidback approach to publicizing the kernel sources for the Mi A1 “an embarrassment” for the open source community and the type of software it allows it to create its commercial devices in the first place.

  • Programming/Development

    • Hehe, still writing code for a living? It’s 2018. You could be earning x3 as a bug bounty hunter

      Ethical hacking to find security flaws appears to pay better, albeit less regularly, than general software engineering.

      And while payment remains one of the top rationales for breaking code, hackers have begun citing more civic-minded reasons for their activities.

      A survey of 1,700 bug bounty hunters from more than 195 countries and territories by security biz HackerOne, augmented by the company’s data on 900 bug bounty programs, has found that white-hat hackers earn a median salary that’s 2.7 times that of typical software engineers in their home countries.

      In some places, the gap is far more pronounced. In India, for example, hackers make as much as 16 times the median programmer salary. In the US, they earn 2.4 times the median.

Leftovers

  • China’s two-child policy has already stopped working

    When China officially ended its one-child policy in 2015, couples promptly heeded the call and had a lot more babies. Under its new two-child policy, China recorded 18.46 million births in 2016—the highest since 2000—with almost half of those babies having at least one older sibling.

    But in 2017, the number of live births fell 3.5% to 17.23 million from the year before, according to data released by the government. About half of them were second children in the family. The reason for the decline was attributed to a decrease in the number of women of fertile age and more women delaying marriage and pregnancy (paywall).

    [...]

    China’s working-age population has been falling since 2012, and the government warns of a “sharp decline” after 2030. A rapidly aging population will also put huge strain on the country’s social services.

  • Science

    • Using crumpled graphene balls to make better batteries

      Lithium metal-based batteries have the potential to turn the battery industry upside down. With the theoretically ultra-high capacity of lithium metal used by itself, this new type of battery could power everything from personal devices to cars.

    • Bullets and bombs on China’s high-speed rail network

      Christened Fuxing, which means “renaissance” or “rejuvenation” in Mandarin, the bullet trains will be able to cruise at 400 kilometres per hour and will replace the slower Hexie (“harmony”) locomotives on the nation’s sprawling 22,000 km high-speed rail network.

  • Health/Nutrition

    • Heading Off Global Action On Access To Medicines In 2018

      At the dawn of 2018, political and health leaders must seize the growing momentum and opportunities to tackle the protracted challenges of access to medicines that undermines efforts to save lives and improve health as committed under the Agenda 2030 SDG [Sustainable Development Goals] by all UN member states.

    • Angered by high prices and shortages, hospitals will form their own generic drug maker

      A

      Angered by rising prices and persistent shortages of generic drugs, four of the nation’s largest hospital systems are forming a new, not-for-profit manufacturer.

      The new company plans to either directly make or subcontract manufacturing to combat “capricious and unfair pricing practices” that are damaging the generic drug market and hurting consumers, according to a statement from the four hospital groups — Intermountain Healthcare, Ascension, SSM Health, and Trinity Health, which together run more than 300 hospitals.

      “It’s an ambitious plan,” said Dr. Marc Harrison, chief executive officer and president of Intermountain Healthcare, which is leading the initiative, “but healthcare systems are in the best position to fix the problems in the generic drug market. … We are confident we can improve the situation for our patients by bringing much needed competition to the generic drug market.”

    • U.S. court invalidates J&J cancer drug patent, hitting UK’s BTG

      A U.S. administrative court invalidated a Johnson & Johnson patent on its blockbuster prostate cancer drug Zytiga, bringing rivals closer to selling generic versions and hitting shares in its British partner BTG Plc .

      The Patent Trial and Appeal Board said a Johnson & Johnson patent describing a method of administering Zytiga should not have been granted because the process it described was obvious.

      Wednesday’s ruling was a victory for U.S. generic drug company Argentum Pharmaceuticals LLC, which had asked the board to invalidate the patent in the hope of being able to bring its own version to market.

    • Senate committee approves Trump pick for Health Secretary who vowed to tackle ‘gaming’ of the patent system

      But, even if Azar is unlikely to push for radical reforms, his words – coming as they do from a former branded pharmaceuticals chief – reflect the extent to which drug prices, and especially market exclusivity for pharmaceuticals, are under the political spotlight in the US at present. Whether or not Azar clears the final hurdle to become Health and Human Services Secretary, that seems unlikely to change – and one day, perhaps not too far into the distance, that might mean we see developments that could have a significant impact on the market where many big pharma patent owners tend to make most of their money.

    • Industry Alliance Report: Companies Invest In AMR R&D, Need More Pull Incentives

      According to a press release of the International Federation of Pharmaceutical Manufacturers and Associations (IFPMA), in 2016, 22 Alliance companies invested at least US$2 billion in research and development, and more than two out of three Alliance companies have strategies, policies or plans in place to improve access to their AMR-relevant products.

  • Security

    • CentOS Linux 7 and 6 Users Receive New Microcode Updates for Intel and AMD CPUs

      CentOS developers released new microcode updates for Intel and AMD processors for the CentOS Linux 7 and 6 operating system series to revert to the previous microcode update.

      CentOS Linux is an open-source, free, enterprise-class, and community-supported operating system based on and compatible with Red Hat Enterprise Linux. As such, it regularly receives new important security updates as soon as they are released upstream by Red Hat.

    • Ubuntu Preparing Kernel Updates With IBRS/IBPB For Spectre Mitigation

      Canonical has rolled out Spectre Variant One and Spectre Variant Two mitigation to their proposed repository with updated kernels for Ubuntu 14.04 LTS / 16.04 LTS / 17.10. These kernels with IBRS and IBPB added in will be sent down as stable release updates next week.

    • Canonical Invites Ubuntu Users to Test Kernel Patches for Spectre Security Flaw

      Canonical has released preliminary kernel updates to mitigate both variants of the Spectre security vulnerability in all supported Ubuntu Linux operating systems, including all official flavors.

      The company promised last week that it would release new kernel updates on Monday, January 15, 2018, for all supported Ubuntu releases. But it didn’t happen as they needed more time to thoroughly test and prepare the patches that would presumably address variant 1 and 2 of the Spectre exploit, which is harder to fix than Meltdown, so that it won’t cause any issues.

    • Purism Progress Report, Spectre Mitigation for Ubuntu, Malicious Chrome Extensions and More

      Canonical has made Spectre Variant One and Spectre Variant Two mitigation availble in Ubuntu Proposed with updated kernels for Ubuntu 14.04 LTS, 16.04 LTS and 17.10. Those kernels will be in the stable release updates starting January 22, 2018. See ubuntu insights for more information.

    • Security updates for Thursday
    • Security From Whom, Indeed
    • Firefox locks down its future with HTTPS ‘secure contexts’
    • EFF and Lookout Uncover New Malware Espionage Campaign Infecting Thousands Around the World

      The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign infecting thousands of people in more than 20 countries. Hundreds of gigabytes of data has been stolen, primarily through mobile devices compromised by fake secure messaging clients.

      The trojanized apps, including Signal and WhatsApp, function like the legitimate apps and send and receive messages normally. However, the fake apps also allow the attackers to take photos, retrieve location information, capture audio, and more.

    • Four Malicious Google Chrome Extensions Affect 500K Users
    • Latest Fedora 27 Linux Updated Live ISOs Ship with Meltdown and Spectre Patches

      Fedora ambassador and founder of the Fedora Unity project Ben Williams announced the release of a new set of updated live ISO images for the Fedora 27 Linux operating system.

      The F27-20180112 respin live installation images are now available, including the Linux 4.14.13-300 kernel with patches against the Meltdown and Spectre security vulnerabilities, as well as all the latest software updates and security fixes.

    • Some thoughts on Spectre and Meltdown

      Contrast that with what happened this time around. Google discovered a problem and reported it to Intel, AMD, and ARM on June 1st. Did they then go around contacting all of the operating systems which would need to work on fixes for this? Not even close. FreeBSD was notified the week before Christmas, over six months after the vulnerabilities were discovered. Now, FreeBSD can occasionally respond very quickly to security vulnerabilities, even when they arise at inconvenient times — on November 30th 2009 a vulnerability was reported at 22:12 UTC, and on December 1st I provided a patch at 01:20 UTC, barely over 3 hours later — but that was an extremely simple bug which needed only a few lines of code to fix; the Spectre and Meltdown issues are orders of magnitude more complex.

    • Menacing Malware Shows the Dangers of Industrial System Sabotage

      At the S4 security conference on Thursday, researchers from the industrial control company Schneider Electric, whose equipment Triton targeted, presented deep analysis of the malware—only the third recorded cyberattack against industrial equipment. Hackers [sic] were initially able to introduce malware into the plant because of flaws in its security procedures that allowed access to some of its stations, as well as its safety control network.

    • 25 per cent of hackers don’t report bugs due to lack of disclosure policies

      One of the standout discoveries was that almost 25 per cent of respondents said they were unable to disclose a security flaw because the bug-ridden company in question lacked a vulnerability disclosure policy (VDP).

    • ‘Professional’ hack [sic] on Norwegian health authority compromises data of three million patients [iophk: "Windows TCO"]
  • Transparency/Investigative Reporting

    • FBI Whistleblower on Pierre Omidyar and His Campaign to Neuter Wikileaks

      FBI whistleblower Sibel Edmonds asserts Pierre Omidyar decided to create The Intercept to not only take ownership of the Snowden leaks but also to continue his blockade against WikiLeaks and create a “honey trap” for whistleblowers.

      [...]

      Lee has also claimed that Assange is a “Putin fanboy” who doesn’t care “about government transparency if the government in question is Russia,” even though WikiLeaks has published information damaging to the Russian government while Putin was president. Lee also intimated that Assange may have a direct relationship to the Kremlin, an outlandish claim for which there is no basis.

      [...]

      Sibel Edmonds, FBI whistleblower and founder of the National Security Whistleblowers Coalition, told MintPress News that the FPF has a reputation for being a “very, very partisan organization and populated with ideologues.” She further asserted that the “number one reason” for the FPF’s decision was directly related to Wikileaks’ releases in 2016, namely the DNC leaks and the Podesta emails.

  • Environment/Energy/Wildlife/Nature

    • Facebook top choice for Philippines wildlife traders: Watchdog

      “This magnitude of commerce in live wild animals online is just mind-boggling,” said Serene Chng, TRAFFIC’s programme officer for South-east Asia.

    • Infiniti says it will go ‘all electric’

      Infiniti, the luxury brand of Japanese automaker Nissan, will start phasing out gas-powered vehicles in 2021 and switch to “all electrified” models, the maker’s new CEO Hiroto Saikawa said Tuesday afternoon.

      Making an appearance at the Automotive News World Congress in Detroit — his first in the U.S. since succeeding Carlos Ghosn as Nissan Motor Co. CEO last April — Saikawa also suggested that the Euro-Asian Renault-Nissan-Mitsubishi Alliance could look to add a fourth partner.

      “Infiniti will have a specific focus on electrification,” said Saikawa, adding, “We are trying to position Infiniti as the premier electrified brand” as part of the five-year Nissan business plan that will extend through 2022.

  • Finance

    • Corbyn on Carillion: we’ll end outsourcing ‘racket’ in rule change

      Labour will call a halt to the “outsourcing racket” exposed by Carillion’s collapse, by tearing up procurement rules to make the public sector the default choice for providing government services, Jeremy Corbyn has revealed.

      Carillion’s collapse has emboldened Corbyn to press home his message that Labour rejects the “dogma of privatisation”.

    • The Fall of Travis Kalanick Was a Lot Weirder and Darker Than You Thought

      A year ago, before the investor lawsuits and the federal investigations, before the mass resignations, and before the connotation of the word “Uber” shifted from “world’s most valuable startup” to “world’s most dysfunctional,” Uber’s executives sat around a hotel conference room table in San Francisco, trying to convince their chief executive officer, Travis Kalanick, that the company had a major problem: him.

    • Forget banks, in 2018 you’ll pay through Amazon and Facebook
    • Majority back continued single market membership after Brexit, new poll finds

      The majority of Britons would support remaining in the single market and customs union post-Brexit, a new opinion poll suggests.

      Some 60 per cent of those surveyed said they backed remaining in the single market, with 24 per cent neither agreeing nor disagreeing and 16 per cent opposed.

      The BMG Research poll for website Left Foot Forward found that 57 per cent said the UK should remain a member of the customs union, with 16 per cent said it should leave.

      The survey was carried out before French President Emmanuel Macron warned that a post-Brexit free trade agreement would not provide full access to the single market for financial services at the same level as that offered to members.

    • Power will always trump mutual interest in the Brexit talks

      Please use the sharing tools found via the email icon at the top of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email licensing@ft.com to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found at https://www.ft.com/tour.

      https://www.ft.com/content/7641d1f8-fc2e-11e7-9b32-d7d59aace167

      Politicians in London are looking on the bright side of the Brexit negotiations. The phase one deal in December showed agreement was possible and ministers have stopped issuing the empty threat that they were happy with “no deal”. In Germany last week, chancellor Philip Hammond described the negotiations as a “courtship”. Dangling the carrot of easy access to the British consumer in front of the EU27, an ally of the prime minister says “economics are going to come to the fore now”.

      The specific theory this official had in mind was one of constrained optimisation. Britain’s red lines are inviolable: it wants to be out of the single market, giving it regulatory freedom and immigration control; it wants to leave the customs union to allow autonomy in trading agreements; and it wants to end net contributions to the EU budget. Accepting those constraints, the optimisation part is for the EU27 to seek the best deal compatible with the UK’s stipulations.

      London envisages that economic considerations will dictate the answer. The result will be close to frictionless borders for goods but not people, mutual recognition of regulations and the UK continuing to sell services into the single market almost as now. Anything less would involve the EU shooting itself unnecessarily in the foot, it deduces.

    • Everything you need to know about the Brexit endgame in five minutes

      Things are going OK, right? We’ve got that first-phase agreement. Next they’ll talk transition and then a trade deal. Maybe everything’s going to be alright.

      Hah, you poor fool. No, we’re still screwed. Take a closer look at that first-phase agreement. It’s a tremendous fudge. It took the major problem at the heart of Brexit and kicked it into 2018.

      We’ve been given a hospital pass by our past selves?

  • AstroTurf/Lobbying/Politics

    • Here’s how Donald Trump changed social media

      US President weaponised Twitter, using it not just to reach the masses but to control news through bullying and distraction.

    • NBI: Case about search of journalist’s home should be handled behind closed doors

      The person in charge of the preliminary investigation, Markku Ranta-aho said that the police will request that the matter be handled in private and that the documents concerning the probe be confidentially sealed.

    • Newsweek says DA raided its offices for computer server information
    • Newsweek’s headquarters just got a visit from the police

      More than a dozen police showed up this morning at the office that serves as the shared headquarters for Newsweek magazine and IBT Media, which rebranded in 2017 as Newsweek Group, according to multiple sources who were present.

      The reason for the visit was not clear, but one employee said police were taking photos of the company’s servers.

      Employees said the police appeared to be from the NYPD, but a spokesperson for the NYPD said its officers were not involved. A spokesperson for the Manhattan District Attorney declined to comment.
      The office is at 7 Hanover Square in New York’s financial district. Police also visited the office in December, a former employee said. Employees were told that it was because a white substance had been mailed to Executive News Director Ken Li, which they were then told turned out to be a false alarm.

      Representatives for Newsweek Group did not immediately respond to questions.

    • Democrats Prepare Bill to Censure Trump over “Shithole” Comments

      On Capitol Hill, Democrats are preparing a bill that would formally censure Donald Trump over racist comments in which the president reportedly called African nations, El Salvador and Haiti “shithole countries.” The effort is being led by New York Congressmember Jerrold Nadler and Representative Cedric Richmond, chair of the Congressional Black Caucus. It comes as several Democratic lawmakers have announced they will skip the State of the Union address on January 30 over Trump’s racist remarks. Among them are Earl Blumenauer of Oregon, Frederica Wilson of Florida, Pramila Jayapal of Washington, Maxine Waters of California and John Lewis of Georgia.

    • ‘Independent’ Watchdog’s Secret Funder: Conservative Small-Government Group

      When former Chicago City Council inspector general Faisal Khan launched his not-for-profit anti-corruption group close to two years ago, he insisted that it was independent and nonpartisan.

      At the same time, Khan refused to disclose who was funding the organization, which he called Project Six — a reference to the group of civic leaders who led the fight against Al Capone during Prohibition.

      Now, records obtained by the Chicago Sun-Times and ProPublica Illinois show almost all the money to launch Khan’s Chicago-based watchdog organization came from a right-leaning group that is leading a crusade against government regulations, state spending and labor unions in Illinois.

      The most recent federal tax filing for the Illinois Policy Institute shows it gave $623,789 to Project Six in 2016 — accounting for 98 percent of the group’s first-year budget. The records don’t reveal — and Project Six officials haven’t said — where the rest of its money comes from.

    • Trump Ends Protections for El Salvador

      El Salvador is the latest country targeted by the Trump administration’s termination of protections for people under TPS, which provides relief for migrants fleeing humanitarian crises, reports Dennis J. Bernstein.

    • The President and the Porn Star
    • Moscow Protests Leak Of Russian Embassy Bank Transfers Around 2016 U.S. Election

      The Russian Foreign Ministry is demanding that the United States stop the leak of confidential diplomatic information after a media report this week provided details of what it said were “suspicious” Russian embassy bank transfers.

      The Kremlin demand on January 18 came after the U.S. online outlet Buzzfeed reported that U.S. officials investigating allegations of Russian interference in the 2016 U.S. presidential election are studying bank transfers to and from the Russian Embassy in Washington before and after the November 2016 election.

      Buzzfeed said U.S. banks flagged a number of embassy bank transfers and reported them to U.S. regulators, as required by U.S. law, because they were large and looked “suspicious.”

    • FBI investigating whether Russian money went to NRA to help Trump

      The FBI is investigating whether a top Russian banker with ties to the Kremlin illegally funneled money to the National Rifle Association to help Donald Trump win the presidency, two sources familiar with the matter have told McClatchy.

      FBI counterintelligence investigators have focused on the activities of Alexander Torshin, the deputy governor of Russia’s central bank who is known for his close relationships with both Russian President Vladimir Putin and the NRA, the sources said.

      It is illegal to use foreign money to influence federal elections.

      It’s unclear how long the Torshin inquiry has been ongoing, but the news comes as Justice Department Special Counsel Robert Mueller’s sweeping investigation of Russian meddling in the 2016 election, including whether the Kremlin colluded with Trump’s campaign, has been heating up.

      All of the sources spoke on condition of anonymity because Mueller’s investigation is confidential and mostly involves classified information.

    • How Trump’s Base Inspired an International Racist Fiasco, Again

      Stephen Miller, the administration’s latest iteration of Official Screaming Person, flexed his White House muscles last week and made history in all the wrong ways. Everything that has gone down since “Shithole Thursday” — the collapse of Deferred Action for Childhood Arrivals (DACA) negotiations, the real threat of a government shutdown and an eruption of unvarnished racist invective from the president of the United States — came about because Miller picked up the phone with one priority in mind: Play to the Trump base.

      Unspooling this pluperfect fiasco takes some doing. A week ago Tuesday, Donald Trump staged a bit of theater by not being demonstrably incapacitated by incompetence for 90 whole minutes during a meeting with members of Congress on immigration. The White House felt such a performance was necessary after Trump went on Twitter and accused the leader of a volatile nuclear adversary of having a small penis. Editorial pages from sea to shining sea were dusting off the text of the 25th Amendment again, so a good showing with the Congress members was pretty much required.

      During the entire Tuesday meeting, Trump was smiling, friendly and coherent. He was open to several legislative proposals offered by Democrats, including one for a clean DACA bill, to which he reacted enthusiastically — said enthusiasm being later erased “accidentally” from the transcript of the event. The press loved it. That night, most news stations led their evening broadcasts with some permutation of, “Wow, the president didn’t humiliate us all today!”

  • Censorship/Free Speech

    • Marriott says it chose to stop posting on social media after China ban

      The Shanghai government had shut down Marriott’s Chinese website and mobile app for a week as punishment for a Mandarin-language survey sent to customers that listed Tibet, Taiwan, Hong Kong, and Macau as separate countries, as reported by Reuters. There was backlash from the Chinese public as well. Marriott’s Instagram posts from a week ago are littered with comments like “get out of China” and “remember!people’s republic of china!only one!marriott hotels roll out of china!”

    • Facebook and Google outline unprecedented mass censorship at US Senate hearing

      Behind the backs of the US and world populations, social media companies have built up a massive censorship apparatus staffed by an army of “content reviewers” capable of seamlessly monitoring, tracking, and blocking millions of pieces of content.

      The character of this apparatus was detailed in testimony Wednesday from representatives of Facebook, Twitter, and Google’s YouTube before the United States Senate Committee on Commerce, Science, and Transportation, chaired by South Dakota Republican John Thune.

      The hearing was called to review what technology companies are doing to shut down the communications of oppositional political organizations. It represented a significant escalation of the campaign, supported by both Democrats and Republicans, to establish unprecedented levels of censorship and control over the Internet.

    • YouTube and Google planning new anti-extremism technique: the ‘Redirect Method’

      Social media giants Facebook, Twitter, and YouTube appeared in front of the US Senate cyber-terror committee yesterday and everyone seemed very happy with the progress they have made in tackling extremist content.

      The session, which was entitled “Terrorism and Social Media: #IsBigTechDoingEnough?” was expected to be a grilling of the three platforms seen by many as being most responsible for the spread of extremist content online.

    • The problem with human moderators

      If Big Tech in 2018 already has a theme, it’s that social networks are passive platforms no longer. Since the new year, both Facebook and YouTube have stepped up with new guidelines and processes to manage — and in some cases police — content on their networks.

      All of this started well before the new year, of course. Twitter has been following through on a lengthy project to both clarify its content policies and take a more active role in saying who and what is allowed on its platform, most recently with its so-called “Nazi purge.” The current trend arguably started with Reddit, when then-CEO Ellen Pao pushed for tighter control of harassment and revenge porn on the site.

    • Philippines Trying To Shut Down Popular News Site For Reporting On President Duterte

      From Filipinos I’ve spoken to, they seem rightfully proud of this right to free speech. And they should be. But these things only matter if they’re actually respected. And there’s growing evidence that, under President Duterte, there’s little respect for such things. A few days ago, the news broke that the Philippines Securities and Exchange Commission was pulling the license of Rappler, a popular Filipino news source started by Maria Ressa. I was privileged to hear Ressa speak at a conference last summer (she was originally supposed to be a participant in a session that I was organizing, but it was much better having her speak separately about the challenges she was facing in covering news in the Philippines). Rappler has really done some amazing work under fairly challenging circumstances.

      And… it appears that those challenging circumstances are leading the government in the Philippines to try to shut them down. The official reason for pulling the license is the claim from the SEC that Rappler has violated rules concerning foreign ownership.

    • Bigoted Landlord Files Criminal Complaint Against Critic Who Called Him Bigoted

      In yet another example of how the UK’s government’s stated respect for free speech is continually undercut by its actions, a bigoted landlord is bringing charges against a YouTuber for calling him bigoted.

    • Iowa State’s Attempt To Violate Its Students First Amendment Rights To Cost State Nearly $400k In Damages

      In the early part of 2017, we brought you the story of an Iowa State University student group pushing for marijuana reform in the state that was being targeted by the university for trademark infringement after the group used some school iconography on t-shirts it developed for its cause. The whole episode was fairly bonkers, with the school initially approving the students’ use of the imagery, only to rescind that approval after Iowa House Republicans sent a letter to the school’s leadership questioning the decision. That sort of infringement of speech by a school and, in the background, by state legislators that really should have known better, was always destined to result in legal proceedings, given the enormous First Amendment implications. Well, as we reported, that trial ran its course, including an appeal, and was decided in the favor of the student group.

      While all of that was settled last year, what we didn’t know until recently is just how much taxpayer money would be paid out as a result of a public university and state legislators seeking, quite plainly, to infringe on perhaps the most sacred right this country enjoys. Now we have an answer to that question: at least $350,000.

    • EFF to Court: Requiring Universities to Ban Anonymous Online Speech Platforms on Campus is Counterproductive and Unconstitutional

      Requiring public universities to ban access to anonymous online speech platforms would undermine activism occurring on those campuses and violate the First Amendment, EFF argued in a brief filed on Thursday.

      Plaintiffs in the case, Feminist Majority Foundation et al. v. University of Mary Washington, claim that university officials violated federal anti-discrimination law by not taking appropriate steps to address threats and harassment directed at students, including messages posted on the now-defunct online platform Yik Yak.

      One way university officials could have prevented the harassment, according to plaintiffs, is by blocking access to Yik Yak. After a federal trial court dismissed their claims last year, the plaintiffs appealed to the U.S. Court of Appeals for the Fourth Circuit.

  • Privacy/Surveillance

    • A Bunch Of Politicians Who Complain About Trump’s Authoritarian Tendencies Just Gave Him 6 Years To Warrantlessly Spy On Americans

      As was widely expected after Tuesday’s close vote on cloture, the Senate officially voted to renew (in a somewhat expanded way) Section 702 of the FISA Amendments Act by a vote of 65 to 34. That also means a few of those who voted against cloture switched over and voted for the program, including Senators Ted Cruz and Chuck Schumer. President Trump will almost certainly sign the bill shortly, despite confusing basically everyone last week by tweeting out complaints about the program, despite his White House vehemently supporting it.

      Trump’s confusion isn’t all that surprising. What is surprising is just how many people who have been complaining and warning about Trump made this possible. In the House, vocal Trump critics including Nancy Pelosi, Adam Schiff and Eric Swalwell were among those who voted for this bill which, again, gives the FBI the power to spy on Americans without warrants via the collection of content (not metadata) swept up by the NSA. While defenders of the program keep insisting the program cannot be used to “target” Americans, they leave out that a ridiculous amount of American content is swept up into this collection, which can then be sifted through without a warrant, including a huge amount of communications of Americans.

    • Stasi files: scanner struggles to stitch together surveillance state scraps
    • After The ‘Octopus Incident’ White House Threatened To Stop ‘Menacing Logos’ From Spy Satellites

      Records released to William Pierce show that the fallout from the National Reconnaissance Office’s infamous “world-eating octopus” logo was enough for the White House to threaten veto power over future logos on spy satellites. Despite this warning to steer clear of controversy, the designers for the NROL-76 logo tried their best to sneak in a “Talladega Nights” reference – even resorting to Latin to get around copyright.

      In early May of 2016, someone within the NRO asked if the mission patch for the NROL-76 mission had been approved.

    • How License Plate Covers Would Protect Vulnerable Communities

      EFF is a strong supporter of S.B. 712, a California bill that would allow vulnerable communities to cover their license plates when parked. This provides a way for individuals to protect their confidentiality when visiting sensitive locations, such as religious sites of worship, medical facilities, and social support centers.

      Under current law, drivers can cover their entire vehicles, including the license plates, when parked. S.B. 712 simply says that you are allowed to cover just the plate when you are parked. This common-sense solution allows drivers to opt-out of unwanted data collection when they have reached their destinations, not unlike how installing an ad-blocker may prevent online advertisers from gathering your information.

      The threat to privacy is increasing as automated license plate readers (ALPRs) have made it easier for private companies to amass billions of records in commercial databases. This data can be used to track drivers in real time or to reveal their travel patterns and community networks.

    • Congress Just Passed a Terrible Surveillance Law. Now What?

      Both Democrats and Republicans deserve sharp criticism for continuing to allow the NSA to engage in mass, warrantless spying.

      Congress today missed a historic opportunity to reform an unconstitutional surveillance law, instead passing a version that makes it worse. Both Democrats and Republicans deserve sharp criticism for continuing to allow the NSA to engage in mass, warrantless spying.

      (You can see how your member of Congress voted here and here, so they can be held accountable.)

      The vote concerned Section 702 of the Foreign Intelligence Surveillance Act — a law disclosed by Edward Snowden that revealed the NSA had been spying on Americans in unprecedented ways. As a result of the expiration of this law, Congress needed to decide, for the first time since those revelations, whether to reform, reauthorize, or do away with the law altogether.

      For years, the government claimed that Section 702 was primarily used to stop foreign terrorists. In 2013, we learned that was a lie. The government uses the hundreds of millions of communications collected under Section 702 — which it gets directly from tech companies or by tapping into the physical infrastructure that makes up the internet — to access the sensitive information of Americans for purposes that have nothing to do with national security.

    • California Police Chiefs Misrepresent License Plate Privacy Bill

      EFF supports S.B. 712, a California bill that would allow drivers to cover their plates when they’re parked. This simple privacy measure would create an opportunity for drivers to protect sensitive information about their travel and whereabouts from mass collection by law enforcement and private data brokers.

      The threat is all too real. Police agencies have surveilled Muslims by collecting plates in parking lots at mosques. Police officers have used license plates of vehicles parked at gay clubs to blackmail patrons. Anti-choice activists are trained to amass license plates of doctors and patients parked at reproductive health centers. Immigration & Customs Enforcement plans to use private license plate databases, effectively dodging state restrictions on data sharing, as it ramps up its deportation efforts.

      The California Police Chiefs Association opposes our bill. This week, its lobbyists issued a “floor alert” to state senators that misrepresents how the bill would work.

    • EFF to NSA: you scammed your way to another six years of warrantless spying, and you’d better enjoy it while it lasts

      Last week, cowards from both sides of the aisle caved into America’s lawless spy agencies, and today bipartisan senators reprised that cowardice to ensure that the Senate would not get a chance to vote on amendments to the renewal of Section 702, the rule that has allowed the NSA to conduct mass, warrantless surveillance on Americans in secret, without meaningful oversight or limits.

      It was a crushing defeat for anyone who cares about civil liberties, the rule of law, and the Bill of Rights. In a stirring open letter, Electronic Frontier Foundation executive director Cindy Cohn (previously) gives us all the furious post-game analysis we need: people everywhere, of every political persuasion, are waking up to the dangers of the mass surveillance that the spies poisoned the digital world with, and their time is running out. More people than ever, from more walks of life, stood up for limits on Section 702, and that number will only grow from here on in.

    • Senate passes bill renewing internet surveillance program

      The U.S. Senate on Thursday passed a bill to renew the National Security Agency’s warrantless internet surveillance program for six years with minimal changes, overcoming objections from civil liberties advocates that it undermined the privacy of Americans.

      The legislation, which easily passed the House of Representatives last week, is expected to be signed into law by President Donald Trump by Friday.

    • NSA surveillance programs renewed by Senate

      With little debate, the US Senate voted 65 to 34 Thursday to renew the law authorizing key surveillance programs run by the National Security Agency.

      The programs, known as Prism and Upstream, allow the NSA to collect online communications of foreigners outside the US. Prism collects these communications from internet services, and Upstream taps in to the internet’s infrastructure to capture information in transit. Some communications from Americans and others in the US are collected in the process.

    • An Open Letter to Our Community On Congress’s Vote to Extend NSA Spying From EFF Executive Director Cindy Cohn

      Today, the United States Congress struck a significant blow against the basic human right to read, write, learn, and associate free of government’s prying eyes.

      Goaded by those who let fear override democratic principles, some members of Congress shuttered public debate in order to pass a bill that extends the National Security Agency’s unconstitutional Internet surveillance for six years.

    • Senate passes bill to renew controversial NSA spying powers

      The bill was passed 65 to 34, and now moves to President Trump’s desk. He is expected to sign it into law. Earlier this week, a group of senators threatened to filibuster the bill, but lawmakers cleared a 60-vote hurdle earlier this week that allowed them to block the attempt.

      The bill allows for continued spying operations under Section 702 of the Foreign Intelligence Surveillance Act. Critics charge that the bill, which renews 702 and powers National Security Agency spying, is nominally for foreign targets, but allows the government to sweep up American communications with few safeguards.

    • It Wasn’t Just Republicans — Democrats Also Voted to Shut Down Debate on Trump Administration’s Surveillance Powers

      A critical mass of Senate Democrats voted with Republicans on Tuesday to shut down any further debate on a bill that strengthens the government’s spying powers. The bill would renew a key surveillance authority for the National Security Agency until 2023 and consolidate the FBI’s power to search Americans’ digital communications without a warrant.

      The motion, which passed 60-38, virtually guarantees that the final bill will pass likely later this week and quashes any opportunity to debate whether protections should be added. Eighteen Democrats — including Sen. Dianne Feinstein, who had previously proposed an amendment to restrict the FBI’s surveillance authority — voted in support of the motion. They were joined by 41 Republicans and one independent, Angus King, giving the pro-surveillance bloc the supermajority needed to push the bill forward. Sens. John McCain, R-Ariz., and Dan Sullivan, R-Ala., did not vote.

    • US Senate Ends Debate on NSA’s Warrantless Mass Surveillance Proposal

      The bill in question doesn’t bode well for American citizens. Nor is it good news for anyone else on the planet, as the NSA conducts mass surveillance on a very large scale these days. The government agency was granted significant surveillance power decades ago, and it seems things have only gotten worse over time. This week, the US Senate moved a step closer to giving the NSA the right to spy on all American citizens in a virtually limitless and warrantless manner, which is shocking.

  • Civil Rights/Policing

    • Facebook is a ‘living, breathing crime scene,’ says one former tech insider

      “Facebook is a living, breathing crime scene for what happened in the 2016 election — and only they have full access to what happened,” said Tristan Harris, a former design ethicist at Google. His work centers on how technology can ethically steer the thoughts and actions of the masses on social media and he’s been called “the closest thing Silicon Valley has to a conscience” by The Atlantic magazine.

    • Tencent Widens Its Lead Over Facebook

      That entrenches the Chinese company among the global top five, well ahead of arch-foe Alibaba Group Holding Ltd. Investors are betting that Tencent can lean on its billion-plus users and hit games to evolve into an advertising and entertainment titan along the lines of a Google or Facebook. Created almost two decades ago as a desktop messaging platform before morphing into one of the world’s biggest purveyors of video games, the argument is that its dominance of Chinese social networking also bankrolls an expansion into newer markets from video streaming to finance.

    • Tory youth tsar Ben Bradley backed police brutality

      A vice-chairman of the Conservative Party said that “police brutality should be encouraged” after the London riots, The Times can reveal.

    • Diversion Keeps Kids Out of the Criminal Justice System, but Too Many Police in New Jersey Fail to Use It

      Ending mass incarceration starts with keeping young people from being arrested in the first place.

      We’ve all seen something like this on TV or in an old movie: A parent arrives at a police station to pick up their child, who, instead of being arrested and charged with a crime, has just been given a stern warning and an opportunity to make amends.

      The technical term for this practice is diversion, and it’s a critical tool in ending mass incarceration. If we’re going to reduce the number of people we put behind bars, we can’t only focus on people who are incarcerated or who have already had extensive contact with the criminal justice system. We need to prevent that involvement in the first place. That starts in childhood with diversion.

      A forthcoming report from the ACLU of New Jersey, “Missed Opportunities: Youth Diversionary Programs in New Jersey,” delves into strategies to stop the criminalization of our youth, specifically programs that allow young people to avoid arrest for low-level offenses.

    • Appeals Court Says Accessing Data In A Way The Host Doesn’t Like Doesn’t Violate Computer Crime Laws

      The Ninth Circuit Court of Appeals has ruled [PDF] that accessing publicly-accessible info in a way the hosting entity has said isn’t permissible isn’t a violation of the law. In this case, it’s a couple of laws, since Oracle’s bid to shut down a competitor involves two different states and two different computer crime laws.

      Oracle sued Rimini Street alleging a bunch of computer law-related violations after it continued to harvest data without Oracle’s explicit permission. The EFF, which filed a brief in this case backing Rimini Street, breaks down the details of the alleged violation.

    • Baltimore Judge Tosses Alford Plea, Rebuking Prosecutor

      In a hearing in Baltimore City Circuit Court today, a judge threw out Demetrius Smith’s conviction for a shooting he has long insisted he did not commit and chastised the prosecutor in the case for making several misrepresentations to the court.

      Judge Barry Williams said wiping the shooting conviction from Smith’s record was “in the interest of justice,” adding “there’s too much going on to leave it as is.”

      Smith rejoiced that after a nine-year odyssey through the justice system, he had finally cleared his name. The conviction, he said, “shouldn’t be on my record, because I’m innocent. Period.”

    • Macron-May talks: UK and France must put a stop to ‘systematic violation’ of Calais refugees, warn charities

      The UK and France must urgently put an end to the “systematic violation” of refugees in Calais, a group of charities has warned.

      In a letter shared exclusively with The Independent, eight aid organisations urged leaders Theresa May and Emmanuel Macron to uphold their commitment to human rights law, as conditions for the thousands living on the border become increasingly perilous.

      The group, which includes l’Auberge des Migrants, Help Refugees, Safe Passage and Utopia56, wrote to the leaders on the same day Ms May welcomed the French President to the UK-France Summit at the Royal Military Academy in Sandhurst.

  • Internet Policy/Net Neutrality

    • .UK overseer Nominet abandons its own charitable foundation – and why this matters

      Nominet, which runs the UK’s domain-name registry, has abandoned its own charitable foundation, raising questions about the organization’s direction and accountability.

      In an email earlier this week, CEO Russell Haworth stunned members of the non-profit, public-interest outfit by announcing that he was withdrawing from the Nominet Trust – a foundation set up over a decade ago by Nominet’s board to deal with excess revenue from registrations of .uk domain names.

      “We’ve been working with Nominet Trust to think about how best to deliver public benefit,” Haworth wrote. “It became clear that the grant-giving, single funder model we set up in 2008 was not the most effective route to greatest impact moving forward. With that in mind, we have agreed that Nominet Trust should be free to attract other investors in order to fulfill their social tech ambitions.”

    • Senate panel approves FCC commissioner for full term

      The panel advanced the nomination in a 14-13 party-line vote on Thursday. Carr, a Republican, was nominated and confirmed in August to a partial term that was set to expire later this year.

    • FCC Won’t Redefine ‘Broadband;’ Move Could Have Worsened Digital Divide

      The FCC announced Thursday that it will continue to define home broadband as connections that are 25 megabits per second (mbps). The commission also established a new standard for mobile broadband as a connection of 10mbps or higher, and said it had rejected the idea—which it had floated last year—of labeling mobile internet service an adequate replacement for home broadband.

    • FCC admits mobile can’t replace home Internet, won’t lower speed standard

      Pai’s FCC has determined that mobile broadband is not a full substitute for home Internet services. The FCC says this even after previously suggesting that mobile Internet might be all Americans need. The FCC also won’t be lowering the speed standard that it uses to judge whether broadband deployment is happening quickly enough.

    • The first lawsuits to save net neutrality have been filed

      Attorneys general from 22 states filed a lawsuit on Tuesday to block the repeal of the rules. Mozilla, maker of the Firefox browser, also said it has filed a suit against the FCC, and several public interest groups have filed petitions in court.

      New York Attorney General Eric Schneiderman is leading the charge among the states, calling the FCC’s repeal “arbitrary and capricious,” according to a press release announcing the lawsuit. The suit also claims that the FCC “improperly and unlawfully includes sweeping preemption of state and local laws.”

    • Senate Push To Save Net Neutrality Needs Just One Vote, But You Still Shouldn’t Get Your Hopes Up

      While success here has long odds (though this shouldn’t discourage you from contacting your lawmaker anyway), the gambit does have the practical purpose of forcing AT&T, Verizon and Comcast’s lackeys in both houses to put their disdain for the public down on the public record. That’s going to prove particularly useful during the looming midterms, where net neutrality is very quickly becoming a wedge issue. That’s especially true among Millennial voters, who seem to have a more innate understanding of why letting Comcast run amok isn’t a particularly great idea.

      The entire effort again highlights the stupidity of viewing net neutrality through a partisan lens. Despite a healthy, competitive internet being in everybody’s best interest, ISPs have spent fifteen years successfully framing net neutrality as a partisan issue to help sow dissent and stall progress on meaningful rules. Survey after survey however have indicated that the concept has broad, bipartisan support among the public at large. Anger at being ignored will drive voter turnout, and lawmakers (as well as Ajit Pai, whose post-FCC political ambitions couldn’t be clearer) are going to figure that out the hard way.

      All of that said, there’s still plenty of ways to bring net neutrality back to the table should this effort fail. While it will take a while, the looming lawsuits have a solid chance at reversing the FCC’s repeal given the FCC’s numerous procedural and ethical missteps. A massive shakeup in Congress could also finally drive support for a real net neutrality law down the road, provided ISPs aren’t successful in passing their own, entirely bogus legislation first.

    • Mozilla, Consumer Groups Sue The FCC For Its Attack On Net Neutrality

      The Open Technology Institute also says it also filed its own lawsuit against the FCC early, hoping to ensure a favorable court selection during the Panel on Multidistrict Litigation (MDL) lottery. All told, four of the net neutrality lawsuits were filed in the United States Court of Appeals for the District of Columbia Circuit, while the Free Press lawsuit was filed in the United States Court of Appeals for the First Circuit.
      This is just the opening salvo in what will be a long-standing legal standoff between people who’d prefer the internet remain healthy and competitive, and ISPs eager to abuse a lack of competition in the broadband last mile to their own, additionally anti-competitive advantage. All of the lawsuits will attempt to prove that the FCC violated the Administrative Procedure Act by engaging in an “arbitrary and capricious” reversal of extremely popular policy without proving that the broadband market changed dramatically enough in just two years to warrant it.

      As we’ve noted previously, the lawsuits will also focus on how the FCC turned a blind eye to identity theft and comment fraud during the FCC’s open comment period, and efforts by some group or individual to try and downplay the massive public opposition to the FCC’s handout to the telecom sector. Expect more details on the origins (and potentially funding) of these efforts as the legal fight moves forward over the coming months and years. Though some ISPs surely won’t be able to help themselves, expect ISPs to try and remain on their best behavior for a while to avoid undermining their arguments in court.

  • Intellectual Monopolies

    • Google inks patent deal with Tencent

      “We’re pleased to enter into a patent cross-license with Tencent. [...] ”

    • Trademarks

      • Trump DOJ Considering Challenging Brunetti Scandalous Mark Decision

        In Brunetti, the Federal Circuit extended Matal v. Tam, 137 S. Ct. 1744 (2017) to further reject the Lanham Act’s restriction on registration of immoral or scandalous marks — finding the limitation to be an unconstitutional restriction of free speech. (In Tam, the Supreme Court found the restriction on registering disparaging marks to be unconstitutional.)

        In this case, the USPTO is being represented by attorneys from the Department of Justice rather than the its own internal solicitors. The DOJ is considering requesting en banc rehearing and has now requested and received an extension to file its petition until February 12, 2018.

    • Copyrights

      • EFF to Court: Linking Is Not Copyright Infringement

        Playboy Entertainment’s lawsuit accusing acclaimed website Boing Boing of copyright infringement—for doing nothing more than reporting on a historical collection of Playboy centerfolds—is groundless and should be thrown out, the Electronic Frontier Foundation (EFF) told a federal court today.

        As EFF and co-counsel Durie Tangri LLP explain in a request to dismiss the lawsuit filed on behalf of Boing Boing owner Happy Mutants LLC, Playboy’s copyright claim seeks to punish Boing Boing for commenting on and linking to an archive of Playboy “playmate” centerfold images that a third party posted. The blog contained links to an imgur.com page and YouTube video—neither of which were created by Boing Boing. But courts have long recognized that simply linking to content on the web isn’t unlawful.

      • Happy Together Once More: The California Supreme Court and Congress Take Up The Question of Copyright in Old Music Recordings

        Federal copyright law doesn’t give artists and labels the right to control most ways music recordings are played in public. That’s how FM and AM radio stations work. That’s how stores playing soothing “don’t you want to buy something?” music work. And that’s how restaurants playing music at an uncomfortably loud decibel so you can’t talk to your friends work. But because older recordings aren’t covered by these laws, some copyright holders keep trying to use them to gain more control over how their recordings are played – something they’ve never been able to do.

        EFF just weighed in on one of these cases, in the California Supreme Court. In Flo & Eddie v. Pandora Media, we argued that state law, which governs sound recordings made before 1972, doesn’t include a right to control public performances of sound recordings, including radio play. If this sounds familiar, that’s because this fight has played out across the country over the past three years. The high courts of New York and Florida have already ruled that their own state laws don’t let pre-1972 copyright holders control public performances of their sound recordings.

      • Copyright, The First Wave of Internet Censorship

        When someone wants to remove speech from the Internet, the Digital Millennium Copyright Act’s (DMCA) notice and takedown process can provide the quickest path. This has made copyright law a tempting tool for unscrupulous censors. As content companies push for even more control over what gets posted online, it’s important to remember that any tool used to police copyright will quickly be abused, then adapted, to censor speech more widely.
        We’ve seen abusive DMCA takedown notices from a would-be Senate candidate, small businesses, and Ecuador’s President. We’ve also seen robots-run-amok and sending takedowns for public domain material and white noise. One disturbing trend involves businesses targeting bad reviews. The business, or a shadowy reputation management company acting on its behalf, copies the bad review and “publishes” it elsewhere on the Internet. The business then sends a DMCA takedown notice alleging infringement of the copied, and falsely backdated, review.

      • Playboy is suing Boing Boing – but linking is not copyright infringement

        Playboy’s lawsuit is based on an imaginary (and dangerous) version of US copyright law that bears no connection to any US statute or precedent. Playboy — once legendary champions for the First Amendment — now advances a fringe copyright theory: that it is illegal to link to things other people have posted on the web, on pain of millions in damages — the kinds of sums that would put us (and every other small publisher in America) out of business.

01.18.18

Links 18/1/2018: MenuLibre 2.1.4, Git 2.16 Released

Posted in News Roundup at 12:39 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Reliance Jio and global tech leaders come together to push Open Source in India

    The India Digital Open Summit which will be held tomorrow at the Reliance Corporate Park campus in Navi Mumbai -is a must-attend event for industry leaders, policymakers, technologists, academia, and developer communities working towards India’s digital leadership through Open Source platforms.

    The summit is hosted by Reliance Jio in partnership with the Linux Foundation and supported by Cisco Systems.

  • Open-source software simulates river and runoff resources

    Freshwater resources are finite, unevenly distributed, and changing through time. The demand—and competition—for water is expected to grow both in the United States and in the developing/developed world. To examine the connection between supply and demand and resulting regional and global water stresses, a team developed Xanthos. The open-source hydrologic model is available for free and helps researchers explore the details and analyze global water availability.

    Researchers can use Xanthos to examine the implications of different climate, socioeconomic, and/or energy scenarios over the 21st century. They can then assess the effects of the scenarios on regional and global water availability. Xanthos can be used in three different ways. It can operate as an independent hydrologic model, driven, for example, by scenarios. It can serve as the core freshwater supply component of the Global Change Assessment Model, where multiple sectors and natural systems are modeled simultaneously as part of an interconnected, complex system. Further, it can be used by other integrated models and multi-model frameworks that focus on energy-water-land interactions.

  • “The Apache Way” — Open source done well

    I was at an industry conference and was happy to see many people stopping by the Apache booth. I was pleased that they were familiar with the Apache brand, yet puzzled to learn that so many were unfamiliar with The Apache Software Foundation (ASF).

    For this special issue, “All Eyes On Open Source”, it’s important to recognize not just Apache’s diverse projects and communities, but also the entity behind their success.

    Gone are the days when software and technology, in general, were developed privately for the benefit of the few. As technology evolves, the challenges we face become more complex, and the only way to effectively move forward to create the technology of the future is to collaborate and work together. Open Source is a perfect framework for that, and organizations like the ASF carry out a decisive role in protecting its spirit and principles.

  • Web Browsers

    • Mozilla

      • Firefox Telemetry Use Counters: Over-estimating usage, now fixed

        Firefox Telemetry records the usage of certain web features via a mechanism called Use Counters. Essentially, for every document that Firefox loads, we record a “false” if the document didn’t use a counted feature, and a “true” if the document did use that counted feature.

      • Firefox 58 new contributors
      • Giving and receiving help at Mozilla

        This is going to sound corny, but helping people really is one of my favorite things at Mozilla, even with projects I have mostly moved on from. As someone who primarily works on internal tools, I love hearing about bugs in the software I maintain or questions on how to use it best.

        Given this, you might think that getting in touch with me via irc or slack is the fastest and best way to get your issue addressed. We certainly have a culture of using these instant-messaging applications at Mozilla for everything and anything. Unfortunately, I have found that being “always on” to respond to everything hasn’t been positive for either my productivity or mental health. My personal situation aside, getting pinged on irc while I’m out of the office often results in stuff getting lost — the person who asked me the question is often gone by the time I return and am able to answer.

      • Friend of Add-ons: Trishul Goe

        Our newest Friend of Add-ons is Trishul Goel! Trishul first became involved with Mozilla five years when he was introduced to the Firefox OS smartphone. As a JavaScript developer with an interest in Mozilla’s mission, he looked for opportunities to get involved and began contributing to SUMO, L10n, and the Firefox OS Marketplace, where he contributed code and developed and reviewed apps.

        After Firefox OS was discontinued as a commercial product, Trishul became interested in contributing to Mozilla’s add-ons projects. After landing his first code contributions to addons.mozilla.org (AMO), he set about learning how to develop extensions for Firefox using WebExtensions APIs. Soon, he began sharing his knowledge by leading and mentoring workshops for extension developers as part of Mozilla’s “Build Your Own Extension” Activate campaign.

      • Making WebAssembly even faster: Firefox’s new streaming and tiering compiler

        People call WebAssembly a game changer because it makes it possible to run code on the web faster. Some of these speedups are already present, and some are yet to come.

        One of these speedups is streaming compilation, where the browser compiles the code while the code is still being downloaded. Up until now, this was just a potential future speedup. But with the release of Firefox 58 next week, it becomes a reality.

        Firefox 58 also includes a new 2-tiered compiler. The new baseline compiler compiles code 10–15 times faster than the optimizing compiler.

      • Firefox 58 Bringing Faster WebAssembly Compilation With Two-Tiered Compiler

        With the launch of Mozilla Firefox 58 slated for next week, WebAssembly will become even faster thanks to a new two-tiered compiler.

      • New Kernel Releases, Net Neutrality, Thunderbird Survey and More

        In an effort to protect Net Neutrality (and the internet), Mozilla filed a petition in federal court yesterday against the FCC. The idea behind Net Neutrality is to treat all internet traffic equally and without discrimination against content or type.

        Make your opinions heard: Monterail and the Thunderbird email client development team are asking for your assistance to help improve the user interface in the redesign of the Thunderbird application. Be sure to take the survey.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • LLVM 6.0-RC1 Makes Its Belated Debut

      While LLVM/Clang 6.0 was branched earlier this month and under a feature freeze with master/trunk moving to LLVM 7.0, two weeks later the first release candidate is now available.

      Normally the first release candidate comes immediately following the branching / feature freeze, but not this time due to the shifted schedule with a slow start to satisfy an unnamed company seeking to align their internal testing with LLVM 6.0.

  • Licensing/Legal

    • Hackers can’t dig into latest Xiaomi phone due to GPL violations

      Yet another Android OEM is dragging its feet with its GPL compliance. This time, it’s Xiaomi with the Mi A1 Android One device, which still hasn’t seen a kernel source code release.

      Android vendors are required to release their kernel sources thanks to the Linux kernel’s GPLv2 licensing. The Mi A1 has been out for about three months now, and there’s still no source code release on Xiaomi’s official github account.

    • 2017 – The Year in Which Copyright Went Beyond Source Code

      2017 was a big year for raising the profile of copyright in protecting computer programs. Two cases in particular helped bring attention to a myth that was addressed and dispelled some time ago but persists in some circles nonetheless. Many lawyers hold on to the notion that copyright protection for software is weak because such protection inheres in the source code of computer programs. Because most companies that generate code take extensive (and often successful) measures to keep source code out of the hands of third parties, the utility of copyright protection for code is often viewed as limited. However, copyright also extends to the “non-literal elements” of computer programs, such as their sequence, structure and organization, as well as to things such as screen displays and certain user interfaces. In other words, copyright infringement can occur when copying certain outputs of the code without there ever having been access to the underlying code itself.

  • Programming/Development

    • Git v2.16.0

      The latest feature release Git v2.16.0 is now available at the usual places. It is comprised of 509 non-merge commits since v2.15.0, contributed by 91 people, 26 of which are new faces.

    • Git 2.16 Released

      Git maintainer Junio Hamano has released version 2.16.0 of this distributed revision control system.

    • Announcing The Node.js Application Showcase

      The stats around Node.js are pretty staggering. There were 25 million downloads of Node.js in 2017, with over one million of them happening on a single day. And these stats are just the users. On the community side, the numbers are equally exceptional.

      What explains this immense popularity? What we hear over and over is that, because Node.js is JavaScript, anyone who knows JS can apply that knowledge to build powerful apps — every kind of app. Node.js empowers everyone from hobbyists to the largest enterprise teams to bring their dreams to life faster than ever before.

    • Google AutoML Cloud: Now Build Machine Learning Models Without Coding Experience

      Google has been offering pre-trained neural networks for a long time. To lower the barrier of entry and make the AI available to all the developers and businesses around, Google has now introduced Cloud AutoML.

      With the help of Cloud AutoML, businesses will be able to build machine learning models with the help of a drag-and-drop interface. In other words, if your company doesn’t have expert machine-learning programmers, Google is here to fulfill your needs.

    • Re-imagining beta testing in the ever-changing world of automation

      Fundamentally, beta testing is a test of a product performed by real users in the real environment. There are a number of names for this type of testing—user acceptance testing (UAT), customer acceptance testing (CAT), customer validation and field testing (common in Europe)—but the basic components are more or less the same. All involve user testing of the front-end user interface (UI) and the user experience (UX) to find and resolve potential issues. Testing happens across iterations in the software development lifecycle (SDLC), from when an idea transforms into a design, across the development phases, to after unit and integration testing.

    • IBM code grandmaster: what Java does next

      Reports of Java’s death have been greatly exaggerated — said, well, pretty much every Java engineer that there is.

      The Java language and platform may have been (in some people’s view) somewhat unceremoniously shunted into a side ally by the self-proclaimed aggressive corporate acquisition strategists (their words, not ours) at Oracle… but Java still enjoys widespread adoption and, in some strains, growing use and development.

  • Standards/Consortia

    • Announcing WebBook Level 1, a new Web-based format for electronic books

      Eons ago, at a time BlueGriffon was only a Wysiwyg editor for the Web, my friend Mohamed Zergaoui asked why I was not turning BlueGriffon into an EPUB editor… I had been observing the electronic book market since the early days of Cytale and its Cybook but I was not involved into it on a daily basis. That seemed not only an excellent idea, but also a fairly workable one. EPUB is based on flavors of HTML so I would not have to reinvent the wheel.

      I started diving into the EPUB specs the very same day, EPUB 2.0.1 (released in 2009) at that time. I immediately discovered a technology that was not far away from the Web but that was also clearly not the Web. In particular, I immediately saw that two crucial features were missing: it was impossible to aggregate a set of Web pages into a EPUB book through a trivial zip, and it was impossible to unzip a EPUB book and make it trivially readable inside a Web browser even with graceful degradation.

      When the IDPF started working on EPUB 3.0 (with its 3.0.1 revision) and 3.1, I said this was coming too fast, and that the lack of Test Suites with interoperable implementations as we often have in W3C exit criteria was a critical issue. More importantly, the market was, in my opinion, not ready to absorb so quickly two major and one minor revisions of EPUB given the huge cost on both publishing chains and existing ebook bases. I also thought – and said – the EPUB 3.x specifications were suffering from clear technical issues, including the two missing features quoted above.

Leftovers

  • Some thoughts on security after ten years of qmail 1.0

    Bernstein offers three answers to these questions, and also warns of three distractions: things that we believe are making things better, but may actually be making things worse. It seems a good time to revisit them. Let’s get the distractions out of the way first.

  • Science

    • Crowds within crowd found to outperform ‘wisdom of the crowd’

      A team of researchers affiliated with institutions in Argentina, the U.S. and Germany has found that there is a way to improve on the “wisdom of the crowd”—separate the people in a given crowd into smaller groups and let them talk about an issue at hand before an answer is given. In their paper published in the journal Nature Human Behavior, the group describes an experiment they carried out with a large crowd of volunteers, and what they learned from it.

      Most people have heard of the “wisdom of the crowd,” in which individuals in a crowd are privately asked to give an answer to a question, such as how many jelly beans are in a jar. When averaged together, the answer given by the crowd will generally be better than for any given individual. Now, it appears there may be a way to improve the accuracy of a crowd.

    • The Physics of the 69-Degree Intersection That Kills Cyclists

      In short, the problem comes about because of the angle of the intersection (it’s not perpendicular) and the angle of the blind spot in the car from its front pillar.

    • A material that superconducts continuously up to extreme pressures

      Researchers have discovered a metal alloy that can conduct electricity with zero resistance, or superconduct, from ambient pressure up to pressures similar to those that exist near the center of the Earth. The material, which is likely the first to show this kind of robust superconductivity, is described in a paper in the December 12, 2017, edition of the Proceedings of the National Academy of Sciences.

      The material is a member of a new family of metal alloys known as high-entropy alloys (HEAs), which are composed of random atomic-scale mixtures of elements from the block of “transition metals” on the periodic table. HEAs are interesting in multiple ways, including structurally. They have simple crystal structures, but the metals are arranged randomly on the lattice points, giving each alloy the properties of a both a glass and a crystalline material.

    • Study: Pulsating dissolution found in crystals

      When German researchers examined time-lapse images of dissolving crystals at the nanoscale, they found a surprise: Dissolution happened in pulses, marked by waves that spread just like ripples on a pond.

      “What we see are waves or rings,” said lead investigator Cornelius Fischer, who conducted this research at the University of Bremen in the group of Prof. Andreas Lüttge. “We have a pit in the middle, and then around these pits are rings of mass removal.” The research has been published in the Proceedings of the National Academy of Sciences. Fischer and Lüttge specialize in studying minerals-fluid interactions, and have collaborated for more than 15 years in the US and Germany.

  • Health/Nutrition

    • Turning Soybeans Into Diesel Fuel Is Costing Us Billions

      This year, trucks and other heavy-duty motors in America will burn some 3 billion gallons of diesel fuel that was made from soybean oil. They’re doing it, though, not because it’s cheaper or better, but because they’re required to, by law.

      The law is the Renewable Fuel Standard, or RFS. For some, especially Midwestern farmers, it’s the key to creating clean energy from American soil and sun. For others — like many economists — it’s a wasteful misuse of resources.

    • MEAT AND THE H-WORD

      I am going to beg you. I am going to desperately plead with you. Let me say the word, and let me say why I’m saying the word, and then let’s have a discussion about it. I know that for some people, even to suggest that the word might apply to this case is tantamount to denialism. Just to have the conversation is to dishonor the victims. I realize, too, that I don’t strictly need this word, of all words, in order to discuss the subject. I have been advised that it is counterproductive: feelings about the word are so fraught that the offense caused will outweigh any good I could possibly do, and will cause me to be far less persuasive than I otherwise would be. And isn’t this about persuasion, ultimately? But I can’t help it: every time I examine the facts, I can’t stop thinking the word. If I’m being honest with you, and I want to be, I need to be able to tell you the question that I’m stuck on, and the question contains the word.

      The word is “holocaust” and the question is this: “Given the amount of suffering and death that it entails, why is it improper to describe the mass slaughter of animals for human consumption as a holocaust?”

      I appreciate why people react badly to any description of the loss of non-human life as a holocaust. One of the most disturbing features of the capital-H Holocaust was the dehumanization process. David Livingstone Smith, in Less Than Human, describes how a common prerequisite to atrocities is reconfiguring perceptions of a group, to make them seem not just metaphorically but literally “subhuman.” We all know that the Nazis described the Jews as rats and the Hutus describe the Tutsis as cockroaches. “Comparing people to animals” is such a common feature of organized brutality that any argument to draw parallels between animal-victims and people-victims can be seen as partly replicating the very thought process that led to the actual Holocaust.

    • Global Summit On IP And Access Discusses Impact Of TRIPS-Plus Measures On Public Health

      A network of civil society organisations chose the birthplace of the World Trade Organization, Marrakesh, to hold a global summit on intellectual property and access to medicines this week. Part of the summit focused on stringent IP measures in free trade agreements in particular with the European Union, introducing patent term extension and data exclusivity periods.

    • Dangerous Deliveries

      Across the United States, maternal mortality — when a mother dies from pregnancy-related complications while pregnant or within 42 days of giving birth — jumped by 27 percent between 2000 and 2014, according to a 2016 study published in the medical journal Obstetrics and Gynecology.

    • Supermarkets under pressure to reveal amount of plastic they create

      Supermarkets are coming under growing pressure from politicians and campaigners to reveal the amount of plastic they create, and pay more towards its safe disposal, following a Guardian investigation.

      Amid mounting concern about the devastating environmental impact of plastic pollution around the globe, the Guardian revealed on Wednesday that the UK’s leading supermarkets create almost 1m tonnes of plastic packaging waste every year.

      However, the system is shrouded in secrecy. When the Guardian asked leading retailers to reveal the exact amount of waste they are responsible for, Tesco, Sainsbury’s, Morrisons, Waitrose, Asda and Lidl all refused, saying the information was “commercially sensitive”.

  • Security

    • Security updates for Wednesday
    • Latvia’s e-health system hit by cyberattack from abroad

      Latvia said its new e-health system was on Tuesday hit by a large-scale cyberattack that saw thousands of requests for medical prescriptions pour in per second from more than 20 countries in Africa, the Caribbean and the European Union.

      No data was compromised, according to health officials, who immediately took down the site, which was launched earlier this month to streamline the writing of prescriptions in the Baltic state.

      “It is clear that it was a planned attack, a widespread attack—we might say a specialised one—as it emanated from computers located in various different countries, both inside the European Union and outside Europe,” state secretary Aivars Lapins told reporters.

      “We received thousands of requests in a very short space of time. That’s not the normal way the system works,” he said, adding that an investigation is under way.

    • Linux Lite Developer Creates Automated Spectre/Meltdown Checker for Linux OSes

      The developer of the Ubuntu-based Linux Lite distribution has created a script that makes it easier for Linux users to check if their systems are vulnerable to the Meltdown and Spectre security flaws.

      As we reported last week, developer Stéphane Lesimple created an excellent script that would check if your Linux distribution’s kernel is patched against the Meltdown and Spectre security vulnerabilities that have been publicly disclosed earlier this month and put billions of devices at risk of attacks.

    • Purism Releases Meltdown and Spectre Patches for Its Librem Linux Laptops

      Purism, the computer technology company behind the privacy-focused, Linux-based Librem laptops and the upcoming smartphone, released patches for the Meltdown and Spectre security vulnerabilities.

      The company was one of the first Linux OEMs and OS vendor to announce that it’s working on addressing both the Meltdown and Spectre security exploits on his Linux laptops. Meltdown and Spectre have been unearthed in early January and they are two severe hardware bugs that put billions of devices at risk of attacks.

    • Facebook Awards Security Researchers $880,000 in 2017 Bug Bounties

      Facebook is hardly a small organization, with large teams of engineers and security professionals on staff. Yet even Facebook has found that it can profit from expertise outside of the company, which is why the social networking giant has continued to benefit from its bug bounty program.

      In 2017, Facebook paid out $880,000 to security researchers as part of its bug bounty program. The average reward payout in 2017 was $1,900, up from $1,675 in 2016.

    • Multicloud Deployments Create Security Challenges, F5 Report Finds
    • Will U.S. Corporations Ever Take Cybersecurity Seriously?

      It’s another month, and another major IT-related security problem has been uncovered. The latest, the security flaws discovered in Intel, AMD, and AMR chips that can allow the bypassing of operating system security protections are a bit different than most vulnerabilities. They are hardware rather than software-based, and their impacts are exceptionally widespread, impacting nearly every Intel processor made since the mid-1990s. Billions of chips in total could be affected.

    • Spectre Mitigation Updates Available for Testing in Ubuntu Proposed
    • What is Mirai Okiru? New botnet found targeting billions of ARC-based IoT devices worldwide

      ARC-embedded processors are found in a wide range of internet-connected devices including cars, mobiles, TVs and cameras and are reportedly shipped in more than a billion products every year.

    • Hospital pays $55,000 in bitcoin to hackers [sic] after ‘SamSam’ ransomware locks systems [iophk: "hospital + Microsoft financing more crime"]

      Last Thursday (11 January), staff at Hancock Regional Hospital, Indiana, found their computers had been infected with malware, which was demanding bitcoin to regain access. As reported, the hack [sic] impacted emails and health records, but no patient data is believed stolen.

  • Defence/Aggression

    • Assange recalls fake reporting on Turkish defeated coup

      WikiLeaks founder Julian Assange on Thursday pointed out the fake news regarding defeated coup in Turkey was not mentioned in U.S. President Donald Trump’s self-proclaimed “Fake News Awards”.

      “The most serious case of recent fake news is not on Trump’s #FakeNewsAwards list. NBC substantially assisted the military coup in Turkey which killed hundreds,” Assange wrote on his official Twitter account.

      Fetullah Terrorist Organization (FETO) and its U.S.-based leader Fetullah Gulen orchestrated the defeated coup on July 15, 2016, which left 250 people martyred and nearly 2,200 others injured.

  • Transparency/Investigative Reporting

  • Environment/Energy/Wildlife/Nature

    • Fracking Lobbyists Plan to Spend Big at Trump Hotel

      FRACKING FIRMS HAVE had much to celebrate over the last year, as the Trump administration and Republicans in Congress have moved swiftly to approve pipeline projects, roll back environmental regulations, and expand drilling access on public lands.

      It may come as no surprise, then, that the fracking lobby is the latest industry to return the favor by spending thousands of dollars at a Trump family property.

      The Independent Petroleum Association of America will hold its 2018 “Congressional Call-Up” lobbying event at the Trump International Hotel in Washington, D.C. from March 5 to 7. The agenda, which is publicly available, includes a meeting with officials in Congress and the Environmental Protection Agency, as well as meetings for conference attendees that will take place at the hotel.

    • Europe will hike climate finance spending, insists Cañete

      The EU’s climate chief Miguel Arias Cañete has vowed to increase the bloc’s funding for climate change adaption, pledging that 20% of the EU’s foreign spending would be allocated to climate-related projects.

      Speaking at the European Economic and Social Committee (EESC) on Wednesday (17 January), Cañete, the EU’s Commissioner for Climate Action, insisted that EU-provided climate finance to developing countries would increase in 2018.

      However, he warned that public money could not form the main contribution to the $100 billion annual target which wealthy countries have promised to invest in renewable energy and climate change mitigation projects in developing countries.

  • Finance

    • Apple to pay $38 billion in US taxes on overseas cash

      Apple didn’t have a choice about this. Under the new tax bill, all overseas cash is subject to a one-time 15.5 percent tax whether Apple leaves it overseas or moves it to the United States.

    • Apple to repatriate overseas cash stash, invest heavily in US

      Apple will pay taxes of about US$38 billion in order to repatriate the US$246 billion in cash it holds overseas, the company said in a statement on Wednesday.

    • Homeland Security’s Over Obsession With Counterfeits Now Harming Innocent Buyers Of Counterfeit Goods Online

      For many years we’ve talked about the kind of derangement that happens among many — especially among those working for Homeland Security’s Customs and ICE divisions — considering the supposed “dangers” of counterfeit goods. Over and over again we’ve pointed to studies that have shown that the “harm” of counterfeits is massively overblown. And these are not just random studies picked out of a hat. Both the Government Accountability Office (GAO) and the OECD have put out studies on this. When you look at the details, you quickly learn that while there are a few cases of people tricked by counterfeit goods — and a vanishingly small number of cases where people are put at risk due to counterfeits — in many, many cases, no one is actually losing out due to counterfeits. They are frequently an aspirational buy. That is, the buyer knows they’re buying a counterfeit good, but are doing so because they so appreciate the real version, but can’t afford it. And studies show that buyers of counterfeits quite frequently buy the real deal later when they’re able to afford it. Thus, counterfeits often act as marketing for the original.

      But, for whatever reason, Homeland Security likes to play up the “threats” of counterfeits and makes lots of noise about how many counterfeit things it seizes at the border every year (or… not at the border — such as the time it raided a lingerie store to get “counterfeit” panties advertising sports teams). And sure, Homeland Security really really wants you to believe it’s protecting the public with this kind of thing.

    • 5 key reasons bitcoin, other cryptocurrencies have lost a stunning $370 billion in 10 days

      The No. 1 digital currency and its cohort continued to unravel Wednesday, extending a downturn that has seen the entire sector cough up a whopping $370 billion since Jan. 7, or more than 40% of their total value.

  • AstroTurf/Lobbying/Politics

    • The Art of State Trolling – a Growing Market

      Last week, while I was doing a number of talks for Funzing.com in London, I was invited into RT to discuss a new report about the US military advertising for programmers who could develop software that targeted Iranian, Chinese and Russian audiences via social media.

      The timing proved interesting. Only days before, it was revealed by @musalbas at the CCC and then via Wikileaks that the UK government listening post, GCHQ, had apparently been doing the same thing since 2009.

    • Porn Star Stormy Daniels to In Touch: Trump Said I Was “Just Like His Daughter”

      Although Donald Trump is alleged to have paid porn star Stormy Daniels $130,000 in 2016 to keep quiet about a reported affair that took place 10 years previously, In Touch Weekly has published an interview with Daniels from 2011, before the signing of any NDA, in which she spills intimate details of meeting the then-Apprentice host at a celebrity golf event in Lake Tahoe.

      A frequent theme throughout the interview concerns Trump being taken aback by how smart and business savvy Daniels was, with Trump going so far as to tell Daniels that he wanted to put her on The Apprentice. One of Daniels’s quotes on the subject which In Touch published in the print edition of the story but not online, is particularly striking.

    • “It’s Even Worse Than You Think”: David Cay Johnston on Trump’s First Year in Office

      Uninformed. That was the word White House Chief of Staff John Kelly used to describe his boss, President Trump, on Thursday. According to The Washington Post, Kelly told members of the Congressional Hispanic Caucus that some of Trump’s hardline immigration policies—including his call to build a wall along the entire southern border— were “uninformed.” Kelly said, “Certain things are said during the campaign that are uninformed.” Well, today we spend the hour looking at Trump’s first year in office with David Cay Johnston, a journalist who has been covering Donald Trump since 1988. He is out this week with a new book titled “It’s Even Worse Than You Think: What the Trump Administration Is Doing to America.”

  • Censorship/Free Speech

    • YouTube to manually review popular videos before placing ads

      Previously, creators could join YPP if they had more than 10,000 views over the lifetime of their activity on the site. Now, however, they will need 1,000 subscribers to their channel, and a total of 4,000 hours of video viewed over the previous 12 months.

    • Quack Doctor Treating Cancer With Baking Soda Sues Skeptic For Questioning Her Cancer Treatment Methods

      Very little attracts legal threats faster than someone calling a quack a quack. If it energizes tap water like a duck and promotes off-label use of dangerous drugs like a duck, it’s probably a duck. The legal history of “alternative” medical practices is littered with cease-and-desist orders and failed lawsuits. The legal present is just as cluttered.

      Blogger/skeptic Britt Hermes could have gone down the road to quack infamy. She was on the “naturopathic” career path when she came to the realization the whole things was horseshit. Rather than exploit the horseshit to make sick people sicker, Hermes decided to let the world know just how much horseshit her former colleagues were peddling.

    • Psychiatrist Drops His Lawsuit Against Critic Who Left Wordless One-Star Review

      It looks like the psychiatrist who sued a pseudonymous reviewer over a wordless one-star review has finally decided to stop digging this particular hole. Since news broke of psychiatrist Mark Beale’s defamation suit against “Richard Hill,” Beale has amassed a great many one-star reviews by non-patients. There’s no telling if Beale will be seeking to file an en masse lawsuit against these Does (taking a page out of copyright trolls’ handbooks), but this cannot possibly be what he envisioned when he decided the original one-star review was worth suing over.

      Unbelievably, Beale managed to convince a judge to allow him to seek the real identity of “Richard Hill” in order to continue with his lawsuit. Not only did the judge give enough credence to Beale’s argument that a one-star review was per se defamatory, but the judge granted the unmasking order, calling a review of business “commercial speech” — something given less protection under the First Amendment.

    • David North, Chris Hedges and WSWS.Org on Organizing Against Internet Censorship

      On January 16, 2018, the World Socialist Web Site hosted a discussion on Internet censorship, featuring Pulitzer Prize-winning journalist Chris Hedges and WSWS International Editorial Board Chairperson David North, moderated by WSWS reporter Andre Damon.

      The webinar explored the political context of the efforts to censor the Internet and abolish net neutrality, examined the pretexts used to justify the suppression of free speech (i.e., “fake news”), and discussed political strategies to defend democratic rights. Hedges and North also fielded questions from on-line listeners.

    • Terry Glavin: As China pushes censorship on B.C. students, democracy falls back

      It’s a story about the way the Beijing regime bullies people far beyond its borders, with a few amusing twists and several disgusting instances of corporate cowardice, but it begins innocently enough, with a 28-year-old student at the University of British Columbia and a post he put up on Twitter last Wednesday.

      Shawn Zhang, a Peking University alumnus who came to Canada on a student visa two years ago to study law, posted an image of the Tibetan flag below a tongue-in-cheek announcement on the Twitter account of Friends of Tibet, a solidarity group based in India that keeps an eye on China’s brutal occupation of the exiled Dalai Lama’s Himalayan homeland.

    • Philippines: Journalists Decry Gov’t Crackdown Against News Outlet Rappler

      In the Philippines, journalists and press freedom advocates are condemning Duterte’s government for trying to shut down the highly popular independent news outlet Rappler. On Monday, the Securities and Exchange Commission revoked Rappler’s license to operate on the charges that the website is foreign-owned, even though the website is owned by Filipinos. This morning, the Philippines Justice Department authorized the opening of a criminal investigation into the website. Rappler and press freedom advocates say the website is being targeted for its critical reporting on Rodrigo Duterte’s administration and his devastating so-called drug war.

    • Student journalists speak up for Missouri bill that would shield them from censorship

      Opioids, race and politics are some of the topics Kirkwood High School senior Camille Baker has led coverage of as her school newspaper’s editor in chief.

      She’s lucky enough to have the support of her school’s leaders. But she realizes her peers across the state may not have the same freedom.

      On Wednesday, she testified before a Missouri House committee in support of a bill that would prohibit a school’s administration from censoring student journalists.

    • To Combat High-Profile Abuse of Its Platform, YouTube Punishes Small Timers
    • Lebanon allows Spielberg film ‘The Post’ after censorship threat
    • Conservatives invited to pressure Twitter over censorship
    • Assange Keeps Warning Of AI Censorship, And It’s Time We Started Listening

      Throughout the near entirety of human history, a population’s understanding of what’s going on in the world has been controlled by those in power. The men in charge controlled what the people were told about rival populations, the history of their tribe and its leadership, etc. When the written word was invented, men in charge dictated what books were permitted to be written and circulated, what ideas were allowed, what narratives the public would be granted access to.

      This continued straight on into modern times. Where power is not overtly totalitarian, wealthy elites have bought up all media, first in print, then radio, then television, and used it to advance narratives that are favorable to their interests. Not until humanity gained widespread access to the internet has our species had the ability to freely and easily share ideas and information on a large scale without regulation by the iron-fisted grip of power. This newfound ability arguably had a direct impact on the election for the most powerful elected office in the most powerful government in the world in 2016, as a leak publishing outlet combined with alternative and social media enabled ordinary Americans to tell one another their own stories about what they thought was going on in their country.

    • Libraries sue Elbert County Commissioner over censorship fears

      Libraries in Elbert County are suing county commissioners who want to take a stronger role in determining who is appointed to lead boards and commissions.

      Next reported last month that the three new Republican commissioners voted to approve a policy that states appointments to boards or committees are to be “generally reflective of the overall citizenry of the county.”

      Now, Pines and Plains Libraries, which are part of the Elbert County Library District, are suing the board of county commissioners. The libraries want an injunction to stop the commissioners from interfering with its board of trustees.

  • Privacy/Surveillance

    • EU GDPR and personal data in web server logs

      Web server logs contains information classified as personal data by default under the European Union’s General Data Protection Regulation (GDPR). The new privacy regulation comes in effect in May 2018, and just about everyone needs to take action now to become compliant.

      Disclaimer: I’m not a lawyer and I’m not providing you legal advise. Contact your legal council for help interpreting and implementing the GDPR. This article is provided for entertainment purposes, and amounts to nothing but my interpretation of the GDPR.

      The General Data Protection Regulation shifts the default operating mode for personal data collection from collect and store as much information about everyone as possible for all eternity to don’t collect any information about anyone unless there is documented and informed consent for the collection; and don’t use that information for anything but the specific purposes consent were given for. The GDPR turns big-data collection of personal data on the web from an asset to a liability with fines as high as 20 000 000 Euro or 4 % of global revenue (whichever is greater).

      I’ve limited the scope of this article to discuss and focus on some of the technical requirements surrounding personal data collected by default in the logs generated by popular web server software. I’ll not go through the entire GDPR and all the requirements, but focus on some actionable points.

    • Sweatcoin lets you earn crypto for working out

      Want a way to workout and earn some coin? Sweatcoin has risen to the top of the App Store for helping folks get something more than just a glow for taking those daily steps.

      The startup says it has accumulated more than 5 million users in the past year and increased revenue by 266 percent in the last quarter. There are more than 2 million weekly active users on the app, and growing, making it one of the fastest-growing fitness apps in the App Store and second to the top in the free apps, next only to the Google Arts & Culture app that blew up over the weekend.

      It works like this: users sign up and then hook up their smartphone’s health and fitness data and GPS location to the app. The app then tracks how many steps you take in a day and rewards you a monetary “sweat” value according to your movements. For every 1,000 steps recorded, the app will pay out .95 in “sweatcoins.” Users can later trade these coins in for fitness gear, workout classes, gift cards and a number of other offerings.

    • Using AI To Identify Car Models In 50 Million Google Street Views Reveals A Wide Range Of Demographic Information

      Google Street View is a great resource for taking a look at distant locations before travelling, or for visualizing a nearby address before driving there. But Street View images are much more than vivid versions of otherwise flat maps: they are slices of modern life, conveniently sorted by geolocation. That means they can provide all kinds of insights into how society operates, and what the differences are geographically. The tricky part is extracting that information. An article in the New York Times reports on how researchers at Stanford University have applied artificial intelligence (AI) techniques to 50 million Google Street View images taken in 200 US cities. Since analyzing images of people directly is hard and fraught with privacy concerns, the researchers concentrated on a proxy: cars.

    • US Telcos Threatened With Loss Of Government Contracts If They Do Business With Huawei

      Last week we noted how AT&T was forced to scrap a partnership with Huawei to sell the company’s smartphones here in the States, just hours before it was set to be announced at CES. The reason? Apparently a few members of the Senate and House Intelligence Committees fired off a letter to the FCC demanding that they pressure US telcos into avoiding Huawei. The letter, which nobody has published, allegedly accuses the company of being little more than an intelligence proxy for the Chinese government.

      There are several problems with this. While it’s certainly possible that Huawei helps the Chinese government spy, there’s been no hard evidence of this. In fact, numerous investigations (including one eighteen months long) found no evidence of any spying whatsoever. What inquiries did find is that these allegations pretty consistently originate with U.S. hardware vendors like Cisco, who routinely enjoy playing up the threat simply because they don’t want to compete with Chinese hardware vendors. You know, the very same thing we routinely (often quite accurately) complain about China doing.

    • Privacy expectations and the connected home

      Traditionally, devices that were tied to logins tended to indicate that in some way – turn on someone’s xbox and it’ll show you their account name, run Netflix and it’ll ask which profile you want to use. The increasing prevalence of smart devices in the home changes that, in ways that may not be immediately obvious to the majority of people. You can configure a Philips Hue with wall-mounted dimmers, meaning that someone unfamiliar with the system may not recognise that it’s a smart lighting system at all. Without any actively malicious intent, you end up with a situation where the account holder is able to infer whether someone is home without that person necessarily having any idea that that’s possible. A visitor who uses an Amazon Echo is not necessarily going to know that it’s tied to somebody’s Amazon account, and even if they do they may not know that the log (and recorded audio!) of all interactions is available to the account holder. And someone grabbing an egg out of your fridge is almost certainly not going to think that your smart egg tray will trigger an immediate notification on the account owner’s phone that they need to buy new eggs.

      Things get even more complicated when there’s multiple account support. Google Home supports multiple users on a single device, using voice recognition to determine which queries should be associated with which account. But the account that was used to initially configure the device remains as the fallback, with unrecognised voices ended up being logged to it. If a voice is misidentified, the query may end up being logged to an unexpected account.

  • Civil Rights/Policing

    • DHS’ Threat to Prosecute Officials of Sanctuary Cities Is Unconstitutional

      In testimony before Congress yesterday, Secretary of Homeland Security Kirstjen Nielsen confirmed that her agency is seeking the prosecution of state and local officials in jurisdictions that limit their entanglement with federal immigration enforcement.

      Even in the context of the Trump administration’s frequent disregard for the Constitution, Nielsen’s threat to prosecute mayors, legislators, and police chiefs over policy disagreements is shocking. There is no basis in federal law to prosecute government officials who decide, with and on behalf of their constituents, that their communities are better served by opting out of participation in the federal deportation system. And that kind of prosecution would be an assault on the principles at the core of our constitutional system.

    • Judging WaPo’s MLK Quotes by the Content of Their 280 Characters

      It’s a predictable approach—removing MLK’s critiques of capitalism and US imperialism—from a reliable protector of capitalism (1/30/16, 11/1/16, 10/3/17) and US imperial aggression (2/6/03, 5/25/17, 6/26/17, 12/4/17), but rarely is sanitizing MLK done in such a haphazard and patronizing fashion. Not only is all blood taken from his words, but the quotes highlighted seem handpicked precisely to ameliorate the guilt of the Post’s more conservative white readers in the hackiest manner possible; a shoddy whitewash by a paper supposedly representing a majority African-American city.

    • Innocent But Still Guilty

      After Fred Steese spent two decades in a Nevada prison for murder, evidence indicating that he was innocent was found buried in the prosecution’s files. It was proof that Steese, as he’d always claimed, had been hundreds of miles away on the likely day of the murder and couldn’t have been the killer.

      In Maryland two years earlier, the conviction of James Thompson, who had also served 20 years for murder and rape and whose case involved police and prosecutorial misconduct, was thrown into overwhelming doubt when his DNA didn’t match the semen found in the victim.

    • Sheriff’s Officers Working Black Section of Jacksonville to Get Bias Training

      The training will be conducted by Bethune-Cookman University, a historically black university in Daytona Beach. It will be concentrated on officers and residents of the Sheriff Office’s Zone 5, which makes up Northwest Jacksonville. That patrol zone has among the highest concentrations of black residents in the city. Research released by the University of North Florida last year showed that the patrol zone has the lowest level of trust in law enforcement.

      Trainings for officers will focus on improving negative perceptions and attitudes that exist between the community and police. The university’s work with local residents will center on the community’s role in neighborhood safety and how citizens can improve relationships with police. The training will involve 135 Sheriff’s Office personnel and 120 community members and 52 total hours of training. It will cost about $23,500.

    • China: Democracy Activist Sentenced to Prison for 2014 Hong Kong Protests

      In more news on China, pro-democracy activist Joshua Wong has been sentenced to three months in prison for his role in organizing the 2014 “Umbrella Movement” protests in Hong Kong. This is Joshua Wong, speaking before his sentencing Wednesday.

    • Mechanical Turkers may have out-predicted the most popular crime-predicting algorithm

      The most surprising results came when researchers compared COMPAS to other kinds of prediction. Farid and Dressel recruited 462 random workers through Amazon’s Mechanical Turk platform, and asked the Turkers to “read a few sentences about an actual person and predict if they will commit a crime in the future.” They were paid one dollar for completing the task, with a five dollar bonus if their accuracy was over 65 percent. Surprisingly, the median Turker ended up two points better than COMPAS, clocking in at 67 percent accuracy.

    • Study shows software used to predict repeat offenders is no better at it than untrained humans

      “Claims that secretive and seemingly sophisticated data tools are more accurate and fair than humans are simply not supported by our research findings,” said Dressel. “The use of such software may be doing nothing to help people who could be denied a second chance by black-box algorithms.”

    • Crime-Predicting Algorithms May Not Fare Much Better Than Untrained Humans

      “There was essentially no difference between people responding to an online survey for a buck and this commercial software being used in the courts,” says Farid, who teaches computer science at Dartmouth. “If this software is only as accurate as untrained people responding to an online survey, I think the courts should consider that when trying to decide how much weight to put on them in making decisions.”

    • Algorithms that change lives should be trialled like new drugs

      Who should we listen to when deciding whether a criminal will reoffend: a sophisticated algorithm, or random people on the internet? Trick question – it turns out they both produce the same results, according to a new analysis that demonstrates the danger of handing over control of our lives to the machines.

    • Court Software No Better Than Mechanical Turks at Predicting Repeat Crime

      Software now widely used by courts to predict which criminals are likely to commit future crimes might be no more accurate than regular people with presumably little to no criminal justice expertise, a new study finds.

      Predictive algorithms now regularly make recommendations regarding music, ads, health care, stock trades, auto insurance, and bank loans, among other things. In the criminal justice system, such algorithms have been used to predict where crimes will likely occur, who is likely to commit violent crimes, who is likely to fail to appear at their court hearings, and who is likely to repeat criminal behavior in the future.

    • Trump’s Roundup of Immigrant Leaders Has Begun

      On Martin Luther King Jr.’s birthday, President Donald J. Trump visited his Trump International Golf Club in West Palm Beach, Florida, reportedly his 91st trip to a golf club since taking office. Meanwhile, in New York City, hundreds rallied in Judson Memorial Church, demanding freedom for Jean Montrevil and Ravi Ragbir, two men who had just been detained by ICE (U.S. Immigration and Customs Enforcement). Both men have been in the U.S. for almost 60 years between them, and both are prominent immigrant-rights organizers. They aren’t the only ones who’ve been targeted by ICE lately, either, suggesting a concerted effort by the Trump administration to round up leaders in the immigrant community.

      Jean Montrevil, originally from Haiti, has been in the U.S. for over 30 years. Haiti is the poorest country in the Western Hemisphere and is still recovering from the devastating 2010 earthquake that killed hundreds of thousands of people. It also is one of those countries that Trump reportedly singled out in a racist screed last Thursday, calling Haiti, El Salvador and countries in Africa “shitholes.” The comment was made at the White House, where Trump and senators were discussing a possible legislative deal on immigration. “Why are we having all these people from shithole countries come here,” Trump reportedly asked, adding, “Why do we need more Haitians? Take them out.” He went on to say that we need more immigrants from places like Norway, one of the whitest countries on the planet.

  • Internet Policy/Net Neutrality

    • 22 US states are suing the FCC over net neutrality

      The suit has been filed in the US Court of Appeals, District of Columbia. Joining them, are California, Connecticut, Delaware, Hawaii, Illinois, Iowa, Kentucky, Maine, Maryland, Massachusetts, Minnesota, Mississippi, New Mexico, North Carolina, Oregon, Pennsylvania, Rhode Island, Vermont, Virginia and Washington.

    • 22 State Attorneys General File Suit Against The FCC For Its Net Neutrality Repeal

      The legal fight over the FCC’s historically unpopular decision to kill net neutrality has begun. An announcement by New York Attorney General Eric Schneiderman’s office indicates that 22 State Attorneys General have filed suit against the FCC. The AGs says the multi-state coalition has filed a petition for review in the U.S. Court of Appeals for the D.C. Circuit, the first of what’s expected to be numerous lawsuits in the weeks and months to come.

      The announcement makes it clear the suit intends to focus on the FCC’s potential violation of the Administrative Procedure Act. Under the Act the FCC will need to prove that the broadband market changed so substantially since the passage of the original rules in 2015 to warrant such a stark reversal (tip: it didn’t). Under the Act, a decision can be declared “arbitrary and capricious” (Ajit Pai’s agenda is undeniably both) if the regulator in question can’t prove such a dramatic change, which is why you’ve watched industry lobbyists and their BFF Pai routinely and falsely claim that the modest rules somehow devastated sector investment.

    • Senate Democrats Push for a Net Neutrality Vote. Do They Have a Chance?

      Senate Democrats announced on Tuesday that they were one supporter away from winning a vote to restore the so-called net neutrality rules that the Federal Communications Commission rolled back in December.

      But even if Democrats win that vote, Democrats have a long ways to go before they are able to reinstate rules that prevent internet service providers from creating fast and slow lanes for online users. Here is a look at their difficult road ahead, and some of the motivations:

    • Apple Is Blocking an App That Detects Net Neutrality Violations From the App Store

      The most pervasive feeling about the Federal Communication Commission’s net neutrality repeal is one of hopelessness. If we all need to use the internet, big telecom companies control our access to the internet, and there’s no choice about what company to use, how are we supposed to stop these companies from messing with our connections?

      The FCC has suggested that consumer outrage will prevent companies from violating net neutrality, but it if you’re not a network engineer, it can be hard to know if net neutrality is being violated at all. David Coffnes, a researcher at Northeastern University, set out to change that. He created an app to detect net neutrality violations, but Apple has banned it from the App Store, preventing consumers from accessing the information they need to at least know when they’re getting screwed over.

  • DRM

    • Open-Source HDCP Support Gets Extended To More Platforms

      With the Linux 4.17 kernel (not the upcoming 4.16 cycle) there is likely to be added initial HDCP support to Intel’s Direct Rendering Manager driver. Ahead of that this High-bandwidth Digital Content Protection support continues getting improved upon.

      While Google developers working on Chrome/Chromium OS were the ones originally working on the patches and proposing this HDCP functionality be upstreamed into the mainline i915 DRM Linux driver, coming out today are patches from an Intel developer for extending the HDCP content protection coverage.

  • Intellectual Monopolies

    • Trademarks

      • The Commodores Trademark Fight Decided in Florida Court

        The exclusive right to use The Commodores’ name and trademarks belongs to a company run by founding members William King and Walter Orange, a Florida appellate court has ruled.

        Commodores Entertainment Corporation, a company run by King and Orange, in 2014 sued ex-bandmate Thomas McClary for trademark infringement after discovering that he had been performing using variations of the famous funk group’s name. (McClary left the band in 1984.)

      • A Trademark War Almost Tore Apart The Adult Baby Community

        A company that makes diapers for the adult baby/diaper lover fetish community (known as ABDL) gave up on its attempt to trademark the term “ABDL” on Thursday after message boards for the community exploded in anger last week.

        Rearz, a Canadian-based supplier of adult diapers with cutesy patterns and other adult baby accessories, like pacifiers, told BuzzFeed News, “we had no malicious or strange intentions in trying to register it, but obviously it struck a nerve with people. This is a community we love and serve, and we don’t want to make people feel less valuable.”

      • Community Backlash Leads Adult Diaper Company To Drop Its Trademark Application for ‘ABDL’

        When a company goes down a wrong or abusive road regarding trademark rights, the public has a lot of tools for remedy. Legal disputes between interested parties can often times correct a company attempting to secure trademark rights it ought not have. Invalidating a trademark that never should have been granted is another tool. But often times, the best and quickest remedies can come from the public itself in the form of a good old fashioned backlash.

        The likelihood of such a backlash is necessarily a function of the devotion of a particular fanbase. The craft beer industry has had to learn this lesson several times, with a portion of the public devoted to seeing the industry thrive also being unwilling to let stand aggressive trademark bullying that threatens that same industry. We saw another of these backlash instances cause a company to reverse course recently and I struggle to think of a more potentially devoted fanbase to an industry than those among us whose fetish is role-playing as adult babies.

    • Copyrights

      • Pirate IPTV Mastermind Owns Raided Bulgarian ISP, Sources Say

        Last week police forces across Europe raided and shut down one of the largest ‘pirate’ IPTV operations in the world. With information continuing to drip out, the true scale is now becoming clear. In Bulgaria alone, where the illicit service had its alleged base,140 servers were seized. Only adding to the intrigue are fresh claims that the owner of a local ISP was the brains behind the entire operation.

      • How Closed Trade Deals Ratchet Up the Copyright Term Worldwide

        Although copyright is a subject of international law—principally the World Intellectual Property Organization (WIPO)’s Berne Convention from 1886 and its Internet Treaties from 1996—it is still implemented and enforced primarily through national laws. Those laws differ from one country to another in significant ways. One of the most significant differences is the length of the term of copyright protection, which varies from the life of the author plus 50 years (the Berne Convention’s minimum requirement), up to life plus 100 years (in Mexico).

        Differences in the law aren’t a bug; they’re a feature. Just as a country has the right to craft specific exceptions to copyright law based on its own national circumstances (for example in India, where many foreign books are not available for sale, copyright law allows public libraries to make up to three copies of such books), so too it should be able to adopt the copyright term that makes the most sense for its citizens—which in most if not all cases will be the shortest term allowed.

        But because differences in copyright term make things more complicated for copyright holders, there are constant efforts by some copyright holders to try to homogenize the duration of copyright so that they can more easily enforce their copyrights worldwide—and of course, they would like them to be harmonized at the life-plus-70 year term, so that they can extract another 20 years of monopoly rents, over and above the Berne Convention’s standard life-plus-50 year term. Trade agreements are one way that they are trying to achieve this. Here’s how.

      • Kim Dotcom Loses Megaupload Domain Names, Gets “Destroyed” Gaming Chair Back

        The U.S. Government has won another civil forfeiture case against Megaupload and Kim Dotcom. As a result, the U.S. now owns several online bank accounts, cars, servers, as well as Megaupload’s domain names. Around the same time, the US returned two containers of seized property, as previously ordered by a Hong Kong court. These goods were not treated properly, according to an outraged Dotcom.

01.17.18

Links 17/1/2018: HHVM 3.24, WordPress 4.9.2

Posted in News Roundup at 12:21 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • The best open source video editors 2018: free to download, edit, use and share

    There are lots of superb free video editors around, but many are cut-back versions of commercial software. If you’re looking for something truly free that you can use for personal or commercial projects, open source software is the way to go. All of these video editors are developed by communities dedicated to making top quality software available to everyone.

    One of the advantages of open source software is that users are free to develop versions for different platforms. All of the open source video editors in this roundup are available for Windows, macOS and Linux.

    VLMC (VideoLAN Movie Creator) is another open source video editor to keep an eye on. It’s still under development and not yet available to download, but it’s being developed by the same team as the superb VLC Media Player, so we have high hopes.

  • How to get all the benefits of open source software

    Open source software continues its meteoric rise, as more and more large enterprises weave open source code into various areas of their operations, increasingly shunning the big-name, proprietary software vendors.

    In fact, according to open source software development company, Sonatype, represented locally by 9TH BIT Consulting, 7,000 new open source software projects kick-off around the world every week, while 70,000 new open source components are released. Accessing this massive ‘hivemind’ of software development expertise is a highly attractive prospect for CIOs and business managers in all industries.

  • What is open source?

    What is open source software and how do vendors make their money? We answer your questions

    Open source is the foundation of modern technology. Even if you don’t know what it is, chances are you’ve already used it at least once today. Open source technology helped build Android, Firefox, and even the Apache HTTP server, and without it, the internet as we know it would simply not exist.

    The central idea behind open source is a simple one: many hands make light work. In short, the more people you have working on something, the quicker and easier it is to do. As it applies to software development, this means opening projects up to the public to let people freely access, read and modify the source code.

  • Open Source Initiative Announces New Partnership With Adblock Plus

    Adblock Plus, the most popular Internet ad blocker today, joins The Open Source Initiative® (OSI) as corporate sponsors. Since its very first version, Adblock Plus has been an open source project that has developed into a successful business with over 100 million users worldwide. As such, the German company behind it, eyeo GmbH, has decided it is time to give back to the open source community.

    Founded in 1998, the OSI protects and promotes open source software, development and communities, championing software freedom in society through education, collaboration, and infrastructure. Adblock Plus is an open source project that aims to rid the Internet of annoying and intrusive online advertising. Its free web browser extensions (add-ons) put users in control by letting them block or filter which ads they want to see.

  • What if Open-Source Software Can Replace Dozens of Multi-Billion Dollar Companies? That is Exactly What Origin Protocol Wants to do Using Blockchain
  • Events

    • My trip in Cuba

      Olemis Lang is one of the founders and very active in promoting open source in Cuba. We’ve had some similar experiences in running user groups (I founded the Python french one a decade ago), and were excited about sharing our experience.

  • Web Browsers

    • Mozilla

      • Mozilla and Sundance Film Festival Present: VR the People

        On Monday January 22, Mozilla is bringing together a panel of the top VR industry insiders in the world to the Sundance Film Festival in Park City, Utah, to explain how VR storytelling is revolutionizing the film and entertainment industry.

        “We want the storyteller’s vision to exceed the capacity of existing technology, to push boundaries, because then the technologist is inspired to engineer new mechanisms that enable things initially thought impossible” says Kamal Sinclair, Director of New Frontier Lab Programs at Sundance Institute. “However, this is not about creating something that appeals to people simply because of its novel technical achievements; rather it is something that has real meaning, and where that meaning can be realized by engineering the technologies to deliver the best experience possible.”

      • Host an Open Internet Activist [Ed: Mozilla now in the pockets of the Ford Foundation, just like the ‘Guardian’]

        Today, we’re launching the Ford-Mozilla Open Web Fellowship call for host organizations. If your organization is devoted to a healthy internet for all users, we encourage you to apply.

      • WebRender newsletter #12
      • The User Journey for Firefox Extensions Discovery

        The ability to customize and extend Firefox are an essential part of Firefox’s value to users. Extensions are small tools that allow developers and users who install the extensions to modify, customize, and extend the functionality of Firefox. For example, during our workflows research in 2016, we interviewed a participant who was a graduate student in Milwaukee, Wisconsin. While she used Safari as her primary browser for common browsing, she used Firefox specifically for her academic work because of the extension Zotero was the best choice for keeping track of her academic work and citations.

        Popular categories of extensions include ad blockers, password managers, and video downloaders. Given the variety of extensions and the benefits to customization they offer, why is it that only 40% of Firefox users have installed at least one extension? Certainly, some portion of Firefox users may be aware of extensions but have no need or desire to install one. However, some users could find value in some extensions but simply may not be aware of the existence of extensions in the first place.

        Why not? How can Mozilla facilitate the extension discovery process?

        A fundamental assumption about the extension discovery process is that users will learn about extensions through the browser, through word of mouth, or through searching to solve a specific problem. We were interested in setting aside this assumption and to observe the steps participants take and the decisions they make in their journey toward possibly discovering extensions. To this end, the Firefox user research team ran two small qualitative studies to understand better how participants solved a particular problem in the browser that could be solved by installing an extension. Our study helped us understand how participants do — or do not — discover a specific category of extension.

      • Firefox Release, Xen, KDE’s Plasma and More

        Set your calendars for January 23, 2018, to download the latest Firefox 58 release packed with performance/bottleneck and bug fixes, an even better site source code debugger and more.

      • Have You Taken the Thunderbird Redesign Survey?

        Monterail and Thunderbird are now working on the same team.

        Yes, that Monterail, the Poland-based development company whose stunning Thunderbird mock-up went viral last year, before becoming a real, working Thunderbird theme.

        “We got in touch with […] the Thunderbird core team to discuss possibilities. We wanted to establish how to enhance user retention and make Thunderbird more user-friendly for potential and current users. We also learned how Thunderbird is built which helped with planning iterations,” Monterail’s Krystian Polański explains in a new blog post on the company’s website.

  • SaaS/Back End

    • MapR: How Next-Gen Applications Will Change the Way We Look at Data

      MapR is a Silicon Valley-based big data company. Its founders realized that data was going to become ever increasingly important, and existing technologies, including open source Apache Hadoop, fell short of being able to support things like real-time transactional operational applications. So they spent years building out core technologies that resulted in the MapR products, including the flagship Converged Data Platform, platform-agnostic software that’s designed for the multicloud environment. It can even run on embedded Edge devices.

    • 7 Open-Source Serverless Frameworks Providing Functions as a Service

      With virtualization, organizations began to realize greater utilization of physical hardware. That trend continued with the cloud, as organizations began to get their machines into a pay-as-you-go service. Cloud computing further evolved when Amazon Web Services (AWS) launched its Lambda service in 2014, introducing a new paradigm in cloud computing that has become commonly referred to as serverless computing. In the serverless model, organizations pay for functions as a service without the need to pay for an always-on stateful, virtual machine.

    • Bonitasoft Offers Open Source, Low-Code Platform on AWS Cloud

      Bonitasoft, a specialist in open source business process management and digital transformation software, is partnering with the Amazon Web Services Inc. (AWS) cloud to broaden the reach of its low-code development platform.

      That platform, just released in a new version called Bonita 7.6, comes in an open source version and a subscription version with professional support and advanced features.

    • Bonitasoft gets cute on AWS for low-code BPM

      There has been an undeniable popularisation of so-called ‘low-code’ programming platforms.

      This is a strain of technology designed to provide automated blocks of functionality that can be brought together by non-technical staff to perform specific compute and analysis tasks to serve their own business objectives.

  • CMS

    • New York magazine is making its CMS available open-source

      There’s a short history of publishers fancying themselves as technology companies and building a business selling their tech to other publishers. Publishers realized that building a whole new side business around licensing their tech is a headache and that they needed to focus on what they’re good at, and leave the tech to others.

      New York magazine is trying out a different approach. It built its own content management system (publishers like to give their homegrown CMSes cute names; this one is called Clay, for the magazine’s founder Clay Felker) in 2015 and then licensed the software to the online magazine Slate. Slate started using Clay a year ago and was set to fully migrate its site to Clay this week. But instead of New York charging Slate a licensing fee, Slate is paying New York in the form of code. The CMS is open-source, and developers from both titles contribute to it.

  • FSF/FSFE/GNU/SFLC

    • GCC 7.3 Preparing For Release To Ship Spectre Patches

      GNU developers are preparing to quickly ship GCC 7.3 now in order to get out the Spectre patches, a.k.a. the compiler side bits for Retpoline with -mindirect-branch=thunk and friends.

      It was just this past weekend that the back-ported patches landed in GCC 7 while now GCC 7.3 is being prepared as the branch’s next bug-fix point release.

    • Announcing LibrePlanet 2018 keynote speakers

      The keynote speakers for the tenth annual LibrePlanet conference will be anthropologist and author Gabriella Coleman, free software policy expert and community advocate Deb Nicholson, Electronic Frontier Foundation (EFF) senior staff technologist Seth Schoen, and FSF founder and president Richard Stallman.

      LibrePlanet is an annual conference for people who care about their digital freedoms, bringing together software developers, policy experts, activists, and computer users to learn skills, share accomplishments, and tackle challenges facing the free software movement. The theme of this year’s conference is Freedom. Embedded. In a society reliant on embedded systems — in cars, digital watches, traffic lights, and even within our bodies — how do we defend computer user freedom, protect ourselves against corporate and government surveillance, and move toward a freer world? LibrePlanet 2018 will explore these topics in sessions for all ages and experience levels.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • 17,000% Cost Reduction with Open Source 3D Printing: Michigan Tech Study Showcases Parametric 3D Printed Slot Die System

        We often cover the work of prolific Dr. Joshua Pearce, an Associate Professor of Materials Science & Engineering and Electrical & Computer Engineering at Michigan Technological University (Michigan Tech); he also runs the university’s Open Sustainability Technology (MOST) Research Group.

        Dr. Pearce, a major proponent for sustainability and open source technology, has previously taught an undergraduate engineering course on how to build open source 3D printers, and four of his former students, in an effort to promote environmental sustainability in 3D printing, launched a business to manufacture and sell recycled and biodegradable filaments.

      • Open Source 3D printing cuts cost from $4,000 to only $0.25 says new study

        Slot die coating is a means of adding a thin, uniform film of material to a substrate. It is a widely used method for the manufacturing of electronic devices – including flat screen televisions, printed electronics, lithium-ion batteries and sensors.

        Up until recently, slot die components were only machined from stainless steel, restricting development and making the process expensive. Now slot dies for in-lab experimental use can be made on a 3D printer at a fraction of the cost.

      • Dutch firm unveils world’s first 3-D-printed propeller

        Three-dimensional (3-D) printing technology has caught the logistics world’s attention for its potential to save on warehouse and shipping costs by producing items on demand at any location. In the past two years, for example, UPS Inc. announced plans to partner with software developer SAP SE to build a nationwide network of 3-D printers for use by its customers, and General Electric Co. spent nearly $600 million to buy a three-quarters stake in the German 3-D printing firm Concept Laser GmbH.

        Recently, transportation companies have begun turning to the same technology for another application, creating the actual hardware used in vehicles that move the freight. For instance, in late 2016, global aircraft maker Airbus S.A.S. contracted with manufacturing firm Arconic Inc. to supply 3-D printed metal parts for its commercial aircraft.

  • Programming/Development

    • HHVM 3.24

      HHVM 3.24 is released! This release contains new features, bug fixes, performance improvements, and supporting work for future improvements. Packages have been published in the usual places.

    • HHVM 3.24 Released, The Final Supporting PHP5

      The Facebook crew responsible for the HHVM project as a speedy Hack/PHP language implementation is out with its 3.24 release.

      HHVM 3.24 is important as it’s the project’s last release focusing on PHP5 compatibility. Moving forward, PHP5 compatibility will no longer be a focus and components of it will likely be dropped. As well, Facebook will be focusing on their Hack language rather than PHP7. Now that PHP7 is much faster than PHP5 and all around in a much better state, Facebook developers are focusing on their Hack language rather than just being an alternative PHP implementation.

    • How to get into DevOps

      I’ve observed a sharp uptick of developers and systems administrators interested in “getting into DevOps” within the past year or so. This pattern makes sense: In an age in which a single developer can spin up a globally distributed infrastructure for an application with a few dollars and a few API calls, the gap between development and systems administration is closer than ever. Although I’ve seen plenty of blog posts and articles about cool DevOps tools and thoughts to think about, I’ve seen fewer content on pointers and suggestions for people looking to get into this work.

    • RcppMsgPack 0.2.1

      Am update of RcppMsgPack got onto CRAN today. It contains a number of enhancements Travers had been working on, as well as one thing CRAN asked us to do in making a suggested package optional.

      MessagePack itself is an efficient binary serialization format. It lets you exchange data among multiple languages like JSON. But it is faster and smaller. Small integers are encoded into a single byte, and typical short strings require only one extra byte in addition to the strings themselves. RcppMsgPack brings both the C++ headers of MessagePack as well as clever code (in both R and C++) Travers wrote to access MsgPack-encoded objects directly from R.

    • GitHub Alternative SourceForge Vies for Comeback with Redesigned Site

      SourceForge wants to be more than just another GitHub alternative, but an additional repository for developers to utilize to help gain users.

    • This Week in Rust

      Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

Leftovers

  • YouTube shows smaller video artists the door

    YouTube will drastically cut down on the number of its partners who can make money from the platform, making it possible only for those who have 1000 subscribers and at least 4000 hours of viewing to earn anything from ads.

  • How to quit your tech: a beginner’s guide to divorcing your phone

    • Delete all social media apps from your phone; check these only from a desktop computer.

    • Turn all banner-style/pop-up/sound notifications off all other apps (keep the badge-type notifications where you have to visually check the app).

    • Leave your phone in your pocket or keep it out of sight for meetings/get-togethers/conversations/meals involving other people.

    • Keep your phone out of sight during your commute.

    • Don’t take your phone with you into the bathroom or toilet.

  • Google Memory Loss

    Why? · Ob­vi­ous­ly, in­dex­ing the whole Web is crush­ing­ly ex­pen­sive, and get­ting more so ev­ery day. Things like 10+-year-old mu­sic re­views that are nev­er up­dat­ed, no longer ac­cept com­ments, are light­ly if at all linked-to out­side their own site, and rarely if ev­er visited… well, let’s face it, Google’s not go­ing to be sell­ing many ads next to search re­sults that turn them up. So from a busi­ness point of view, it’s hard to make a case for Google in­dex­ing ev­ery­thing, no mat­ter how old and how ob­scure.

    My pain here is pure­ly per­son­al; I freely con­fess that I’d been us­ing Google’s glob­al in­fras­truc­ture as my own per­son­al search in­dex for my own per­son­al pub­li­ca­tion­s. But the pain is re­al; I fre­quent­ly mine my own his­to­ry to re-use, for ex­am­ple in con­struct­ing the cur­rent #SongOfTheDay se­ries.

  • Science

    • Science search engine links papers to grants and patents

      The marketplace for science search engines is competitive and crowded. But a database launched on 15 January aims to provide academics with new ways to analyse the scholarly literature — including the grant funding behind it.

      Dimensions not only indexes papers and their citations, but also — uniquely among scholarly databases — connects publications to their related grants, funding agencies, patents and clinical trials. The tool “should give researchers more power to look at their fields and follow the money”, says James Wilsdon, a research-policy specialist at the University of Sheffield, UK.

  • Health/Nutrition

    • Domestic worker died because she was too frightened to access healthcare over immigration fears, MPs told

      Illegal immigrants are “too frightened” to access healthcare because of a data-sharing agreement between the NHS and the Home Office to track, MPs have heard.

      One domestic worker died because she was too afraid to see a doctor out of fear that her immigration status would be shared with the Home Office, evidence presented to the Health Committee stated.

      Immigrants are being “driven underground” by the legislation, MPs heard at a session which explored the impact of a Memorandum of Understanding (MoU) published last January, setting out how patient data may be provided to the Home Office by the NHS.

    • Apple Supplier Workers Describe Noxious Hazards at China Factory

      At a Catcher Technology Co. manufacturing complex in the Chinese industrial city of Suqian, about six hours’ drive from Shanghai, workers stand for up to 10 hours a day in hot workshops slicing and blasting iPhone casings for Apple Inc., handling noxious chemicals sometimes without proper gloves or masks.

      These conditions — some described in a report Tuesday by advocacy group China Labor Watch and others in Bloomberg News interviews with Catcher workers — show the downside of a high-tech boom buoying the world’s second-largest economy. Chinese recruiters play up the chance to build advanced consumer electronics to attract the millions of typically impoverished, uneducated laborers without whom the production of iPhones and other digital gadgets would be impossible.

    • Teens are daring each other to eat Tide pods. We don’t need to tell you that’s a bad idea.

      First, it was the “gallon challenge” and the “cinnamon challenge.”

      Then some teenagers started playing the “bath-salt challenge.”

      They have dared each other to pour salt in their hands and hold ice till it burns, douse themselves in rubbing alcohol and set themselves ablaze, and throw boiling water on unsuspecting peers.

      Now videos circulating on social media are showing kids biting into brightly colored liquid laundry detergent packets. Or cooking them in frying pans, then chewing them up before spewing the soap from their mouths.

  • Security

  • Defence/Aggression

    • The Terror Attack Survivors Who Refuse To Be Silenced

      “The more of us speak out, defend our freedom and refuse to give up on our liberties, the less the danger will be … focused on certain people,” El Rhazoui told AFP on the sidelines of a conference hosted by the Danish parliament on Saturday.

  • Finance

    • BofA Tops IBM, Payments Firms With Most Blockchain Patents

      The Charlotte, North Carolina-based lender has applied for or received at least 43 patents for blockchain, the ledger technology used for verifying and recording transactions that’s at the heart of virtual currencies. It is the largest number among major banks and technology companies, according to a study by EnvisionIP, a New York-based law firm that specializes in analyses of intellectual property [sic].

    • IBM, Maersk Form New Blockchain Company for International Cargo

      Maersk, the Danish conglomerate that owns the world’s largest container shipping line, will be the first to use the new platform, while International Business Machines Corp. will provide the back end and support for the technology. The new company said it expects to sign up large shippers, ports and customs officials for the service, set to become available in the second half of 2018.

    • Heads Of State At Davos’ Door: Trump, Modi, Macron, May

      Davos will have a three-part feature, he said: a collaborative approach since nobody alone can solve the issues of the global agenda, an integrated approach, and a constructive approach. There are many opportunities and perils like never before, and faced with the danger of the collapse of the global system, “it is in our hands to improve the state of the world, that’s what the World Economic Forum stands for,” Schwab said.

    • Automation, robots and the ‘end of work’ myth

      Can you imagine travelling to work in a robotic “Jonnycab” like the one predicted in the cult Arnold Schwarzenegger movie Total Recall? The image from 1990 is based on science fiction, but Mercedes Benz does have a semi-autonomous Driver Pilot system that it aims to install in the next five years and Uber is also waging on a self-driving future. Its partnership with Volvo has been seen as a boost to its ambitions to replace a fleet of self-employed drivers with autonomous vehicles.

  • AstroTurf/Lobbying/Politics

    • Why Senator Cardin Is a Fitting Opponent for Chelsea Manning

      The top Democrat on the Senate Foreign Relations Committee, Ben Cardin [Md.], has become a big star in national media by routinely denouncing Russia as a dire threat to American democracy. The senior senator from Maryland personifies the highly dangerous opportunism that has set in among leading Democrats on the subject of Russia.

      Chelsea Manning confirmed on Sunday that she is challenging Senator Cardin’s re-election effort in the Democratic primary this June. Her campaign has real potential to raise key issues. One of them revolves around the kind of bellicose rhetoric that heightens the dangers of conflict between the world’s two nuclear superpowers.

    • The People v. Donald Trump

      In the first year of Trump’s presidency, the courts have acted exactly how the Founders intended them to.

      Legal scholars and progressives have long expressed doubt about the utility of courts in advancing social justice. They argue that courts are inherently conservative, that victories often prompt costly backlashes, and that focusing on courts diverts attention from the more important work that needs to be done in the political arena.

      The first year of the Trump administration suggests that this skepticism is overstated. Much to the president’s dismay, those he calls “so-called judges” have repeatedly ruled against the Trump administration. Judges appointed by Republicans and Democrats alike have enforced constitutional guarantees against a president who has shown little regard for the Constitution.

      In this respect, the courts have performed just as Alexander Hamilton hoped they would. In the Federalist Papers, Hamilton argued that a judiciary with life tenure and the power to declare the political branches’ actions unconstitutional was essential, so that judges could serve as “the bulwarks of a limited Constitution.” Rarely has that role been more essential.

    • Martin Luther King stood up for more than love

      Martin Luther King often spoke of the need for unconditional love. In 1955 he told Black America, “We want to love our enemies — be good to them. This is what we must live by; we must meet hate with love. We must love our white brothers no matter what they do to us.” In his remarks on the King holiday President Trump referred to love five times in three sentences.

      “[King] would later write, ‘It was quite easy for me to think of a god of love mainly because I grew up in a family where love was central.’ That is what Reverend King preached all his life. Love. Love for each other, for neighbors, and for our fellow Americans. Dr. King’s faith in his love for humanity led him and so many heroes to courageously stand up for civil rights of African-Americans,” Trump said.

      [...]

      King stood up for much more than love. And the kind of love that praises King one day after making repeated racist statements, most recently calling African countries and Haiti “shithole countries,” is really no love at all.

    • Media Freaks Out About Facebook Changes; Maybe They Shouldn’t Have Become So Reliant On Facebook

      >From Facebook’s standpoint, this move is a pretty easy one to make. Even though it had spent the past few years heavily courting news publishers (including directly paying large publishers many millions of dollars to “pivot to video”), the company hadn’t totally succeeded in becoming the go to source for news (that remains Twitter’s strength). And yet, Facebook was also getting more and more grief over news items in its feeds, especially post-election when people incorrectly wanted to “blame” news on Facebook for Donald Trump’s presidential victory.

      On top of that, this move will only enforce something that Facebook had been inching towards for a while: forcing businesses and publishers to pay to have their news reach a larger audience. So… if this means that Facebook makes more money, distresses fewer people, and doesn’t get attacked as much for the so-called problem of “fake news” it looks like a total win from Facebook’s perspective.

      Publishers, on the other hand, were generally freaked out. Many have spent the past 5 years or so desperately trying to “play the Facebook game.” And, for many, it gave them a decent boost in traffic (if not much revenue). But, in the process, they proceeded to lose their direct connection to many readers. People coming to news sites from Facebook don’t tend to be loyal readers. They’re drive-bys.

    • Sens. Cotton and Perdue are outed for lying on Trump’s behalf

      There is no honor among anti-immigrant advocates and liars, I suppose. After dutifully lying on behalf of the president regarding his abhorrent language (“shithole countries”), Sens. Tom Cotton (R-Ark.) and David Perdue (R-Ga.) were outed by the White House.

    • Breaking News: Haiti to unseal files pertaining to former dictator, Jean Claude Duvalier, laundering money through Trump Tower during his time in power

      Haitian officials on Monday evening held an emergency high court session which resulted in an agreement to unseal and publicly released documents relating to Jean-Claude Duvalier’s indictments for money laundering through Trump tower, during his brutal 15 years dictatorship.

  • Censorship/Free Speech

    • ‘Killing ­Original Content ­Creators Isn’t In ­Silicon ­Valley’s Interest’
    • Duterte had ‘nothing to do’ with move to revoke news site’s licence: Spokesman

      Foreign press organisations and human rights groups have rallied behind Rappler, joining a chorus of domestic outrage among the media and political opposition at what they saw as move to muzzle those scrutinising Duterte.

    • Opposition Chief Criticises PM for Censorship

      ocial Democratic Party (SDP) chief Davor Bernardić on Wednesday criticised Prime Minister Andrej Plenković for censorship, asking him “Where’s the money?” which in Croatian (Di su pare?) is the name of a satire Facebook profile, to which Plenković responded there was no censorship in Croatia and that everyone was allowed to speak their mind responsibly and in accordance with the law.

      “Why can’t the ‘Di su pare?’ Facebook profile continue to be open in Croatia? It had over 300,000 followers, I followed it and I laughed when they wrote satirically about me. The government cannot ban satire or a Facebook profile,” Bernardić said during Question Time in Parliament.

    • Julian Assange says Google and Facebook have become an ‘existential threat to humanity’

      Fugitive WikiLeaks founder Julian Assange has said that Google and Facebook, two of the world’s biggest technology and social media companies, are an “existential threat” to humanity.

      The chief of the anti-secrecy and whistleblowing platform, who describes himself as a “geopolitical analyst” on his Twitter profile, believes the tech giants have evolved into powerful “digital superstates”.

      “While the internet has brought about a revolution in our ability to educate each other, the consequent democratic explosion has shaken existing democratic establishments to their core,” Assange said Tuesday (16 January), in a statement later posted online.

      His comments were read during an “Organising Resistance to Internet Censorship” webinar, sponsored by the World Socialist Web Site (WSWS) this week.

    • Radio 4’s Laurie Taylor: “There’s a creeping censorship at the BBC”

      It was a programme, Laurie Taylor says, that wasn’t supposed to be – something he succeeded in “sneaking in” because BBC management’s attention was elsewhere. “Entirely bogus” is how he describes the launch of Thinking Allowed in 1998, but, 20 years on, Taylor’s weekly Radio 4 series that looks at research arising from the academic world is long established as the genuine article, and one of the best-loved half-hours on the network.

    • Librarians despise censorship. How can prison librarians handle that? It’s complicated.

      Last week, officials at the American Civil Liberties Union made public a letter they had written to the New Jersey Department of Corrections, accusing the department of violating inmates’ rights: Several prisons were refusing to allow inmates access to the book “The New Jim Crow: Mass Incarceration in the Age of Colorblindness,” by Michelle Alexander. Restricting prisoners from reading about injustices in the U.S. prison system struck many as a shocking and ironic overreach. And the state apparently agreed. After being challenged by the ACLU, the department decided to reinstate the book and vowed to review restriction policies for prison libraries.

      This was hardly the first time prison library censorship has drawn criticism. At the end of 2017, the Texas Department of Criminal Justice came under fire when it was discovered that the prison system banned such books as “The Color Purple” and a collection of Shakespearean sonnets, while inmates were free to read Adolf Hitler’s “Mein Kampf.” And this month, news that New York’s state prison system is restricting what books an inmate may receive through the mail to a handful of claptrap titles generated instant outrage.

    • It’s the (Democracy-Poisoning) Golden Age of Free Speech

      For most of modern history, the easiest way to block the spread of an idea was to keep it from being mechanically disseminated. Shutter the news­paper, pressure the broad­cast chief, install an official censor at the publishing house. Or, if push came to shove, hold a loaded gun to the announcer’s head.

      This actually happened once in Turkey. It was the spring of 1960, and a group of military officers had just seized control of the government and the national media, imposing an information blackout to suppress the coordination of any threats to their coup. But inconveniently for the conspirators, a highly anticipated soccer game between Turkey and Scotland was scheduled to take place in the capital two weeks after their takeover. Matches like this were broadcast live on national radio, with an announcer calling the game, play by play. People all across Turkey would huddle around their sets, cheering on the national team.

    • Conservatives Get ‘Shi**y’ Treatment from Twitter, Google – Again

      Legacy media organizations can be counted on to squawk when their voices aren’t heard in Republican-controlled forums – such as White House press conferences.

      But when it’s conservatives who are censored on powerful, widely read platforms, it’s hard to find any journalists who care.

      Such was the case last week when Project Veritas exposed, in an undercover investigation, how Twitter systematically diminishes – and even bans – access to posts published by those on the Right. One Twitter manager in charge of gatekeeping called their censorship victims “shi**y people.”

    • Are conservative voices being silenced by Twitter?

      Social media platform Twitter may be trying to reshape the online narrative by editing out conservative voices, a new undercover video released by Project Veritas alleges.

    • James O’Keefe: Twitter’s Censorship Algorithm Targets ‘Breitbart Audience’
    • Lebanon censors ban ‘The Post’ over Steven Spielberg’s support for Israel
    • Lebanon bans The Post movie
    • Lebanon bans ‘The Post’ over Spielberg’s support for Israel
    • Lebanon’s ‘outdated’ film censors under fire after banning Spielberg’s The Post
  • Privacy/Surveillance

    • Shooting The Messenger: Reporter Who Exposed Massive Indian Data Breach Targeted By Law Enforcement

      For many years now, we’ve been among those raising concerns about India’s giant identity database known as Aadhaar. A few weeks ago, we wrote that there appeared to be a fairly massive breach of data from that database, and that the information was now available on the dark web for cheap.

      [...]

      The details on the “police complaint” remain sparse, so perhaps it’s not a huge deal — but any attempt to investigate and/or intimidate (and those can be one and the same in some cases) a reporter for merely exposing a fairly big possible data breach that could effect over a billion people at least suggests an interest in covering up the breach, rather than in understanding the breach and preventing further damage.

    • Our View: NSA reboot revives citizen surveillance concerns

      Privacy advocates hailed incremental steps taken to reduce surveillance of American citizens by the National Security Agency since widespread abuses were first reported about four years ago.

      The reassurances are apparently enough for Congress to approve the continuation of a long-standing program that, while aimed at foreign communications traffic, nonetheless picks up the communications of millions of Americans along the way.

      The biggest controversy in the recent House vote was the stance of President Trump, who tweeted out mixed messages about his support of continuing Section 702 of the post-9/11 foreign intelligence act. The section allows the government to collect internet and email date from Americans if it has any relationship to a foreign country.

    • Senate, Rebuffing Privacy Concerns, Clears Path to Extend Surveillance Law
    • US senators vow to filibuster FBI, er, NSA’s domestic, errr, foreign mass spying program

      A number of US senators from both sides of the aisle have said they will filibuster an effort to approve the continuation of a controversial American government spying program.

      This mass snooping effort was authorized by section 702 of the FISA (Foreign Intelligence Surveillance Act) Amendments Act, which expired at the end of last year, and the NSA wants it renewed with a new law passed. Section 702 is supposed to allow Uncle Sam’s g-men to keep close tabs on non-Americans abroad.

      However, the rules have been interpreted by the Feds over the years to give the FBI warrantless access to the NSA’s database so agents can investigate crimes using records on American citizens on American soil. You’d think now would be a good time, while renewing section 702, to rein in the intelligence agencies so that truly only foreigners are targeted.

    • Senate advances bill to continue NSA surveillance program; passage expected this week

      A bill to continue the National Security Agency’s surveillance programs for five more years advanced Tuesday in the Senate, overcoming objections that it did not do enough to protect Americans’ civil liberties.

      Opponents came close to filibustering the measure, which was approved by the House last week. But the Senate’s narrow 60-38 vote puts it on track for final passage this week.

      Voting stretched more than an hour as senators lobbied key holdouts in dramatic fashion on the Senate floor.

    • After Basically No Debate, And No Opportunity For Amendments, Senate Votes To Expand NSA Surveillance

      As was unfortunately expected, after a very short (and fairly stupid) debate that was full of misleading statements that focused more on “but… but… terrorism!” than anything substantive, the Senate has voted for cloture on the same bill the House approved last week that extends and expands the NSA’s 702 surveillance program, opening it up to widespread abuse and refusing to do simple things like adding in a warrant requirement when used to spy on Americans. The vote was actually surprisingly close — going right down to the wire. They needed 60 votes to get this bill over the top and they almost didn’t get them. The final vote was 60 to 39 with the final vote (well over an hour after the vote starting) coming from Senator Claire McCaskill in favor of warrantless spying on Americans.

    • NSA spying program overcomes key Senate hurdle

      The Senate narrowly voted to begin winding down debate over legislation renewing government surveillance powers, defeating a filibuster by privacy hawks.

      Senators voted 60-38 to wrap up debate on the legislation, which cleared the House last week and extends the surveillance program with only a few small changes.

      The program, absent congressional action, is scheduled to expire on Jan. 19.

    • Warrantless Spying Careens Toward Reauthorization

      Last week, the House of Representatives voted to reauthorize the FISA Amendments Act—and its controversial Section 702, which establishes general warrants for wiretapping foreigners—and rejected an amendment offered by Rep. Justin Amash that would have at least required the FBI agents to obtain a warrant before sifting through the NSA’s massive database of intercepted communications for Americans’ messages. As I noted in a blog post at the time, the few supposed “reforms” embedded in the authorization bill are cosmetic at best, and more likely will serve to actually expand the scope of warrantless surveillance. But at least Amash’s amendment got a vote, although without the benefit of much in the way of substantive debate.

    • U.S. Senate advances bill to renew NSA’s internet surveillance programme

      The U.S. Senate on Tuesday advanced a bill to renew the National Security Agency’s warrantless internet surveillance programme, as a final push by privacy advocates to derail the measure came up one vote short.

    • U.S. Senate to vote to renew NSA’s internet surveillance program

      The U.S. Senate on Tuesday planned to vote to advance a bill to renew the National Security Agency’s warrantless internet surveillance program, as privacy advocates made a final push to derail the measure.

    • The House Has Voted. They Will Allow Warrantless Surveillance.

      In 2013, documents leaked by former National Security Agency (NSA) contractor Edward Snowden ignited a national debate on the agency’s warrantless surveillance program and citizens’ right to privacy in the digital age. Last week, the U.S. House of Representatives held a vote that may have put an end to that debate.

      The NSA’s warrantless surveillance program was created following the September 11, 2001, terrorist attacks on U.S. soil. In 2008, Congress passed Section 702 of the FISA Amendments Act, a law legalizing the previously secret program. The 256 to 164 vote permitted a six-year extension of the soon-to-expire law, while also legalizing the controversial practice of “about” surveillance.

    • Analog Equivalent Privacy Rights (11/21): Our parents used anonymous cash

      It’s also that the transactions of our digital children are permissioned. When our digital children buy a bottle of water with a debit card, a transaction clears somewhere in the background. But that also means that somebody can decide to have the transaction not clear; somebody has the right to arbitrarily decide what people get to buy and not buy, if this trend continues for our digital children. That is a horrifying thought.

    • New UIDAI features prove that data is unsafe: Experts

      E-governance expert Anupam Saraph said that the decision to come up with virtual ID was admission by UIDAI that storage of Aadhaar number was “dangerous and wrong”.

    • Aadhaar number details: Yet another ‘leak’ UIDAI needs to fix

      If someone knows your Aadhaar number, then they can find out with which bank you have an account easily by dialling a USSD code provided by Aadhaar helpline number.

    • Big Brother on wheels: Why your car company may know more about you than your spouse.

      The result is that carmakers have turned on a powerful spigot of precious personal data, often without owners’ knowledge, transforming the automobile from a machine that helps us travel to a sophisticated computer on wheels that offers even more access to our personal habits and behaviors than smartphones do.

  • Civil Rights/Policing

    • 1,000 Danish youths face charges for sharing 15-year-olds’ sex videos

      The sharing occurred in late 2017 and depicted a sexual encounter between two 15-year-olds. The young people charged with sharing the materials ranged in age from 15 to the early 20s. When Facebook learned that the material was being shared, the company notified US authorities, who in turn alerted authorities in Denmark.

    • Saudi Arabia: Three years on, flogged blogger Raif Badawi must be released
    • Donald Trump vs. Guantánamo’s Forever Prisoners
    • In New York, Crime Falls Along With Police Stops

      If you grew up in New York City in the 1970s, the number can be hard to get your head around: 291. If you were a reporter in New York City in the early 1990s, the number can almost make your head explode: 291 murders in 2017, the lowest total since the 1950s.

      But the number is perhaps most striking when set not against the numbers of murders in other years, but against this figure: the roughly 10,000 police stops conducted in 2017.

    • Big Corporations Make Millions by Selling People a Chance to Get Out of Jail

      Who benefits from wealth-based incarceration? The bail sharks.

      If you got arrested, could you come up with the bail needed to buy your immediate freedom?

      For most people, the answer is no. Even though those arrested haven’t been convicted of a crime, the only way for them to get out of jail while they await their day in court is to come up with an alternative source of money. Enter big insurance companies like Lexington National. They’ll get you out, but you have to pay them a fee that you’ll never get back, which guarantees them a hefty profit regardless of the outcome of the case.

      If you think this is corporate greed run amok, you aren’t alone. The legal right to turn a profit on bail is a rare phenomenon globally: It’s only legal in the U.S. and the Philippines. And for good reason.

      After all, the people accused of a crime — and their families desperate to have them home — are hardly in a position to bargain. Since they run the risk of losing their job or home, the accused are at the mercy of bail bond companies, which have a huge amount of leverage over people who sign their exploitative contracts. That’s why bail contracts often contain terms like installment plans and high interest rates that lead to years of debt.

    • Porn didn’t invent women’s desire or exploitation, but, looking back at history, it has a powerful role in shaping both
    • Danish police charge 1,000 people following Facebook sex video

      Danish police have charged 1,004 young people (some under 18) after Facebook notified authorities that Messenger users were sharing a video of two teens under 15 years old having sex, violating laws against the distribution of indecent images of children. Many of those who shared the video did so ‘just’ a few times, police said, but others shared it hundreds of times — they knew what they were doing, even if they didn’t realize it was illegal.

      Anyone found guilty would face no more than 20 days in prison, but they’d also be added to an offender registry for the next 10 years.

  • Internet Policy/Net Neutrality

    • If one only more GOP senator flips, the FCC’s Net Neutrality order will be up for grabs

      It’s a lost cause — after the Senate passes its CRA resolution, Congress would have to follow suit and then Trump would have to go along with the gag and not veto them — but it’s still a useful one, forcing lawmakers to publicly declare a position on Net Neutrality, an issue that has an improbably high recognition and approval from voters regardless of political affiliation.

    • Democrats are just one vote shy of restoring net neutrality

      Right now the resolution has the support of all 49 Democrats in the Senate and one Republican, Susan Collins of Maine. But Schumer and the rest of the caucus will have to win over one more Republican vote to prevent Vice President Mike Pence from breaking tie and allowing the repeal to stand.

    • Community Broadband: Privacy, Access, and Local Control

      Communities across the United States are considering strategies to protect residents’ access to information and their right to privacy. These experiments have a long history, but a new wave of activists have been inspired to seek a local response to federal setbacks to Internet freedom, such as the FCC’s decision to roll back net neutrality protections, and Congress’ early 2017 decision to eliminate user privacy protections.

      Internet service providers (ISP) have a financial incentive and the technical ability to block or slow users’ access, insert their own content on the sites we visit, or give preferential treatment to websites and services with which they have financial relationships. For many years, net neutrality principles and rules, most recently cemented in the FCC’s 2015 Open Internet Order, helped prevent much of this activity. Net neutrality helped create a landscape where new ideas and services could develop without being crowded out by political pressure or prioritized fast lanes for established commercial incumbents.

    • Blackburn Doubles Down On A Decade Of Lies As She Pushes Fake Net Neutrality Law

      So we’ve repeatedly noted how the FCC’s assault on popular net neutrality protections sits on pretty shaky legal ground. The agency not only ignored the public in trashing the rules, it ignored the nation’s startups, the people who built the internet, and any and all objective data. They also ignored the rampant comment fraud that occurred during the public comment period of the proceeding, a ham-fisted attempt by “somebody” to downplay the massive public opposition to the plan. For good measure the agency also blocked a law enforcement investigation into said fraud and even made up a DDOS attack.

      ISP lawyers and lobbyists know their victory could be short lived if looming lawsuits are able to convince a court that the FCC rushed to pass an “arbitrary and capricious order” while disregarding the public and violating FCC procedure. That’s why they’ve begun pushing hard for new net neutrality legislation they’re claiming will put the debate to bed, but has one real purpose: to pass flimsy, loophole-filled rules now to prevent the FCC (or a future, less cash-compromised Congress) from passing tougher, better rules down the road.

      Just days after Comcast began pushing harder for such legislation, the telecom industry’s most loyal ally in the House, Tennessee Representative Marsha Blackburn, began pushing a law that perfectly mirrors everything Comcast asked for. Namely, it makes everything but the most ham-fisted abuses (like outright blocking of websites) legal, effectively codifying federal apathy on net neutrality into law. The law doesn’t ban paid prioritization, zero rating, interconnection shenanigans, or any of the areas the modern net neutrality debate currently resides.

    • Mozilla Files Suit Against FCC to Protect Net Neutrality

      Today, Mozilla filed a petition in federal court in Washington, DC against the Federal Communications Commission for its recent decision to overturn the 2015 Open Internet Order.

  • DRM

    • DRM Puts the Brakes on Innovation

      Copyright law is slow. Whenever you hear about a case of alleged copyright infringement and you think, “What was illegal about this?” consider that the law probably came many, many years before anyone conceived of the activity it’s being used to target. Then it starts to make a little bit more sense.

      Look at how U.S. copyright law treats DRM, the annoying array of methods that digital content providers use to restrict their customers’ behavior. Passed in 1998, Section 1201 of the Digital Millennium Copyright Act made it illegal to bypass DRM or give others the means of doing so. When Congress passed Section 1201, it was mostly thinking of restrictions intended to stop users from making infringing copies of music and movies. The DMCA passed well before manufacturers began putting digital locks on cars, microwaves, toilets, and every other electronic product. We’re now living in a world where it might be a crime to modify the software on your rice cooker. If that sounds absurd, that’s because it is.

      You can almost forgive Congress for this mess—it didn’t know that DRM would soon crawl into every aspect of your life. On the other hand, Congress helped bring the infestation on. The DMCA encouraged manufacturers to build DRM into their products, because doing so gave them ammunition to fight people using their products in ways they didn’t approve of. Can’t compete with unauthorized repair shops? Make them illegal.

  • Intellectual Monopolies

    • Trademarks

      • Shipyard Brewing Sues The Brewery It Is Trademark Bullying Over The Public Backlash To Its Trademark Bullying

        You may recall that the middle of last summer saw us reporting on a somewhat odd trademark dispute between two breweries, Shipyard Brewing Co. and Logboat Brewing Company. Chiefly at issue was the fact that both breweries used images of schooners on their respective labels, except that the images used were laughably different. Also at issue was that Logboat’s “Shiphead” beer used the word “head”, which Shipyard says it uses in a variety of other beers, such as Pumpkinhead, Melonhead and other variations. Shipyard, notably, does not have a beer called “Shiphead”, making this all the more eyebrow-raising.

    • Copyrights

      • New presidency of the Council of the European Union … new position on the EU copyright reform?

        Following the conclusion of the 6-month Estonian presidency, the presidency of the Council of the European Union is now Bulgarian, and will be so for the first semester of 2018.

        The Council is one of the key EU institutions and brings the voice of Member States’ governments into the decision- and law-making process. In fact and among other things – together with the European Parliament – the Council is in charge of adopting EU legislation.

      • Copyright Troll Gets Smacked Around By Court, As Judge Wonders If Some Of Its Experts Even Exist

        When last we checked in with Venice PI, the copyright troll claiming to hold rights to the movie Once Upon A Time In Venice and attempting to claim in court that a 91 year old man with dementia was part of a torrent swarm offering the movie who, oh by the way, had recently passed away, it was being lightly slapped around by judge Thomas Zilly. Zilly had barred Venice PI from contacting the family of the deceased, halted the trial, questioned the quality of the evidence Venice PI had put before the court, and likewise demanded more information on how that evidence was collected in the first place. Given that the evidence mostly amounted to IP addresses obtained by Venice PI, I had written that this particular judge was likely to be unimpressed by whatever the copyright troll provided.

        Well, hoo-boy, was that ever an understatement. The end result of what Venice PI put before the court in response was the judge issuing a minute order declaring that the company essentially explain its copyright trolling efforts entirely across several cases and slapped the company around for some truly stunning misbehavior. The order goes into three different areas in which Venice PI appears to have really, truly screwed up, starting with the fact that the troll’s claims of ownership and affiliations can’t even be substantiated.

      • We found a deleted page that reveals the paparazzi roots of Kodak Coin

        Kodak’s stock price has tripled since Tuesday as the company announced plans to develop a new blockchain-based digital rights management platform for photographers. Called KodakOne, the new platform, which isn’t available yet, will allow photographers to publicly register their rights in digital photographs on an immutable blockchain.

        The platform will include a digital currency called Kodak Coin that will be used to make licensing payments. There’s an initial coin offering scheduled for January 31.

        “KodakOne provides continual Web crawling in order to protect the IP of its members,” the KodakOne website says. “Where unlicensed usage of images is detected, KodakOne can efficiently manage the post-licensing process.”

      • Kodak’s Supposed Crytocurrency Entrance Appears To Be Little More Than A Rebranded Paparazzi Copyright Trolling Scheme… With The Blockchain

        For a few years now I’ve debated writing up a post about why a “blockchain-based DRM” is an idea that people frequently talk about, but which is a really dumb idea. Because the key point in the blockchain is that it “solves” the “double spend” problem of anything digital, there are always some who have argued that it could be useful in stopping the infinitely copyable nature of digital content. But… actually doing that is a much more difficult proposition. Instead, we just get simplistic ideas around using a blockchain ledger merely to establish a form of a rights database. Which… is fine, but hardly all that compelling a use of the blockchain (a regular old database is probably a lot more useful and efficient for that use case).

        But, last week, there was an awful lot of hype, fuss and confusion around what was billed as Kodak launching its own cryptocorrency / blockchain effort called KODAKone and Kodak Coin, that would “create an encrypted, digital ledger of rights ownership for photographers to register both new and archive work that they can then license within the platform.”

01.16.18

Links 16/1/2018: More on Barcelona, OSI at 20

Posted in News Roundup at 12:24 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Barcelona to ditch Microsoft in favour of open source software

    THE SPANISH CITY OF BARCELONA plans to replace its Microsoft software with open source alternatives including Linux, Libre Office and Open Xchange.

    Barcelona plans to invest 70 per cent of its annual software budget in open source this year, according to El Pais, with the aim of completing the transformation by spring 2019.

    Microsoft’s Outlook and Exchange Server email software is to be replaced by Open-Xchange, Microsoft Office will be ditched in favour of Libre Office, and Mozilla’s Firefox will be made the default browser across systems.

  • Barcelona becomes the poster child for Linux

    The City of Barcelona is migrating its computer systems away from Windows making it the poster child for Open Source rather than Munich which is frantically trying to migrate back.

    According to the Spanish newspaper El País, the City’s strategy is first to replace all user applications with open-source alternatives until the underlying Windows operating system is the only proprietary software remaining. Then the operating system will be replaced with Linux.

    Commissioner of Technology and Digital Innovation at Barcelona City Council, Francesca Bria, said the transition would be completed before the current administration’s mandate ends in spring 2019.

  • Barcelona gives Microsoft the boot in move to open source

    With this move Barcelona becomes the first city to join an initiative by Free Software Foundation Europe dubbed ‘Public code, public money’ which calls on public bodies to invest tax revenues in free reusable systems that are open to local businesses rather than proprietary licensed software.

  • Barcelona to ditch Microsoft in favour of open source Linux software

    Catalan capital Barcelona is planning to ditch proprietary software products from Microsoft in favour of free, open source alternatives such as Open-Xchange email.

    That’s according to a report by Spain’s national paper El Pais, which reports that Barcelona plans to invest 70% of its annual software budget in open source this year.

  • Barcelona Aims To Oust Microsoft In Open Source Drive

    The city of Barcelona has embarked on an ambitious open source effort aimed at reducing its dependence on large proprietary software vendors such as Microsoft, including the replacement of both applications and operating systems.

  • Barcelona to ditch Microsoft software for open source software

    Barcelona, one of the most popular cities in the Europe is now switching to open-source software by replacing Microsoft Windows, Office and Exchange with Linux, Libre Office and Open Xchange respectively. The city council is already piloting the use of Ubuntu Linux desktops along with Mozilla Firefox as the default browser. With this move, Barcelona city is planning to save money over the years by reducing software/service licensing fees. They are also planning to hire new developers to write open-source software. The open-source product will also be made available to other Spanish municipalities and public bodies further afield allowing them the opportunity to save money on software licences.

  • Barcelona to ditch Microsoft in favour of open source Linux software

    Catalan capital Barcelona is planning to ditch proprietary software products from Microsoft in favour of free, open source alternatives such as Open-Xchange email.

    That’s according to a report by Spain’s national paper El Pais, which reports that Barcelona plans to invest 70% of its annual software budget in open source this year.

  • Barcelona is moving to Linux; why not Dhaka?

    The Spanish city of Barcelona just announced a few days ago (https://www.itwire.com/open-source/81377-barcelona-plans-move-to-open-source-software.html) that it has successfully completed a pilot project of moving 1,000 desktops of municipality employees from Microsoft Windows and MS Office to free/open-source alternatives, Ubuntu Linux (www.ubuntu.com/desktop) and LibreOffice (www.libreoffice.org).

    The question is why countries like Bangladesh, which are much less wealthy than Spain, are not making similar moves to replace expensive Microsoft software with free/open-source alternatives.

    The simple fact is that there is almost no awareness of the real cost of Microsoft software in Bangladesh, as software piracy is so commonplace. Every market has shops stocking pirated MS Windows/MS Office DVDs; so the public can be forgiven for thinking that these are practically free of cost.

  • Barcelona abandons Windows and Office, goes with Linux instead
  • Windows vs Linux: Open source beats Microsoft to win Barcelona’s backing
  • Barcelona quits Windows and Office goes Linux
  • Adios Microsoft: We’re ditching Office and Outlook for open source, says Barcelona
  • Best Linux desktop of 2018

    The desktop is a critical aspect of your Linux experience, providing you with a user-friendly way to interact with your computer. Unlike Windows or Mac, Linux doesn’t tie you to a single desktop. Switching desktop environments is incredibly straightforward – just install a new one, log out and choose it from the login screen. You can install as many desktop environments as you like, although you can only use one at a time.

    In this guide, we’ve rounded up seven of the most popular desktops, highlighting their strengths and weaknesses. Before you dive in, however, take some time to think about what you want from your desktop.

    A desktop environment is more than the wallpaper which appears when you log in. It also includes a window manager and usually a set of utilities. It may come in the form of a pre-assembled package, such as Gnome or KDE, or it may be assembled by the distro maintainer, such as CrunchBang++’s Openbox or Puppy’s JWM.

  • Best Linux distros 2018: the finest open source operating systems around

    Linux is widely-regarded as the discerning techie’s operating system of choice, and with good reason. The open source OS has an awful lot to recommend it, and it’s every bit as capable as Windows or macOS.

    One of the reasons Linux has proved to be so popular with developers, engineers and technical professionals is that it’s almost infinitely versatile, with a wealth of customisation options. It’s also got a reputation as being extremely secure.

    Linux doesn’t just cater to traditional desktop PCs, either. There are also distros designed to run enterprise-grade applications and servers as well as desktop clients.

  • Linux kernel mailing list back online; Meltdown and Spectre vulnerabilities; Mobile OS eelo; Barcelona now using Linux

    The popular Linux Kernel Mailing List website is back online after going down and staying down for several days due to a power outage to the home server where it was hosted. Upon reboot, a password (for dm-crypt) was required to mount the root device; however, that in itself was not the problem. The problem was the fact that the PC’s owner, Jasper, was on vacation when all of this occurred. Anyway, the site is now back up and continuing to operate as it always has.

    Speaking of the kernel mailing lists, Johannes Weiner issued a call for proposals for agenda topics to the upcoming annual 2018 Linux Storage, Filesystem and Memory Management (LSF/MM) Summit. The deadline is January 31, 2018, and the summit will be held between April 23-25 At Deer Valley Lodges in Park City, Utah. For more information, visit the Linux Foundation Events page.

  • Documentary films on Linux!

    The Code & Revolution OS! Those are documentary films released in 2001. The Code is based on birth and journey of Linux & Revolution OS is based on 20 years journey of Linux, GNU, Open Source world.

  • Audiocasts/Shows

    • Red Hat launches new podcast series, Command Line Heroes

      Technology has become so integrated into our daily lives that it can be easy to take it for granted. But we’ve only gotten to where we are today because of the command line heroes that shaped the industry – and continue to do so.

      Command line hero. What does that really mean? To us it’s the developers, programmers, hackers, geeks and open source rebels – the people who are on the front line, transforming technology from the command line up. The biggest technology advancements and innovations didn’t happen by accident. They were made possible through the passion, creativity and persistence of technologists around the world.

    • Command Line Heroes

      I’ve been looking forward to this for quite a while, ever since it was announced: today, the first two episodes of Command Line Heroes were published. Command Line Heroes, or CLH for short, is a series of podcasts that tells the stories of open source. It’s hosted by Saron Yitbarek, of CodeNewbie fame, and sponsored by Red Hat.

  • Kernel Space

    • Retpoline Backported To Linux 4.9, Linux 4.14 Kernels

      Retpoline support for mitigating the Spectre vulnerabilities will soon be present in the Linux 4.9 and 4.14 stable kernels.

      Greg Kroah-Hartman has sent out the latest patches for the Linux 4.9 and 4.14 point releases, which now include the Retpoline support.

    • Retpoline Is Still Being Improved Upon For Intel Skylake/Kabylake

      While initial support for Retpoline was merged into the Linux 4.15 Git kernel last week and is now being backported to some supported Linux kernel series, there is still additional work ongoing for properly mitigating Spectre v2 on Intel Skylake CPUs and newer.

      It turns out Skylake CPUs and newer require additional patches to fully mitigate against the Spectre Variant Two vulnerability. These newer CPUs can fallback to a potentially poisoned indirect branch predictor when a return buffer underflows. Andi Kleen of Intel has sent out a new patch series dubbed “RETPOLINE_UNDERFLOW” that gets enabled by default for Skylake CPUs and newer.

    • VirtualBox Guest Driver Being Mainlined With Linux 4.16

      The upcoming Linux 4.16 kernel cycle will be mainlining the VirtualBox Guest “vboxguest” kernel driver.

      As part of an effort led by Red Hat, the VirtualBox guest drivers are finally working towards mainline in the Linux kernel and with 4.16 there is the vboxguest driver as a notable step following the VirtualBox DRM/KMS driver in Linux 4.13.

    • Linus Torvalds Is Hopeful for a January 21 Release of the Linux 4.15 Kernel

      The eighth and probably the last RC (Release Candidate) of the upcoming Linux 4.15 kernel series has been announced by Linus Torvalds over the weekend and it’s now ready for public testing.

      Coming a week after the seventh RC, Linux kernel 4.15 Release Candidate 8 is here with more patches against the Meltdown and Spectre security vulnerabilities publicly disclosed earlier this month. Most specifically, it brings x86 “retpoline” support, a solution developed by Google and other security researchers to not allow speculation on the CPU.

    • LSFMM 2018 call for proposals

      The 2018 Linux Storage, Filesystem, and Memory-Management Summit will be held April 23-25 in Park City, Utah. The call for proposals has just gone out with a tight deadline: they need to be received by January 31.

    • Analyzing the Linux boot process

      The oldest joke in open source software is the statement that “the code is self-documenting.” Experience shows that reading the source is akin to listening to the weather forecast: sensible people still go outside and check the sky. What follows are some tips on how to inspect and observe Linux systems at boot by leveraging knowledge of familiar debugging tools. Analyzing the boot processes of systems that are functioning well prepares users and developers to deal with the inevitable failures.

    • BPF Getting Error Injection & More In Linux 4.16

      While BPF has been under the spotlight recently in light of Spectre, with the upcoming Linux 4.16 cycle this in-kernel virtual machine and originally packet filter will be picking up new features.

    • Jailhouse Guest Support Queued For Linux 4.16

      Yet more functionality to find with the upcoming Linux 4.16 kernel is the first bits of Jailhouse hypervisor functionality being mainlined.

      Since at least 2013 Siemens has been developing the Jailhouse hypervisor for Linux systems. This partitioning hypervisor aims to be lighter than KVM and Siemens has been designing it for “highly demanding real-time, safety or security” workloads.

    • Retpoline patch coming to Linux 4.9 and Linux 4.14

      Several Linux kernel versions, including 4.9, 4.14, and the upcoming 4.15, will have Retpoline support built in to mitigate against the Spectre vulnerability. Greg Kroah-Hartman, one of the head honchos overlooking kernel development, accepted the patch into the 4.9 and 4.14 kernels meaning Linux users everywhere should be secure from Spectre without any performance hits.

      The exact kernel versions to look out for are 4.9.77 and 4.14.14. Unfortunately, for those of us still on Linux 4.4 and 3.18, which are still supported, there is no sign of the Retpoline patch just yet despite getting receiving other updates. Hopefully it’ll be released in a subsequent update after they’ve had time to monitor for any problems in 4.9 and 4.14.

    • Retpoline Support Backport Lands In GCC 7

      The backporting of -mindirect-branch, -mindirect-return and -mindirect-branch-register, a.k.a. the GCC “Retpoline” patches, have been back-ported and merged into the GCC 7 branch.

      Given the severity of the Spectre vulnerability, these features for Retpoline support are being back-ported to GCC branches normally only reserved for bug/regression/documentation fixes.

    • Graphics Stack

      • Experimental XDG-Shell Support For Mir’s Wayland Support

        Mir’s Wayland support continues being hacked on and now being tackled is support for the XDG-Shell protocol.

        A proof of concept implementation for the XDG Shell protocol has been posted for Mir. The XDG-Shell protocol as a reminder is used for managing surfaces under Wayland compositors for dealing with window dragging, resizing, stacking, and other actions.

      • Vulkan 1.0.68 Published

        Coming just over one week since Vulkan 1.0.67 is now the Vulkan 1.0.68 graphics/compute programming specification update.

        Given the short time from Vulkan 1.0.67 to 1.0.68, this updated version does not introduce any new extensions. Vulkan 1.0.68 just has documentation fixes: correcting some typos and making other clarifications for helping developers understand expected behavior of some elements of Vulkan.

      • Intel’s Mesa Driver Is A Step Closer To ARB_gl_spirv Support

        Igalia has sent out the fourth version of their patches for wiring in ARB_gl_spirv support into the Mesa OpenGL driver. This extension is the last main blocker from Intel having OpenGL 4.6 support and allows for SPIR-V ingestion support for better interoperability between OpenGL and Vulkan.

      • Mesa Gets Patches For EGL_ANDROID_blob_cache

        An Intel open-source developer has sent out a set of patches implementing the EGL ANDROID_blob_cache extension for Mesa.

      • GPU Voltage Control Support Coming To AMDGPU Driver

        Patches are being prepped to improve the OverDrive overclocking/underclocking support within the AMDGPU DRM driver and for allowing voltage controls.

      • Mesa 17.3.3 Is On The Way With Better Vega Support On Vulkan

        Mesa 17.3.3 should be released later this week with nearly three dozen fixes over the previous Mesa 17.3 point release.

      • Advanced DRI Configurator: A New Mesa GUI Project

        An independent open-source developer has announced “Advanced DRI Configurator” in what he’s hoping could eventually replace DriConf for configuring Mesa parameters.

        Developer Jean Hertel has announced his initial work on trying to write a DriConf replacement. The Advanced DRI Configurator, or “adriconf” for short, is this young project written in C++ and GTKmm.

      • Red Hat Developer Manages Full Clock-Gating For Kepler With Nouveau

        In improving the power-savings of NVIDIA GeForce 600/700 “Kepler” GPUs running on the open-source NVIDIA “Nouveau” driver, Red Hat developer Lyude Paul has published a set of patches allowing for full clock-gating with these older graphics cards.

        Following lots of reverse engineering, rewrites, and tracing the behavior of the NVIDIA proprietary driver, Lyude has implemented all known levels of clock-gating for Kepler1/Kepler2 GPUs. Lyude was also working on Fermi GPU support, but its clock-gating is being handled differently and currently that code isn’t yet ready.

    • Benchmarks

      • ADATA XPG SX6000: Benchmarking A ~$50 USD 128GB NVMe SSD On Linux

        While solid-state drives have generally been quite reliable in recent years and even with all the benchmarking I put them through have had less than a handful fail out of dozens, whenever there’s a bargain on NVMe SSDs, it’s hard to resist. The speed of NVMe SSDs has generally been great and while it’s not a key focus on Phoronix (and thus generally not receiving review samples of them), I upgrade some of the server room test systems when finding a deal. The latest is trying an ADATA XPG SX6000 NVMe SSD I managed to get for $49.99 USD.

      • 16-Way GPU Comparison With NVIDIA GPUs Going Back To Kepler

        Last week I provided a fresh look at the NVIDIA GeForce vs. AMD Radeon Linux gaming performance using the latest drivers at the start of 2018. That testing included the latest NVIDIA and AMD GPUs, but for those curious how these numbers compare for older NVIDIA GPUs, here’s a look with the Kepler and Maxwell graphics cards added to the comparison.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • Flatpak Support Getting More Mature in KDE Plasma’s Discover Package Manager

        Those interesting in installing Flatpak universal Linux apps on their KDE Plasma-based GNU/Linux distros, should know that Flatpak support in the Plasma Discover package manager is now more mature and ready for production. It can handle multiple Flatpak repos, as well as installing of packages from the Flathub repository.

        With the upcoming KDE Plasma 5.12 LTS desktop environment, Plasma Discover will support different backends, including Flatpak and Snappy, allowing users to search, download and install Flatpak and Snap apps. However, such a backend doesn’t come installed by default, so you’ll have to add it manually.

      • KDE Frameworks 5.42 Open-Source Software Suite Released for KDE Plasma 5.12 LTS

        KDE Frameworks 5.42.0 is out now just in time for the soon-to-be-released KDE Plasma 5.12 LTS Beta desktop environment, and includes numerous improvements and bug fixes for various components like Baloo, Breeze icons, KActivities, KCoreAddons, KDeclarative, KDED, KDBusAddons, KConfig, KDocTools, KHTML, KEmoticons, KFileMetaData, KI18n, KIO, KInit, Kirigami, and KJobWidgets.

        It also improves things like KNewStuff, KNotification, KRunner, KWayland, KTextEditor, KWallet Framework, KWidgetsAddons, KXMLGUI, NetworkManagerQt, Plasma Framework, Prison, QQC2StyleBridge, Sonnet, syntax highlighting, KPackage Framework, as well as KDELibs 4 support and extra CMake modules. The complete changelog is available below for more details on the new fixes.

      • KDE Plasma 5.12 LTS Enters Beta, Brings Unified Look and Phone Integration

        Designed as the next long-term support (LTS) version of the popular desktop environment, replacing the KDE Plasma 5.8 LTS on users’ computers when it will be out early next month, KDE Plasma 5.12 is an important milestone that introduces numerous stability and reliability improvements, along with a bunch of new and long-anticipated features.

        One of the most important changes in KDE Plasma 5.12 LTS is the greatly improved support for the next-generation Wayland display server, with a long-term support promise as the KDE Project will continue to patch bugs and other issues until the end of life of the desktop environment next year.

      • KDE Plasma 5.12 Reaches Beta With Faster Start-Up Time, Better Wayland Support
      • This App Automatically Disables Compositing in KDE When Opening Steam

        Compositor Switcher for KDE is a small utility that can disable compositing on the KDE Plasma desktop when running a specific gaming client.

      • digiKam 5.8 Open-Source Image Manipulator Adds UPnP/DLNA Export, Improvements

        The digiKam 5.8.0 open-source cross-platform image editor, viewer, and organizer tool has been released over the weekend with numerous improvements and some new features.

        Coming four months after the previous release, digiKam 5.8.0 is here with another set of enhancements for fans of the applications. For starters, the new version introduces a new tool that allows users to export their image collections to UPnP/DLNA-compatible devices. It can be accessed in all of digiKam’s views through the Tools menu.

        “In September 2017, the digiKam team has been invited to take part in the Randa Meetings,” reads the release announcement. “We have focused the reunion on including the new media server dedicated to sharing collection contents on local networks with compatible DLNA devices or applications, such as tablets, cellulars, TV, etc.”

      • Season Of KDE

        After contributing for several months at GCompris, I applied for SoK 2018 and finally my proposal got selected among top 10 participants. I am very happy with the results I have got.

      • SoK Project – Week 1 & 2

        With all the happiness after being selected for SoK 2018, I was looking forward to start working on my project with whole dedication. My project aims to complete port of a brain-boosting memory activity called “Railroad” (in which kids have to observe the given train and memorize it within given time and then try to rebuild it) from Gtk+ to Qt version. It is a part of project GCompris(a high-quality educational software suite, including a large number of activities for children aged 2 to 10). My mentors are Timothée Giet and Rudra Nil Basu, along with them I’d like to thank a lot to Johnny Jazeix and Divyam Madaan for helping me with my project. My SoK proposal can be found here –> SoK Proposal. And my progress can be tracked at –> Railroad branch.

      • Reasons to Get Excited about KDE in 2018
      • Three old Plasma Weather applet TODO items gone for Plasma 5.12

        Just when I thought to have missed yet another Plasma feature freeze deadline with the one for Plasma 5.12 LTS and thus a good(?) excuse to re-decrease priority of some planned work on the Plasma Addons Weather applet (from the kdeplasma-addons repo, not to be mixed up with clearmartin’s one from github/store.kde.org) once more and thus delay things even further to a day that may never come, the Plasma team found they need to shift the deadline by some weeks to be after the KDE Frameworks 5.42.0 release.
        So excuse gone, no other quickly found… time to do a git pull and open the editor.

      • Plasma on ARM: State of the Union

        For the past year at Blue Systems my colleagues and I have been working on getting Plasma 5 ready for ARMv8 systems such as the Pinebook. If you were at QtCon this year, you might have also seen our awesome team demo’ing these systems at the KDE booth along with Plasma on ARMv7 systems such as the ODROID C1.

      • Sharing Files on Android or iOS from or with your Qt App – Part 2
      • KDE Plans to Introduce New Apps and Plasma Stability Improvements in 2018

        For starters, 2018 will bring KDE users a new, long-term supported Plasma desktop environment, version 5.12, which just entered beta stages of development the other day giving us a first glimpse into its new features and improvements.

        While it’s mostly focused on stability and speed improvements, the KDE Plasma 5.12 LTS release promises better, long-term Wayland support, smartphone integration, a unified look, infinite customizations, as well as integrated desktop widgets and search.

    • GNOME Desktop/GTK

      • How to Install GNOME Shell Extensions GUI / CLI

        GNOME Shell extensions are small and lightweight pieces of codes that enhance GNOME desktop’s functionality and improves the user experience. They are the equivalent of add-ons in your browser. For instance, you can have add-ons that download videos like IDM downloader or block annoying ads such as Adblocker.

        Similarly, GNOME extensions perform certain tasks e.g. Display weather and geolocation. One of the tools used to install and customize GNOME Shell extensions is the GNOME tweak tool. It comes pre-installed in the latest Linux distributions. This article we cover how to install GNOME Shell extensions from GUI and from the command line on various Linux distros.

      • Musings on bug trackers

        I love bugzilla, I really do. I’ve used it nearly my entire career in free software. I know it well, I like the command line tool integration. But I’ve never had a day in bugzilla where I managed to resolve/triage/close nearly 100 issues. I managed to do that today with our gitlab instance and I didn’t even mean to.

      • ABI stability for GXml

        I’m taking a deep travel across Vala code; trying to figure out how things work. With my resent work on abstract methods for compact classes, may I have an idea on how to provide ABI stability to GXml.

        GXml have lot of interfaces for DOM4, implemented in classes, like Gom* series. But they are a lot, so go for each and add annotations, like Gee did, to improve ABI, is a hard work.

      • GXml is near for ABI stability

        Today I managed to create a patch to provide ABI stability for GXml and any other Vala library.

        ABI is one of the more important aspect in a library; allows to produce binaries fixing issues and add features while the applications, depending on it, don’t need to be recompiled

  • Distributions

    • OpenSUSE/SUSE

      • SLES 12 Toolchain Update Brings new Developer Tools
      • SUSE Linux Enterprise Server 12 Updates Its Developer Toolchain to GCC 7

        SUSE’s Andreas Jaeger writes in a blog post about the updated toolchain of the SUSE Linux Enterprise Server 12 operating system and the new developer tools it brings.

        The article notes the fact that with the release of GNU Compiler Collection 7, the GCC team brought numerous improvements for developers, including better diagnostics, DWARF 5 support, as well as support for the C++ 17 standard.

        GCC 7 also contains improved optimization passes and takes advantage of some of the features of modern processors, and now it is available to all SUSE Linux Enterprise Server 12 customers with an active subscription.

      • Become a Google Summer of Code Mentor for openSUSE

        The application period for organizations wanting to participate in the Google Summer of Code is now and the openSUSE project is once again looking for mentors who are willing to put forth projects to mentor GSoC students.

    • Red Hat Family

    • Debian Family

      • RHL’18 in Saint-Cergue, Switzerland

        In between eating fondue and skiing, I found time to resurrect some of my previous project ideas for Google Summer of Code. Most of them are not specific to Debian, several of them need co-mentors, please contact me if you are interested.

      • Quick recap of 2017

        After the Stretch release, it was time to attend DebConf’17 in Montreal, Canada. I’ve presented the latest news on the Debian Installer front there as well. This included a quick demo of my little framework which lets me run automatic installation tests. Many attendees mentioned openQA as the current state of the art technology for OS installation testing, and Philip Hands started looking into it. Right now, my little thing is still useful as it is, helping me reproduce regressions quickly, and testing bug fixes… so I haven’t been trying to port that to another tool yet.

        I also gave another presentation in two different contexts: once at a local FLOSS meeting in Nantes, France and once during the mini-DebConf in Toulouse, France. Nothing related to Debian Installer this time, as the topic was how I helped a company upgrade thousands of machines from Debian 6 to Debian 8 (and to Debian 9 since then). It was nice to have Evolix people around, since we shared our respective experience around automation tools like Ansible and Puppet.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 18.04 LTS Wallpaper Contest Welcomes Talented Photographers and Artists

            Announced today by Ubuntu member Nathan Haines, Ubuntu Free Culture Showcase for Ubuntu 18.04 LTS is now officially open for submissions, and since Ubuntu 18.04 it’s an LTS (Long-Term Support) version, which Canonical will support for the next five years with software and security updates, it’s more than a wallpaper contest.

            Well, of course, it’s not a contest, because you won’t win any prize besides the fact that your work will be showcased to millions of Ubuntu users worldwide. This time, besides wallpapers, Ubuntu Free Culture Showcase also looks for new video and music files that will be available in the Examples folder of Ubuntu 18.04 LTS’ live installation medium.

          • Introducing the Ubuntu Free Culture Showcase for 18.04

            Ubuntu’s changed a lot in the last year, and everything is leading up to a really exciting event: the release of 18.04 LTS! This next version of Ubuntu will once again offer a stable foundation for countless humans who use computers for work, play, art, relaxation, and creation. Among the various visual refreshes of Ubuntu, it’s also time to go to the community and ask for the best wallpapers. And it’s also time to look for a new video and music file that will be waiting for Ubuntu users on the install media’s Examples folder, to reassure them that their video and sound drivers are quite operational.

            Long-term support releases like Ubuntu 18.04 LTS are very important, because they are downloaded and installed ten times more often than every single interim release combined. That means that the wallpapers, video, and music that are shipped will be seen ten times more than in other releases. So artists, select your best works. Ubuntu enthusiasts, spread the word about the contest as far and wide as you can. Everyone can help make this next LTS version of Ubuntu an amazing success.

          • Ubuntu Core: A secure open source OS for IoT

            Canonical’s Ubuntu Core, a tiny, transactional version of the Ubuntu Linux OS for IoT devices, runs highly secure Linux application packages, known as “snaps,” that can be upgraded remotely.

          • Flavours and Variants

            • Lubuntu 17.04 has reached End of Life

              The Lubuntu Team announces that as a non-LTS release, 17.04 has a 9-month support cycle and, as such, reached end of life on Saturday, January 13, 2018. Lubuntu will no longer provide bug fixes or security updates for 17.04, and we strongly recommend that you update to 17.10, which continues to be actively supported with security updates and select high-impact bug fixes.

  • Devices/Embedded

Free Software/Open Source

  • Open Source turns 20

    While open source software is ubiquitous, recognized across industries as a fundamental infrastructure component as well as a critical factor for driving innovation, the “open source” label was coined only 20 years ago.

    The concept of open source software – as opposed to free software or freeware – is credited to Netscape which, in January 1998, announced plans to release the source code of its proprietary browser, Navigator, under a license that would freely permit modification and redistribution. This code is today the basis for Mozilla Firefox and Thunderbird.

    The Open Source Initiative (OSI) regards that event as the point at which “software freedom extended its reach beyond the enthusiast community and began its ascent into the mainstream”.

  • Coreboot 4.7 Released With 47 More Motherboards Supported, AMD Stoney Ridge

    Coreboot 4.7 is now available as the latest release of this free and open-source BIOS/UEFI replacement.

    Coreboot 4.7 is the latest tagged release for this project developed via Git. This release has initial support for AMD Stoney Ridge platforms, Intel ICH10 Southbridge support, Intel Denverton/Denverton-NS platform support, and initial work on supporting next-gen Intel Cannonlake platforms.

  • Google’s Kelsey Hightower talks Kubernetes and community

    Google developer advocate Kelsey Hightower says that he always figured that the (now wildly successful) Kubernetes container orchestration platform “would get big on its own at some point.” He shared some of the reasons he sees for Kubernetes’ success in a podcast recorded in December at CloudNativeCon in Austin.

    The first is that Kubernetes is an effective platform on which to do other things. It provides “better primitives than I had before” as Hightower puts it. At the same time, he says that this is something people misunderstand about Kubernetes. “It’s not the end game,” he says. Rather, at some point, it increasingly becomes “the new platform for building other platforms.”

  • A FOSS Year Resolution

    It’s that time of year again. The time when some people are taking a long hard look at their lives and trying to decide what they want to change about themselves over the course of the next year. Some of us want to lose weight, or exercise more, or spend more time with our kids. The trouble is only about 9% of these resolutions actually happen.

  • Events

    • Dr. Lovesource: Or how I learned to stop worrying and love the open

      I used to write code. I don’t anymore. There are lots of reasons for this, including the fact that I wasn’t very good at it. To clarify, I was, I think, good at writing code,1 but I wasn’t very good at writing code.2 It turns out that I’m quite good at a variety of other things, so my career3 moved in a different direction—or, in fact, a variety of different directions. After a number of roles ranging from “Electronic Information Controller” to “Product and Programme4 Manager” through software engineering and pre-sales, I finally settled into something called “architecture.” Which means that I mainly draw boxes and lines on whiteboards and expect people who are very good at writing code to make the boxes “real.”

    • Thank you CUSEC!

      Last week, I spoke at CUSEC (Canadian Undergraduate Software Engineering Conference) in Montreal. I really enjoy speaking with students and learning what they are working on. They are the future of our industry! I was so impressed by the level of organization and the kindness and thoughtfulness of the CUSEC organizing committee who were all students from various universities across Canada. I hope that you all are enjoying some much needed rest after your tremendous work in the months approaching the conference and last week.

    • Percona Announces Sneak Peek of Conference Breakout Sessions for Seventh Annual Percona Live Open Source Database Conference
    • Do not limit yourself

      The motto of Learn yourself, teach others is still very strong among us. We try to break any such stupid limits others try to force on our lives. We dream, we try to enjoying talking about that book someone just finished. We discuss about our favorite food. I will end this post saying one thing again. Do not bound yourself in some non existing limits. Always remember, What a great teacher, failure is (I hope I quoted Master Yoda properly). Not everything we will try in life will be a super successful thing, but we can always try to learn from those incidents. You don’t have to bow down in front of anyone, you can do things you love in your life without asking for others’ permissions.

    • Benjamin Mako Hill: OpenSym 2017 Program Postmortem

      The International Symposium on Open Collaboration (OpenSym, formerly WikiSym) is the premier academic venue exclusively focused on scholarly research into open collaboration. OpenSym is an ACM conference which means that, like conferences in computer science, it’s really more like a journal that gets published once a year than it is like most social science conferences. The “journal”, in iithis case, is called the Proceedings of the International Symposium on Open Collaboration and it consists of final copies of papers which are typically also presented at the conference. Like journal articles, papers that are published in the proceedings are not typically published elsewhere.

  • Web Browsers

    • Chrome

      • Bromite Is the New NoChromo — Open Source Chrome Port with Ad Blocking

        A while back, we told you about NoChromo, a no-root ad-blocking browser based on Google Chrome’s open source code base, Chromium. That browser was wildly successful, as it offered an identical interface to regular Chrome, but without any ads. Sadly, the developer abandoned NoChromo, but a new ad-blocking Chromium port called Bromite has been released to fill its void.

    • Mozilla

      • Firefox 60 Product Integrity Requests Report

        Late last year I was putting out weekly reports on the number of requests Mozilla’s Product Integrity group was receiving and how well we were tracking toward our self-imposed service-level agreement (respond to 90% within 48 hours).

        The initial system we set up was only ever intended to be minimally viable and has not scaled well, although that’s probably to be expected. There’s been quite a lot of growing pains so I’ve been tasked with taking it to the next level.

      • Tab Warming: How Firefox Will Improve Web Browsing Experience? How To Get It Now?

        Mozilla developer Mike Conley described the details about Tab Warming in a post on his personal blog. It will improve tab switching by pre-loading the contents of a tab before it gets displayed in front of the users.

      • NVDA and Firefox 58 – The team is regaining strength

        A week before the Firefox 57 “Quantum” release in November, I published an Article detailing some bits to be aware of when using Firefox and the NVDA screen reader together. In Firefox 58, due on January 23, 2018, the reliable team is regaining strength in playing well together and offering you good and fast web accessibility.

        After the Firefox 57 release, due to many changes under the hood, NVDA and Firefox temporarily lapsed in performance. Statistics quickly showed that about two thirds of the NVDA user base stayed with us despite of this. So to all of you who stuck with us on this difficult release: Thank you! Many of the others moved to the extended support release of Firefox 52. Thank you to those of you as well, you decided to stick with Firefox! Also, statistics show that barely any of those of you who stuck with 57 decided to turn off multi-process Firefox, but instead used the new technology, and some of you even reported problems to us.

  • Pseudo-Open Source (Openwashing)

  • Funding

    • The Universal Donor

      A few people reacted negatively to my article on why Public Domain software is broadly unsuitable for inclusion in a community open source project. Most argued that because public domain gave them the rights they need where they live (mostly the USA), I should not say it was wrong to use it.

      That demonstrates either parochialism or a misunderstanding of what public domain really means. It should not be used for the same reason code known to be subject to software patents should not be used — namely that only code that, to the best efforts possible, can be used by anyone, anywhere without the need to ask permission (e.g. by buying a patent license) or check it it’s needed (e.g. is that PD code PD here?) can be used in an open source project. Public domain fails the test for multiple reasons: global differences in copyright term, copyright as an unalienable moral rather than as a property right, and more.

      Yes, public domain may give you the rights you need. But in an open source project, it’s not enough for you to determine you personally have the rights you need. In order to function, every user and contributor of the project needs prior confidence they can use, improve and share the code, regardless of their location or the use to which they put it. That confidence also has to extend to their colleagues, customers and community as well.

  • FSF/FSFE/GNU/SFLC

    • GCC 8.0 Moves On To Only Regression/Documentation Fixes

      The GCC 8 compiler is on to its last stage of development

    • Retpoline-enabled GCC

      There will be upstream backports at least to GCC 7, but probably pretty far back (I’ve seen people talk about all the way to 4.3). So you won’t have to run my crappy home-grown build for very long—it’s a temporary measure. :-)

      Oh, and it made Stockfish 3% faster than with GCC 6.3! Hooray.

  • Programming/Development

Leftovers

  • Nokia, Optus seal 5-year network deal

    Under the deal, Nokia will provide network operations and software services, and deploy robotics, artificial intelligence and extreme automation to help Optus standardise and scale its operations, while Nokia Field Services will manage all components of work associated with mobile base station equipment and facilities.

  • Science

    • Pollution is endangering the future of astronomy

      Three sources of pollution — space debris, radio interference and light pollution — already are particularly worrisome. And the situation is getting worse.

    • Novel 3-D printing technique yields high-performance composites

      Since ancient civilizations first combined straw and mud to form bricks, people have fabricated engineered composites of increasing performance and complexity. But reproducing the exceptional mechanical properties and complex microstructures found in nature has been challenging.

    • Blood-vessel-on-a-chip provides insight into new anti-inflammatory drug candidate

      One of the most important and fraught processes in the human body is inflammation. Inflammatory responses to injury or disease are crucial for recruiting the immune system to help the body heal, but inflammation can also cause an increase in the production of thrombin, which can lead to dangerous blood clots and other conditions. Activated protein C (APC) is a naturally occurring anti-coagulant protein with anti-inflammatory and other protective effects that has been used medically to treat severe blood infections and wounds; however, its use is limited because its inhibition of thrombin also impacts the blood’s ability to clot, increasing bleeding risk.

    • Device creates negative mass—and a novel way to generate lasers
    • Light may unlock a new quantum dance for electrons in graphene

      A team of researchers has devised a simple way to tune a hallmark quantum effect in graphene—the material formed from a single layer of carbon atoms—by bathing it in light. Their theoretical work, which was published recently in Physical Review Letters , suggests a way to realize novel quantum behavior that was previously predicted but has so far remained inaccessible in experiments.

      “Our idea is to use light to engineer these materials in place,” says Tobias Grass, a postdoctoral researcher at the Joint Quantum Institute (JQI) and a co-author of the paper. “The big advantage of light is its flexibility. It’s like having a knob that can change the physics in your sample.”

  • Health/Nutrition

    • Suppressing a sneeze can be dangerous, doctors warn

      Stifling a sneeze can rupture your throat, burst an ear drum, or pop a blood vessel in your brain, researchers warned on Tuesday.

      Many people – when they feel a sneeze coming on – block all the exits, essentially swallowing the sneeze’s explosive force.

      Just how dangerous this can be was illustrated when a 34-year-old man showed up at the emergency service of a hospital in Leicester, England recently, with a swollen neck and in extreme pain.

    • Trump’s new assistant Drug Czar: a 24-year-old campaign volunteer with no experience, in charge of billions to end the opioid epidemic

      In 2016, Taylor Weyeneth took a break from his studies as an undergrad law student at St John’s University and used the skills he’d acquired organizing a single golf tournament and working in his father’s chia seed factory (closed abruptly when his father went to jail for processing illegal Chinese steroids in the plant) to campaign for Donald Trump. Now Weyeneth, at 24 years old, is the deputy chief of staff for Office of National Drug Control Policy, in charge of billions of dollars in spending to curb the opioid epidemic and fight illegal drug use.

    • Peruvian herders use ancient technology to manage water for the future

      Dams, canals, and reservoirs dating back 3,000 years ago are being revived by alpine herders in partnership with The Mountain Institute in order to more efficiently manage water for pastures and animals.

    • Global drugmakers complain over violations of patent rights in Russia

      Multinational drugmakers operating in Russia have filed a complaint with the Russian Federal Antimonopoly…

  • Security

    • Beware! Fake Spectre & Meltdown Patches Are Infecting PCs With “Smoke Loader” Malware [Ed: Welcome to Microsoft Windows]

      One of the most common tactics employed by notorious cybercriminals involves taking advantage of the popular trends and creating fraudulent websites/apps to trick users. It looks like some of the players have tried to exploit the confusion surrounding Meltdown and Sprectre CPU bugs.

      Forget buggy updates which are causing numerous problems to the users, Malwarebytes has spotted a fake update package that installs malware on your computer. The firm has identified a new domain that’s full of material on how Meltdown and Spectre affect CPUs.

      [...]

      The fake file in the archive is Intel-AMD-SecurityPatch-10-1-v1.exe.

    • An update on ongoing Meltdown and Spectre work

      Last week, a series of critical vulnerabilities called Spectre and Meltdown were announced. Because of the nature of these issues, the solutions are complex and requires fixing delicate code. The fixes for Meltdown are mostly underway. The Meltdown fix for x86 is KPTI. KPTI has been merged into the mainline Linux tree and many stable trees, including the ones Fedora uses. Fixes for other arches are close to being done and should be available soon. Fixing Spectre is more difficult and requires fixes across multiple areas.

      Similarly to Meltdown, Spectre takes advantage of speculation done by CPUs. Part of the fix for Spectre is disallowing the CPU to speculate in particular vulnerable sequences. One solution developed by Google and others is to introduce “retpolines” which do not allow speculation. A sequence of code that might allow dangerous speculation is replaced with a “retpoline” which will not speculate. The difficult part of this solution is that the compiler needs to be aware of where to place a retpoline. This means a complete solution involves the compiler as well.

    • CPU microcode update code for amd64
    • Using a Yubikey for GPG and SSH
    • Inspect curl’s TLS traffic

      Since a long time back, the venerable network analyzer tool Wireshark (screenshot above) has provided a way to decrypt and inspect TLS traffic when sent and received by Firefox and Chrome.

    • Mageia Weekly Roundup 2018 – Week 2

      The year is definitely under way, with an astonishing 412 packages coming through commits – mostly for cauldron, but a few are the last remaining updates for Mageia 5, as well as important security updates for Mageia 6.

      Among those updates are all the kernel and microcode updates – our thanks to tmb and our untiring devs for these – to begin hitting Meltdown and Spectre on the head.

      A big hand for the upstream kernel team, as well as our own packagers, QA testers and everyone else that was involved in getting this tested and released.

    • Fedora Project Continues to Work on Mitigating Meltdown & Spectre Security Flaws
    • Black Lab Enterprise Linux Distro Gets Patches Against Meltdown and Spectre Bugs
    • Linspire and Freespire Linux OSes Now Patched Against Meltdown and Spectre Flaws
    • Gentoo-Based Porteus Kiosk 4.6 Linux OS Released with Meltdown and Spectre Fixes

      orteus Linux developer Tomasz Jokiel announced today the release and immediate availability for download of the Porteus Kiosk 4.6.0 Gentoo Linux-based operating system.

      Including all the upstream security and software updates from the Gentoo Linux repositories as of January 14, 2018, Porteus Kiosk 4.6.0 is powered by the Linux 4.14.13 kernel and includes the Mozilla Firefox 52.5.3 ESR and Google Chrome 63.0.3239.132 web browsers, protecting users against the Meltdown and Spectre security vulnerabilities that have been publicly disclosed earlier this month.

    • Security updates for Monday
    • Secure Contexts Everywhere

      Since Let’s Encrypt launched, the Secure Contexts specification has become much more mature. We have witnessed the successful restriction of existing, as well as new features to secure contexts. The W3C TAG is about to drastically raise the bar to ship features on insecure contexts. All the building blocks are now in place to quicken the adoption of HTTPS and secure contexts, and follow through on our intent to deprecate non-secure HTTP.

    • Linux and Windows Servers Targeted with RubyMiner Malware

      Security researchers have spotted a new strain of malware being deployed online. Named RubyMiner, this malware is a cryptocurrency miner spotted going after outdated web servers.

      According to research published by Check Point and Certego, and information received by Bleeping Computer from Ixia, attacks started on January 9-10, last week.

    • Virtual currency miners target web servers with malware
    • ZAP provides automated security tests in continuous integration pipelines

      Commonly, a mixture of open source and expensive proprietary tools are shoehorned into a pipeline to perform tests on nightly as well as ad hoc builds. However, anyone who has used such tests soon realizes that the maturity of a smaller number of time-honored tests is sometimes much more valuable than the extra detail you get by shoehorning too many tests into the pipe then waiting three hours for a nightly build to complete. The maturity of your battle-hardened tests is key.

    • BitTorrent users beware: Flaw lets hackers control your computer

      There’s a critical weakness in the widely used Transmission BitTorrent app that allows websites to execute malicious code on some users’ computers. That’s according to a researcher with Google’s Project Zero vulnerability reporting team, who also warns that other BitTorrent clients are likely similarly susceptible.

      [...]

      Among the things an attacker can do is change the Torrent download directory to the user’s home directory. The attacker could then command Transmission to download a Torrent called “.bashrc” which would automatically be executed the next time the user opened a bash shell. Attackers could also remotely reconfigure Transmission to run any command of their choosing after a download has completed. Ormandy said the exploit is of “relatively low complexity, which is why I’m eager to make sure everyone is patched.”

    • AMD Releases Linux and Windows Patches for Two Variants of Spectre Vulnerability

      AMD has published a press announcement on Thursday to inform its customers that it released patches for two variants of the Spectre security vulnerability disclosed to the public earlier this month.

    • ‘Shift Left’: Codifying Intuition into Secure DevOps

      Continuous delivery (CD) is becoming the cornerstone of modern software development, enabling organizations to ship — in small increments — new features and functionality to customers faster to meet market demands. CD is achieved by applying DevOps practices and principles (continuous integration and continuous deployment) from development to operations. There is no continuous delivery without implementing DevOps practices and principles. By that, I mean strong communication and collaboration across teams, and automation across testing, build, and deployment pipelines. But often achieving continuous delivery to meet market demands presents numerous challenges for security.

    • Purism patches Meltdown and Spectre variant 2, both included in all new Librem laptops

      Purism has released a patch for Meltdown (CVE-2017-5754, aka variant 3) as part of PureOS, and includes this latest PureOS image as part of all new Librem laptop shipments. Purism is also providing a microcode update for Intel processors to address Spectre variant 2 (CVE-2017-5715).

    • Intel Fumbles Its Patch for Chip Flaw

      Intel is quietly advising some customers to hold off installing patches that address new security flaws affecting virtually all of its processors. It turns out the patches had bugs of their own.

    • Wi-Fi Alliance announces WPA3 to secure modern networks

      The Consumer Electronics Show (CES) is an odd place to announce an enterprise product, but the Wi-Fi Alliance used the massive trade show — which has more or less taken over where Comdex left off — to announce a major upgrade to Wi-Fi security.

      The alliance announced the Wi-Fi Protected Access 3 (WPA3), a new standard of Wi-Fi security that greatly increases the security capabilities of the wireless standard. WPA2, which is the current standard in wireless security, has been around for 14 years, so this is way overdue.

    • More iOS 11 Jailbreak Tweaks Could Be Released by the Weekend

      The Electra jailbreak tool is better than LiberiOS because it comes with Substitute. This is the alternative to Cydia substrate that was first developed by Comex. This would allow users to install and use jailbreak tweaks compatible to iOS 11.

    • Hospital [sic] sent offline as hackers infect systems with ransomware, demand payment [iophk: "Windows"]
    • Reproducible Builds: Weekly report #142
    • Spectre and Meltdown patches causing trouble as realistic attacks get closer

      Applications, operating systems, and firmware all need to be updated to defeat Meltdown and protect against Spectre, two attacks that exploit features of high-performance processors to leak information and undermine system security. The computing industry has been scrambling to respond after news of the problem broke early a few days into the new year.

      But that patching is proving problematic. The Meltdown protection is revealing bugs or otherwise undesirable behavior in various drivers, and Intel is currently recommending that people cease installing a microcode update it issued to help tackle the Spectre problem. This comes as researchers are digging into the papers describing the issues and getting closer to weaponizing the research to turn it into a practical attack. With the bad guys sure to be doing the same, real-world attacks using this research are sure to follow soon.

    • Finnish firm detects new Intel security flaw

      new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday.

      F-Secure said in a statement that the flaw had nothing to do with the “Spectre” and “Meltdown” vulnerabilities recently found in the micro-chips that are used in almost all computers, tablets and smartphones today.

      Rather, it was an issue within Intel Active Management Technology (AMT), “which is commonly found in most corporate laptops, (and) allows an attacker to take complete control over a user’s device in a matter of seconds,” the cybersecurity firm said.

    • What is RubyMiner? New malware found targeting Windows and Linux servers to mine cryptocurrency
    • BitTorrent flaw could let hackers take control of Windows, Linux PCs

      According to Project Zero, the client is vulnerable to a DNS re-binding attack that effectively tricks the PC into accepting requests via port 9091 from malicious websites that it would (and should) ordinarily ignore.

    • BitTorrent critical flaw allows hackers to remotely control users’ computers

      A critical flaw in the popular Transmission BitTorrent app could allow hackers to remotely control users’ computers. The flaw, uncovered by Google Project Zero security researchers, allows websites to execute malicious code on users’ devices. Researchers also warned that BitTorrent clients could be susceptible to attacks as well if the flaw is leveraged.

  • Defence/Aggression

    • Army Strategist Exposes The Disturbing Parallels Between US Domestic Policing & Military Tactics Abroad

      Nonetheless, take a moment to consider the ways in which counterinsurgency abroad and urban policing at home might, in these years, have come to resemble each other and might actually be connected phenomena

    • There are indicators of one other India-China border spat

      India considers Arunachal Pradesh, lying east of Bhutan, to be one of its 29 states, but China claims the area as part of southern Tibet. The territory, a key focus of a 1962 war fought between the Asian giants, lies along the Sino-Indian border, which is represented by a demarcation line called the Line of Actual Control.

    • The Pope welcomes Sunni migrants while Sunni Islamists seek to cleanse Egypt, Iraq, and Syria of Christians

      Even when the Pope went to Bangladesh and Myanmar he failed to mention the plight of Buddhists and Hindus throughout history and the ongoing reality of mass Bengali Muslim migration that is overwhelming indigenous Buddhists and Hindus in the Chittagong Hill Tracts in Bangladesh. Likewise, in Rakhine, it seems that the deaths of Buddhists, Hindus, the Mro, and others, in this part of Myanmar don’t count to the current Pope – and the same applies to other Christian denominations and the mass media.

    • From Pakistan with hate: Hindus murdered, converted, forced to flee

      “Families of weaker communities specially Meghwals which comprise 40% of the town’s population are the most vulnerable ones. Young girls are kidnapped and forced to marry Muslims in this village and Saeed’s outfit provide financial help to the perpetrators,” said Rajesh Maheshwari (name changed), who had fled from Mithi leaving behind all his fortune.

    • Isis executioner who threw gay men off buildings bribed his way out of prison in ‘minutes’

      Human rights watch group the Clarion Project described the escape as a “remarkable failure of the Iraqi justice system – [an] Isis religious leader was arrested and released just minutes later after paying a $7,500 [£5,500] bribe.”

    • Finland: Police investigate gay politician once again for posting about Islam…….

      The trial of Finns party chairman, Jussi Halla-aho, cemented the fact that in Finland, truth is not a defense, that in Finland, we have lost the fundamental right to not only defend ourselves, but to speak our minds.

    • Investigation claims terror suspect visited Glasgow to ‘call for jihadis’

      The Times say a BBC documentary may have uncovered proof that Hafiz Saeed visited Scotland in the years before 9/11 and ‘called for jihad’ while speaking at a mosque in Glasgow.

    • Yazidi Children Rescued From IS Getting Psychological Help

      At Qadiya refugee camp near the Iraqi Kurdistan Region’s northern city of Duhok, more than 100 Yazidi boys and girls aged between 4 and 13, who were kidnapped by IS in August 2014, are getting assistance to recover from the psychological harm they sustained under IS control.

    • In North Korea Talks, Tillerson Needs Women at the Negotiating Table

      Secretary Rex Tillerson will be sitting at a table with 20 foreign ministersTuesday discussing how to resolve the North Korean nuclear crisis. These ministers were chosen due to their nations involvement in the Korean War, not their expertise in North Korea. In fact, many of them have never even stepped foot in North Korea.

      Across the street, at the same time, I, along with an international delegation of 16 women representing feminist peace movements from Asia, Europe, and North America, will convene to share their experience, knowledge, and wisdom garnered by working towards achieving peace and genuine security on the Korean Peninsula.

      Drawing upon their collective expertise on militarism, nuclear disarmament, economic sanctions, and the human, social, and ecological costs of the unresolved 65-year Korean War, the delegation will recommend steps that can ensure a lasting peace on the Korean Peninsula. And yet, we can be sure no one at the official table will ever hear what we have to say.

  • Transparency/Investigative Reporting

    • The Assange standoff

      The ongoing standoff with the UK has revealed as much. There is no other wanted individual – who lives within plain sight – on whom over $11 million dollars spent in constant police presence in case he tries to escape. When the rape investigation was shut in May 2017 by Swedish investigations, there was hope that Assange could finally leave the UK. That hope was dissipated with the UK government insisting that he was still a wanted man for evading bail conditions. For the last six months, the UK government has kept the same position, despite Ecuador offering a way out by offering Assange diplomatic status as an Ecuadorian citizen. On its part, Ecuador itself has found itself frustrated with the standoff, with the new Ecuadorian leadership less enamoured with the WikiLeaks head, who has continued to make headlines with new leaks. With WikiLeaks now declared an official media organisation within the UK, the UK government has enough space for being able to back out of the desire to arrest Assange. It must be noted that the UN has declared this to be involuntary detention. Why the UK government is insisting that Assange must face arrest for violating bail conditions is seen by many activists as a disturbing sign. There are fears are that the US has issued a secret extradition order which the UK government wishes to comply with. Holed up in the Ecuador embassy, Assange is a VIP guest who deserves to have his freedom returned and to be able to continue his work.

    • Assange’s New Citizenship ‘Bad Remedy Which Can Prove Worse Than Illness’– Prof.

      Ecuador has recently granted citizenship to WikiLeaks co-founder Julian Assange – a move which is sure to trigger legal political repercussions in the country, argues Andres Mejia Acosta, a professor of international politics at King’s College London, in an interview to Sputnik.

    • Did FPF Board Members Sell Out to Money and Power?

      When the Freedom of the Press Foundation (FPF) was established at the end of 2012, Wikileaks had already faced a barrage of attacks from both the U.S. and Swedish governments, media outlets and movie studios, former Wikileaks volunteers, and banking and financial services institutions like PayPal, Visa and MasterCard who initiated a financial blockade against Wikileaks in December, 2010. When Julian Assange and John Perry Barlow decided to create the FPF it was in direct response to the blockade which was illegal and eating up most of Wikileaks’ revenue. Surprisingly, after its creation three FPF board members were offered cushy journalism and tech jobs courtesy of Pierre Omidyar whose company, PayPal, was directly involved in the financial blockade. Shockingly, they accepted.

    • Why truth has nothing to do with the WikiLeaks upload of Fire and Fury [Ed: Aussie MSM maintains that idea that Wikileaks -- by promoting an anti-Trump book -- is actually helping Trump. How laughable.]

      If ever evidence was needed that Julian Assange and WikiLeaks have lost their bearings, it was their recent action in releasing a free download of Michael Wolff’s Fire and Fury that should have made their state plain to everyone. There was nothing noble or principled about this action: it was petty and vindictive, done to reduce paid sales of the book, and therefore to deny the author and his publisher some income from it.

      It spoke of Assange’s continuing alignment with Donald Trump and his administration, and of his hostility to the Democrats. It may even have been an attempt to curry further favour with Trump, given that Assange is still desperately trying to avoid the risk of being shipped by a third country to America, where he faces serious legal proceedings.

  • Environment/Energy/Wildlife/Nature

    • Warming ocean water is turning 99 percent of these sea turtles female

      The sex ratio in the overall population is “nothing out of the ordinary,” with roughly one juvenile male for every four juvenile females, says study coauthor Michael Jensen, a marine biologist with the National Oceanic and Atmospheric Administration in La Jolla, Calif. But breaking the data down by the turtles’ region of origin revealed worrisome results. In the cooler southern Great Barrier Reef, 67 percent of hatched juveniles were female. But more than 99 percent of young turtles hatched in sand soaked by warmer waters in the northern Great Barrier Reef were female — with one male for every 116 females. That imbalance has increased over time: 86 percent of the adults born in the area more than 20 years ago were female.

    • Elephants are irreplaceable seed dispersers

      Wild animals play specific roles in the ecosystem, but what happens when they disappear? Using a combination of field data and theoretical modelling, scientists find that no herbivore can replace Indian elephants as the optimal seed dispersers of three large forest trees in West Bengal.

    • When wildlife conservation meets war

      The researchers from 2016 concluded that we need better, more fine-grained data on the impacts of conflict, and a new paper in this week’s Nature drills into historical data to provide just that. Authors Joshua H. Daskin and Robert M. Pringle report that “even low-grade, infrequent conflict is sufficient” to cause harm to wildlife. But they also conclude that the mere presence of conflict doesn’t mean that the wildlife in that region should be written off.

    • In early push into Papua, palm oil firms set stage for massive forest plunder

      All of this has been allowed to happen with the blessing of the government, which is already resented by much of the Papuan population following decades of exploitation of the region’s riches with little of that wealth being invested back into the community. Papua and West Papua today have the highest levels of poverty in Indonesia and score lowest on human development parameters such as education, literacy, and maternal and infant mortality.

    • Cargill takes rare step of cutting business with Guatemalan palm oil supplier

      In late November, Cargill suspended business with Reforestadora de Palmas del Petén S.A. (REPSA), saying it would not enter any new purchase contracts until the Guatemalan company can meet the “requirements of our sustainable palm oil policy,” said a Cargill review laying out the decision.

    • Coral reefs head for ‘knock-out punch’

      A study of 100 reefs, published in Science Magazine, shows the interval between bleaching events in recent decades has shortened dramatically.

      It has gone from once every 25-30 years in the early 1980s to an average of just once every six years today.

      Bleaching is caused by anomalously warm water, which prompts coral polyps to eject their symbiotic algae.

    • Study: Honeybees’ Attraction to Fungicide ‘Unsettling’ for Food Output

      Tests carried out by a team from the University of Illinois showed bees preferred to collect sugar syrup laced with the fungicide chlorothalonil over sugar syrup alone.

    • Quarter of British honey contaminated with bee-harming pesticides, research reveals

      Although the contamination rate has fallen from a half since a partial EU ban the insecticides remain in the farmed environment posing a serious risk to bees

    • Accidental Discovery Could Save Bees From Their Greatest Threat

      German scientists primarily based out of the University of Hoffenheim have stumbled upon a simple solution that could deal a blow to honeybees’ greatest threat. They’ve found that a tiny dose of the compound lithium chloride kills Varroa destructor mites without harming bees.

      The scientists detailed their incredible findings in the January 12th publication of Scientific Reports.

    • The Buzz Fades

      Under-resourced in an overworked agricultural system, honeybee colonies are gradually failing in most temperate regions.

    • California’s Owls Being Exposed to Rat Poison

      Researchers suspect the source of the toxins may be some of the state’s 50,000 or so marijuana farms.

    • Trump’s offshore oil drilling plans ignore the lessons of BP Deepwater Horizon

      Our panel concluded that the immediate cause of the blowout was a series of identifiable mistakes by BP, the company drilling the well; Halliburton, which cemented the well; and Transocean, the drill ship operator. We wrote that these mistakes revealed “such systematic failures in risk management that they place in doubt the safety culture of the entire industry.” The root causes for these mistakes included regulatory failures.

    • On its 100th birthday in 1959, Edward Teller warned the oil industry about global warming

      And so, at its hundredth birthday party, American oil was warned of its civilization-destroying potential.

    • World could run out of chocolate by 2050 but there might be a way to save it

      The cacao plant responsible for producing these seeds is having trouble surviving and is likely to become extinct in the next 40 years, according to a report by the US National Oceanic and Atmospheric Administration (NOAA).

      These plants grow in very specific conditions and areas – within 10 degrees north and south of the equator – featuring nitrogen-rich soil, lots of humidity and abundant rainfall. Typically, more than half of the world’s chocolate comes from Côte d’Ivoire, Ghana and Indonesia.

    • Five demands for climate change justice

      Two years on from the Paris Agreement, what should governments be doing to take climate change seriously?

      In the run-up to the second anniversary of the Paris Agreement and in parallel to the UN Climate Convention in Bonn, climate justice campaigners and lawyers from six continents met to co-ordinate five clear legal demands for local, regional and national governments.

    • Expect EPA chief Scott Pruitt’s reckless spending to continue in 2018

      Regarding EPA, and according to this White House, fossil fuel energy lobbyists are in, and federal scientists and engineers are out.

    • The terrible power of plastic is that it quickly becomes useless but never goes away

      It isn’t just plastic, of course. Broken glass and rusted metal are also common landscape pollution, but plastic is the ugliest; the terrible power of plastic is that it quickly becomes useless but never goes away.

    • Iceland supermarket chain aims to be plastic free by 2023

      Supermarket chain Iceland has said it will eliminate or drastically reduce plastic packaging of all its own-label products by the end of 2023.

      Iceland says the move will affect more than a thousand own-label products.

      New ranges will be packaged using a paper-based tray, rather than plastic.

      It follows recent outcries over the packaging of cauliflower “steaks” and coconuts, and Sir David Attenborough’s Blue Planet programme, which showed vivid images of plastic pollution.

    • Wild Whale Rushes To Save Diver From Giant Shark

      Back in October, Hauser was diving off near the Cook Islands, in the South Pacific, with a camera crew who wanted to film her in the water alongside humpback whales. In an unusually persistent manner, one whale swam right up and began nudging her with his mouth and chin, seemingly trying to tuck her underneath his pectoral fin.

  • Finance

    • Bid to block cryptocurrency regulation in South Korea

      The South Korean Government’s attempts to regulate the use of cryptocurrencies has led to mounting support for a petition seeking to stop the efforts at curbing use of such currencies.

    • The success or failure of Brexit hinges on the next two and a half months

      In terms of Brexit, 2018 starts with a sense of cautious optimism. The confidence and bluster that prevailed in early 2017 was gradually replaced with a conciliatory approach from the UK and the ruling out of a no-deal scenario. But it’s difficult to shake the sense that we’re experiencing the calm before the storm.

      Considering that the next phase of negotiations will not formally begin until late March – when new guidelines will have been discussed by member states and adopted by the European Commission – the actual trade talks will last no longer than six months. The time from autumn 2018 to March 2019 will be put aside for the ratification of the deal by the European parliament, the European Council, and, potentially, member states’ national parliaments.

      This means that, in practice, this next phase of talks will not contain a great level of detail but will cover the ‘framework for the future relationship’ between the UK and the EU, and will therefore be critical.

    • Facebook Execs Sold $4bn in Stock Last Year

      Facebook’s top executives sold company shares worth more than $4bn in 2017, over double the amount of other execs at some of the largest technology firms in the US.

    • Kentucky the first state to fulfill Trump’s vision of a nation of uninsured poor people

      Remember when Kentucky was the big success story, along with Arkansas, in healthcare? When it was leading the nation in reducing the number of uninsured people? Well, thanks to the Republican takeover of the governorship there and the White House, that’s all over now. So’s the $820 million the state was expected to save by 2021 in reducing the number of uninsured and making full use of the Medicaid expansion funds available to it.

      On Friday, Kentucky’s Republican governor Matt Bevin was granted a waiver by Trump’s Department Health and Human Services, allowing him to impose new work requirements on people receiving or applying for Medicaid in his state.

    • The three-stage plan to stop Brexit

      In early June 2016, a few weeks before the EU referendum, the board members of the Stronger In campaign sat around a table to discuss how the campaign was going. As usual we were presented with evidence from polling and focus groups showing that ‘swing voters’ would respond to warnings about the financial impact of Brexit on their lives. On polling day, people wouldn’t vote against their own self-interest, we were assured.

      But they did.

      As the post-referendum months roll by, and the stark reality of what Brexit means becomes increasingly clear, we’re given almost daily reminders of the profound failure of the Remain campaign to tell a story convincing enough to persuade people to vote against economic disaster. The Brexit vote has already cost the UK economy £300m a week. Food prices are growing at their fastest rate in four years. Inflation is over three per cent for the first time in nearly six years. Applications from EU nurses to work in the UK have fallen by 89% since the referendum.

    • What next for Labour’s factions?

      As expected, the Momentum slate swept the board again at Labour’s NEC elections. This means they now hold all nine constituency positions as well as controlling other internal bodies such as the Conference Arrangements Committee. It all sounds incredibly boring, largely because, for the most part, it is.

      You have to be a truly dedicated political activist to care much about internal elections. Even party members don’t very much, which is why turnout (other than for leadership contests) is always so low. You will probably hear a lot from the losing factions about turnout numbers, but then you always do. Whoever happens to be the losing faction at that time will always make that argument. When they start winning again they’ll do naff-all to change it.

      [...]

      I suspect deselections will turn out to be a damp squib with a few symbolic victories but not enough to truly alter the overall shape of the Parliamentary party or more than a handful of councils. But opening up policy-making to the membership may well come back to haunt a leadership that finds itself at odds with their most enthusiastic supporters over Brexit.

    • Britain can still stop Brexit and change its mind, EU Council President Donald Tusk declares

      Donald Tusk made the startling comments just days after a shock poll found Remain would win by 10 points in a re-run of the EU referendum .

      He told MEPs in Strasbourg: “If the UK Government sticks to its decision to leave, Brexit will become a reality – with all its negative consequences – in March next year unless there is a change of heart among our British friends.

      “Wasn’t it David Davis himself who said ‘if a democracy cannot change its mind, it ceases to be a democracy’?”

  • AstroTurf/Lobbying/Politics

    • A brief history of how the rich world brutalized and looted Haiti, a country the US owes its very existence to

      Haiti (then called Saint-Domingue) was France’s most brutal, most profitable colony, a tiny island that supplied 75% of the world’s sugar, sending more wealth to France than the all 13 of the original US colonies combined.

    • Without Haiti, the United States Would, in Fact, Be a Shithole
    • Sweden to create new authority tasked with countering disinformation

      The new “psychological defence” (psykologiskt försvar) authority was announced by Prime Minister Stefan Löfven during his speech at the annual ‘Folk och försvar’ security conference in Sälen. It is based on a proposal by the cross-party parliamentary Defence Commission (Försvarsberedningen).

    • Reps. Maxine Waters and John Lewis Are Boycotting Trump’s State of the Union Speech

      President Donald Trump’s State of the Union address is scheduled to take place on January 30, 2018, but several notable politicians will not be in attendance. As noted by The Hill, Rep. Maxine Waters (D), Rep. John Lewis (D), and Rep. Earl Blumenauer (D) have all vowed to boycott Trump’s speech — and there are likely to be more names to follow.

      On Friday, January 12, Waters appeared on MSNBC’s All In with Chris Hayes, where she explained her decision to stay home from the event. “Why would I take my time to go and sit and listen to a liar?” she said, referring to the many statements Trump has said that are proven to be false. “Someone who lies in the face of facts, someone who can change their tune day in and day out. What does he have to say that I would be interested in?” Waters added that she doesn’t trust or appreciate Trump, adding that he “does not deserve my attention.”

    • Facebook’s Adam Mosseri on Why You’ll See Less Video, More From Friends

      Facebook on Thursday announced sweeping changes to the way it plans to manage the newsfeed, the front door to the service for its 2 billion monthly users. Under the new regime, Facebook says users will see more content from friends and family, and less from brands and publishers. The new algorithm also will favor content that draws a lot of comments over posts that are popular, but don’t elicit comments.

    • I was Mark Zuckerberg’s mentor. Today I would tell him: your users are in peril

      Users can have significant influence on internet companies, but only if they stop using the platform. More than 2 billion people worldwide use social media; two-thirds of them use Facebook every day. A scary percentage of smartphone owners exhibit signs of addiction. They can’t quit.

    • Democrats and the End(s) of Politics

      The Democrats’ failure of political understanding regarding Mr. Trump isn’t that voters are crass (deplorable?) but rather that conflating technocracy with intelligence and sophistication confuses style with substance. Donald Trump is the prototypical, iconic if you will, beneficiary of the national Democrats’ policies. As was said of George W. Bush, Mr. Trump was born on third base but believes he hit a home run. But if he is undeserving of the Democrats’ largesse, who precisely, are the deserving kleptocrats?

    • South Africa to formally protest Trump’s ‘s—hole’ comment

      South Africa is planning to formally protest President Trump’s reported remarks referring to Haiti, El Salvador and some African nations as “shithole countries.”

      South Africa’s government on Monday is expected to issue a diplomatic protest to the U.S. Embassy in Pretoria, CNN reported.

      “The Department will provide an opportunity to the Charges de Affaires to explain the statement that African countries, alongside Haiti and El Salvador, constitute ‘shitholes’ from where migrants into the United States are undesirable,” the South African Department of International Relations said in a statement.

    • Warren-Sanders Democrats vs Oprah: “One billionaire president in a decade is going to be plenty for us”
    • Norwegians suffer from desperate shortage of parking, will come to America in droves

      The President of the United States, discussing immigration, recently said “We should have more people from Norway.” This is a wonderful gesture; he must have been spending his executive time watching the shocking Streetfilms documentary Oslo: The Journey to Car-free and learned about the tragic destruction of parking spaces there.

    • Intel underfoot: Floor sensors rise as retail data source

      In this photo taken Dec. 5, 2017, Scanalytics co-founder and CEO Joe Scanlin holds a smart floor sensor his company creates that track people’s movements in Milwaukee. The sensors are among the tools retailers are using to gain insights on consumer habits.

  • Censorship/Free Speech

    • Hardline Muslims Rally Outside Facebook’s Indonesian HQ
    • Narayanganj man held for posting images defaming Quran on Facebook
    • Facebook: Championing Blasphemy Laws
    • Activist detained in Lahore to prevent her from commemorating Salman Taseer

      The agents prevented her from organising a prayer vigil to commemorate the seventh anniversary of the assassination of Salman Taseer, a Punjab governor killed by his bodyguard in 2011 for defending Asia Bibi and challenging the “black law” on blasphemy.

    • Maldives activist ‘fears for life’ amid blasphemy investigation

      Shahindha Ismail, executive director of Maldives Democracy Network (MDN), told Al Jazeera that anonymous accounts on Twitter and Facebook have been calling for her death, after a newspaper article and religious scholars accused her of advocating for secularism in the Sunni Muslim state.

    • Publisher Defied Trump to ‘Defend the Principles of the First Amendment’

      “Though your letter provides a basic summary of New York libel law, tellingly, it stops short of identifying a single statement in the book that is factually false or defamatory,” an outside lawyer for Henry Holt wrote. “Instead, the letter appears to be designed to silence legitimate criticism. This is the antithesis of an actionable libel claim.”

    • Facebook announces major plan to censor news content

      Facebook is currently a major source of news for hundreds of millions of people throughout the world. The number of global Facebook users has increased from 100 million in 2008 to more than 2 billion. According to a Pew Research poll last November, 45 percent of Americans use Facebook for news content, more than any other social media platform. It has become a significant mechanism for the organization of protests and the spread of information outside of the control of the major media conglomerates. It is this that Facebook, working closely with the major capitalist states, wants to end.

    • Facebook’s new policy on posts may make ads more expensive

      Facebook’s decision to prioritise posts made by users and their friends over those from publishers and brands is likely to make it more expensive for marketing agencies to push their clients’ products.

    • Palace: No media censorship on Rappler

      THE decision of the Securities and Exchange Commission (SEC) to revoke the license to operate of online news organization Rappler because it allegedly violated the Constitution on ownership is not media censorship, Malacanang said on Tuesday.

      Palace spokesman Harry Roque was referring to the SEC ruling that found Rappler in violation of the provision requiring 100 percent Filipino ownership of a mass media entity.

    • SEC revokes Rappler’s registration

      In a blow to press freedom in the Philippines, the Securities and Exchange Commission (SEC) revoked the registration of news organization Rappler allegedly for violating the Constitution and the Anti-Dummy Law.

      SEC accused Rappler of violating constitutional restrictions on ownership and control of mass media entities because of funds coming Omidyar Network, a fund created by eBay founder and entrepreneur Pierre Omidyar. (READ Rappler’s statement: Stand with Rappler, defend press freedom)

      “The En Banc finds Rappler, Inc. and Rappler Holdings Corporation, a Mass Media Entity and its alter ego, liable for violating the constitutional and statutory Foreign Equity Restriction in Mass Media, enforceable through laws and rules within the mandate of the commission,” the SEC en banc said in its decision dated January 11 but published on its website Monday, January 15.

    • Facebook blocks sharing of WSWS anti-censorship video

      Facebook has blocked users from sharing a social media video promoting the January 16 online meeting “Organizing resistance to Internet censorship,” featuring World Socialist Web Site International Editorial Board Chairman David North and Pulitzer Prize-winning journalist Chris Hedges. The initial post of the video, uploaded Friday, cannot be shared by any user. Those who attempt to do so receive an error message that seems to imply a technical failure.

    • ‘Fake news’ law raises censorship concerns in France

      Can a democratic country outlaw fake news?
      France is about to find out, after President Emmanuel Macron ordered a law to quash false information disseminated around electoral campaigns.

      Criticism is pouring in from media advocates, tech experts — and Kremlin-backed broadcaster RT. They say the law smacks of authoritarianism, would be impossible to enforce and is sure to backfire.

    • Commentary: From Fake News to Censorship

      Fake news may be a new term in the realm of politics, but radical animal activists have been using it for years. They sneak onto livestock farms, take undercover video, and then edit it together to tell a story of animal abuse that is not true. With this, they have destroyed the good reputation of many livestock farms, caused serious financial harm, and impacted consumer perception of livestock production. When farmers have tried to get laws passed to stop this tactic, these groups cry censorship and hide behind the first amendment. Yet, now these groups are using censorship as a new weapon against the animal industry.

      The web site TripAdvisor provides ratings and reviews of hotels, resorts, restaurants, cruises, and entertainment destinations. You can even book reservations and tickets to many of these destinations. Starting in 2017 TripAdvisor entered into an alliance with PETA. TripAdvisor is no longer selling tickets for certain attractions that involve animals, such as elephant rides or swimming with dolphins. This obvious move toward censorship comes despite very high ratings for many of these venues. Many animal attractions are rated highly on TripAdvisor, with travelers reporting the conditions firsthand. In fact, TripAdvisor itself awards a number of venues that have elephants rides or swim-with-dolphins activity a “Certificate of Excellence,” which is awarded to attractions that “consistently earn great reviews from travelers.”

    • MOPPAN, censorship board differ on Rahama Sadau ban

      The leadership of Motion Pictures Practitioners Association of Nigeria (MOPPAN) Kano state chapter has disagreed with the decision of state censorship board over the fate of the Kannywood actress, Rahama Sadau back into the indigenous Hausa movie industry.

      The board, through its executive director Isma’ila Na’abba Afakalla had last week declared willingness to censor Rahama Sadau’s films in what many perceived as a move towards recalling the ace actress into the industry after her ban about two years ago by MOPPAN.

    • ‘One Piece’ Fans Are Confused About Its Latest Censorship

      Censorship and anime have a complicated history. Over the years, dozens of shows have been altered to suit broadcasting regulations in Japan and abroad, but One Piece fans are a bit puzzled about its latest censorship.

    • Play tells ‘Story’ of censorship, segregation

      The real-life incident Jones based his play on is the stuff of drama. When an Alabama senator demanded that “The Rabbit’s Wedding” by Garth Williams be pulled from all libraries in the state on the grounds that it promoted racial integration—one rabbit is black, the other white—Emily Wheelock Reed, director of the Alabama Public Library Services Division, refused. Instead, she had libraries place the book, intended for children ages 3-7, on their reserve shelves.

      “Alabama Story,” which opens Jan. 18 at San Jose’s City Lights Theater Company, follows the confrontation between Reed and the senator (E.O. Eddins in real life, E.W. Higgins in the play) at subsequent library budget hearings. But Jones also created a parallel fictional story line about Joshua and Lily, a black man and a white woman who were childhood friends and are reunited as adults in 1959, when the Civil Rights Movement was just catching fire in the South.

    • Censorship and Appointment Cause Turmoil in Film and Theatre Communities

      A recent attempt to ban a Croatian film from the national public broadcaster and an appointment in the national theatre have brought numerous reactions.

      Reactions keep coming to an attempt by war veterans’ associations to ban the film “The Ministry of Love” (Ministarstvo Ljubavi) from Croatian Radio Television (HRT), as well as to recent statements given by former Culture Minister Zlatko Hasanbegović, who once again called the Croatian Audiovisual Centre (HAVC), which partly financed the film, a clientelist association financed by the citizens who have the right to know which movies are being funded, reports N1 on January 15, 2018.

    • Chinese institute at UMass Boston is accused of promoting censorship

      A group of students, professors, and alumni at UMass Boston has accused a campus academic center with ties to the Chinese government of promoting censorship abroad and undermining human rights and academic freedom.

      The organizer of the objectors said she hopes to convince the university to shut down the campus Confucius Institute altogether.

      “Though marketed as benign language and culture schools, Confucius Institutes use their foothold in prominent academic institutions to influence and steer academic discourse and ultimately take aim to shape public opinion on key political and human rights issues,” the group said in a recent letter to interim Chancellor Barry Mills, asking for a meeting to discuss their concerns.

    • Sir Richard Branson tells Virgin Trains to re-stock Daily Mail after decision criticised as ‘censorship’
    • Richard Branson orders Virgin Trains to restock Daily Mail amid ‘censorship’ accusation
    • Sir Richard Branson tells Virgin Trains to re-stock Daily Mail following ‘censorship’ row
    • PR pros react to Virgin Trains’ reinstatement of Mail: ‘Mature and wise’ – but who really made the decision?
    • Daily Mail to return to Virgin trains after Branson intervenes
    • Sir Richard Branson instructs Virgin Trains to re-stock the Daily Mail after its decision to stop selling the newspaper was blasted as ‘censorship’
    • Virgin Trains will stock Daily Mail newspapers, says Richard Branson in U-turn decision
    • Branson orders UK’s Virgin Trains to re-stock Daily Mail after censorship spat
    • ‘Seen as censorship’: Richard Branson lifts Virgin Trains’ ban on Daily Mail
    • Daily Mail newspaper returns to Virgin Trains after censorship outcry
    • Microsoft and Amazon Enable Censorship Circumvention Tools in Iran. Why Doesn’t Google? [Ed: Stop portraying Microsoft as against censorship. Unlike Google, it appeased China by censoring search!]
    • Statement by Julian Assange opposing Internet censorship will be read at WSWS “Organizing Resistance” Webinar

      WikiLeaks founder Julian Assange has sent the World Socialist Web Site an important statement warning of government and corporate efforts to curtail the democratic exchange of information. He has requested that it be read during the WSWS Webinar, “Organizing Resistance to Internet Censorship.”

    • 6 Tales of Censorship in the Golden Age of Free Speech

      An African American writer calls out racist hate speech—and gets suspended from Facebook. A young adult author watches her unpublished novel ignite a firestorm on Twitter before anyone has even read it. A Muslim civil rights attorney self-censors, and then finds herself hoping that a white man will say what she was thinking. A well-known conservative firebrand suddenly becomes one of the biggest targets of far-right trolls. A Google engineer writes a controversial memo, and instantly becomes a villain to one army of online readers and a hero to another.

    • China disrupts global companies’s web access as censorship bites
  • Privacy/Surveillance

  • Civil Rights/Policing

    • Teacher’s arrest in Louisiana: Another day, another outrage

      The statement by the middle school teacher that “We are doing the work” and “You are making our jobs more difficult” resonates with the daily experiences of working class people in the US and around the world.

      What gives school board officials the right to siphon off resources and shut down protests? Their petty larceny is inspired by far greater larceny, their authoritarian disposition gains sustenance from a broader social environment.

    • Trump’s first year has been the private prison industry’s best

      Here is how the private prison industry fared during Trump’s first year. Today, 65 percent of detainees held by the Department of Homeland Security are housed in privately run facilities. With the administration’s plans to increase the capacity to hold undocumented immigrants behind bars, the private prison industry’s revenues will surely follow suit. And in an unprecedented move, in late 2017, Immigration and Customs Enforcement (ICE) asked for information from contractors who can provide additional immigration detention space in the interior of the nation, in major cities such as Salt Lake City, Chicago, Detroit and St. Paul, along with an expected request for information on contractors who can provide additional capacity along the southern U.S. border in Texas.

    • In America, prisoners with money can pay their way to a nicer stay

      A collaborative investigation by the Los Angeles Times and the Marshall Project found that for $100 a night, inmates in Seal Beach’s pay-for-stay program had access to “amenities that included flat-screen TVs, a computer room and new beds.” The cost also affords inmates “semi-private rooms, single showers and the ability to… make phone calls whenever they want.” In addition to creature comforts, the program lets those with resources buy their way out of serving time in the Los Angeles and Orange County jails, where overcrowding, violence and inhumane conditions are often baked into every jail sentence.

    • Paying a little extra upfront is better than tipping

      In Australia we don’t tip. And if we do, it’s for excellent service only. And the reason we don’t tip is because we respect hospitality workers and believe they should be paid accordingly. Explaining this concept recently to an American friend, I was met with incredulity. But I’m adamant: a culture of expected tips means you’re hurting the very people you’re intending to help.

    • Justice Is “Justice” When It’s Something Wealthy And Connected People Can Buy

      This leads to unequal justice — to people pleading out just to get out of jail when they can’t pay, even when they aren’t guilty:

    • Official Turkish body said it was OK for girls to marry at 9, claims it was only following Islam

      In an online religious glossary intended for the public released earlier this week, Diyanet, as the body is known, stated that these are the earliest ages for children to reach adolescence, and once the threshold of emotional and physical maturity is crossed, they must be allowed to marry “to save themselves from adultery.”

    • UP: Muslim woman given triple talaq over dowry demand
    • Kerala govt orders closure of Kochi school for promoting, teaching communal content
    • Has rape become a weapon to silence atheists in Bangladesh?

      Nirala rejected both Islamism and Hindutva. She co-administered a secular community blog site which she said was shut down by the Bangladeshi government in 2013 following an irrational demand by Islamist groups for the state to execute all atheist bloggers.

    • HASSAN: Iranian protesters are shunning the hijab – let’s join them

      It is only women who have lived under an oppressive Islamic government who know that true progressives should shun the hijab.

      Islamists and their naive supporters have worked hard to portray the hijab as an Islamic symbol and imposed it on Muslim women wherever there is strict sharia law. Yet it is not a symbol of Islam but of Islamism.

    • Greece is limiting the power of sharia law

      Sharia law has applied to Thrace, a poor northern region home to most of Greek’s Muslim minority, for close to a century. This is down to the 1920 treaty of Sevres, following the collapse of the Ottoman Empire, sparking population movements between Greece and Turkey; and the 1923 treaty of Lausanne, which recognized the boundary of modern Turkey. The treaties required that Islamic customs and Islamic religious law apply to thousands of Muslims who remained in Greece and suddenly became Greek citizens.

    • French Secularism Is in Crisis. What Does That Mean for Muslim Youth?

      Three years after the Charlie Hebdo attacks, students in the banlieues debate secularism and the state.

    • Free-range kids are the norm in Germany — are American parents over-protective?
    • Where Is West Papua’s Struggle for Independence From Indonesia Headed?
    • Morning Star badge embroils West Papuan activist
    • Saudi Arabia’s Chance to Create a Liberal Kingdom

      On June 17, 2012, Raif was detained on charges that included apostasy, cybercrime and disobeying his father. According to Saudi law, children can be separated from their parents if they are accused of apostasy. I feared that Raif’s father or my family might deprive me the custody of my children. Raif and I decided that I should leave the country to ensure that our children stay with me. Along with my children, I sought asylum in Canada.

      In May 2014, Raif was sentenced to 10 years in prison and 1,000 lashes, and fined a million Saudi Arabian riyal for creating an online forum for public debate and “insulting” Islam. On Jan. 9, 2015, Raif was struck with 50 lashes in a public square in Jeddah, but the lashing was stopped on medical advice. He remains in prison. Only a pardon from King Salman can get him released.

    • Marriott sacks employee who ‘liked’ Twitter post from Tibet independence group

      Similarly, international fashion brand Zara and medical equipment maker Medtronic were ordered by Shanghai’s internet regulator to update their websites after they too were found to have to referred to Taiwan as a country.

    • Tibetan language campaigner Tashi Wangchuk faces up to 15 years in jail for ‘inciting separatism’

      Tashi Wangchuk, 32, has been detained for nearly two years after being taken away from his home in January 2016, two months after the campaigner spoke to foreign media about his advocacy of Tibetan language education.

    • Nigerian Slaves Beaten, Tied Up With Barbed Wire and Forced to Drink From Toilet in Libya

      The Nigerians, who spent years in Libya trying to buy their way to freedom and across the Mediterranean to Europe, told the BBC how they were raped, starved, beaten and sold as slaves in the war-ravaged country.

    • From former Muslims who became Catholics, and their friends, to His Holiness Pope Francis, about his attitude towards Islam

      Many of us have tried to contact you, on many occasions and for several years, and we have never received the slightest acknowledgement of our letters or requests for meetings. You do not like to beat around the bush, and neither do we, so allow us to say frankly that we do not understand your teaching about Islam [...]

    • Iran Protester Arrested for Taking Off Hijab

      Hailed as sign of liberation amidst silence from feminists on the Left

    • 2 friends who helped Muslim man ‘forcibly convert’ Kerala woman held

      The woman had alleged that Riyaz pretended to be in love with her when she was studying in Bengaluru in 2014 and forced her to convert to Islam and married her.

    • Religious teacher suspended by mosque after arrest on suspicion of inciting child to engage in sexual activity
    • Muslim trainee lawyer beat up girlfriend over fear pregnancy would be revealed

      She added that Mr Imran’s parents, who live in Dubai, told him he had “brought shame to his family and had disowned him” over his relationship with the woman, from Stockton.

    • Ending Mass Incarceration Is a Winner for Politicians

      For decades, politicians competed to see who could push the most draconian criminal justice policies. Jeff Sessions’s announcement this month that he would authorize federal prosecutors to go after pot even in states where it is legal seems ripped straight from that playbook. But the “tough on crime” attorney general may be in for a surprise. In 2018, it turns out, demagoguery about crime no longer packs a political punch. In fact, support for reform may prove to be a sleeper issue in 2018 and 2020.

      This would be a big change. Candidates most prominently began to compete on crime in the tumultuous 1960s. Richard Nixon won with ads showing burning cities and scowling young men, ads crafted by an unknown aide named Roger Ailes. Ronald Reagan launched a “war on drugs.” George H.W. Bush won in 1988 with notorious ads telling the story of Willie Horton, who was allowed out of prison under a weekend furlough program. Bill Clinton in 1992 bragged of his support for the death penalty. These chest-thumping themes were echoed in hundreds of campaigns down the ballot each year.

      Politics driven by fear of crime had direct, destructive social costs. Today, with just under five percent of the world’s population, the U.S. has nearly 25 percent of its prisoners. Black communities bear the brunt, with one in four Black men serving time during their lifetimes.

    • Beyond Vietnam: A Time to Break Silence

      I come to this magnificent house of worship tonight because my conscience leaves me no other choice. I join with you in this meeting because I am in deepest agreement with the aims and work of the organization which has brought us together: Clergy and Laymen Concerned about Vietnam. The recent statement of your executive committee are the sentiments of my own heart and I found myself in full accord when I read its opening lines: “A time comes when silence is betrayal.” That time has come for us in relation to Vietnam.

      The truth of these words is beyond doubt but the mission to which they call us is a most difficult one. Even when pressed by the demands of inner truth, men do not easily assume the task of opposing their government’s policy, especially in time of war. Nor does the human spirit move without great difficulty against all the apathy of conformist thought within one’s own bosom and in the surrounding world. Moreover when the issues at hand seem as perplexed as they often do in the case of this dreadful conflict we are always on the verge of being mesmerized by uncertainty; but we must move on.

    • Animal Cruelty Is a Clear Predictor of Future Violence, So Why Are Perpetrators Merely Slapped on the Wrist?

      But on Nov. 28, 2017, Gallagher received a distressingly light sentence, amounting to a mere slap on the wrist. After pleading guilty to felony animal cruelty charges, Gallagher was sentenced to just four months in county jail, plus five years probation and a ban on owning animals for two decades.

      As District Attorney Singas said in response: “These types of inhumane actions against animals are heinous and unjustifiable, and should serve as a rallying cry for the state to finally enhance penalties for those convicted of felony animal abuse.”

      We at the Animal Legal Defense Fund could not agree more. Animal cruelty must be taken more seriously and the penalties should reflect that seriousness. This is both for the sakes of the animal victims and for the safety of our communities more broadly.

    • ‘Ignorant infidels‘ in U.S. could should be ‘pressured‘ to just accept Islam

      The only reason the public knows what was said inside the Nov. 18 conference at a Holiday Inn in Springfield, Virginia, is because the gathering was infiltrated by Ehsan Rehan, the brave Pakistani-born journalist and editor of who went undercover and captured video and audio.

    • Turkey: 1,000 could be falsely accused of links to cleric

      Turkey has arrested some 50,000 people since the coup and purged 110,000 others from government jobs.

    • “Swatting” didn’t kill a man, police did

      As much as “swatting” is a waste of public resources and an atrocious prank that deserves attention, it’s irresponsible and disingenuous to leave police accountability out of the conversation about the case in Kansas.

    • Mother of “swatting” victim wants cop criminally charged for shooting

      The letter says police have yet to return the family’s front door as well as a computer, two cell phones, and other items that were taken in the wake of last week’s shooting.

    • Attorney: Family of ‘swatting’ victim wants officer charged

      “Justice for the Finch family constitutes criminal charges against the shooting officer and any other liable officers as well as damages against the city of Wichita for the policies and practices of its Police Department,” Stroth said.

    • Enraged off-duty NYPD cop pistol-whips, beats driver in Brooklyn

      Sources said Baror, 24, jumped out of the SUV waving and pointing a gun and shouted, “Don’t you know who the f— I am? I’m NYPD! You don’t f— with the NYPD.”

      Baror then allegedly punched Nacimas and his girlfriend Jaclyn Araiza, 27.

    • Now even refugees are afraid in Sweden: Want to leave Malmö in droves

      Another resident of Malmö sees a connection between violence against women and the image of women in Islam. She is a teacher and says Islamisation is indeed taking place: More girls wear a hijab and more students prefer [assimilate into]the Islamic culture.

    • Mohammed most popular name for newborn boys in the Netherlands for second year in a row

      The name Noah was putatively considered the most popular boy’s name for 2017, having been given to 635 new-born boys in the Netherlands. A journalist from broadcaster Powned did some research into the database, however, and noticed that another name, a non-traditional Dutch name, was slightly more prevalent.

    • FUREY: Hijab hoax girl, family owe Canadians an apology

      On Monday, Toronto Police issued the following brief statement. “After a detailed investigation, police have determined that the events described did not happen,” it read. “Our investigation is concluded and we don’t expect anything further.”

    • Toronto police say hijab-cutting incident didn’t happen

      The story made international headlines and drew public condemnation from Prime Minister Justin Trudeau.

    • Washington State AG Sues Motel 6 For Handing Over Guest Registry Info To ICE

      At some point in the recent past, Motel 6 owners decided they were deputized law enforcement personnel. So what if people paid for a night’s worth of uninterrupted sleep and expected that visits from federal and local officials would be kept to a minimum. These owners — which the Motel 6 corporation takes great pain to point out are “independent” owner/operators — have decided to ingratiate themselves with untrustworthy organizations like ICE… or the local PD.

      Some Motel 6s decided to fax guest lists to police departments every night. Others decided they’d turn over every name that looked slightly non-Caucasian to ICE. In both cases, Motel 6 (the corporation) brought the hammer down, swearing it had never given franchisees the permission to turn guest lists into tip sheets for law enforcement. The post-facto corporate rollback wasn’t enough for Washington’s Attorney General. The state looked into local policies after hearing about rogue ICE relationships in Arizona. It found more of the same occurring in Washington, resulting in a state lawsuit against company for turning guests list into ICE fodder.

  • Internet Policy/Net Neutrality

  • Intellectual Monopolies

    • Copyrights

      • Tickbox Clearly Promotes and Facilitates Piracy, Hollywood Tells Court

        The owner of TickBox TV, a Kodi-powered streaming device, is being sued for copyright infringement by a group of major Hollywood studios plus Amazon and Netflix. The box seller previously argued that it’s operating legally but in a scathing reply the movie companies counter this assertion.

      • US Govt Brands Torrent, Streaming & Cyberlocker Sites As Notorious Markets

        Keeping its annual tradition, the office of the United States Trade Representative has targeted some of the world’s most famous ‘pirate’ sites in its latest report on copyright infringing venues. In addition to torrent sites like The Pirate Bay, RARBG, and RuTracker, hosting sites 4Shared and Openload come in for criticism. Again this year, a list of sites hosted in Switzerland are under attack.

      • Copyright Week 2018: Join Us in Fighting for Better Copyright Law and Policy

        Copyright law shapes the world we live in. It is supposed to encourage progress and creativity, enriching our culture and contributing to the growth of knowledge. However, the law is often used as a blunt instrument by a few prominent actors to preserve their cultural dominance. Less obviously, governments and other large industries have taken to using the law to hide information they don’t want us to see and use or to limit functionality and ownership of software and devices we buy and use. The law shouldn’t work this way. It should serve us all.

        It doesn’t matter if you are a creator or simply someone who enjoys media; an inventor or someone who just wants to use, fix, or tinker with your devices; a researcher or someone who wants to look up information—copyright law impacts all of these things. And, right now, the law is out of whack. It’s balanced in favor of people who want to control things, instead of people who want to share things.

      • EIFL – Libraries: A Trio Of European Court Rulings

        In recent years, the Court of Justice of the European Union (CJEU), Europe’s highest court, has made three important rulings concerning digital library activities in Europe, write Vincent Bonnet and Barbara Stratton.

      • Movie Coalition Ramps Up Fight Against TV Streaming Devices

        The movie studios brought similar claims against the maker of the TickBox in October. The Alliance for Creativity and Entertainment said it was planning more such actions. The TickBox and the Dragon Box are devices known as Kodi boxes, named after the open source software used by many of the systems.

      • Is Copyright Term Extension Finally Done?

        Today’s topic for Copyright Week is Public Domain and Creativity: Copyright policy should encourage creativity, not hamper it. Excessive copyright terms inhibit our ability to comment, criticize, and reworkour common culture.

        Copyright always builds upon the past. The public domain is our shared cultural commons, a near limitless trove of creativity that’s been reused, remixed, and reimagined over centuries to create new works of art and science. The value of the public domain is impossible to overestimate. Contemporary copyright policy should strive to promote, and not diminish, a robust, accessible public domain.

      • Don’t Let Upload Filters Undermine the Public Domain

        We now call that conceptual and legal space the public domain, since works hitherto locked down by private copyright monopolies become freely available to everyone, to enjoy and to re-use as they wish. In doing so, the Statute of Anne fashioned an immensely rich artistic resource that could be drawn upon by later creators. Since all art builds to a lesser or greater degree on the ideas and achievements of those who have come before – nothing emerges in a vacuum – the steady accretion of works in the public domain has formed an ever-larger reservoir from which creators could draw as they wished, with resultant benefits for both them and their audiences.

        Despite the evident power of adding works to this universal resource, the public domain has been under repeated attack. The most direct assault has come from the extension of copyright’s term. All around the world, the length of government protection has moved in one direction only: upwards. From the basic 14 years provided by the Statute of Anne, the copyright ratchet has now brought about a widespread 70 years over and above for the whole lifetime of the creator.

      • The Public Domain Starts Growing Again Next Year, and It’s About Time

        Have you ever wondered how it’s possible for there to be two Jungle Book movies to be in development at the same time? Why everything seems to be based on a work by Shakespeare? Or why it always seems like someone is telling a version of The Wizard of Oz? The answer is that these works are in the public domain, meaning that copyright law no longer prevents other artists from adapting them to create new works.

        One major rationale for copyright is supposedly that, by giving an exclusive set of rights to artists for their work, we incentivize creativity by making it possible for artists to benefit from releasing works to the public. But copyright protection is supposed to be limited, and once it expires, a work enters the public domain, where anyone can use it.

        In the United States, the length of the copyright term has been steadily extended so that published works are effectively copyrighted for 95 years (for corporate works) or until 70 years after an author’s death (for individual works). This has resulted in a public domain that saw increasingly less materials being added to it, limiting the ability of artists to build on works that came before them. The last time Congress changed the law in the 1998 Copyright Term Extension Act, it was applied retroactively. Effectively, it meant that nothing has entered the public domain in the United States for years. January 1, 2019 will mark the end of this dry spell as works first published in 1923 will finally enter the public domain. That mean works like Cecil B. DeMille’s The Ten Commandments and Universal’s silent version of The Hunchback of Notre Dame, two movies released in 1923, will be eligible to join the public domain.

01.15.18

Links 15/1/2018: Linux 4.15 RC8, Wine 3.0 RC6

Posted in News Roundup at 1:00 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Hands on With System76’s Beautiful Linux Distro Pop!_OS

      When I saw that System 76 launched their #TryPopOS campaign last month I knew this was the perfect opportunity to really put Pop!_OS through its paces. I am a proud owner of the Galago Pro, which I purchased the day they launched pre-orders this Spring and it has been my primary computer since then. I use it for everything from writing articles, to browsing the internet, to light gaming, and though the machine as its quirks I am beyond happy with it.

      Back when I ordered the laptop Pop!_OS wasn’t announced yet so my laptop came with stock Ubuntu, which I promptly replaced with Ubuntu GNOME. Since then I have tried a couple different options including Elementary OS, Manjaro GNOME Edition, and most recently I have settled on KDE Neon.

      Everything I have thrown at it has worked great on it so far, but now it is time to try something different. Here is my experience with System 76’s Pop!_OS.

  • Kernel Space

    • LittleFS: A New File-System For ARM Embedded Devices

      LittleFS is a lightweight file-system that’s being developed for embedded systems.

      LittleFS as implied by the name is intended to be a “little” file-system for embedded devices, in particular “Internet of Things” style platforms. LittleFS strives to be a fail-safe file-system that can work with minimal amounts of RAM/ROM, power-loss resilient, and supports wear-leveling for flash memory.

    • Linux 4.15-rc8 Bringing BPF Security Improvements For Fending Speculative Attacks

      With the Linux 4.15-rc8 kernel that is expected for release today as the final step before Linux 4.15, it’s still seeing continued security improvements in the wake of the Spectre CPU vulnerabilities.

      Landing in the mainline Git tree at this stage of the Linux 4.15 kernel cycle were some security features around BPF, the Berkeley Packet Filter and the related and popular Extended BPF (eBPF) virtual machine for the Linux kernel.

    • Linux 4.15-rc8

      Ok, another week has gone by, and here’s the promised rc8.

      I’m still hoping that this will be the last rc, despite all the
      Meltdown and Spectre hoopla. But we will just have to see, it
      obviously requires this upcoming week to not come with any huge
      surprises.

      The patches aren’t huge, but architecture updates do end up being a
      largish part. That’s partly due to the x86 “retpoline” support (well,
      the basic stuff that is uncontested), but also because the powerpc
      people decided they wanted to play too, so there’s some low-level
      kernel entry changes there too. Aren’t we lucky?

      Oh, and there’s a small RISC-V update too.

      But outside of that, we’ve got driver updates (gpu, networking, usb,
      sound, NVMe), some core networking, and some tooling updates (mostly a
      few new x86 selftests). And some random misc fixlets (documentation,
      apparmor, crypto).

      Go forth and test. It all looks pretty solid to me,

      Linus

    • Kernel prepatch 4.15-rc8

      The 4.15-rc8 kernel prepatch is out for testing. Among other things, it includes the “retpoline” mechanism intended to mitigate variant 2 of the Spectre vulnerability. Testing of this change will be hard, though, since it requires a version of GCC that almost nobody has — watch LWN for a full article in the near future.

    • Linux 4.15-rc8 Released As The Last Before Final

      LINUX KERNEL –
      Linus Torvalds has released Linux 4.15-rc8 as the last planned release candidate prior to officially debuting Linux 4.15 next weekend.

      Linux 4.15-rc8 brings some BPF security improvements in the wake of the Spectre CPU vulnerabilities and there is the other smothering of bug/regression fixes too with this weekly Linux 4.15 release candidate.

    • An Incident Worth Noticing: Linux Kernel Mailing List Website Goes Down for Days

      Reality: the website goes down because it is hosted on a home server that suffered a power outage and needed the password to boot. Problem was that owner Jasper was on vacation when this incident happened.

    • Wait, what? The Linux Kernel Mailing List archives lived on ONE PC? One BROKEN PC?

      Spare a thought for Jasper Spaans, who hosts the Linux Kernel Mailing List archive from a single PC that lives in his home. And since things always happen this way the home machine died while he was on holiday.

      The archive was therefore unavailable for much of the weekend, although Linux developers could still use mirrors like Indiana University’s effort.

    • Graphics Stack

      • Some Of What’s Coming For Wayland’s Weston 4.0 Compositor

        Earlier this week ongoing Wayland/Weston release manager Bryce Harrington at Samsung laid out plans for Wayland 1.15 and Weston 4.0. There’s been some push-back on the proposed dates to try to allow some more work to land in these upcoming six month releases to Wayland/Weston, but long story short, these next releases will be here in the near future.

        With Wayland itself quite mature, there isn’t much that’s exciting for end-users about Wayland 1.15. In fact, not many changes at all unless there’s a last-minute rush of new work to land. As is the case these days, most of the interesting work is happening within the Weston compositor space as developers flesh out new functionality and prototype features that will hopefully be picked up by the other Wayland compositors that are becoming widely used on the Linux desktop.

      • Linux Graphics Trends Over The Past Five Years

        Yesterday I posted some Linux hardware statistics going back to 2011 using data collected by the Phoronix Test Suite and OpenBenchmarking.org. Those yearly metrics hadn’t contained any GPU/driver data, but here are those numbers.

        The graphics numbers were omitted from yesterday’s article as I had to make some tweaks to its parser and post-processor due to the wide assortment of graphics driver/hardware combinations, joining the ATI and AMD data, etc compared to the statistics collection on more basic/uniform hardware components. The sample set used was a maximum of 100,000 systems per year with the data being collected through the Phoronix Test Suite and OpenBenchmarking.org.

      • Freedreno Gallium3D Lands A5xx Texture Tiling For Better Performance

        Freedreno lead developer Rob Clark has landed initial support for texture tiling with Qualcomm Adreno A5xx graphics hardware.

    • Benchmarks

      • Debian vs. Ubuntu vs. CentOS vs. openSUSE vs. Clear Linux Post-Meltdown Performance

        With Linux distributions being patched since last week’s Meltdown and Spectre disclosure, here are benchmarks on some of the prominent distributions looking at their performance impact since being patched. Tested from an Intel Core i7 8700K system was CentOS, Clear Linux, Debian, openSUSE, and Ubuntu.

      • GCC 8.0 vs. LLVM Clang 6.0 On AMD EPYC

        At the beginning of January I posted some early LLVM Clang 6.0 benchmarks on AMD EPYC while in this article is comparing the tentative Clang 6.0 performance to that of the in-development GCC 8.0. Both compilers are now into their feature freeze and this testing looked at the performance of generated binaries both for generic x86_64 as well as being tuned for AMD’s Zen “znver1″ microarchitecture.

      • Phoronix Test Suite 7.8 M2 Released As “Folldal” Development Heats Up

        Just one week after Phoronix Test Suite 7.8 Milestone 1, the second development release of 7.8-Folldal is now available for testing.

        Phoronix Test Suite 7.8 M2 is heavier on the end-user facing changes as this quarterly development cycle heats up and also initial planning underway for Phoronix Test Suite 8.0 that in turn will ship this summer.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • 8 KDE Plasma Tips and Tricks to Improve Your Productivity

        KDE’s Plasma is easily one of the most powerful desktop environments available for Linux. It’s highly configurable, and it looks pretty good, too. That doesn’t amount to a whole lot unless you can actually get things done.

        You can easily configure Plasma and make use of a lot of its convenient and time-saving features to boost your productivity and have a desktop that empowers you, rather than getting in your way.

      • Flatpak support in Discover

        People often ask about the state of Flatpak in Discover, so today I’m going to write about that. Thew good news is that Discover’s Flatpak support is very good and getting better all the time. It’s fully production ready and we encourage you to use it!

      • Flatpak Support Is Now “Production Ready” In KDE Discover

        It seems to be a busy weekend for KDE news… The latest is that the Flatpak app sandboxing support formerly known as XDG-App is considered production ready within KDE Discover.

        KDE Discover, the closest thing currently to an “app store” on the KDE desktop and for managing add-ons and installing other packages, now has vetted Flatpak support. Going back a year KDE Discover has been working on Flatpak support as well as Ubuntu Snap/Snappy support but now the Flatpak support is in good standing.

      • Release of KDE Frameworks 5.42.0

        KDE today announces the release of KDE Frameworks 5.42.0.

        KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement.

        This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner.

      • KDE Frameworks 5.42 Brings Wayland Improvements, Plasma & KIO Activity

        KDE Frameworks 5.42.0 was released today as the latest monthly feature update to this collection of add-on KDE libraries complementing Qt5.

        With KDE Frameworks 5.42.0 there is some new icons/support to the Breeze icon set, a number of KIO changes, continued work on Kirigami, experimental RCC file support in KPackage, various KWayland improvements, and more refining to the Plasma Framework.

      • digiKam 5.8.0 is released

        Following the release of 5.7.0 published in September 2017, the digiKam team is proud to announce the new release 5.8.0 of the digiKam Software Collection. In this version a lot of work has happened behind the scenes and in fixing bugs as usual, which does not mean there are no enhancements: a new tool to export collections to UPNP/DLNA compatible devices has been introduced.

      • DigiKam 5.8 Released With Export Support To UPnP/DLNA Devices

        The KDE-developed, Qt-powered digiKam photo management software is out with its first feature update of 2018.

        DigiKam 5.8.0 is the new release out this weekend. Most of the digiKam 5.8 development work the past quarter was focused on under-the-hood type improvements, but there is also many bug fixes, improved AppImage support with now handling Firejail sandboxing, MySQL support improvements, the ability to export to UPnP/DLNA compatible devices, DropBox exporting now supports OAuth2, and various other enhancements.

      • KSuperkey, Plasma, and Trisquel 8

        This short tutorial explains how to enable pressing Win key to open menu at Plasma 5.5 on Trisquel 8. For that purpose, you need KSuperkey program, which needs git and make programs to obtain the source code and install it onto your Trisquel system. Fortunately, the KSuperkey program is small, the process is very easy and quick, and it needs only less than 3 minutes. Follow instructions below.

      • Last Weeks Activity in Elisa

        Elisa is a music player designed to be simple and nice to use. It allows to browse music by album, artist or all tracks. You can build and play your own playlist. We aim to build a fluid interface that is easy to use.

        We are preparing for the next alpha release when the following features will be done. Alexander is working on a metadata view for tracks. I am working on cleaning the different grid views into a generic one.

        Diego Gangl did several modifications of the interface as part of the interactions with KDE VDG.

    • GNOME Desktop/GTK

      • Librsvg gets Continuous Integration

        One nice thing about gitlab.gnome.org is that we can now have Continuous Integration (CI) enabled for projects there. After every commit, the CI machinery can build the project, run the tests, and tell you if something goes wrong.

        Carlos Soriano posted a “tips of the week” mail to desktop-devel-list, and a link to how Nautilus implements CI in Gitlab. It turns out that it’s reasonably easy to set up: you just create a .gitlab-ci.yml file in the toplevel of your project, and that has the configuration for what to run on every commit.

  • Distributions

    • The Top 10 Linux Distros You Never Heard About

      As I have mentioned in previous articles, the open-source community is littered with many distributions – some of which you might never get to hear about if you’re not connected to an affiliated party or happen to come across a reference ad.

      Plus, it’s a new year and we have been dropping Top 10 (and sometimes higher) titles since it began so you shouldn’t be surprised that we are here with another one.

      In case you missed it, we recently published an article on The Top 10 Linux Desktop Distros of 2017, and I thought it will be nice if we checked out a couple of distros that might not have made it to the limelight in 2017 but are still significant and will probably be of great use to our readers.

    • Reviews

      • MX Linux MX-17 Horizon – Shaping up beautifully

        From an underdog to a kennel master. That’s probably the best, most succinct way to describe MX Linux. While you still may be confused about its heritage, with words like Mepis and AntiX slipping in, it’s one of the more refined Xfce distros around, and I have been thoroughly impressed by the last version, MX-16. As it turns out, I proudly crowned it the Best of Xfce 2017 distro. It also notched very high on the overall annual best-of competition.

        Now, there’s a new version out. I will first conduct the test on the old LG laptop, but now that I’ve managed to fix the read-only UEFI on my Lenovo G50 machine, I will conduct a second test on that laptop – provided everything works fine in this first review. So we have ancient hardware, Nvidia graphics, dual boot. Commence.

      • What’s New in MX Linux 17

        MX Linux 17 is the latest release of MX Linux. This release powered by Linux kernel 4.13, based on Debian GNU/Linux 9.3 “Stretch” and using Xfce 4.12.3 as default desktop environment.

        Various improvements have been implemented to several of the in-house built tools, such as a larger interface for mx-tools’ dashboard, simpler editing of conky files in mx-conky, and new themes in mx-updater. The mx package installer tool, mx-snapshot, mx-tweak, mx-network-assistant, and mx-iDevice-mounter utilities have also been updated.

      • deepin 15.5 – A different desktop

        deepin is a Debian-based Linux distribution which features the custom Deepin Desktop Environment along with several in-house desktop applications. The deepin project develops its own file manager, media players, software centre and settings panel, along with other desktop applications. Clearly, the deepin team is very busy working on a desktop solution, one which is easy to navigate.

        deepin is available as a 3.2GB download for 64-bit x86 computers. Booting from the project’s media gives us the option of starting the installation process, booting the operating system in failsafe mode or checking the media’s integrity. In both of my test environments, deepin would boot and launch the installer (the first option), but was unable to boot in failsafe mode, whether run in UEFI or Legacy BIOS mode.

        Taking the install option brings up a graphical environment where we are asked to select our preferred language from a list. In the upper-right corner of the screen there is an “X” which, when clicked, lets us abort the installation. Quitting the installer immediately powers off the computer. Once we have selected our language we are asked to create a username and password for ourselves. We can then select our time zone from a map of the world.

        Partitioning comes next and here I encountered several options. We are asked whether we want Simple or Advanced partitioning. The Simple option takes over the entire hard drive, creating an ext4 file system. A 4GB swap file is set up on the root partition for us. This is the easy way forward, but it wipes out any other installed systems or partitions.

        The Advanced option lets us select where to install the system’s boot loader and presents us with a list of available partitions and free space. At first I wasn’t able to find any way to add new partitions, but eventually found the button for adding and editing partitions is a grey icon on a grey background, making it difficult to spot. Once the button was found, setting up new partitions was fairly straight forward. The deepin installer will not proceed if the root partition is 16GB or smaller in size when we take the Advanced partitioning option. However, I found I could create a root partition smaller than 16GB if I used the Simple partitioning option. Once our partitions are assigned mount points, the installer copies its files to the computer and reboots the system.

    • Red Hat Family

    • Debian Family

      • I pushed an implementation of myself to GitHub

        Roughly 4 years ago, I mentioned that there appears to be an esotieric programming language which shares my full name.

        I know, it is really late, but two days ago, I discovered Racket. As a Lisp person, I immediately felt at home. And realizing how the language dispatch mechanism works, I couldn’t resist and write a Racket implementation of MarioLANG. A nice play on words and a good toy project to get my feet wet.

      • digest 0.6.14

        Another small maintenance release, version 0.6.14, of the digest package arrived on CRAN and in Debian today.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 17.04 (Zesty Zapus) Has Reached End of Life, Upgrade to Ubuntu 17.10 Now

            As of today, January 13, 2018, the Ubuntu 17.04 (Zesty Zapus) operating system has reached end of life and it’s no longer supported by Canonical with security and software updates.

            Released last year on April 13, Ubuntu 17.04 (Zesty Zapus) was the last version of the popular operating system to ship with the Unity 7 desktop environment by default. It was powered by the Linux 4.10 kernel series, Mesa 17.0 graphics stack, and X.Org Server 1.19 display server.

          • Ubuntu 17.10.1 ISOs Now Available To Avoid Thrashing Some UEFI Systems

            Ubuntu 17.10.1 ISOs are now available as well as for most of the *buntu derivatives. The Ubuntu 17.10.1 ISO re-spin is for disabling the SPI kernel driver to avoid messing up select laptops.

          • Ubuntu 17.10.1 Linux Distro Now Available — Download ISO Files And Torrents For All Official Flavors

            In late December, Canonical decided to pull the download links of Ubuntu 17.10 Linux distro. This step was taken following the reports that a bug in UEFI firmware of some laptops from OEMs like Lenovo, Acer, and Toshiba are corrupting the BIOS and making the machine unbootable.

          • Tweaking Ubuntu 17.10 To Try To Run Like Clear Linux

            Even with the overhead of having both KPTI and Retpoline kernel support in place, our recent Linux distribution benchmarks have shown Intel’s Clear Linux generally outperforming the more popular distributions. But if applying some basic performance tweaks, can Ubuntu 17.10 perform like Clear Linux? Here are some benchmarks looking at a few factors.

            In our forums there were recently some users attributing the Clear performance benefit to their CFLAGS and the distribution defaulting to the P-State “performance” governor rather than the “powersave” governor. It’s true those are two of the ways this Intel open-source platform tries to deliver better out-of-the-box performance, but that is not all. Explained at ClearLinux.org, they also apply automatic feedback-driven optimizations (GCC FDO), function multi-versioning (FMV) to deliver optimized functions selected at run-time based upon the CPU micro-architecture being used, and various other approaches for trying to deliver the best out-of-the-box Linux performance that does include backporting various patches, etc. And, yes, hopefully this article can provide some motivation for Ubuntu and other distributions to become a bit more aggressive with their defaults to deliver a more optimized experience on installation.

          • Benchmarking Ubuntu’s Low-Latency Kernel & Liquorix Post-Meltdown

            The Ubuntu low-latency kernel is designed for, well, low-latency workloads like audio processing/recording. The lowlatency kernel compared to the generic Linux x86_64 kernel enables IRQ_FORCED_THREADING_DEFAULT, disables TREE_RCU in favor of PREEMPT_RCU, disables OPTPROBES, enables UNINLINE_SPIN_UNLOCK while disables the INLINE_*_UNLOCK tunables, enables PREEMPT support, changes to 1000Hz tick from 250Hz, and enables LATENCYTOP support.

            The Liquorix kernel continues to be a bit more unique and among its alterations compared to a generic kernel is Zen interactive tuning, making use of the MuQSS process scheduler, hard kernel preemption, BFQ I/O scheduler by default, network optimizations, and more as outlined at Liquorix.net. Liquorix also defaults to CPUFreq on Intel CPUs and uses the ondemand governor rather than the other tested kernels defaulting to P_State powersave.

            For these tests were benchmarks of 4.13.0-25-generic (the current default Ubuntu 17.10 kernel with KPTI patched), 4.14.13-041413-generic as the latest upstream stable kernel from the Ubuntu Mainline Kernel PPA, 4.14.13-041413-lowlatency as the equivalent low-latency Ubuntu kernel, and then 4.14.0-13.1-liquorix as the latest Liquorix kernel via its Launchpad PPA. All of these kernels had KPTI protection present and enabled, none of them currently have the (currently out-of-tree) Retpoline support.

          • Ubuntu 17.10.1 ISOs available with corrupting BIOS fix

            Canonical has a now made Ubuntu 17.10.1 available on its servers but is yet to list it on its main download page as of Saturday evening (GMT). The new ISO comes with the SPI kernel driver disabled in order to avoid damaging the BIOS on some computers. People have been unable to download the latest iteration of Ubuntu for the past three weeks while Canonical fixed the issue.

          • Flavours and Variants

            • Xubuntu 17.10.1 Release

              Following the recent testing of a respin to deal with the BIOS bug on some Lenovo machines, Xubuntu 17.10.1 has been released. Official download sources have been updated to point to this point release, but if you’re using a mirror, be sure you are downloading the 17.10.1 version.

              No changes to applications are included, however, this release does include any updates made between the original release date and now.

            • Xubuntu 17.04 End Of Life

              On Saturday 13th January 2018, Xubuntu 17.04 goes End of Life (EOL). For more information please see the Ubuntu 17.04 EOL Notice.

              We strongly recommend upgrading to the current regular release, Xubuntu 17.10.1, as soon as practical. Alternatively you can download the current Xubuntu release and install fresh.

            • Ubuntu Unity Remix Day 3: Unity Tweak Tool

              Do you like customizing Unity desktop using Tweak Tool? Do you like bottom panel (since 16.04 LTS) and custom themes? Good news for you, now we can continue it at Ubuntu Unity Remix 18.04! For you don’t know, Unity Tweak Tool is a program to make it easy for you to custom your Unity desktop. This includes changing theme & icon, changing Launcher transparency & position, customizing the menu/search, desktop animations, and many more. This ‘Day 3′ covers shortly about this Tweak Tool on Unity Remix. Enjoy!

  • Devices/Embedded

Free Software/Open Source

  • A “Newer” ASUS Mini-ITX AMD Motherboard Now Supported By Coreboot

    The ASUS AM1I-A as implied by the name is an AM1 socket motherboard for those Athlon/Sempron processors… Not nearly as exciting as if a Ryzen motherboard would be supported by Coreboot, but this motherboard isn’t too old compared to some other Coreboot ports and can still be found from a few online shops albeit refurbished. The ASUS AM1I-A is a mini-ITX board with USB 3.0, DVI/HDMI/VGA outputs, and all the other usual candidates for an AM1 class motherboard.

  • Web Browsers

    • Mozilla

      • News flash: encrypted.google.com is not special in any way

        Once upon a time, Google dared to experiment with HTTPS encryption for their search instead of allowing all search data to go unencrypted through the wire. For this experiment, they created a new subdomain: encrypted.google.com was the address where your could get some extra privacy. What some people apparently didn’t notice: the experiment was successful, and Google rolled out HTTPS encryption to all of their domains. I don’t know why encrypted.google.com is still around, but there doesn’t seem to be anything special about it any more. Which doesn’t stop some people from imagining that there is.

      • Firefox 59 Is Dropping GTK2 Support

        Now that Firefox’s GTK3 support is finally into shape, Firefox 59 will be doing away with GTK2 tool-kit support.

      • Review of Igalia’s Web Platform activities (H2 2017)

        Last september, I published a first blog post to let people know a bit more about Igalia’s activities around the Web platform, with a plan to repeat such a review each semester. The present blog post focuses on the activity of the second semester of 2017.

      • Mozilla.Org: The Big SUMO Report: 2017

        Just like the year before, our activity and its results could be analysed from many perspectives, with dozens of data sources. Putting everything together, especially given our platform changes in 2018, is quite impossible – and the numbers have been affected by interruptions in tracking, as expected.

  • Pseudo-Open Source (Openwashing)

  • FSF/FSFE/GNU/SFLC

    • Spectre Mitigation Added To GCC 8, Seeking Backport To GCC 7

      Hitting the GCC 8 compiler Git/SVN code this Sunday morning are the changes needed compiler-side for CVE-2017-5715 / Spectre mitigation.

      Veteran GNU toolchain developer H.J. Lu of Intel has committed the set of patches for introducing -mindirect-branch=, -mfunction-return= and -mindirect-branch-register for dealing with indirect branches from the compiler side and is also compiler features already used by the Linux kernel Retpoline patches when built with a supported compiler for full enforcement against Spectre vulnerabilities.

  • Licensing/Legal

    • Tony Sebro to Join Conservancy Board of Directors & Outreachy Leadership

      Tony Sebro, who was Conservancy’s second full-time employee, is moving on to become Deputy General Counsel at the Wikimedia Foundation, the home of Wikipedia. We say goodbye to Tony as a Conservancy employee today, but more importantly we welcome him to a number of new volunteer roles at our organization.

      Specifically, Conservancy’s Board of Directors has invited Tony to serve as an at-large Director. Tony has also joined the Project Leadership committee of Conservancy’s Outreachy project (our internship program for free and open source software contribution for underrepresented groups). We are thrilled that Tony will continue to contribute his expertise to our organization, and to formalize his participation with our key internship program.

  • Openness/Sharing/Collaboration

    • Open source model, drugs for the masses

      Nearly one person dies of tubercolosis every two minutes in India, said Professor Jaykumar Menon, the award-winning international human rights lawyer and social entrepreneur. Professor Jaykumar began the Open Source Pharma Foundation, which looks at generating breakthroughs in affordable public healthcare; the initiative has drawn over $110 million in funding the likes of Tata Trusts, Gates Foundation, Rockefeller Foundation and the Soros Foundations. Speaking at the National Institute of Advanced Studies in Bengaluru, Menon said, “We are working on complex issues that affect Indian and global society. Our first target, therefore, is Mycobacterium tubercolosis, which inhabits approximately a quarter of the human population in India.”

    • Open Access/Content

      • #DLNchat: Open Educational Resources (OER) in Higher Ed

        Can open educational resources, or OER, truly create more equity and access? That was the question at the heart of our #DLNchat on January 9, which centered around OER in Higher Education. Our special guest, Lisa Petrides, creator of OER Commons, kicked things off by defining the topic at hand: “OER are teaching & learning materials freely available for anyone to use. These materials typically reside in the public domain, or have an alternative copyright license, i.e. Creative Commons or GNU, that specify how the resource may be reused, adapted, and shared. To me OER is also about the democratization of access to education, and the pursuit and sharing of knowledge. And the ecosystem of open knowledge sharing is fundamental to teaching, to learning, and to equity.”

  • Programming/Development

    • The Brutal Lifecycle of JavaScript Frameworks

      Using the Stack Overflow Trends tool and some of our internal traffic data, we decided to take a look at some of the more prominent UI frameworks: Angular, React, Vue.js, Backbone, Knockout, and Ember.

    • Visualizing Molecules with Python

      The PyMOL Wiki also hosts a script library, and it’s a good place to look before you start down the road of creating your own script, as someone else may have run into the same issue and may have found a solution you can use. If nothing else, you may be able to find a script that could serve as a starting point for your own particular problem.

      When you’re are done working with PyMOL, there are many different ways to end the session. If there is work you are likely to pick up again and continue with, click File→Save Session to save all of the work you just did, including all of the transitions applied to the view. If the changes you made were actually structural, rather than just superficial changes to the way the molecule looked, you can save those structural changes by selecting File→Save Molecule. This allows you to write out the new molecule to a chemical file format, such as a PDB file.

      If you need output for publications or presentations, a few different options are available. Clicking File→Save Image As allows you to select from saving a regular image file in PNG format or writing out data in a POVRay or VRML 3D file format. If you are doing a fancier presentation, you even can export a movie of your molecule by clicking File→Save Movie As. This lets you generate an MPEG movie file that can be used either on a web-based journal or within a slide deck for a presentation.

Leftovers

  • Ford-backed self-driving car involved in an accident that sent two people to the hospital

    A self-driving car operated by Argo AI, a startup backed by Ford, was involved in an accident in Pittsburgh on Wednesday that sent two people to the hospital, according to The Incline. Early reports suggest the accident was the result of human error.

  • Haste, Waste and Choice

    And there is the crux of the matter, both for technologists and for policy makers: What do we prioritize? We know, and have long known, that optimality and efficiency are the enemies of robustness and resilience. The payback on optimality and efficiency is quantitative, calculable, and central to short-term survivability. The payback on robustness and resilience is qualitative, inestimable, and central to long-term survivability. The field of battle is this: All politics is local; all technology is global.

  • The Strange History of One of the Internet’s First Viral Videos
  • Science

    • Your Position, Triangulated

      The U.S. military needed a way to track the location of submarines, which, by their very nature, are submerged, sometimes for months on end. Being deep in the ocean, of course, has its limits based on what kinds of equipment you can use.

    • Secret Eugenics Conference Uncovered at University College London

      A secret conference on eugenics held by a senior lecturer at the University College London (UCL) is under investigation by the university. The meeting, dubbed the London Conference on Intelligence, has taken place annually since 2014 and is attended by white supremacists with ties to neo-Nazi organizations, London Student revealed on Wednesday (January 10).

    • All Your Memories Are Stored by One Weird, Ancient Molecule

      How does memory work? The further we seem to dive in, the more questions we stumble upon about how the function of memory first evolved. Scientists made a key breakthrough with the identification of the Arc protein in 1995, observing how its role in the plastic changes in neurons was critical to memory consolidation.

      This protein is already a big deal, but the Arc picture just got a lot more interesting. In a study published Thursday in the journal Cell, a team of researchers at the University of Utah, the University of Copenhagen in Denmark, and MRC Laboratory of Molecular Biology in Cambridge, UK, argue that Arc took its place in the brain as a result of a random chance encounter millions of years ago. Similar to how scientists say the mitochondria in our cells originated as bacteria that our ancient ancestors’ cells absorbed, the Arc protein seems to have started as a virus.

    • Surprise: A virus-like protein is important for cognition and memory

      A protein involved in cognition and storing long-term memories looks and acts like a protein from viruses. The protein, called Arc, has properties similar to those that viruses use for infecting host cells, and originated from a chance evolutionary event that occurred hundreds of millions of years ago.

      The prospect that virus-like proteins could be the basis for a novel form of cell-to-cell communication in the brain could change our understanding of how memories are made, according to Jason Shepherd, Ph.D., a neuroscientist at University of Utah Health and senior author of the study publishing in Cell on Jan. 11.

    • How to see a memory

      For someone who’s not a Sherlock superfan, cognitive neuroscientist Janice Chen knows the BBC’s hit detective drama better than most. With the help of a brain scanner, she spies on what happens inside viewers’ heads when they watch the first episode of the series and then describe the plot.

      Chen, a researcher at Johns Hopkins University in Baltimore, Maryland, has heard all sorts of variations on an early scene, when a woman flirts with the famously aloof detective in a morgue. Some people find Sherlock Holmes rude while others think he is oblivious to the woman’s nervous advances. But Chen and her colleagues found something odd when they scanned viewers’ brains: as different people retold their own versions of the same scene, their brains produced remarkably similar patterns of activity1.

    • The Physicist Building the World’s Most Precise Clock

      We take clocks for granted. In the modern world, time is calculated everywhere we look. If there’s not a watch on your wrist, there’s one on your phone. Most modern computers keep track of the time in the corner of the screen. Appliances from coffee makers to microwaves have a digital readout of the time.

      The measurement of time is ubiquitous, inescapable, and incredibly important. “[The clock] has played an important role in human history,” Jun Ye—who is Adjoint Professor of Physics at the University of Colorado, and a researcher into precision measurement—told me over the phone. “It helped build a more technically advanced society.”

    • How good bacteria control your genes

      Scientists from the Babraham Institute near Cambridge in collaboration with colleagues from Brazil and Italy have discovered a way that good bacteria in the gut can control genes in our cells. The work, published today (9th January) in Nature Communications, shows that chemical messages from bacteria can change the location of key chemical markers throughout the human genome. By communicating in this way, the bacteria may help to fight infections and to prevent cancer.

    • You’re Descended from Royalty and So Is Everybody Else

      Charlemagne, Carolingian King of the Franks, Holy Roman Emperor, the great European conciliator; your ancestor. I am making an assumption that you are broadly of European descent, which is not statistically unreasonable but certainly not definitive. If you’re not, be patient, and we’ll come to your own very regal ancestry soon enough.

    • ‘Gyroscope’ molecules form crystal that’s both solid and full of motion

      Molecular machines, much smaller than single cells, may one day be able to deliver drugs to kill cancer cells or patrol your body for signs of disease. But many applications of these machines require large arrays of rock-hard moving parts, which would be difficult to build with typical biological structures.

      Molecules that makes up the solid crystals found in nature are generally so tightly packed together that there’s no room for any of them to move. So despite their strength and durability, solid crystals have generally not been considered for applications in molecular machines, which must have moving parts that can respond to stimuli.

    • Higher Education Is Drowning in BS

      I have had nearly enough bullshit. The manure has piled up so deep in the hallways, classrooms, and administration buildings of American higher education that I am not sure how much longer I can wade through it and retain my sanity and integrity.

      Even worse, the accumulated effects of all the academic BS are contributing to this country’s disastrous political condition and, ultimately, putting at risk the very viability and character of decent civilization. What do I mean by BS?

      BS is the university’s loss of capacity to grapple with life’s Big Questions, because of our crisis of faith in truth, reality, reason, evidence, argument, civility, and our common humanity.

      BS is the farce of what are actually “fragmentversities” claiming to be universities, of hyperspecialization and academic disciplines unable to talk with each other about obvious shared concerns.

  • Hardware

    • Apple’s Indirect Presence Fades from CES

      Gone are the days of Apple’s presence, or observably “winning” of CES, even though they are not present. It was impossible to walk the show floor and not see a vast array of interesting innovations which touched the Apple ecosystem in some way. Now it is almost impossible to walk the floor and see any products that touch the Apple ecosystem in any way except for an app on the iOS App Store. The Apple ecosystem is no longer the star of CES but instead things like Amazon’s Alexa voice platform, and now Google’s assistant voice platform is the clear ecosystem winners of CES.

  • Health/Nutrition

    • First Nations entrepreneurs are asserting sovereignty and seizing the new cannabis economy

      Jeff Hawk said he was sitting in the lounge area of his dispensary chatting with friends early on Tuesday evening when several assault-rifle wielding Six Nations police officers burst in, ordering everyone to get on the ground.

      Hawk’s dispensary, called Green Health for 6, was the second to be hit by a raid in Six Nations, an Iroquois community near Hamilton, in the space of three months.

    • Supreme Court to Consider Civil Price-Fixing Case Against Chinese Vitamin C Makers

      WASHINGTON—The Supreme Court on Friday said it would hear an antitrust case involving price fixing by Chinese vitamin C makers, agreeing to decide whether U.S. judges must defer to legal submissions made by the Chinese government.

    • State emergency issued as result of flu outbreak in Alabama

      “We have a crisis situation going on” regarding the flu outbreak, said Scott Harris, acting state health officer with the Alabama Department of Public Health.

      “This is the normal season of the flu,” he said during a Friday afternoon press conference. It is “nothing out of ordinary in the type … but we are seeing large numbers.”

  • Security

    • Meltdown and Spectre FAQ: Crapification at Scale

      Yesterday, Yves posted a “primers on Meltdown and Spectre”, which included several explanations of the two bugs from different viewpoints; if you feel you don’t have a handle on them, please review it. Today, I want to give an overview of the two bugs. I will dig into the details of these two bugs in the form of a FAQ, and then I’ll open a discussion of the larger business and political economy issues raised in the form of a MetaFAQ. First, I should make one point: Meltdown is a bug; Specture is a class of bugs (or, if you prefer, a strategy).

      [...]

      What Are The Costs of the Meltdown and Spectre Bugs?

      A few billions.

    • Fixing Chipmageddon Will Slow Down Older Computers

      Microsoft has come out and said it: cures for the pervasive chip flaws Meltdown and Spectre are likely to dent the performance of your PC if it’s a few years old.

    • Intel needs to come clean about Meltdown and Spectre

      Intel hasn’t had the best of times recently. Meltdown and Spectre security flaws have helped reveal fundamental issues with processor designs over the past 20 years, and the software updates to protect PCs will have performance impacts. Even as I write this, it’s still not clear to anyone exactly how bad these performance impacts will be for older desktop systems, or how significant they’ll be to server-based cloud platforms. It’s all a bit of a mess, and Intel hasn’t helped with its lack of transparency. It’s time for Intel to stop hiding behind cleverly worded statements.

    • Everything running smoothly at the plant? *Whips out mobile phone* Wait. Nooo…

      The security of mobile apps that tie in with Supervisory Control and Data Acquisition (SCADA) systems has deteriorated over the last two-and-a-half years, according to new research.

      A team of boffins from IOActive and IoT security startup Embedi said they had discovered 147 vulnerabilities in 34 of the most popular Android mobile apps for SCADA systems.

      Mobile applications are increasingly being used in conjunction with SCADA systems. The researchers warned these apps are “riddled with vulnerabilities that could have dire consequences on SCADA systems that operate industrial control systems”.

    • Intel details performance hit for Meltdown fix on affected processors
    • Keeping Spectre secret

      When Graz University of Technology researcher Michael Schwarz first reached out to Intel, he thought he was about to ruin the company’s day. He had found a problem with their chips, together with his colleagues Daniel Gruss, Moritz Lipp, and Stefan Mangard. The vulnerability was both profound and immediately exploitable. His team finished the exploit on December 3rd, a Sunday afternoon. Realizing the gravity of what they’d found, they emailed Intel immediately.

    • Intel’s telling some customers to avoid its fix for the Spectre and Meltdown attacks — because of a big bug
    • A Security Issue in Intel’s Active Management Technology (AMT)
    • Backdoor In 30 Seconds: New Major AMT Security Flaw Is Here To Haunt Intel Laptops
    • Researcher finds another security flaw in Intel management firmware [Updated]

      If MEBx hasn’t been configured by the user or by their organization’s IT department, the attacker can log into the configuration settings using Intel’s default password of “admin.” The attacker can then change the password, enable remote access, and set the firmware to not give the computer’s user an “opt-in” message at boot time. “Now the attacker can gain access to the system remotely,” F-Secure’s release noted, “as long as they’re able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps).”

    • Shocking new Intel flaw gives hackers full control of laptops in less than 30 seconds

      Physical access is needed, but to exploit the Intel AMT vulnerability all an attacker needs to do is power up the target machine and press CTRL-P during boot-up, experts said.

    • Why we should all do the boring work of patching our computers

      Marketplace Tech host Molly Wood talks with independent security reporter Brian Krebs, who says that on the scale of one to 10 in terms of how worried he is, this is about an eight.

    • KPTI Support For 64-bit ARM Getting Buttoned Up Ahead Of Linux 4.16

      Kernel Page Table Isolation (KPTI) landed at the start of the year for x86/x86_64 systems for fending off the much talked about CPU attacks while the AMD64 / 64-bit ARM code is still a work-in-progress but looks like it will be squared away for the upcoming Linux 4.16 kernel cycle.

      There is this Git branch and the base work for those wishing to track the last minute alterations. There is currently the latest KPTI page table isolation patches for ARM64 and does include a return trampoline, a new HARDEN_BRANCH_PREDICTOR Kconfig switch, branch predictor hardening for Falkor and Cortex-A CPUs, and other security hardening improvements.

    • ‘Very high level of confidence’ Russia used Kaspersky software for devastating NSA leaks

      Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers.

      “That’s a Russian intelligence operation,” a former senior intelligence official, who requested anonymity to speak bluntly, told Yahoo Finance. “They’ve gotten a lot noisier than they used to be.”

    • FOSS Community Struggles to Patch Against Spectre, Meltdown Flaws [Ed: Unlike what? The proprietary software 'community'? Microsoft is bricking Windows-running PCs.]

      Many in the open source community worked feverishly this week to respond to heightened fears that software updates to fix the Spectre and Meltdown vulnerabilities would put millions of computers at risk of slowdowns or even total disability.

    • WPA3 – The Promise of Security
    • Linspire 7.0.1 and Freespire 3.0.1 Released – Meltdown and Spectre fix

      This morning we have released Linspire 7.0.1 and Freespire 3.0.1 . With this release we have addressed the Meltdown and Spectre vulnerabilities in Intel Processors. We have included no new features.

    • Black Lab Enterprise Linux 11.51 Released – Meltdown and Spectre Fix

      Today we have released Black Lab Enterprise Linux 11.51. This release addresses the Meltdown and Spectre vulnerabilities in Intel Processors. We have included no new features. To apply the fix simply run your system updater and the fix will be applied.

      This update has been thoroughly tested and does not cause any issues or malfunctions

    • At CES, Spectre haunted tech executives in public and private meetings

      Despite being drenched and briefly thrust in to darkness, the largest annoyance for many top tech executives at CES was the shadow of Spectre.

      The world’s largest electronics show immediately careened toward the twin maladies dubbed Spectre and Meltdown, potentially exploitable weaknesses in the brains of PCs and servers world-wide.

  • Defence/Aggression

    • Arms sales: Britain increases exports to world’s most repressive regimes by nearly a third since Brexit vote

      Britain has dramatically increased the value of weaponry and defence equipment it sells to the world’s most repressive regimes since vows by senior ministers to expand arms exports after the Brexit vote.

      Figures seen by i show that the Government cleared export licences worth £2.9bn in the 12 months after June 2016 to 35 countries considered “not free” by Freedom House, a respected international think-tank. The figure represents a 28 per cent increase on the 12 months before the Brexit vote.

    • Hawaii ‘ballistic missile threat’ alert to phones was false alarm, officials say

      Residents of Hawaii were thrown into a panic Saturday morning after an emergency alert was sent warning of a ballistic missile threat. But officials minutes later said it was a false alarm.

      “NO missile threat to Hawaii,” the state’s Emergency Management Agency tweeted at 8:20 local time (1:20 ET).

      Rep. Tulsi Gabbard, D-Hawaii, tweeted: “This is a false alarm. There is no incoming missile to Hawaii.”

  • Transparency/Investigative Reporting

  • Environment/Energy/Wildlife/Nature

    • Burning Iranian tanker explodes and sinks, ‘no hope of finding crew alive’

      An Iranian oil tanker burning for more than a week in the East China Sea exploded and sank on Sunday, Chinese state television reported.
      The Sanchi erupted into flames after colliding with a Hong Kong-registered freighter on January 6, CCTV reported.
      China’s transport ministry said the tanker “suddenly exploded” around noon on Sunday and was quickly engulfed in fire, with the smoke and flames rising as high 1km (3,300 feet).
      An Iranian official also said on Sunday there was no chance of finding alive any of the tanker’s 32 crew members.

    • Fossil fuels blown away by wind in cost terms: study

      According to a new cost analysis from the International Renewable Energy Agency (IRENA), within two years “all the renewable power generation technologies that are now in commercial use are expected to fall within the fossil fuel-fired cost range, with most at the lower end or undercutting fossil fuels”.

      It expects renewables will cost between three and 10 US cents per kilowatt hour (kWh) by 2020, while the current cost spectrum for fossil fuel power generation ranges from five to 17 US cents per kWh.

    • 99% of These Sea Turtles Are Turning Female—Here’s Why

      The turtle wranglers landed on Ingram Island thinking about sex and heat.

      Pacific green sea turtles spend years cruising this northern Australia feeding ground, fattening up on sea grasses before heading to nesting areas to mate and lay eggs. The scientists simply wanted to know: which of these reptiles were male and which were female?

      You can’t always tell a sea turtle’s sex by looking, so researchers kicked off a “turtle rodeo.” They stood atop skiffs and raced toward swimming turtles and launched themselves like bull wrestlers onto the animals’ carapaces. After gently steering each turtle to shore, they took DNA and blood samples, and made tiny incisions to inspect turtle gonads.

  • Finance

    • NYC Sues, Divests From Oil Firms Over Climate Change

      New York City is taking on the oil industry on two fronts, announcing a lawsuit Wednesday that blames the top five oil companies for contributing to global warming and saying the city will sell off billions in fossil fuel investments from the city’s pension funds.

      Democratic Mayor Bill de Blasio received immediate blowback from some of the companies, while winning praise from environmentalists and others.

      “We’re bringing the fight against climate change straight to the fossil fuel companies that knew about its effects and intentionally misled the public to protect their profits,” the mayor said. “As climate change continues to worsen, it’s up to the fossil fuel companies whose greed put us in this position to shoulder the cost of making New York safer and more resilient.”

    • Germany has regained its crown as the world’s most powerful passport

      The world’s governments have spoken. Germany’s citizens are the travelers most welcome to cross their borders.

      The Henley Passport Index, an annual ranking of passport power by the citizenship planning firm, came out today for 2018. Germany is at the top for the fifth year in a row, with visa-free or visa-upon-arrival access to 177 countries, up from 176 last year. (In February 2017, Belarus introduced a five-day visa-free visit available to citizens of 80 countries, including Germany.)

    • The British Once Built a 1,100-Mile Hedge Through the Middle of India

      In 1878, W.S. Halsey, Commissioner of Inland Customs, reported on the state of British India’s giant hedge. The hedge had grown to more than 1,100 miles long, he wrote, long enough to stretch from Berlin to Moscow. More than half of the barrier, Halsey reported, was made up of “perfect and good green hedge” or “combined green and dry hedge.” In parts, it was 12 feet tall and 14 feet across.

      The British Empire had been working on this giant hedge for at least 30 years. It had, at long last, reached “its greatest extent and perfection,” wrote Roy Moxham in The Great Hedge of India. It was an impressive monument to British power and doggedness. One British official wrote that it “could be compared to nothing else in the world except the Great Wall of China.”

    • China Sets New Records for Gobbling Up the World’s Commodities

      China continues to gobble up the world’s commodities, setting new records for consumption of everything from crude oil to soybeans.

      In a year of flux marked by industrial capacity cuts, environmental curbs and financial deleveraging, demand for raw materials has continued to grow in the world’s biggest consumer, helping drive a second annual gain in global commodity returns.

    • Blockchain or Blockheads? Bitcoin Mania Mints Believers and Skeptics

      Sometimes life shows you what absurd really is. This is one of those times. I’m talking about the phenomenon known as Bitcoin, a monetary system based on computation, complex algorithms and — let’s face it — communal delusion.

      You’ve probably heard about this funny money, digital tokens that can be sent securely from computer to computer, with records kept through an online accounting system known as blockchain. (My colleague Nathaniel Popper has been writing great stuff about it.)

      Millions of people now have accounts with Coinbase, the leading marketplace for digital currencies. And the rush into the market has helped push prices up. At the beginning of last year, you could pick up a Bitcoin (not literally, because they’re virtual, DUH) for about a thousand bucks. Its gyrations briefly brought its price near $20,000, according to Blockchain.info, which tracks such things.

    • Theresa May mocked for suggesting Tories to thank for credit card charge ban imposed by EU

      Theresa May has been mocked for claiming credit for an EU policy to protect consumers from rip-off payment card charges.

      Retailers, airlines and other businesses have been banned from hitting shoppers with hidden surcharges when they use credit or debit cards – sometimes as high as 20 per cent – which costs consumers around £166m each year.

      MEPs criticised the Government for claiming responsibility for the move, which comes as part of a broad range of new payment regulations based on an EU–wide directive that was spearheaded by left-wing politicians in the European Parliament.

      The Government must comply with EU directives until Britain leaves the bloc, although these changes will become part of UK law so will remain after Brexit.

    • Our historic Brexit vote could now be reversed, admits Nigel Farage

      Nigel Farage today makes a dramatic admission that the vote for Brexit could be overturned because Remainers have seized control of the argument over Britain’s future relationship with the EU.

      The former Ukip leader told the Observer that he was becoming increasingly worried that the Leave camp had stopped fighting their corner, leaving a well-funded and organised Remain operation free to influence the political and public debate without challenge.

      “The Remain side are making all the running,” said Farage. “They have a majority in parliament, and unless we get ourselves organised we could lose the historic victory that was Brexit.”

      On Thursday Farage angered many Brexiters, and many in Ukip, when he said he was coming round to the view that the country might need to hold a second referendum in order to close down the EU argument for good.

    • Watch This Mesmerizing Video of One Year’s Development in Bitcoin Core

      1 activated soft fork (SegWit) 1,843 pull requests (a formal request to add a contribution) 1,195 pull requests merged (when a contribution is accepted) 21,153 GitHub comments 3,277 commits 161 Git contributors 713 GitHub contributors Bitcoin Development: Decentralized and Open? Or Exclusive?

    • More Americans migrated to Norway than the other way around in 2016

      Norwegians generally live longer than Americans. There’s a generous safety net of health care and pensions. And although it’s pricey, the country last year was named the happiest on Earth.

      President Donald Trump says the United States should take in more Norwegians, but is it any wonder that more Americans are going the other way?

      The country of 5.2 million people that seldom makes global headlines awoke Friday to the news that Trump wanted to have more immigrants from Norway, rather than Haiti and countries in Africa that he disparaged with a vulgar term.

    • Bitcoin Mania

      The first time I bought virtual money, in October 2017, bitcoins, the cryptocurrency everyone by now has heard of, were trading at $5,919.20. A month later, as I started writing this, a single coin sold for $2,000 more. “Coin” is a metaphor. A cryptocurrency such as bitcoin is purely digital: it is a piece of code—a string of numbers and letters—that uses encryption techniques and a decentralized computer network to process transactions and generate new units. Its value derives entirely from people’s perception of what it is worth. The same might be said of paper money, now divorced from gold and silver, or of gold and silver for that matter. Money is a human invention. It has value because we say it does.

      In 2008, when a person or persons going by the name Satoshi Nakamoto published the whitepaper “Bitcoin: A Peer-to-Peer Electronic Cash System,” bitcoins were worth nothing because they didn’t exist. Three months later, when the first version of bitcoin software was released by Nakamoto and the inaugural bitcoins were traded, they were essentially free. By September 2010, a single bitcoin cost about six cents. By June 2011, it was $22.59. And while the price had its ups and downs, the overall trend was up, up, up. By the end of 2013, as the idea of a currency controlled exclusively by computers running cryptographic algorithms created and traded without the intercession of a central bank, a nation-state, a taxation authority, or any kind of regulation began to take hold, especially among libertarians and those unsettled by the financial crisis, as well as among black-market criminals and terrorists, it was nearly $1,000.* The higher the price, the greater the interest of investors and speculators, which propelled the price even higher.

  • AstroTurf/Lobbying/Politics

  • Censorship/Free Speech

    • Scammy Lawyer Award Company Sends C&D To Website For Pointing Out Its Scammy Behavior

      Appealing to someone’s ego is profitable. Lawyers of Distinction names many, many lawyers to its “distinction” list every year. Some people believe this actually means something. But it doesn’t, as Kelsey Butchcoe explained late last year in a post for marketing blog Mockingbird. A lawyer getting a letter from Lawyers of Distinction announcing their selection to the vaunted “top 10%” is, in reality, getting nothing more than unsolicited marketing materials.

      Following up with Lawyers of Distinction provides curious attorneys the opportunity to spend $425-775 annually to obtain plaques, “crystals,” and backlinks to their law firm websites from LoD. Following up further, as Butchcoe did, also uncovers the fact Lawyers of Distinction’s prestigious awards emanate from a UPS Store in Las Vegas, Nevada.

    • Censor Board wasn’t happy with ending of Sholay, had to change it: Ramesh Sippy

      Recalling his own brush with censorship, Sholay director Ramesh Sippy told the audience at the Pune International Film Festival (PIFF) how he had to change the ending of the iconic film because the Censor Board did not quite take to the end envisaged by him. Sippy (70), who was awarded the ‘PIFF Distinguished Personality Award’ at the festival, made the revelation while being interviewed by Dr Jabbar Patel, during a PIFF Forum at the Raj Kapoor Pavilion.

    • Ahead of March elections, Egypt extends state of emergency and tightens censorship

      The New York Times reported this week that Egypt ordered a criminal investigation into the paper over its report alleging that an intelligence officer told several TV hosts they should persuade viewers to accept President Donald Trump’s decision to recognize Jerusalem as Israel’s capital. The investigation comes in the same week that Egypt’s parliament voted for a third time to extend a state of emergency.

    • Facebook Takes Another Stab at Soft Censorship Through Modified “Trustworthy” Newsfeed

      In a move that is set to infuriate news organizations that are not deemed “trustworthy”, Facebook is set to introduce “sweeping changes” to its newsfeed as early as next week, prioritizing trustworthy sites and removing “clickbait” and low quality news publishers, while promoting posts from friends and family, the WSJ reports.

      Under its new approach, Facebook would evaluate parameters such as public polling about news outlets, and whether readers are willing to pay for news from particular publishers. Such variables would inform its algorithm that determines which publishers’ posts are pushed higher in the feed, one of the people said.

      It is not known how Facebook will decide which publications are deemed trustworthy.

    • Universities have become islands of censorship and propaganda

      The core components of what university is supposed to be about – learning, debating, challenging our own viewpoints – have come under assault from professors, students, and those who do not believe in the exchange of ideas.

      We have come to a time where the university environment doesn’t promote the right to free speech and open debate. This trend has been present across the UK, but notably at some universities in London such as UCL, where an upcoming talk by Israeli speaker Hen Mazzig has come under attack by the UCL Friends of Palestine Society.

    • Book Review: Cultural Stagnation bred by Vietnamese censorship

      Can a nation develop commerce but not its culture? Thomas Bass’ new book Censorship in Vietnam: Brave New World takes a deep dive into the perilous world of Vietnamese expression. It is a country with some of the world’s least penetrable politics.

      A culture of silence dominates the ruling Communist Party, with vital policy discussions among politicians shrouded in secrecy. The few foreign correspondents in the country are mostly kept out of the political loop, left largely with unverifiable rumors as to where power lies in the country.

      Vietnamese citizens have even less information. The details of the party’s business generally are is presumed to be the party’s business alone, with information kept under state control. Save for dissident bloggers on social media, the state effectively silences independent voices through its grip on media.

    • Keeping an ‘i’ out for censorship, no matter vat

      Bollywood has an extra ‘i’ floating around. It came from the movie Padmavati which changed its name by deed poll to Padmavat, and will probably remain that way till someone discovers that ‘vat’ means ‘a large vessel especially for holding liquors in an immature state’.

      And then the manure will hit the fan again. Our queen Padma in a large vessel especially for holding liquors? They will ask before rushing off to burn a bus or two. And which is the immature state? Rajasthan? Bollywood? Is Bollywood a State? While that is being sorted out, they will shut down theatres, talk threateningly of our glorious past, and demand that beef eaters drop all consonants from their names.

    • Censorship wins no arguments and just helps the right

      How you think is as important as what you think. If you believe you can ban your way to victory by mounting heresy hunts against all who veer from the true faith, you will not only deserve to lose by some airy moral reckoning. You will lose whether you deserve to or not. As losing is no longer a trivial event in the age of Brexit and Trump, it is worth understanding the consequences of going beyond the old liberal principle that only demagogues who incite violence should be banned.

      The moral arguments against censorship are so old I can recite them in my sleep. The practical case against a “liberal” movement that reaches for the censor’s red pen like a drunk reaching for a bottle deserves more attention.

    • ‘Shadow banning’: How Twitter secretly censors conservatives without them even knowing it
    • HIDDEN CAMERA: Twitter Engineers To “Ban a Way of Talking” Through “Shadow Banning”
    • Is Twitter Really Censoring Free Speech?
    • Amid Protests, Iran’s Government Censors Its Critics With Chinese-Style Internet Control

      Late last month, as nationwide street protests entered their fourth day, Iran’s interior minister, Abdolreza Rahmani Fazli, issued a statement darkly warning that online social networks in the country were being used to create “violence and fear.” A day earlier, the internet as a whole had briefly flickered offline throughout Iran in what was widely interpreted as a government-engineered throttling. Following Fazli’s statement, the government blocked access to the photo-sharing site Instagram, as well as Telegram, a secure messaging app used by 40 million Iranians per month that had begun to emerge as a key organizing tool for protesters.

      The shutdown of Telegram and the brief closure of the internet as a whole are signs of the Islamic Republic’s increasing technical capacity to manage its citizens’ access to the global web. A new report by the Center for Human Rights in Iran, “Guards at the Gate: The Expanding State Control Over the Internet in Iran,” paints a grim picture of the Islamic Republic’s growing ability to control and stymie the flow of information online.

    • Deadline looms for abortionists to justify video censorship [Ed: The 'pro-lifers' engaging in all sorts of harassment, then claiming to be victims of censorship.]
    • Welcome to new era of global digital censorship

      Score one for the censors.

      In the battle over what limits should be imposed on online free speech, regulators worldwide are on the offensive.

      France has proposed banning so-called fake news during the country’s future elections, while in Germany, new hate speech rules impose fines of up to €50 million on social media companies that don’t delete harmful content within 24 hours of being notified.

      The growing push to control what can be published online will again take center stage this week when the European Commission publishes its biannual report Thursday on how Facebook, Google and Twitter are handling the hate speech lurking in social media’s darker nooks and crannies. (The likely outcome: EU policymakers will complain that companies aren’t doing enough, and threaten them with more regulation.)

    • Musicians need an association: Chief censor

      There should be an association for musicians, says Chief Censor Steven Mala.

      This is also a dream for many musicians, who have been looking to the PNG Censorship Board and the government to assist them with.

      But Mala says the formation of an association has to be an independent one, free from government interference.

    • “Ndizakupanga rape” wakes up sleeping Malawi Censorship Board

      Established under the Censorship and Control of Entertainment Act, the Malawi Censorship Board was given mandate to censor published and other entertainment materials but the board has not always been active.

      The public in Malawi has been fed with materials through publication of books and entertainment materials that raise eyebrows as to whether the censorship board is still operational in the country.

  • Privacy/Surveillance

    • Senate To Vote Tuesday On Surveillance Bill; Four Senators Try To Rally Others To Oppose

      Following yesterday’s bizarre vote in the House, in which many members who opposed President Donald Trump and warn about his abuses of office voted to give him much greater surveillance capabilities, the issue quickly moved to the Senate. Senate Majority Leader Mitch McConnell made a procedural move to ensure no amendments are added, and the bill the Senate will vote on will be basically the awful bill in the House.

    • Rights in the age of big data

      “What do judges know that we cannot teach a computer?” There is a substantial public sentiment that distrusts legal rules and state structures and looks to technology for solutions. After all, many trust their smartphones more than they trust their government. But what may seem as a fairly modern libertarian opinion, voiced in pitch decks and technology conferences, and buoyed by the success of the information economy, has much deeper roots. Such ambitions of a technology centric society were voiced more than forty years ago by John McCarthy, an influential computer scientist and professor at Stanford who coined the term, “artificial intelligence”, and nurtured it into a formal field of research. It was not that such assertions were without prominent challengers, noticeably Joseph Weizenbaum whose 1976 book titled Computer Power and Human Reason put people at the centre of technological progress, rather than being its subjects.

    • Apple: Chinese firm to operate China iCloud accounts

      Apple’s iCloud services in mainland China will be operated by a Chinese company from next month, the tech giant has confirmed.

      It has contacted customers based in China, advising them to examine new terms and conditions.

      They include a clause that both Apple and the Chinese firm will have access to all data stored on iCloud.

    • Facebook warned it faces legal action from ‘revenge porn’ victims
    • Aadhaar: Doubts linger

      The planned introduction of a 16-digit “Virtual ID” for Aadhaar may be a good security measure, but it may have been thought of a little too late. The Virtual ID is a clear response to the credibility hit the Aadhaar system and its database faced following the newspaper expose of how it could be breached with an electronic payment to agents selling a gateway for illegal access.

  • Civil Rights/Policing

    • Uber’s Secret Tool for Keeping the Cops in the Dark

      At least two dozen times, the San Francisco headquarters locked down equipment in foreign offices to shield files from police raids.

    • Uber developed secret system to lock down staff computers in a police raid

      Uber developed a secret system called Ripley that would lock down staff computers in the event of a police raid, preventing officials from accessing company data.

      The ride-sharing company used Ripley at least two dozen times in 2015 and 2016 in countries including Canada, the Netherlands, Belgium, France and Hong Kong, according to Bloomberg.

    • A woman’s choice – sexual favours or lose her home

      Across the US, sexual harassment at the hands of landlords, property managers and others in the housing industry can drive poor women and their children into homelessness. It is a problem badly understood and virtually unstudied.
      Khristen Sellers needed a home.
      The previous few years had been a struggle. She’d left an abusive relationship, been arrested, wandered out and then back into her children’s lives. Just as she seemed to be getting back on track, a probation violation sent Sellers to prison for the first time.
      After five months, she returned to her hometown of Laurinburg, North Carolina. She was broke and homeless, starting over at the age of 29. She slept on couches. She got a job at a supermarket, then another at a fast-food restaurant.

    • British worker thrown in Dubai prison for asking crooked car dealer “How do you sleep at night?” message on Whatsapp

      Here’s another reason never to set foot in Dubai: You can be imprisoned for complaining about being ripped off.

    • James Damore’s lawsuit partner says Google is dominated by a racist, man-hating ‘hate group’

      “I don’t hate Google, and I certainly don’t hate the people who work there,” writes Gudeman. “I wouldn’t want this suit to give people a bad opinion of Googlers, but, honestly, they brought this on themselves for tolerating the hatred, racism, and misandry of a small but vocal and organized subgroup who want to use Google as a vehicle of social change rather than as a vehicle of delivering excellent service and products to their customers.”

    • Time’s Up Activists Warn Trump’s “Shithole Countries” Remark Will Embolden White Supremacists

      As outrage grows over President Trump’s “shithole countries” remark, we speak to five women who took part in Sunday’s Time’s Up protest at the Golden Globes: Tarana Burke, founder of the #MeToo movement; actress Shailene Woodley; Mónica Ramírez of the National Farmworker Women’s Alliance; Calina Lawrence of the Suquamish Tribe; and Ai-jen Poo of the National Domestic Workers Alliance.

  • Internet Policy/Net Neutrality

    • Susan Collins, Angus King back bill to reverse FCC vote against net neutrality

      “The FCC’s recent action to repeal net neutrality threatens to undermine its positive impact by stifling innovation and putting access and connection speeds for sale to the highest bidder,” said King in a prepared statement. “It is crucial we defend net neutrality and I will work to ensure that this misguided repeal is never implemented.”

      Collins said through a spokeswoman, Annie Clark, that she also would support Markey’s legislation.

    • Comcast’s Sneaky Cable Fees Have Jumped 241% in the Last Three Years

      Thanks to limited competition, Comcast has also slowly but surely imposed arbitrary and unnecessary usage caps and overage fees on its broadband subscribers as well. Such restrictions not only make broadband more expensive overall, but Comcast tends to exempt its own streaming services from the limits, making it a wonderful way to hamstring competing services that still count against the cap (aka zero rating).

    • Colorado Cities Keep Voting To Build Their Own Broadband Networks

      So we’ve long mentioned how incumbent ISPs like Comcast have spent millions of dollars quite literally buying shitty, protectionist laws in more than twenty states. These laws either ban or heavily hamstring towns and cities from building their own broadband networks, or in some cases from even engaging in public/private partnerships. It’s a scenario where ISPs get to have their cake and eat it too; they often refuse to upgrade their networks in under-served areas (particularly true among telcos offering DSL), but also get to write shitty laws preventing these under-served towns from doing anything about it.

      This dance of dysfunction has been particularly interesting in Colorado, however. While lobbyists for Comcast and CenturyLink managed to convince state leaders to pass such a law (SB 152) in 2005, the legislation contains a provision that lets individual Colorado towns and cities ignore the measure with a simple referendum. With frustration mounting over sub-standard broadband and awful customer service, more than 100 towns and cities have done so thus far.

    • Harvard Study Shows Why Big Telecom Is Terrified of Community-Run Broadband

      According to the new study by the Berkman Klein Center for Internet and Society at Harvard University, community-owned broadband networks provide consumers with significantly lower rates than their private-sector counterparts.

    • With new Chinese link, Nepal ends India’s Internet monopoly

      More than 60 per cent of Nepal’s 28 million people had access to the Internet last year, up from just 19 per cent in 2012.

  • Intellectual Monopolies

    • Protection for GUIs restricted to specific hardware carriers in China

      A recent court case in China has clarified the scope of protection afforded by registered designs for graphical user interfaces (GUIs).

      In recent years, intellectual property laws in various countries have been changed to extend the protection afforded by registered designs (which protect the appearance of products) to GUIs. This enables protection to be sought for the appearance of software on a display screen (e.g. in the form of icons, etc.), which is of increasing importance in the world of smartphones and tablets.

      [...]

      Thus, it seems unlikely that it will be possible to obtain a valid right for a registered design directed solely to a GUI in China, without its accompanying hardware carrier being shown. However, partial design protection in available in other countries, e.g. in the EU. This means that registered design protection for GUIs on their own (without their carrier) may be validly obtained outside of China.

    • Copyrights

      • Swedish Supreme Court confirms that domain names constitute property that can be seized by the state

        The saga behind the decision I am going to report on first started in April 2015, when prosecutor Fredrik Ingblad directed claims against Fredrik Neij (one of the creators of The Pirate Bay) in an effort to disrupt the operation of The Pirate Bay website in Sweden.

        Ingblad also filed a complaint against Punkt SE (IIS), the organisation responsible for Sweden’s .se top-level domain. Mr Ingblad argued that the domains ‘ThePirateBay.se’ and ‘PirateBay.se’ were used as “tools” to aid and abet copyright infringement and should therefore be seized by the Swedish state.

      • Ed Sheeran-Penned Song for Tim McGraw Is Target of Copyright Lawsuit

        Richard Busch, who successfully won a trial for the family of Marvin Gaye in the “Blurred Lines” lawsuit, is representing the plaintiff. The Nashville-based attorney previously took on Sheeran in a $20 million copyright lawsuit over another hit, “Photograph.” That case ended in a settlement that resulted in two suing songwriters being added to credits and gaining a significant share of royalties.

        Now, with song theft allegations continuing to draw great attention (see the fuss this week over how the publisher of Radiohead’s “Creep” is making legal demands over Lana Del Rey’s “Get Free”), three music superstars along with co-writers Johnny McDaid and Amy Wadge as well as music industry giants Sony/ATV, Universal Polygram, WB Music plus others must respond to new charges of ripping off material. In this case, it’s alleged that the copying was fully known by employees of Sony Music.

      • Commission claims that general monitoring is not general monitoring

        Will everything we do on the internet be monitored and checked against by a non-transparent mechanism that decides what can be published? It is a real threat, and currently it is coming from an area that patently does not require such draconian measures: EU copyright law. This threat is a peculiar one, because there are actually explicit safeguards in existing EU law designed to prevent general monitoring of users’ communications.

      • Coalition Against Piracy Launches Landmark Case Against ‘Pirate’ Android Box Sellers

        The recently-formed Coalition Against Piracy, which counts Disney, Fox, Sony, HBO, NBCUniversal, BBC Worldwide and StarHub among its members, will tread new ground today when it attempts a private prosecution of ‘pirate’ Android box sellers in Singapore. In what many believe is a legal gray area, the anti-piracy outfit will seek a win in order to suppress further sales in the region.

      • Netflix, Amazon, and major studios sue maker of “free TV” box

        The Dragon Box uses Kodi and Android software to help users access video, and the Dragon Box website says the device “acts merely as an index (or directory) of media posted by other enthusiasts on the Internet, which is completely outside of our control.”

      • Are Torrent Sites Using DMCA Notices to Quash Their Competition?

        It’s well known that copyright holders can use DMCA notices to remove infringing content from search engines such as Google. However, it appears that torrent sites are also being targeted by fraudulent requests, possibly submitted their own competitors.

      • ISP: We’re Cooperating With Police Following Pirate IPTV Raid

        This week police across Europe coordinated to shut down what is claimed to be one of the world’s largest pirate IPTV networks. Following raids in Cyprus, Bulgaria, the Netherlands, and Greece, TorrentFreak identified the ISP from where the illicit operation allegedly broadcast to the world. Located in a small Bulgarian town, the ISP says it is cooperating with the police to identify the suspects.

01.12.18

Links 12/1/2018: New *buntu ISOs. KDE Applications 17.12.1

Posted in News Roundup at 7:16 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Server

    • Thinking Concurrently: How Modern Network Applications Handle Multiple Connections

      The idea behind a process is fairly simple. A running program consists of not only executing code, but also data and some context. Because the code, data and context all exist in memory, the operating system can switch from one process to another very quickly. This combination of code + data + context is known as a “process”, and it’s the basis for how Linux systems work.

      When you start your Linux box, it has a single process. That process then “forks” itself, such that two identical processes are running. The second (“child”) process reads new code, data and context (“exec”), and thus starts running a new process. This continues throughout the time that a system is running. When you execute a new program on the command line with & at the end of the line, you’re forking the shell process and then exec’ing your desired program in its place.

    • New Purist Services – Standard Web Services Done Ethically

      When you sign up for a communication service, you are typically volunteering to store your personal, unencrypted data on someone else’s remote server farm. You have no way of ensuring that your data is safe or how it is being used by the owner of the server. However, online services are incredibly convenient especially when you have multiple devices.

    • Automated compliance testing with InSpec

      Don’t equate compliance through certification with security, because compliance and security are not the same. We look at automated compliance testing with InSpec for the secure operation of enterprise IT.

    • How the Kubernetes Certification Ensures Interoperability

      Dan Kohn, executive director of the Cloud Native Computing Foundation, has called the launch of the new Kubernetes service provider certification program the most significant announcement yet made by the Foundation around the open source container orchestration engine.

      On this new episode of The New Stack Makers from KubeCon + CloudNativeCon 2017, we’ll learn more from Kohn and William Denniss, a product manager at Google, about how the program can help ensure interoperability and why that’s so important.

    • Container Structure Tests: Unit Tests for Docker Images

      Usage of containers in software applications is on the rise, and with their increasing usage in production comes a need for robust testing and validation. Containers provide great testing environments, but actually validating the structure of the containers themselves can be tricky. The Docker toolchain provides us with easy ways to interact with the container images themselves, but no real way of verifying their contents. What if we want to ensure a set of commands runs successfully inside of our container, or check that certain files are in the correct place with the correct contents, before shipping?

    • Prometheus vs. Heapster vs. Kubernetes Metrics APIs

      In this blog post, I will try to explain the relation between Prometheus, Heapster, as well as the Kubernetes metrics APIs and conclude with the recommended way how to autoscale workloads on Kubernetes.

    • Google Introduces Open Source Framework For Testing Docker Images

      Google has announced a new framework designed to help developers conduct unit tests on Docker container images.

      The Container Structure Test gives enterprises a way to verify the structure and contents of individual containers to ensure that everything is as it should be before shipping to production, the company said in the company’s Open Source blog Jan. 9.

      Google has been using the framework to test containers internally for more than a year and has released it publicly because it offers an easier way to validate the structure of Docker containers than other approaches, the company said.

  • Kernel Space

    • Systemd 237 Will Have Support For WireGuard

      The next release of systemd, v237, will introduce support for WireGuard. WireGuard as a reminder is the effort to provide a fast, modern and secure VPN tunnel that eventually plans to be part of the mainline Linux kernel.

      Systemd’s networkd component recently merged patches for supporting WireGuard that have been in the works since September 2016. From the systemd perspective it’s implementing support for the new “wireguard” interface type and supporting key management.

    • Some Of The Other Changes Slated For Linux 4.16

      There’s still a week and a half to go until the Linux 4.15.0 stable kernel release is expected and that rings in the Linux 4.16 merge window. On top of various Linux 4.16 changes already talked about, here’s a look at some of the other kernel features/additions expected for this next release cycle.

    • Linux Foundation

      • SPDX clears confusion around software licenses

        Around this time every year, our minds turn to copyright. Or maybe they turn more to copyright. After all, open source works because of copyright law. As you may already know, copyright laws give the authors of works the exclusive right to copy (among other things) their work. These rights attach as soon as the work is fixed in a tangible medium (written down, saved to disk, etc.). So the rights that open source licenses grant rely on copyright law.

        But what rights are specifically granted? That depends on which license the developer selects. Most projects use one of a few standard licenses, but they’re not always clearly communicated. For example, a project may be released under “the GNU General Public License (GPL).” But which version? And can the recipient choose a later version if they wish?

        The Software Package Data Exchange (SPDX) is a Linux Foundation project to help reduce the ambiguity of software by defining standards for reporting information. The license is one such piece of information. SPDX provides a format for listing the specific license variant and version that applies to a software package. With over 300 licenses, you’re likely to find the one you use. The License List contains a human-friendly name, a short name, and a link to the full license text. SPDX also provides guidelines for matching the text of a license file to the official text of the license.

      • The Linux Foundation announces Linux on Azure training course to speed with Linux and vice versa

        The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced on Thursday the availability of a new training course, LFS205 – Administering Linux on Azure.

        A large number of the virtual machines running in Azure are utilizing the Linux operating system. Both Linux and Azure professionals should make sure they know how to manage Linux workloads in an Azure environment as this trend is likely to continue.

      • The Linux Foundation launches ‘Administering Linux on Azure’ training course

        Linux is very much mainstream nowadays. What was once viewed as a hobby and niche project, is transforming the world. Many of the world’s servers are running Linux-based operating systems. Hell, the most popular mobile operating system on the planet, Android, is Linux-based. Even closed-source champion Microsoft is embracing Linux by integrating it into Windows 10 and offering it on its Azure platform.

      • 4 Days Left to Submit Your Proposal for Open Networking Summit NA 2018

        The call for proposals deadline is quickly approaching! With more than 2000 attendees expected at this year’s event, submit before Sunday, January 14, 2018 at 11:59pm PST to share your ideas and expertise with the open networking community.

    • Graphics Stack

      • Wayland 1.15 & Weston 4.0 Planning For Release Next Month

        Ongoing Wayland/Weston release manager Bryce Harrington of Samsung’s Open-Source Group has laid out plans for the next releases of Wayland and the reference Weston compositor.

        It’s been a half-year since the release of Wayland 1.14 and Weston 3.0, so Bryce is trying to build up interest in getting out new releases in the weeks ahead.

      • NVIDIA Contributes Some New Tegra/Nouveau Patches

        It’s not any re-clocking code or magical improvements for Nouveau’s Pascal support, but on the Tegra side a NVIDIA developer has volleyed some new open-source patches.

      • Initial Intel Ice Lake PCH Support Posted
      • The Linux Graphics Stack Gets Further Meson-ized: Now With Libdrm Support

        The work on adding optional Meson build system support to the Linux graphics stack and other key open-source projects continues…

        Going back to last September has been work for Meson-izing Mesa as an alternative build system rather than Autotools, CMake, or SCons within Mesa. It’s been delivering fast results and since the initial port landed more Mesa components have become supported by the Meson build.

      • Server-Side GLVND Updated While X.Org Server 1.20 Drags On

        Adam Jackson of Red Hat has sent out the second version of the ongoing patches for providing server-side GLVND functionality for the X.Org Server.

        Most of you faithful Phoronix readers should be familiar with GLVND, the OpenGL Vendor Neutral Dispatch Library. That’s the effort led by NVIDIA and supported by others in the ecosystem for improving the “Linux OpenGL driver ABI” by allowing for multiple OpenGL drivers to happily co-exist on the same system without fighting over libGL.so. and the like. That’s been going well but server-side GLVND for the X.Org Server takes things a step further.

    • Benchmarks

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KDE Applications 17.12 Open Source Software Suite Gets First Point Release

        KDE Applications 17.12 is the latest and most advanced version of the open source software suite used in KDE Plasma desktop environments or independently. It was released last month on December 14 with numerous improvements and new features, including HiDPI support for Okular and Dolphin enhancements.

        Now, the KDE Applications 17.12.1 minor bugfix release is out and brings more than 20 improvements to various of the included applications like Ark, Akonadi, Dolphin, Filelight, Gwenview, KGet, K3b, Kate, Kdenlive, Kleopatra, KMix, KMahjongg, Kontact, Okteta, Okular, and Umbrello.

      • KDE Ships KDE Applications 17.12.1
      • Meet Nextcloud Talk, World’s First Self-Hosted, Encrypted Communication Platform

        Nextcloud informs Softpedia today on the general availability of Nextcloud Talk, world’s first self-hosted, enterprise-ready, and end-to-end encrypted audio/video and chat communication platform.

        Meet Nextcloud Talk, the first enterprise-ready, open-source, and end-to-end encrypted, and privacy-focused self-hosted communication technology that promises to give users full control over their data while chatting with others over the communication platform.

        Developed by Nextcloud, the biggest self-hosted and fully open source enterprise file sync and share platform, Nextcloud Talk features text chat and audio/video conferencing support, and it can be hosted on-premise, accessible from the Internet through a web browser and on your mobile device.

      • Krita 4.0 Open-Source Digital Painting Tool Enters Beta, Here’s What to Expect

        The developers of the Krita open-source and cross-platform digital painting software have released today the first beta version of the upcoming Krita 4.0 major release.

        Krita 4.0 will be the biggest update since version 3.0, and today’s first beta release gives users early access to many of its awesome new features and improvements. Right now, Krita 4.0 is in String Freeze development stage, which means that most of the major new features are already implemented.

        “We’ve officially gone into String Freeze mode now! That’s developer speak for “No New Features, Honest.” Everything that’s going into Krita 4.0 now is in, and the only thing left to do is fixing bugs and refining stuff,” reads today’s announcement.

      • This week in Usability and Productivity

        These improvements were landed by KDE Developers Kai Uwe Broulik, Albert Astals Cid, Aleix Pol, Michael Heidelbach, and myself. And that’s not all; the entire KDE community has been busy landing many more bugfixes and features too–more than I can keep track of!

        I want to especially focus on the last Discover change I mentioned above. After my last post about Discover, we got a lot of user feedback that people wanted greater density and to be able to see more apps at once.

      • New Stable Release: Krita 3.3.3

        Today we’re releasing Krita 3.3.3. This will probably be the last stable release in the Krita 3 series.

    • GNOME Desktop/GTK

      • GTK’s Vulkan Renderer Will Now Let You Pick The GPU For Rendering

        One of the features exciting us the most about GTK4 is the Vulkan renderer that will make its premiere. This Vulkan renderer continues getting worked into shape for GTK+ 4.0.

        The most recent addition to this Vulkan renderer is a means to allow specifying a device (GPU) to use for rendering, in the event of having multiple Vulkan graphics processors on the same system.

  • Distributions

    • Top 3 Linux Distributions That ‘Just Work’

      Twenty years ago, when I first started using Linux, finding a distribution that worked, out of the box, was an impossible feat. Not only did the installation take some serious mental acuity, configuring the software and getting connected to the Internet was often a challenge users were reluctant to attempt.

      Today, things are quite different. Linux now offers distributions that anyone can use, right out of the box. But, even among those distros that “just work,” some rise to the top to stand as the best in breed. These particular flavors of Linux are perfect for users hoping to migrate away from Windows or mac OS and who don’t want to spend hours getting up to speed on how the platform works, or (more importantly) making the system perform as expected.

      Read more

    • OpenSUSE/SUSE

      • openSUSE Tumbleweed Now Patched Against Meltdown/Spectre, Adopts LibreOffice 6.0

        openSUSE Project reports today through Douglas DeMaio that the openSUSE Tumbleweed software repositories have been flooded this week by four new snapshots that brought updated components and other improvements.

        According to the developer, much of the efforts of the openSUSE Tumbleweed’s maintainers were focused this week on patching the recently unearthed Meltdown and Spectre security vulnerabilities that put billions of devices at risk of attacks by allowing unprivileged attackers to steal your sensitive data from memory.

    • Red Hat Family

      • Top predictions for 2018 point toward security and innovation

        When thinking about future trends, it’s important to have a strong understanding of the important innovations impacting most sectors, and pair that understanding with an intuition around what impacts those innovations will have to most organizations in 2018.

        Innovation is crucial to federal agencies, but is muted when security becomes a factor. When it comes to impactful trends in the new year, it’s all about three things: security, security, security. Despite the fact that a Ponemon Institute study recently showed that the global average cost of a data breach is down 10 percent over previous years to $3.62 million, according CSO, the average size of a data breach increased nearly two percent. This stat signifies that security will continue to be a top concern for 2018, just as it was in 2017, and will be in 2019.

      • How inner sourcing saved our IT department

        Red Hat is a company with roughly 11,000 employees. The IT department consists of roughly 500 members. Though it makes up just a fraction of the entire organization, the IT department is still sufficiently staffed to have many application service, infrastructure, and operational teams within it. Our purpose is “to enable Red Hatters in all functions to be effective, productive, innovative, and collaborative, so that they feel they can make a difference,”—and, more specifically, to do that by providing technologies and related services in a fashion that is as open as possible.

        Being open like this takes time, attention, and effort. While we always strive to be as open as possible, it can be difficult. For a variety of reasons, we don’t always succeed.

      • Finance

      • Fedora

        • Copr Modularity in retrospect

          his article is about the journey that we made since the Fedora modularity project started and we decided to get involved and provide modularity features in Copr. It has been a long and difficult road and we are still not on its end because the whole modularity project is a living organism that is still evolving and changing. Though, we are happy to be part of it.

        • 10 Fedora Women Days across the world

          Different topics were covered during the events, not only for people already familiar with our community but especially for newcomers intrigued by the open source world and willing to join the Fedora Project. This year we presented in Guwahati, Bangalore, Tirana, Managua, Cusco, Puno, Pune, Lima, Brno and Prishtina, spreading the word about Fedora and saying thank you to all the women contributors to our project.

          Even though the events were dedicated to women, everyone of all identities were welcomed to participate or give a talk. We are glad to see how much interest there was in these events in different local communities and how successful they were, making the decision easier for us to organize them again next year.

        • The Fedora 28 Wallpaper Contest is Open for Entries

          If you’re in any way creative, and want to give something back to the Linux community, here’s your chance!

          Fedora is on the hunt for a new set of desktop wallpapers sourced from the open source community.

          The distro invites open source enthusiasts to submit their very best photographs and illustrations for possible inclusion in the add-on wallpaper pack for its next major release, Fedora 28.

        • Submit Wallpaper for Fedora 28 Supplemental Wallpaper!
        • My FLOSS​ Year in Review

          Thanks to the Fedora Project, GNOME, BacktrackAcademy and the Linux Foundation, I was able to organize FLOSS events mostly in Lima, Peru. Besides that, I did a voluntary work as speaker in FLOSS workshops and IT conference in other parts of the world, being interviewed to reach more newcomers into the challenging Linux world, and do online training.

    • Debian Family

      • Freexian’s report about Debian Long Term Support, December 2017
      • Debian/TeX Live 2017.20180110-1 – the big rework

        In short succession a new release of TeX Live for Debian – what could that bring? While there are not a lot of new and updated packages, there is a lot of restructuring of the packages in Debian, mostly trying to placate the voices that the TeX Live packages are getting bigger and bigger and bigger (which is true). In this release we have introduce two measures to allow for smaller installations: optional font package dependencies and downgrade of the -doc packages to suggests.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 17.10 “Artful Aardvark” Respin ISOs Are Now Available to Download

            Several users reported last month broken BIOSes on their Lenovo, Acer, and Toshiba laptops due to a bug in the Ubuntu 17.10 installation images that won’t allow them to access their BIOS settings. The BIOS could be bricked even if the user ran the Ubuntu 17.10 image in live mode, without installing the OS.

            Canonical was quick to temporarily disable access to Ubuntu 17.10 downloads from their ubuntu.com website warning people about the issue. A workaround and a fix for existing users were available shortly after that, as they had to update the kernel packages in Ubuntu 17.10 to disable the intel-spi driver at boot time.

          • Flavours and Variants

            • Linspire 8.0 and Freespire 4.0 Slated for Release in mid-December 2018

              If you think the release of Linspire 7.0 and Freespire 3.0 were just a one-off, think again because we’re now in possession of the release roadmap for both operating systems, and it looks like we should be able to get our hands on the next major releases at the end of the year. But, in the meanwhile, we’ll be able to test a lot of the beta versions for both Freespire 4.0 and Linspire 8.0, as well as to enjoy new incremental versions of current releases.

              “Today we are releasing the release schedule and roadmap for Linspire and Freespire. These dates are not set in stone and there may be some alterations due to holidays and development mishaps. While the Freespire beta’s will be available publicly the Linspire beta’s will be available to subscription holders and insiders,” says Roberto J. Dohnert in today’s announcement.

  • Devices/Embedded

Free Software/Open Source

  • 7 Open-Source Serverless Frameworks Providing Functions as a Service

    With virtualization, organizations began to realize greater utilization from physical hardware. That trend continued with the cloud, as organization began to get their virtual machines in a pay-as-you-go service.

  • Deep learning wars: Is Facebook-backed PyTorch an answer to Google’s TensorFlow?

    The rapid rise of tools and techniques in Artificial Intelligence and Machine learning of late has been astounding. Deep Learning, or “Machine learning on steroids” as some say, is one area where data scientists and machine learning experts are spoilt for choice in terms of the libraries and frameworks available. A lot of these frameworks are Python-based, as Python is a more general-purpose and a relatively easier language to work with. Keras, Theano, TensorFlow are a few of the popular deep learning libraries built on Python, developed with an aim to make the life of machine learning experts easier.

  • Events

    • Libre in Las Vegas

      It’s no secret that Aleph Objects, by design, does not have trade secrets. As the makers of the LulzBot brand of 3D printers, our industry-leading transparency is born out of a passion for free software, libre innovation, and open source hardware.

      Every software tool we use to make our certified open source hardware is free software. Libre innovation encourages this kind of fanatical transparency, freeing us to share not only our bill of materials and internal assembly documentation, but even things like our research projects on our public development server. We confidently share everything that goes into our products—and more importantly, it lets us show you how they’re made and how to get involved.

    • Ceph Day Germany 2018

      I’m glad to annouce that there will be a Ceph Day on the 7th of February 2018 in Darmstadt. Deutsche Telekom will host the event. The day will start at 08:30 with registration and end around 17:45 with an one hour networking reception.
      We have already several very interesting presentations from SUSE, SAP, CERN, 42.com, Deutsche Telekom AG and Red Hat on the agenda and more to come. If you have an interesting 15-45 min presentation about Ceph, please contact me to discuss if we can add it to the agenda. Presentation language should be German or English.

  • Web Browsers

    • Mozilla

      • Top 5 Firefox extensions to install now

        The web browser has become a critical component of the computing experience for many users. Modern browsers have evolved into powerful and extensible platforms. As part of this, extensions can add or modify their functionality. Extensions for Firefox are built using the WebExtensions API, a cross-browser development system.

        Which extensions should you install? Generally, that decision comes down to how you use your browser, your views on privacy, how much you trust extension developers, and other personal preferences.

      • Not every bit of code you write needs to be optimal

        It’s easy to fall into the trap of obsessing about performance and try to micro-optimize every little detail in the code you’re writing. Or reviewing for that matter. Most of the time, this just adds complexity and is a waste of effort.

        If a piece of code only runs a few (or even a few hundred) times a second, a few nanoseconds per invocation won’t make a significant difference. Chances are the performance wins you’ll gain by micro optimizing such code won’t show up on a profile.

      • Making tab switching faster in Firefox with tab warming

        Since working on the Electrolysis team (and having transitioned to working on various performance initiatives), I’ve been working on making tab operations feel faster in Firefox. For example, I wrote a few months back about a technique we used to make tab closing faster.

        Today, I’m writing to talk about how we’re trying to make tab switching feel faster in some cases.

      • Firefox 60 Is The Next ESR Release, Introducing Policy Engine

        For those sticking to Firefox Extended Support Releases, the Firefox 60 branch will be the next ESR version.

        Firefox 60 will be an ESR release and the plan is to have the ESR 60.0 release out on 8 May, the Firefox 60.1 ESR release on 3 July, and to end Firefox 52 ESR on 28 August when releasing Firefox 60.2.

  • Pseudo-Open Source (Openwashing)

    • #AWChat: How Prebid.org & Open Source Will Shape the Ad Tech Landscape

      Some wrapper solutions are built on open source technology, while others are proprietary. Today, we are here to talk about Prebid, the leading open source solution that enables publishers to quickly implement header bidding.

    • 20 years on, open source hasn’t changed the world as promised

      Open source has officially been a thing for 20 years now. Did anyone notice?

      No, really. For something as revolutionary as open source, you’d think it would have changed the way all software is developed, sold, and distributed. Unfortunately for those party planners looking to celebrate the 20-year anniversary of open source, it hasn’t—changed software, that is. For most developers, most of the time, software remains stubbornly proprietary.

  • BSD

  • Openness/Sharing/Collaboration

  • Programming/Development

    • Exploring Node.js with Mark Hinkle, Executive Director of the Node.js Foundation

      Even though JavaScript has been around for more than 20 years, it’s becoming the first-class citizen for developing enterprise applications. There is a huge developer community behind this technology.

      What makes things even more interesting is that, with Node.js, JavaScript can run on server, so developers can write applications that run end-to-end in JavaScript. Node.js is very well suited for service applications because server applications are increasingly becoming single function event-driven microservices.

    • As Go 2.0 Nears, AWS Launches Developer Preview of Go SDK 2.0
    • PackageKit-Qt Updated With Qt5 Port, Offline Updates & Performance Improvement

      The PackageKit-Qt project that provides Qt bindings for PackageKit has simultaneously released versions v0.10 and v1.0.

    • PackageKitQt 1.0.0 and 0.10.0 released!

      PackageKitQt is a Qt Library to interface with PackageKit

      It’s been a while that I don’t do a proper PackageKitQt release, mostly because I’m focusing on other projects, but PackageKit API itself isn’t evolving as fast as it was, so updating stuff is quite easy.

    • GitHub Knows

      I was reflecting the other day how useful it would be if GitHub, in addition to the lists it has now like Trending and Explore, could also provide me a better view into which projects a) need help; and more, b) can accept that help when it arrives. Lots of people responded, and I don’t think I’m alone in wanting better ways to find things in GitHub.

      Lots of GitHub users might not care about this, since you work on what you work on already, and finding even more work to do is the last thing on your mind. For me, my interest stems from the fact that I constantly need to find good projects, bugs, and communities for undergrads wanting to learn how to do open source, since this is what I teach. Doing it well is an unsolved problem, since what works for one set of students automatically disqualifies the next set: you can’t repeat your success, since closed bugs (hopefully!) don’t re-open.

      And because I write about this stuff, I hear from lots of students that I don’t teach, students from all over the world who, like my own, are struggling to find a way in, a foothold, a path to get started. It’s a hard problem, made harder by the size of the group we’re discussing. GitHub’s published numbers from 2017 indicate that there are over 500K students using its services, and those are just the ones who have self-identified as such–I’m sure it’s much higher.

Leftovers

  • Shareholder Groups Say Apple Should Do More To Address Gadget ‘Addiction’ Among Young People: Should It?

    In an open letter to Apple, two of its major shareholders, Jana Partners and the California State Teachers’ Retirement System, have raised concerns about research that suggests young people are becoming “addicted” to high-tech devices like the iPhone and iPad, and the software that runs on them. It asks the company to take a number of measures to tackle the problem, such as carrying out more research in the area, and providing more tools and education for parents to help them deal with the issue.

  • Security

    • [Ubuntu] Meltdown and Spectre Status Update

      On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture.

    • Lubuntu 17.10.1 (Artful Aardvark) released!

      Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here.

      Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after.

      This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO. You can find the initial announcement here.

    • Check Linux for Spectre or Meltdown vulnerability

      Devices running Linux are affected by Spectre and Meltdown vulnerabilities as much as their Windows counterparts.

      Development teams work on updated kernels for the various distributions, and users need to update browsers and other software to protect data against potential attacks.

      We talked about identifying whether your Windows PC or web browser is vulnerable already. A recently published script does the same for Linux systems. You may use it to check whether your Linux distribution is vulnerable.

    • Meltdown Patch Is Causing Problems for Some Ubuntu Linux Users

      Many Ubuntu Linux users who installed the latest kernel updates to fix the Meltdown CPU vulnerability found themselves stuck in a boot loop and had to revert back to a previous version.

      The problem affected mostly Ubuntu 16.04 (Xenial Xerus), which is a long-term support (LTS) release. Soon after the 4.4.0-108 kernel update was released to fix the Meltdown vulnerability, users flooded the Ubuntu Forums and bug tracker to report booting problems.

    • Meltdown Update Kernel doesnt boot
    • Major Linux distros have Meltdown patches, but that’s only part of the fix

      The Intel Meltdown security problem is the pain that just keeps hurting. Still, there is some good news. Ubuntu and Debian Linux have patched their distributions. The bad news? It’s becoming clearer than ever that fixing Meltdown causes significant performance problems. Worst still, many older servers and appliances are running insecure, unpatchable Linux distributions.

    • How Much Slower Will My PC Become After Meltdown And Spectre Patches?
    • Intel’s Microcode Update for Spectre Exploit Is Now Available in Ubuntu’s Repos

      Canonical announced a few moments ago that Intel’s latest microcode update for the Spectre security vulnerability is now available from the software repositories of all supported Ubuntu Linux releases.

      After releasing earlier this week new kernel updates to mitigate the Meltdown and Spectre security exploits that put billions of devices at risk of attacks by allowing a local, unprivileged attacker to obtain sensitive information from kernel memory, Canonical now released the updated microcode from Intel for supported Intel CPUs.

    • Cisco can now sniff out malware inside encrypted traffic

      Cisco has switched on latent features in its recent routers and switches, plus a cloud service, that together make it possible to detect the fingerprints of malware in encrypted traffic.

      Switchzilla has not made a dent in transport layer security (TLS) to make this possible. Instead, as we reported in July 2016, Cisco researchers found that malware leaves recognisable traces even in encrypted traffic. The company announced its intention to productise that research last year and this week exited trials to make the service – now known as Encrypted Traffic Analytics (ETA) – available to purchasers of its 4000 Series Integrated Service Routers, the 1000-series Aggregation Services Router and the model 1000V Cloud Services Router 1000V.

      Those devices can’t do the job alone: users need to sign up for Cisco’s StealthWatch service and let traffic from their kit flow to a cloud-based analytics service that inspects traffic and uses self-improving machine learning algorithms to spot dodgy traffic.

    • MacOS High Sierra security bug lets you unlock App Store System Preferences with any random password

      According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. If it is unlocked, lock it and then try unlocking it using your username and any password.

    • Intel tells select customers not to use its bug fixes

      Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

    • Canonical reissues Meltdown and Spectre patches for Ubuntu after borkage
    • A Step in the Right Direction: House Passes the Cyber Vulnerability Disclosure Reporting Act

      The House of Representatives passed the “Cyber Vulnerability Disclosure Reporting Act” this week. While the bill is quite limited in scope, EFF applauds its goals and supports its passage in the Senate.

      H.R. 3202 is a short and simple bill, sponsored by Rep. Sheila Jackson Lee (D-TX), that would require the Department of Homeland Security to submit a report to Congress outlining how the government deals with disclosing vulnerabilities. Specifically, the mandated report would comprise two parts. First, a “description of the policies and procedures developed [by DHS] for coordinating cyber vulnerability disclosures,” or in other words, how the government reports flaws in computer hardware and software to the developers. And second, a possibly classified “annex” containing descriptions of specific instances where these policies were used to disclose vulnerabilities in the previous year, leading to mitigation of the vulnerabilities by private actors.

      Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities. To date, such evidence has been exceedingly sparse; for instance, Apple received its first ever vulnerability report from the U.S. government in 2016. Assuming the report and annex work as intended, the public’s confidence in the government’s ability to “play defense” may actually increase.

    • FBI Says Device Encryption Is ‘Evil’ And A Threat To Public Safety

      The FBI continues its anti-encryption push. It’s now expanded past Director Christopher Wray to include statements by other FBI personnel. Not that Chris Wray isn’t taking every opportunity he can to portray personal security as a threat to the security of the American public. He still is. But he’s no longer the only FBI employee willing to speak up on the issue.

      Wray expanded his anti-encryption rhetoric last week at a cybersecurity conference in New York. In short, encryption is inherently dangerous. And the FBI boss will apparently continue to complain about encryption without offering any solutions.

    • Canonical Says It’ll Release New Ubuntu Kernels to Further Mitigate Spectre Bugs

      Canonical’s Dean Henrichsmeyer published today an update on the Ubuntu patches for the Meltdown and Spectre security vulnerabilities and what they plan on doing next to mitigate these critical bugs.

      By now, most of you have probably updated your Ubuntu Linux computers to the new kernel versions Canonical released earlier this week, as well as the new Nvidia proprietary graphics driver and Firefox web browser, both including patches to mitigate the Meltdown and Spectre exploits affecting billions of devices powered by modern processors from Intel, AMD, and ARM.

    • Security updates for Friday
    • AMD processors: Not as safe as you might have thought

      In a posting. Mark Papermaster, AMD’s CTO, admitted Google Project Zero (GPZ) Variant 1 (Bounds Check Bypass or Spectre) is applicable to AMD processors. But, Papermaster wrote, “We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.”

    • AMD CPUs Are Potentially Vulnerable To Spectre / Variant 2

      Last week in light of the Spectre disclosure. AMD believed they were at “near zero risk” to Variant Two / Branch Target Injection. But now the company confirmed last night that’s not the case: they are at least potentially vulnerable.

    • AMD Confirms Its Chips Are Affected By Spectre Flaw, Starts Pushing Security Patches
    • Intel Releases Linux CPU Microcodes To fix Meltdown & Spectre Bugs

      On January 8th Intel released new Linux Processor microcode data files that can be used to mitigate the Spectre and and Meltdown vulnerabilities in Intel CPUs. Using microcode files, an operating system can fix known bugs in Intel CPU without having to perform a BIOS update on the computer.

    • Power Systems And The Spectre And Meltdown Threats

      Speculative execution is something that has been part of modern processors for well over a decade, and while it is hard to quantify how much of a performance benefit this collection of techniques have delivered, it is obviously significant enough that all CPUs, including IBM Power and System z chips, have them. And that, as the new Spectre and Meltdown security holes that were announced by Google on January 3 show, turns out to be a big problem.

      Without getting too deep into the technical details, there are many different ways to implement speculative execution, which is used to keep the many instruction pipelines and layers of cache in a processor busy doing what is hoped will be useful work. So much of what a computer does is an IF-THEN-ELSE kind of branch, and being able to pre-calculate the answers to multiple possible branches in an instruction stream is more efficient than following each path independently and calculating the answers in series. The speculative part of the execution involves using statistics to analyze patterns in data and instructions underneath an application and guessing which branches and data will be needed. If you guess right a lot of the time, then the CPU does a lot more work than it might otherwise. There are no modern processors (except for the PowerPC A2 chips used in the BlueGene/Q supercomputers from IBM) that we can find that don’t have speculative execution in some form or another, and there is no easy way to quantify how much of a performance boost it gives.

    • Blender 3D open source platform plagued with arbitrary code vulnerabilities

      Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.

    • Technologies That Secure the Home, WiFi and More Debut at CES 2018
    • What is the Future of Wi-Fi?
    • Spectre and Meltdown Attacks Against Microprocessors

      This is bad, but expect it more and more. Several trends are converging in a way that makes our current system of patching security vulnerabilities harder to implement.

    • Four Tips for a More Secure Website

      Security is a hot topic in web development with great reason. Every few months a major website is cracked and millions of user records are leaked. Many times the cause of a breach is from a simple vulnerability that has been overlooked. Here are a few tips to give you a quick overview of standard techniques for making your websites more secure. Note: I do not guarantee a secure website if you follow these suggestions, there are many facets to security that I don’t even touch in this article. This write-up is for increasing awareness about techniques used to correct some common vulnerabilities that appear in web applications.

    • What is DevSecOps? Developing more secure applications

      The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to automate core security tasks by embedding security controls and processes early in the DevOps workflow (rather than being bolted on at the end). For example, this could be the case when migrating to microservices, building out a CI/CD pipeline, compliance automation or simply testing cloud infrastructure.

  • Transparency/Investigative Reporting

  • Finance

    • JioCoin: Reliance Jio Planning To Launch Its Own Cryptocurrency

      On one hand, the investment in cryptocurrencies is coming under the radar of Indian government, India’s largest corporate conglomerate is planning to launch its own cryptocurrency named JioCoin in the near future.

      As per a report from Livemint, the JioCoin project is being led by Mukesh Ambani’s elder son Akash Ambani. The company is planning to build a 50-member team of young employees to work on the blockchain technology.

    • Reliance Jio planning its own cryptocurrency called JioCoin

      After disrupting the telecom sector with its free offers and hyper-competitive tariffs, Reliance Jio Infocomm Ltd plans to create its own cyptocurrency, JioCoin.

      With Mukesh Ambani’s elder son Akash Ambani leading the JioCoin project, Reliance Jio plans to build a 50-member team of young professionals to work on blockchain technology, which can also be used to develop applications such as smart contracts and supply chain management logistics.

    • Jeff Bezos Wealthiest Person Ever, Net Worth Over $105B

      Jeff Bezos, the founder and CEO of e-commerce giant Amazon, is now the richest person on Earth, with a net worth of around $105 billion. This is on the back of a sharp increase in his fortunes throughout the first week or so of 2018, to the tune of about $6 billion. Amazon shares rose about 6.6% because of the shopping service managing to net about 89% of the holiday spending among top retailers who see spikes in spending during the season. It should be noted that Bezos’ high net worth is not solely due to his position with Amazon; he also controls the Washington Post and Blue Origin, a somewhat secretive space startup.

  • AstroTurf/Lobbying/Politics

    • Senate report challenges quality of Facebook, Twitter investigations of Russia’s Brexit influence
    • Trump Administration Waives Punishment For Convicted Banks, Including Deutsche — Which Trump Owes Millions

      The waivers were issued in a little-noticed announcement published in the Federal Register during the Christmas holiday week. They come less than two years after then-candidate Trump promised “I’m not going to let Wall Street get away with murder.”

      [...]

      All of these interactions with the Trump administration and the federal government are transpiring as Deutsche serves as a key creditor for the president’s businesses.

    • Pelosi: ‘Five white guys’ leading DACA talks should open a ‘hamburger stand’

      Minority Leader Nancy Pelosi complained Thursday that immigration negotiations are being led by “five white guys” — and was quickly rebuked by her No. 2, Minority Whip Steny Hoyer, himself one of those white guys involved in the talks.

      “The five white guys I call them, you know,” Pelosi said at her weekly news conference. “Are they going to open a hamburger stand next or what?” Pelosi said, complaining that minority members of Congress were not involved in deciding the fate of Dreamers.

    • UN calls Donald Trump’s s***hole immigrants comments ‘racist’
    • Trump Lawyer Arranged $130,000 Payment for Adult-Film Star’s Silence

      A lawyer for President Donald Trump arranged a $130,000 payment to a former adult-film star a month before the 2016 election as part of an agreement that precluded her from publicly discussing an alleged sexual encounter with Mr. Trump, according to people familiar with the matter.

      Michael Cohen, who spent nearly a decade as a top attorney at the Trump Organization, arranged payment to the woman, Stephanie Clifford, in October 2016 after her lawyer negotiated the nondisclosure agreement with Mr. Cohen, these people said.

      Ms. Clifford, whose stage name is Stormy Daniels, has privately alleged the encounter with Mr. Trump took place after they met at a July 2006 celebrity golf tournament in Lake Tahoe, these people said. Mr. Trump married Melania Trump in 2005.

      Mr. Trump faced other allegations during his campaign of inappropriate behavior with women, and vehemently denied them. In this matter, there is no allegation of a nonconsensual interaction.

  • Censorship/Free Speech

  • Privacy/Surveillance

  • Civil Rights/Policing

    • Uber’s Secret Tool for Keeping the Cops in the Dark

      When the call came in, staffers quickly remotely logged off every computer in the Montreal office, making it practically impossible for the authorities to retrieve the company records they’d obtained a warrant to collect. The investigators left without any evidence.

      Most tech companies don’t expect police to regularly raid their offices, but Uber isn’t most companies.

    • Coverage of Iran Protests Illustrated With Protests Not in Iran––Organized by Fringe Cultists

      Casually throwing around MEK images to represent unrest in Iran is the worst combination of insulting and sloppy. It would be like a Chinese outlet, in 2012, using images of a Westboro Baptist Church protest in a story about Occupy Wall Street, because both opposed the US government. The exact ideology of those protesting in Iran isn’t 100 percent clear—they seem to represent a mix of groups and grievances—but MEK has virtually zero support in Iran itself, having been disowned by the Green Movement (the last major protest movement in Iran) in 2009, and is widely loathed for working with Israeli intelligence and fighting alongside the Iraqi army in Iran’s decade-long war against Saddam in the 1980s that killed a half-million Iranians. The MEK has carried out several bomb attacks in Iran, and was even officially listed by the US State Department as a foreign terrorist organization for 16 years, until it was removed by then-Secretary of State Hillary Clinton in 2012, after a years-long lobbying effort by pro-regime change forces within the US.

      The only major media faction that even pretends the MEK has any legitimacy within Iran is the Murdoch group, which routinely runs MEK’s blatant disinformation (Fox News, 1/1/18) and pro-regime change op-eds (Wall Street Journal, 1/8/18).

    • Jacksonville City Council President and Local Public Defender Call for Suspension of Pedestrian Ticket Writing

      The Jacksonville City Council president and other local lawmakers have called for suspending the issuing of pedestrian tickets in the wake of a state attorney’s office bulletin, the substance of which suggests that hundreds of tickets had been issued in error in recent years.

      Jacksonville Assistant State Attorney Andrew Kantor on Tuesday issued a bulletin to the Jacksonville Sheriff’s Office detailing the proper enforcement of Florida’s pedestrian statutes — a document that supports a recent Times-Union/ProPublica analysis showing police have been issuing certain crosswalk violations in error, ticketing hundreds of pedestrians for failing to cross at formal intersections even when no such option was readily available.

      “I’d like to make sure that we are enforcing the laws appropriately,” City Council President Anna Brosche said shortly after being made aware of the state attorney’s bulletin. “I do support a pause to make sure that everything is being enforced that should be.”

    • FTC Takes Down Another Revenge Porn Site

      There ought to be a law, say many people opposed to revenge porn. And so they craft laws with an eye on prosecution but not so much on the First Amendment, tending to treat collateral damage as acceptable so long as revenge porn site operators are criminally charged. But the proposed laws are more than bad, they’re extraneous. Existing laws are still taking down revenge porn purveyors, as we’ve covered previously at this site.

      The FTC has taken down another revenge porn site and secured a judgment against one of its operations, all without having to having to hack away at protected speech or undermine Section 230 immunity. MyEx.com — a site “dedicated solely to revenge porn” — has been targeted in an FTC complaint.

      [...]

      Paid removals were handled in a similarly shady fashion. The site’s operators made those seeking content removal wire money to someone named “Shelly Mae Garcia” who supposedly lived in the Philippines. Those who refused to pay the extortion were invited to send snail mail to the fake address in the Netherlands.

      [...]

      This revenge porn operation is effectively dead. The nonconsensual part of the operation is blocked by the FTC judgment and the inability to charge removal fees pretty eliminates the most profitable revenue stream. It’s unclear what the future holds for Neil Infante, but it appears the Republican Senate race in Ohio (Infante’s home state) is suddenly in need of a new frontrunner. Perhaps FTC judgment recipient and former revenge porn site operator Craig Brittain could send his colleague a few ideas on to how to MAGA the hell out of the nation as a Senate race bottom-feeder.

  • Internet Policy/Net Neutrality

    • Why Are The People Who Whined About Wheeler’s Net Neutrality Rules Being ’400 Pages’ Silent About Pai’s Being ’539 Pages’

      Yes, as Wendy’s repetition was designed to point out, over and over again, those old rules simply must be extra burdensome, because it’s 400 pages and over 1700 footnotes. Of course, that’s bullshit, and Wendy knows its bullshit — but he wanted to misrepresent the rules and make them seem like a giant regulatory burden. The actual rules were just 8 pages. There were 392 other pages of legally required information including discussions of the various public comments and the various statements from the Commissioners, including lengthy dissent statements from the disagreeing commissioners. In the Wheeler ruling, Ajit Pai’s dissent took up 64 pages and Michael O’Rielly’s was another 15 pages. Yet, somehow, Wendy and others didn’t bother letting people know that 89 pages of the 400 pages were explaining why the rules were (apparently) bad.

      When the draft rules came out, at 210 pages, I wondered why Wendy and others were suddenly silent on the page length.

      Last week, as you may have heard, Pai’s actual final rules were released… and the full document weighs in at 539 pages. Again, those are not the actual rules. Those are just the rules, the legally required (and very detailed) explanation of the rules and all the Commissioners’ statements. And guess who’s suddenly angry about people misrepresenting why the new document is so long?

    • FCC delays review of Sinclair’s purchase of Tribune

      The Federal Communications Commission (FCC) is again delaying its review of Sinclair Broadcast Group’s acquisition of Tribune Media.

    • After Being AWOL From The Fight For Years, Google & Facebook To Fund Lawsuits Over Net Neutrality

      To be clear, that’s a good thing. These upcoming lawsuits, which will focus on the FCC’s blatant disregard for objective data and public interest, are going to need all the help they can get. Said suits will focus extensively on how Ajit Pai and the FCC ignored the nation’s startups, the people who built the internet, and any and all objective data as it rushed to give a sloppy, wet kiss to the nation’s entrenched telecom monopolies.

      That said, several IA member companies’ dedication to net neutrality has been anything but consistent. Google, while often touted as a “net neutrality advocate,” hasn’t truly supported the concept since 2009 or so. As the company pushed into fixed (Google Fiber) and wireless (Project Fi, Android) broadband, its interest in rules that truly protected consumers from duopoly market abuse in the sector magically disappeared. And Google worked with AT&T and Verizon to help craft FCC net neutrality protections in 2010 that were so packed with loopholes as to be largely useless (they didn’t even cover wireless networks).

      Other IA members like Facebook have actively worked to undermine net neutrality overseas as they attempt to corner the ad market in developing nations. Facebook received ample criticism for its behavior in India specifically, when the company tried to trick citizens into supporting Facebook’s push for a zero-rated walled garden platform dubbed “Free Basics.” India ultimately banned such zero rating efforts under its own net neutrality rules, supporting Mozilla’s position that if Facebook is so concerned about the Indian poor, it should help fund access to the entire internet — and not just a Facebook-curated walled garden.

  • Intellectual Monopolies

    • Trademarks

      • JPO Invalidates The Word Mark “Bord’or” In Relation To Bordeaux Wines

        In a decision in an invalidation trial jointly claimed by INSTITUT NATIONAL DE L’ORIGINE ET DE LA QUALITE and CONSEIL INTERPROFESSIONNEL DU VIN DE BORDEAUX, the Invalidation Board of Japan Patent Office (JPO) ordered the invalidation of trademark registration no. 5737079 for a word mark “Bord’or” in script fonts (see below) in violation of Article 4(1)(vii) of the Trademark Law.

      • Appeals Court OKs F-Bombs For Federal Trademark Protection

        The Supreme Court’s decision in The Slants’ trademark case is already beginning to pay off for trademark seekers whose applications were determined to be a bit too racy for the Trademark Office’s (subjective) taste. Section 1052(a) of the US Code used to forbid the registration of trademarks that “disparaged” other persons or groups or anything the USPTO found to be “immoral or scandalous.”

        That’s all gone now, thanks to the Supreme Court, which found this restriction to registrations unconstitutional. The Supreme Court struck down the language limiting “disparaging” trademark registrations. The Federal Circuit Court of Appeals has just struck down the remaining limiting language (“immoral or scandalous”), allowing clothing brand FUCT to finally secure federal trademark protection.

01.11.18

Links 11/1/2018: City of Barcelona Moves to GNU/Linux, Julian Assange Becomes Ecuadorian

Posted in News Roundup at 6:55 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • City Of Barcelona Chooses Linux And Free Software After Ditching Microsoft

    As per the report, Barcelona city plans to replace all user applications on its computers with open source alternatives. After finding a proper replacement for all proprietary software, the final step would be to go ahead with replacing the operating system with Linux.

  • City of Barcelona Kicks Out Microsoft in Favor of Linux and Open Source

    Barcelona city administration has prepared the roadmap to migrate its existing system from Microsoft and proprietary software to Linux and Open Source software.

  • Look Munich, City of Barcelona Is Dumping Windows and Switches to Ubuntu Linux

    While the City of Munich is switching back to Windows after running Linux on their public PCs, a move that will cost them over €100 million euros, the City of Barcelona is making the smart choice of dumping Microsoft’s products and switch to Linux and Open Source.

    First spotted by It’s FOSS, this fantastic news was reported by Spanish newspaper El País, stating that the City of Barcelona is currently in talks of migrating all of their public computer systems to Open Source software products like LibreOffice and Open-Xchange, replacing Microsoft’s expensive products.

  • Desktop

  • Kernel Space

    • Meltdown and Spectre Linux Kernel Status

      By now, everyone knows that something “big” just got announced regarding computer security. Heck, when the Daily Mail does a report on it , you know something is bad…

      Anyway, I’m not going to go into the details about the problems being reported, other than to point you at the wonderfully written Project Zero paper on the issues involved here. They should just give out the 2018 Pwnie award right now, it’s that amazingly good.

    • Linux Kernels 4.14.13, 4.9.76, and 4.4.111 Bring More Security Fixes, Update Now

      As promised, Linux kernel maintainer Greg Kroah-Hartman released today new versions of the Linux 4.14, 4.9, and 4.4 kernel series to address some of the regressions from previous builds and fix more bugs.

      Linux kernels 4.14.13, 4.9.76 LTS, and 4.4.111 LTS are now available for download from kernel.org, and they include more fixes against the Spectre security vulnerability, as well as some regressions from the Linux 4.14.12, 4.9.75 LTS, and 4.4.110 LTS kernels released last week, as some reported minor issues.

    • Freedreno’s MSM DRM Driver Wires In DEVFREQ Re-Clocking Support

      Freedreno open-source Qualcomm Adreno driver creator Rob Clark has sent in the set of updates for the MSM DRM driver targeting the Linux 4.16 kernel.

      The MSM Direct Rendering Manager updates for DRM-Next to go into Linux 4.16 are a bit late for the DRM staging, but these changes are mostly small. Besides some bug fixes and other minor code changes, the main feature addition for MSM in Linux 4.16 is DEVFREQ support for controlling the GPU clock frequency.

    • Linux Foundation

      • The Linux Foundation Announces New Linux on Azure Training Course [Ed: The Linux Foundation works for Microsoft now. Corrupted by the money. Microsoft meanwhile attacks Linux with patents.]
      • Automotive Grade Linux gets support from Toyota and Amazon as it eyes autonomous driving

        Open-source software was once something that large businesses shied away from, but over the course of the last few years, it’s made inroads into virtually every enterprise company. With Automotive Grade Linux (AGL), the Linux Foundation hosts a project that aims to bring open source to the car industry. As the AGL group announced at CES in Las Vegas today, Toyota and Amazon have now signed up to support the project, as well.

        Toyota, which is using AGL in the 2018 Camry, is joining as a platinum member, while Amazon opted for the silver level. Indeed, you may have seen another Toyota and Amazon mashup today, which is probably no coincidence.

    • Graphics Stack

      • R600 Gallium3D Gets More Fixes, Experimental SB Tessellation Support

        If you are still running with a pre-GCN AMD graphics card, a number of R600 Gallium3D commits landed in Mesa Git over night as well as an interesting patch series on the Mesa mailing list.

        Hitting Mesa 17.4-dev Git a few hours ago were a number of R600 Gallium3D fixes. This time around the various fixes come courtesy of VMware’s Roland Scheidegger, a long time Mesa developer. They are a variety of minor fixes. It’s nice to see nevertheless as R600g doesn’t get too much action these days.

      • xf86-video-intel Gets Coffee Lake Support

        The xf86-video-intel DDX driver now has support for the first “Coffee Lake” processors.

      • The Current CPU Driver Usage Difference Between RADV/RadeonSI & NVIDIA

        Yesterday I posted some fresh GPU/driver benchmark results for discrete AMD Radeon and NVIDIA GeForce graphics cards. These were some of the most competitive numbers yet we’ve seen out of the open-source RadeonSI OpenGL and RADV drivers while using the latest Linux 4.15 kernel, especially for the GTX 1060 vs. RX 580 battle. In the comments were requests to see some CPU utilization numbers, including from one of the Radeon Linux developers, so here is a look at how the CPU usage compares.

        With having some spare cycles this morning on that Core i7 8700K “Coffee Lake” desktop, I ran a CPU usage comparison with various Linux games when using the Radeon RX 580 (on Linux 4.15 + Mesa 17.4-dev + LLVM 6.0 SVN) vs. the comparable GeForce GTX 1060 (on Linux 4.15 + NVIDIA 390.12) for showing the latest CPU utilization difference for both OpenGL and Vulkan games.

      • RADV Vulkan Driver Now Supports VK_EXT_discard_rectangles

        RADV co-founder Bas Nieuwenhuizen has landed support for the Vulkan VK_EXT_discard_rectangles extension within Mesa 17.4-dev.

      • RADV Gets Another Optimization For Micro-Benchmarks

        David Airlie and Bas Nieuwenhuizen’s work on the RADV open-source Vulkan driver is quite relentless. David has posted yet another patch working on further optimizing the performance of this unofficial Radeon Vulkan driver living within Mesa.

      • The NVIDIA 390 Driver Is Playing Nicely With Linux 4.15 Kernel

        For those NVIDIA Linux users reliant upon the proprietary driver and wanting to upgrade to the Linux 4.15 kernel that will be officially released within the next two weeks, the 390.12 driver is playing nicely.

        Earlier NVIDIA driver releases ran into compatibility issues with the Linux 4.15 interfaces following the merge window (not due to KPTI, as some other FUD previously passed around by others). But with last week’s NVIDIA 390.12 beta it has been working fine atop the Linux 4.15 Git kernel, including when Kernel Page Table Isolation is enabled for Meltdown prevention. (Retpoline support has yet to be mainlined, haven’t tested the NVIDIA driver there yet to formally confirm if any breakage may happen.)

      • AMDGPU Queues More Fixes For Linux 4.16

        AMD sent in a fair number of AMDGPU updates slated for Linux 4.16 but now hitting the cut-off for major feature updates for DRM-Next code looking to make it into 4.16, AMD has submitted some fixes.

    • Benchmarks

      • NVIDIA GeForce vs. AMD Radeon Linux Gaming Performance At The Start Of 2018

        Here is a fresh look at the NVIDIA GeForce and AMD Radeon Linux graphics card performance as we start 2018. Testing was done using the latest Linux 4.15 Git kernel — including the KPTI page table isolation support — as well as using the newest Mesa 17.4-dev driver code for RadeonSI/RADV and on the NVIDIA side is their brand new 390.12 beta driver.

      • What Linux storage benchmarking tools are best?

        The Linux hdparm tool enables administrators to establish a basic, low-level measure of disk performance. Using hdparm with the -t option takes advantage of the Linux disk cache, while the -t option also accesses the disk through the cache, but doesn’t pre-cache the results. Low-level Linux storage benchmarking tools such as hdparm are very sensitive to file systems and other higher level constructs, however, so results can vary dramatically.

        Admins often use the Linux dd — data duplicator — command for tasks such as backup and copy, but its interaction with storage can also enable sequential throughput for storage performance.

        Flexible I/O Tester (FIO) is perhaps the most versatile and popular tool for benchmarking hard disk drive and solid-state drive devices. It enables administrators to run sequential read/write tests with varied I/O block sizes and queue depths.

      • KPTI + Retpoline Linux Benchmarking On Old Laptops

        Over the past week and a half of running many benchmarks looking at the performance impact of the Linux KPTI and Retpoline patches for Spectre and Meltdown mitigation, one of the most common test requests is some thorough benchmarks on older systems. Why that’s important is with older (pre-Westmere) CPUs there isn’t PCID (Process Context Identifier) support that’s used by KPTI, which helps offset some of the performance loss. So for some test results to share today are two old ThinkPads from the Clarksfield and Penryn days compared to a newer Broadwell ThinkPad in looking at the performance difference.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KStars 2.9.1 is off to a fantastic start in 2018!

        We’re kicking off 2018 with a new fantastic release of KStars for Windows & MacOS. Linux users should wait a few more days to get the release in the official PPA due to Canonical’s Launchpad downtime because of the Meltdown and Spectre CPU vulnerabilities discovered recently.

        KStars 2.9.1 aka “Lancaster” release is primarily a bugfix release, but it brings with it as well several new features and improvements to existing technologies.

      • Akademy 2018 Call for Participation

        Akademy is the KDE Community conference. The 2018 edition is from Saturday 11th to Friday 17th August in Vienna, Austria. If you are working on topics relevant to KDE or Qt, this is your chance to present your work and ideas at the Conference. The days for talks are Saturday and Sunday, 11th and 12th. The rest of the week will be BoFs, unconference sessions and workshops.

      • Qt 3D Studio Remote Deployment on Android Devices
      • New in Qt 5.10: QThread::create
      • Kdenlive cafés #25 and #26 – Everybody is invited
      • Krita 4.0 Beta 1

        We’ve officially gone into String Freeze mode now! That’s developer speak for “No New Features, Honest”. Everything that’s going into Krita 4.0 now is in, and the only thing left to do is fixing bugs and refining stuff.

        Given how much has changed between Krita 3 and Krita 4, that’s an important part of the job! Let us here repeat a very serious warning.

      • Krita Digital Painting Program Hits The 4.0 Beta Milestone

        The KDE/Qt-aligned Krita digital painting program has released its first beta release of the major 4.0 update that also marks its string freeze. Now marks the period of bug fixing before shipping Krita 4.0 within a few months.

      • Nextcloud Talk is here

        Today is a big day. The Nextcloud community is launching a new product and solution called Nextcloud Talk. It’s a full audio/video/chat communication solution which is self hosted, open source and super easy to use and run. This is the result of over 1.5 years of planing and development.

        For a long time it was clear to me that the next step for a file sync and share solution like Nextcloud is to have communication and collaboration features build into the same platform. You want to have a group chat with the people you have a group file share with. You want to have a video call with the people while you are collaborative editing a document. You want to call a person directly from within Nextcloud to collaborate and discuss a shared file, a calendar invite, an email or anything else. And you want to do this using the same login, the same contacts and the same server infrastructure and webinterface.

      • Introducing a Full Self-hosted Audio/video and Chat Communication Platform: Nextcloud Talk

        We’re very proud to announce today Nextcloud Talk, the first enterprise-ready, self-hosted communication technology giving users the highest degree of control over their data and communication. Nextcloud Talk is a fully open source video meeting software, on-premise hosted and end-to-end encrypted. It features a text chat and is available for web and mobile. In related news, Nextcloud has become the vendor with the greatest momentum in the self-hosted Enterprise File Sync and Share market and increased its customer base by 7 times in 2017. And over 500 individuals contributed more than 6.6 million lines of code to Nextcloud last year!

      • Nextcloud Talk is an Open Source Alternative to Google Hangouts

        Nextcloud has launched a self-hosted open source alternative to Google Hangouts, Skype, and similar chat services.

        Called ‘Nextcloud Talk’, the feature brings audio, video and messaging features based on WebRTC to the personal cloud server software, which was forked from OwnCloud back in 2016.

      • Nextcloud Rolls Out Audio/Video/Chat Support

        The Nextcloud cloud hosting software forked from ownCloud now has audio/video/chat abilities.

    • GNOME Desktop/GTK

      • Phoning home after updating firmware?

        Somebody made a proposal on the fwupd mailing list that the machine running fwupd should “phone home” to the LVFS with success or failure after the firmware update has been attempted.

        This would let the hardware vendor that uploaded firmware know there are problems straight away, rather than waiting for thousands of frustrated users to file bugs. The report should needs to contain something that identifies the machine and a boolean, and in the event of an error, enough debug information to actually be useful. It would obviously involve sending the users IP address to the server too.

        [...]

        This means vendors using the LVFS know first of all how many downloads they have, and also the number of success and failures. This allows us to offer the same kind of staged deployment that Microsoft Update does, where you can limit the number of updated machines to 10,000/day or automatically pause the specific firmware deployment if > 1% of the reports come back with failures.

  • Distributions