EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.14.17

Links 14/7/2017: KDE Ships KDE Applications 17.04.3, Toward Go 2

Posted in News Roundup at 6:51 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Linux to the rescue: How I introduced my organization to Linux

    In 1998, I managed the server administration group for the new web team at the University of Minnesota. The U of M is a very large institution, with over 60,000 students across all system campuses. Until then, the university managed its student records on an aging mainframe system. But that was all about to change.

    The mainframe was not Y2K compliant, so we were working to set up a new student records system delivered by PeopleSoft. The new system was a big deal to the university in many ways, not only for modernizing our records system but also for offering new features. Yet it lacked one key feature: You couldn’t register for classes from your web browser.

  • Desktop

    • Consolidating the Linux Desktop App Story: An Idea

      When I joined Canonical in 2006, the Linux desktop world operated in a very upstream way. All distributions used the Linux kernel, all used X, and the majority shipped either GNOME, KDE, or both.

      The following years mixed things up a little. As various companies pushed for consumer-grade Linux-based platforms (e.g. Ubuntu, Fedora, Elementary, Android etc), the components in a typical Linux platform diversified. Unity, Mir, Wayland, Cinnamon, GNOME Shell, Pantheon, Plasma, Flatpak, Snappy, and others entered the fray. This was a period of innovation, but also endless levels of consternation: people bickering left, right, and center, about which of these components were the best choices.

      This is normal in technology, both the innovation and the flapping of feathers in blog posts and forums. As is also normal, when the dust settled a natural set of norms started to take shape.

      Today, I believe we face an opportunity to consolidate around some key components, not just to go faster, but to also avoid the mistakes of the past.

    • Revive a PowerPC Mac Running Linux

      I’m about to show you how to turn that old Mac hardware you have into something useful. It doesn’t matter if it’s an ancient PowerBook G4 or a slightly more recent model of MacBook. Just because it can’t run the latest and greatest version of macOS doesn’t necessarily mean it’s time to put it out to pasture. In this article, I’ll show you how you can revive a PowerPC Mac running Linux, like I’m doing on the PowerBook G4 I’m using to write this article.

    • PC shipments hit the lowest level in a decade [iophk: "Microsoft is dependent on OEM sales of Microsoft Orifice and Microsoft Windows"]

      PC shipments are at their lowest levels since 2007, Gartner says.

  • Server

    • It’s an ever more open world. How containers and open source will transform the data centre beyond recognition

      The value of open source is changing business roadmaps previously built on fixed terms. More control, end of vendor lock-in and constant updates are just some of the benefits of the open world, Abby Kearns, executive director at the Cloud Foundry Foundation tells João Marques Lima.

    • Observability for Cloud Native

      Although JSON/YAML Kubernetes manifests are straightforward to read and write, they are not always the best way to manage applications on your cluster. If you have a complex, production system and want to modify its deployment with existing approaches, you may experience significant operational costs.

    • Decentralizing Your Microservices Organization

      Adaptability — the ability to quickly and easily change — has become a primary goal for modern businesses and has put pressure on technology teams to build platforms that are easier and less costly to change. Working in such environments, these teams have been attracted more and more to the microservices style of software architecture. What attracts them is the promise of a method for expediting changes to software, without introducing unnecessary danger to the business.

    • Google Cloud Platform expands to London

      With 43 zones, Amazon Web Services (AWS) is the globe’s largest public cloud, but Google is working hard to match AWS. On July 13, Google opened its latest region, Google Cloud Platform (GCP) London (europe-west2).

      This is Google tenth region and joins its existing European region in Belgium. The London GCP center will have three zones. It will offer compute, big data, storage, and networking service.

      Google expects its new region to greatly improve network performance for British Isles and Western Europe clients. In cities such as London, Dublin, Edinburgh, and Amsterdam, Google’s performance testing shows 40-percent to 82-percent reductions in round-trip time latency when serving customers from London compared with the Belgium region.

  • Audiocasts/Shows

  • Kernel Space

    • Linux Kernel 4.12 Expected to Land in openSUSE Tumbleweed, Arch Linux Very Soon

      The Linux 4.12 kernel was recently marked as stable on the kernel.org website by maintainer Greg Kroah-Hartman as it received its first point release, which means it’s time for OS vendors to integrate it in their GNU/Linux distributions.

      We couldn’t help but notice that Arch Linux developers have just added earlier today the Linux 4.12.1 kernel in the testing repositories, which means that it won’t be long until the popular GNU/Linux distribution is powered by Linux kernel 4.12, and it also looks like openSUSE Tumbleweed will get the Linux 4.12 kernel soon.

    • Linux Kernel 4.12 Gets First Point Release, It’s Now Ready for Production Use

      Ten days after it has been unveiled by Linus Torvalds, the Linux 4.12 kernel just received its first point release, as announced a few hours ago by Linux kernel maintainer Greg Kroah-Hartman.

      You’re reading it right, Linux kernel 4.12.1 is here, which means that the Linux 4.12 kernel series is now ready for production use, and OS vendors can start downloading the source tarballs, compile it for their supported hardware architectures, do some testing to see if everything works well, and then push the update to the software repositories for users to update their installations.

    • Open Container Initiative Specifications Near 1.0 Completion

      The Linux Foundation’s Open Container Initiative (OCI) has reached a major milestone with the approval of one of the cornerstone specifications that defines and enables container interoperability.

      OCI originally was chartered under the name Open Container Project in June 2015 and was renamed OCI in July 2015. The project is a multi-stakeholder effort bringing together rivals in th container space to help define key specifications to help the container market succeed and interoperate.

      The two primary efforts that OCI has been working on are the runtime specification and the image format specification.

    • Hyperledger Fabric Blockchain Ready for Prime Time

      It’s been well over a year since the Linux Foundation first announced the Hyperledger Project, but it appears that Hyperledger Fabric, the meat and bones of the project, has reached production-ready status with the release of version 1.0 on Tuesday. The project’s promise was to develop an open source enterprise grade blockchain application, initially based on OpenBlockchain, which was contributed by IBM.

    • Open Security Controller Waiting for Developer Interest

      On June 28, the Linux Foundation announced the Open Security Controller Project for the orchestration and automation of software-defined network security functions used to protect east-west traffic within data centers. It’s not a new project, Intel has been working on it for some time, and made it the subject of a presentation at February’s security focused RSA Conference in San Francisco. What is new is that it’s now an open source project under the care and guidance of the Linux Foundation, sponsored by Huawei, McAfee, Nokia’s Nuage Networks, Palo Alto Networks, and of course, Intel.

    • Changes That You Won’t Find In Linux 4.13

      The Linux 4.13 merge window is nearing the end and while there is a lot of new features/changes, there is some functionality that you won’t find in this next version of the upstream Linux kernel.

    • Set your alarms for 2.40am UTC – so you can watch Unix time hit 1,500,000,000

      At 0240 GMT* precisely on Friday, July 14, an epoch-defining moment will happen. And only real nerds – along with Reg readers – will know what that moment is.

    • Graphics Stack

      • Mesa 17.1.5 Graphics Stack to Improve Float64 Support for AMD Radeon GPUs, More

        Mesa developer Andres Gomez announced that the fifth point release of the Mesa 17.1 stable graphics stack for GNU/Linux operating system is coming soon with a bunch of performance improvements and bug fixes.

        Mesa 17.1.5 seems to be a major update adding a lot of changes. For users of AMD Radeon GPUs, the update improves Float64 support by implementing 64-bit packing and unpacking, fixes various issues in the NIR to LLVM translation with image atomic names, repairs VRAM allocation size’s limit, as well as the Factorio game.

      • Intel’s Linux Driver Team Jumps On Vulkan 1.0.54 Changes

        While the Intel Linux OpenGL driver had been slow to adapt to new versions of the specification from The Khronos Group, times have changed and with the Vulkan API they are doing a darn fine job in keeping up with the latest revisions to the specification.

      • NVIDIA Releases 381.26.08 Vulkan Beta Driver With New Extensions

        NVIDIA has once again managed a same-day driver update for matching a new Vulkan release.

        With today’s significant Vulkan 1.0.54 update, NVIDIA has released the 381.26.08 Linux beta and 382.81 Windows beta drivers.

      • DRI3 v1.1 Revised For Modifiers And Multi-Plane Support

        Louis-Francis Ratté-Boulianne of Collabora has sent out his second version of patches for DRI3 v1.1, the first significant update to the Direct Rendering Infrastructure 3.

      • Codeplay & Google Release Tool To Compile OpenCL C To Vulkan

        Google and Codeplay have developed a new open-source tool for compiling OpenCL C code to Vulkan compute shaders.

        This new tool, clspv, allows compiling a subset of the OpenCL C language to target the Vulkan API. At this stage clspv is considered a prototype and relies upon the very latest LLVM and Clang code — it mostly comes down to being a set of LLVM passes to turn it into SPIR and then SPIR-V for consumption by Vulkan.

    • Benchmarks

  • Applications

  • Desktop Environments/WMs

    • 7 New Features & Improvements Coming to the Budgie Desktop

      Budgie desktop is emerging as a real cult favourite among Linux enthusiasts, who appreicate its modern UI, lightweight feel and frequent development updates.

      Ahead of Budgie 11, which will see the desktop shell rewritten in Qt from feather to tail, there’s going to be a major new update to the current GTK+ version, tentatively tagged as Budgie 10.4.

      And boy, what a release it is shaping up to be.

    • K Desktop Environment/KDE SC/Qt

      • KDE Ships KDE Applications 17.04.3

        Today KDE released the third stability update for KDE Applications 17.04. This release contains only bugfixes and translation updates, providing a safe and pleasant update for everyone.

        More than 25 recorded bugfixes include improvements to kdepim, dolphin, dragonplayer, kdenlive, umbrello, among others.

      • KDE Applications 17.04 Software Suite Reaches End of Life with the 17.04.3 Build

        Today KDE released the third stability update for its KDE Applications 17.04 software suite, which contains a bunch of improvements for various of the supported KDE apps.

        That’s right, we’re talking here about KDE Applications 17.04.3, which is not only the third maintenance update to the stable series but also the last, thus marking the end of life of the KDE Applications 17.04 software suite. It contains more than 25 bug fixes, along with several updated translation.

      • KaOS 2017.07 Linux Distro Brings Latest Calamares Installer, KDE Plasma 5.10.3

        The developers of the independently-developed KaOS GNU/Linux operating system announced today the release and immediate availability for download of the KaOS 2017.07 updated installation medium for the July 2017.

        Every month, the KaOS devs push a new, up-to-date Live ISO image of their GNU/Linux distribution, which is built around the latest KDE and Qt technologies. And this time is no different, as KaOS 2017.07 incorporates the recently released KDE Plasma 5.10.3 desktop environment, KDE Applications 17.04.3 software suite, and KDE Frameworks 5.36.0, all built on the Qt 5.9.1 application framework.

      • The KDE Components Not Yet Ported To KDE Frameworks 5

        With the beta of KDE Applications 17.08 due next week, which is the last cycle where Qt4/kdelibs4-dependent components are still permitted, KDE developer Christoph Feck has generated a list of KDE software not yet ported over to Qt5/KF5.

        It’s with KDE Applications 17.12 where only Qt5 / KDE Frameworks 5 applications will be bundled with finally closing the door to Qt4/KDE4 programs that have yet to be ported.

    • GNOME Desktop/GTK

      • Ubuntu Desktop Weekly Update: July 14, 2017

        GDM has now replaced LightDM. We’re working on the transition between display managers to make sure that users are seamlessly transitioned to the new stack. We’re doing regular automated upgrade tests to make sure everything keeps working, but we’re keen to get your bug reports.

      • Ubuntu 17.10: Continued Work On VA-API, Switching To GDM

        Will Cooke of Canonical has posted the latest weekly status update concerning happenings for the desktop on Ubuntu 17.10.

        As part of the transition to the GNOME Shell desktop by default, GDM has replaced LightDM as the log-in display manager. They’ve also demoted around 70 packages from their desktop ISOs to help lighten up the weight.

      • Canonical Working Lately on Packaging More GNOME Apps as Snaps for Ubuntu Linux

        Canonical’s Ubuntu Desktop director Will Cooke is back this week with another update on what’s going on with the development process of the upcoming Ubuntu 17.10 (Artful Aardvark) operating system.

        It looks like Canonical’s Ubuntu Desktop and Snappy teams are putting a lot of effort lately on packaging as much GNOME apps to the Snap universal binary format as possible, by using the gnome-3-24 platform Snap they created recently. With this, they want to make possible the sharing of common libraries between GNOME apps, which automatically translates to smaller Snaps and easy maintenance of them.

      • Is Terminix The Best Tiling Terminal Emulator on Linux?

        Terminix (aka Tilix) is a tiling terminal emulator for the GNOME desktop. It’s featured, fast and frequently recommended — here’s why you should try it too.

  • Distributions

    • Nova, the Cuban Linux Distro, Looks Seriously Good

      Nope, me neither. But a brief click about the interwebs tells me that it’s an Ubuntu-based Linux distribution developed in Cuba by students at the University of Informatic Sciences (UCI)

      The open-source OS aims to replace Microsoft Windows on computers within the country as, says Hector Rodriguez, Director of UCI, “[t]he free software movement is closer to the ideology of the Cuban people”.

      I’m not here to talk politics though. I’m here to talk prettiness.

      ICU Student Manuel Alejandro tweeted us some screenshots of Nova OS 6.0, the first major update to the OS since 2015 — and it looks really good.

    • Red Hat Family

      • Finance

      • Fedora

        • Fedora Workstation 26 is out

          We managed to get Fedora Workstation 26 out the door this week which I am very happy about. In some ways it was far from our most splashy release as it mostly was about us improving on already released features, like improving the Wayland support and improving the Flatpak support in GNOME Software and improving the Qt integration into GNOME through the QtGNOME platform.

          One major thing that is fully functional now though and that I have been testing myself extensively is being able to easily install the NVidia binary driver. If you set up the repository from Negativo17 you should be able to go install the Nvidia driver either using dnf on the command line or by searching for NVidia in GNOME Software, and just install it without any further work thanks to all the effort we and NVidia have been putting into things like glvnd. If you have a workstation with an NVidia card I would say that you have a fully functional system at this point without any hacks or file conflicts with Mesa.

        • Fedora Planning To Make NVIDIA Driver Easier, Full HDR Support On Linux

          With the fantastic Fedora 26 release out the door, Red Hat’s Christian Schaller has recapped some of the highlights during the Fedora 26 development and a look ahead.

          Fedora 26 jives very well with the NVIDIA proprietary driver thanks to GLVND, the easy access to the Negativo17 repository, etc, but Christian says they are still working to make it even easier. He wrote, “We do plan on listing the NVidia driver in GNOME Software soon without having to manually setup the repository, so soon we will have a very smooth experience where the Nvidia driver is just a click in the Software store away for our users.” Of course, by default, they will continue to use the Nouveau driver but it will be drop dead easy to switchover.

        • What’s new in the Anaconda Installer for Fedora 26 ?

          Fedora 26 is available now, providing a wide range of improvements across the entire operating system. Anaconda — the Fedora installer — has many new features and improvements implemented for Fedora 26. The most visible addition is the introduction of Blivet GUI, providing power users an alternate way to configure partitioning. Additionally, there are improvements to automated installation with kickstart, a range of networking improvements, better status reporting when your install is under way, and much more.

    • Debian Family

      • TeX Live contrib repository (re)new(ed)

        It is my pleasure to announce the renewal/rework/restart of the TeX Live contrib repository service. The repository is collecting packages that cannot enter TeX Live directly (mostly due to license reasons), but are free to distribute. The basic idea is to provide a repository mimicking Debian’s nonfree branch.

      • Derivatives

        • Canonical/Ubuntu

          • Ubuntu 17.10 Makes It Easier to Use Bluetooth Speakers

            Ubuntu will automatically switch sound output to Bluetooth when you connect a Bluetooth speaker, soundbar or headset.

            Connecting a compatible USB audio device will also see the sound output auto-switch to that device.

            While most Bluetooth speakers, headsets and USB audio devices already well with Ubuntu you typically have to dive into the system’s sound settings and manually select the device for audio output.

            In a world where Android and iOS smartphones automatically switch to Bluetooth devices when connected, requiring manual user input is not only a little old-fashioned but may, to users otherwise unaware, appear broken.

          • Ubuntu Foundations Development Summary: July 13, 2017
          • Ubuntu OpenStack Dev Summary – 13th July 2017
          • Flavours and Variants

            • System76 Might Make Their Own OS Installer, Will Ship Automatic Firmware Updates

              Linux laptop vendor System76 has provided a status update on their activities around their Pop!_OS Linux distribution.

              System76 developers continue working on this Ubuntu fork and they have been focusing on more GNOME patches from the desktop side. They also mentioned they are considering writing a new operating system installer. So far they have been hacking on Ubuntu’s Ubiquity installer, but they are getting the feeling now that it’s over-complicated. They are hoping for a very quick and easy install process with all of the initial user-setup being punted off to GNOME’s first-run helper.

  • Devices/Embedded

Free Software/Open Source

  • Introducing Facade: An Easy Way to Track Git Repo Contributions

    I call the project Facade (Figure 1). The meaning is twofold: First, this was originally conceived as a “FOSS Anomaly Detector” (F.O.S.S.A.D.), which would allow you to see how contribution patterns changed over time. Second, it allows you to see behind your speculations about the project, and get an informed view of who is doing the development work, based upon real data.

  • Open Source Onsen UI Mobile Framework Targets Vue.js Development

    Vue.js is a hot JavaScript framework, which of late has been featured among the top trending tools on GitHub and on StackShare, which describes it as “a library for building interactive Web interfaces. It provides data-reactive components with a simple and flexible API.”

    [...]

    Like Onsen UI (which has a GitHub repository), Vue.js is also open source and also available in its own GitHub repository, with nearly 60,000 stars, leading a Monaca spokesperson to note that 2017 has been called “the year of Vue.js.”

  • Baltimore shows open source mapping projects in 8th annual Data Day

    The annual Baltimore Data Day is back Friday, and this year the activism-oriented event will include an interactive workshop on open source mapping that was requested by community members earlier in the year.

  • Events

    • Open Source Summit North America announces additional keynote speakers

      The Linux Foundation has announced additional keynote speakers for Open Source Summit North America, taking place September 11-14 in Los Angeles, CA.

      The Linux Foundation Open Source Summit is the premier open source technical conference in North America, gathering 2,000 developers, operators and community leadership professionals to collaborate, share information and learn about the latest in open technologies, including Linux, containers, cloud computing and more.

    • Tips and top presentations from Write the Docs Portland 2017

      Imagine a room full of smart, funny, and quirky people who all love documentation, technology, and… food. Put all that together and you have Write the Docs (WTD) in Portland—a community conference where documentarians meet to discuss the things we love the most.

    • Talking at GPN 2017 in Karlsruhe, Germany

      Although the GPN is an annual event, I haven’t managed to go very often. Last time has already been a while. It’s a pity, because the event is very cute. The location is just amazing which makes being there really fun. It’s a museum hosting many things from our digital world. If you visit only one thing in Karlsruhe, go and visit it. In fact, we tried to organise a small excursion during GUADEC last year. Bloomberg also has an article about the event.

  • Databases

  • Oracle/Java/LibreOffice

    • Open-source world resurrects Oracle-free Solaris project OmniOS

      The open-source community has fought back and resurrected the development of OmniOS – an Oracle-free non-proprietary variant of Solaris, which had been shelved in April.

      The development of OmniOS, a distribution of Illumos derived from Sun’s open-source flavor of Solaris, was killed after five years of work by web applications biz OmniTI.

      It was hoped OmniOS would be community-driven, simple to use, and fast to install and operate. However, the project was axed, as the project failed to make any cash out of the development and a community failed to emerge. Consequently all work stopped and support contracts were not renewed.

  • CMS

    • Drupal Association and Project Lead Statement Regarding Larry Garfield

      We recognize that events and conversations earlier this year surfaced many concerns and needs within the community. One in particular is related to Larry Garfield’s role within Drupal. After several conversations with Larry, and careful consideration, we can now provide an update to this situation, our decisions, and Larry’s role moving forward.

      We thank you for your patience while we spent many hours meeting with Larry and outside experts to resolve this matter. We recognize that actions were taken quickly before, which resulted in poor communication, and we wanted to avoid this happening again. We made sure to provide the proper time and attention these conversations needed before releasing this follow-up post.

      We know our poor communication in the past led to frustration with us and pain for others. For that, we are sorry. We want to learn from this and improve. We listened to the community’s request to provide more streamlined, clear, and easy-to-follow communication. So, this post includes a statement from Dries Buytaert, as Project Lead, followed by a statement from Megan Sanicki, Executive Director of the Drupal Association.

      [...]

      Larry’s subsequent blog posts harmed the community and had a material impact on the Drupal Association, including membership cancellations from those who believed we doxed, bullied, and discriminated against Larry as well as significant staff disruption. Due to the harm caused, the Drupal Association is removing Larry Garfield from leadership roles that we are responsible for, effective today.

      [...]

      As long as Larry does not harm or disrupt the project, he will continue to be a member of the community as an individual contributor. However, we reserve the right to remove Larry’s individual contributor roles if that is not the case. Also, we recognize that situations can change over time, so the Drupal Association will revisit these decisions in two years.

      I recognize that my communication to Larry and with the community did not provide transparency into this situation and I apologize for the pain and confusion that caused. Our advisors told us not to share these details in order to protect all parties pending evaluation from authorities. Also, when Larry shared these details during the appeal process, he asked us to keep them confidential. It is my hope that this statement provides the clarity that many have been requesting.

  • Pseudo-Open Source (Openwashing)

  • Funding

  • FSF/FSFE/GNU/SFLC

  • Programming/Development

    • Git 2.14 Starts Getting Aligned For Release

      Junio Hamano has today announced the first preview release of Git 2.14 version control system in the form of Git 2.14-rc0.

    • [ANNOUNCE] Git v2.14.0-rc0

      An early preview release Git v2.14.0-rc0 is now available for testing at the usual places. It is comprised of 675 non-merge commits since v2.13.0, contributed by 53 people, 14 of which are new faces.

    • Toward Go 2
    • Google Developers Begin Planning For Go 2 Programming Language

      The Google team responsible for the Go programming language have begun publicly discussing plans and ideas for the Go 2.0 programming language.

      It’s going to be a long road to Go 2.0 and they are not abandoning Go 1.x. At this stage, the developers are mostly hearing feedback about what works and what doesn’t for the Go language. From there, they can begin better formulating feature plans and roadmaps for the lengthy Go 2 development cycle ahead.

    • Analyzing GitHub, how developers change programming languages over time

      Have you ever been struggling with an nth obscure project, thinking : “I could do the job with this language but why not switch to another one which would be more enjoyable to work with” ? In his awesome blog post : The eigenvector of “Why we moved from language X to language Y”, Erik Bernhardsson generated an N*N contingency table of all Google queries related to changing languages. However, when I read it, I couldn’t help wondering what the proportion of people who effectively switched is. Thus, it has become engaging to deepen this idea and see how the popularity of languages changes among GitHub users.

    • Which Spark machine learning API should you use?

      But what can machine learning do for you? And how will you find out? There’s a good place to start close to home, if you’re already using Apache Spark for batch and stream processing. Along with Spark SQL and Spark Streaming, which you’re probably already using, Spark provides MLLib, which is, among other things, a library of machine learning and statistical algorithms in API form.

    • Sorry, Golang 2 probably won’t add your ‘missing’ feature

      The official Golang blog has provided the first concrete details about the next version of Google’s Go language, which is used to create popular applications like Docker and Kubernetes, as well as to incrementally replace critical internet infrastructure.

      But Golang devs waiting for immediate word about generics, or other pet features they’ve long been waiting to see added to the language, are going to walk away disappointed.

Leftovers

  • LinkArchiver automatically submits links to the Internet Archive

    Links shared on Twitter can be preserved in perpetuity with no effort on the user’s part.

  • Science

    • Why Do Republicans Suddenly Hate College So Much?

      Trump’s innovation maybe wasn’t to bash college so much as to ignore it. Previous candidates, in both parties, paid at least lip service to the idea of expanding educational opportunities and retraining workers whose jobs were eliminated by changes in the U.S. economy.

    • The Smoking Gun – Is IP research the next tobacco scandal?

      Google’s response to the report, published Tuesday, is critical of the report’s methodology as being too broad. It also notes that industry funding of academic research is widespread. It points out an extreme irony – the report itself does not disclose its own funding. This Fortune article suggest that the Campaign for Accountability’s work on Google (the Google Transparency Project) is at least part funded by Oracle. (The investigative journalism by the WSJ does not suffer the same problem.) The Emperor may need new clothes.

    • Scrap dealer finds Apollo-era NASA computers in dead engineer’s basement

      NASA told the family of the deceased that it was not in the junk removal business. “No, we do not need the computers,” NASA told the family of the deceased. “We have no use for [them].”

  • Health/Nutrition

    • 3P Project Enables Radical Change In R&D For TB Treatment

      The 3P Project plans to distribute monetary prizes and grants for research and development of new treatment for TB, Brigden said. The intellectual property and the data resulting from the R&D will be pooled together and made available via licences, and the final costs of the medicines will be delinked from the costs of R&D, she said.

    • Event Looks At UN High-Level Panel On Medicines Access, SDGs And Policy Coherence

      An event on 17 July at the United Nations in New York will address the “UN Secretary General’s High-Level Panel on Access to Medicines: Advancing Health-Related SDGs through Policy Coherence.”

      The High-Level Panel issued its report late last year and has stirred numerous discussions about needed change to ensure developing countries can properly use international trade law to access medicines.

  • Security

  • Defence/Aggression

    • Finnish defence technology supplier granted export licence to UAE

      Robonic, a Tampere-headquartered supplier of launch systems for unmanned aerial vehicles, was granted a licence to export two launch systems to the United Arab Emirates on Monday despite the opposition of the Ministry for Foreign Affairs.

    • Corbyn Defied Media Rules by Linking UK Wars to Terrorism

      When a terrorist killed 22 at a May 22 concert filled with young people in England’s Manchester, most journalists—especially US ones—assumed it would help the struggling Conservative Party and its standard-bearer, Prime Minister Theresa May, win the snap election she had called for June 8, just 17 days ahead.

  • Transparency/Investigative Reporting

    • A whistleblower plays by the rules at CIA, and finds ‘nothing gets done’

      When wayward contract employees at the CIA began pilfering snacks from vending machines back in 2013, the Office of the Inspector General sprang into action. Surveillance cameras went up, the culprits were nabbed, and all lost their jobs.

      From start to finish, the case of the $3,314.40 in stolen snacks lasted two months.

      When more serious allegations of wrongdoing arise at the CIA, though, inspectors may be far less speedy, especially when their findings could embarrass the Langley, Va., spy agency.

    • The CIA’s Secret 2009 Data Breach, Revealed For The First Time

      In a security breach never before made public, a CIA employee disclosed highly classified government source code to a contractor who was not authorized to receive it — an incident that the agency’s internal watchdog warned “could have caused irreparable damage.”

      For America’s national security agencies, contractors pose a particular danger. They have been responsible for some of the most damaging national security leaks, from Edward Snowden’s release of National Security Agency files, to the ongoing Wikileaks dump of classified CIA source codes for the tools the CIA uses to hack into mobile phones, computers, Wi-Fi networks, online chat and calling services, and more. And last month, the intelligence contractor Reality Winner was charged with leaking a top-secret NSA document about Russia’s interference in the 2016 election.

      This newly disclosed release of classified material appears to have been contained, but it shows how difficult it is to completely protect classified information. The breach took place in 2009, and details about it were revealed in a heavily redacted February 18, 2010, CIA inspector general’s report obtained by BuzzFeed News in response to a two-year-old Freedom of Information Act lawsuit.

  • Environment/Energy/Wildlife/Nature

    • Trump says ‘something could happen’ on climate accord

      President Donald Trump held the door open to a reversal of his decision to pull the United States out of the Paris climate accord on Thursday, but did not say what he would need in return to persuade him to do so.

      Trump, who has made few friends in Europe with his rejection of the 2015 Paris agreement and his “America First” trade stance, met with French President Emmanuel Macron as both leaders sought common ground to reset an awkward relationship.

    • Virginia utility agrees to install two offshore wind turbines for study

      This week, Virginia utility Dominion announced that it would partner with Danish firm Dong Energy to build two offshore wind turbines as test cases for a commercial-sized installation.

      Currently, the US only has one 30MW commercial offshore wind farm off Block Island in Rhode Island. Renewable energy proponents have sought to expand offshore wind’s reach for years in the hope it would re-create the low-cost energy boom that has occurred in the US with onshore wind. The offshore resource has a lot of promise—turbines can be built bigger out at sea, so they can generate more power, and wind is generally less variable.

    • A diesel emissions test you can’t game? We try it out

      Diesel is a dirty word in the auto industry these days. The fuel was once viewed—particularly in Europe—as a potential savior, since diesel engines offer much better fuel economy and emit much less CO2 per mile than engines that run on gasoline. But that changed once Volkswagen Group was caught cheating its emissions tests, resulting in billions of dollars of fines and a loss of public trust. Automotive-component maker Bosch had a hand in the mess, too—it provided the code on the Engine Control Units in VW Group’s offending diesels. The supplier ultimately paid out several hundred million dollars in settlement in the US, although it was not required to admit any wrongdoing.

    • A RECORD NUMBER OF ENVIRONMENTALISTS WERE MURDERED IN 2016

      A record number of environmental activists were murdered around the globe in 2016, according to a new report released today by the watchdog group Global Witness—nearly four a week.

      Last year, 200 environmentalists across 24 countries were murdered—up from 185 across 16 countries in 2015—and 40 percent of those killed were indigenous activists. The deadliest country for environmentalists was Brazil, with 49 slayings, followed by Colombia, where, according to the report, the recent peace deal between the government and the guerrilla group, the the Revolutionary Armed Forces of Colombia, may have exacerbated environmental conflicts.

    • Ravens ignore a treat in favor of a useful tool for the future

      If humans, chimps, gorillas, and orangutans can all do something, but monkeys can’t, that tells a certain evolutionary story: it suggests that the ability emerged sometime after the apes split off from the monkeys on our evolutionary tree. But if a bird comes along with that ability, it throws the whole story off course. Corvids—a family of birds that includes ravens, jays, and crows—seem to delight in doing just that.

      Humans pretty obviously plan for the future, from packing a brown bag lunch to saving for retirement. Other apes also seem to be able to plan for the short-term future, at least up to one night. Monkeys don’t. But a paper in Science this week reports a small group of corvids succeeding at future-planning tasks. That points to a complex evolutionary story.

  • Finance

  • AstroTurf/Lobbying/Politics

    • Securing Elections Remains Surprisingly Controversial
    • Is Bernie Sanders Really The Democratic Front-Runner?
    • The Trump Family’s Explanations Are Straining Credulity to Its Breaking Point

      As an American statesman once said, “Fool me once, shame on you. Fool me twice—can’t get fooled again.” The Trump family has little love lost with the Bush family, but the president, his son, and their aides and legal team would do well to heed the 43rd president’s mangled maxim, as they continue to offer an increasingly implausible story to the public about a meeting involving a Russian lawyer, Donald Trump Jr., and his brother-in-law, White House senior adviser Jared Kushner.

      The account that the Trumps are offering is implausible on three counts. First, it is challenging to believe on its face, as I wrote earlier this week, that Trump Sr. would never have been told about the meeting. Second, the continued flow of new revelations itself suggests that whatever story the principals are peddling should be considered incomplete by default. Finally, the specifics of the string of new revelations about who attended the meeting and when it came to light make the story seem increasingly improbable.

      [...]

      Surprisingly, given his penchant for improvisation, the president’s story on the meeting—that he had no idea at the time, and was only informed in the last week—is the one account that has remained consistent throughout the twists and turns of the story of the June 9 meeting. Everything else has changed. Trump Jr.’s story has repeatedly been proven incomplete. Kushner’s explanation is challenging. Isikoff claims Trump’s lawyers knew of the meeting before. Given the pattern of the last few days, it is hard to see why anyone would assume that the public has received a full and honest reckoning of the June 9 meeting—or why anyone would give Trump Jr. and the White House the benefit of the doubt.

    • Ivanka Inc.

      The first daughter talks about improving the lives of working women. Her father urges companies to “buy American.” But her fashion line’s practices collide with those principles – and are out of step with industry trends.

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Opponents Hope to Mislead California’s Legislators Before They Vote on Broadband Privacy Next Week
    • Trump voter commission releases voter complaints — and their personal data

      The Trump administration has published over a hundred emails submitted to the White House’s election integrity commission — and not everyone’s happy.

      The document, posted late Thursday in an unredacted form, is available directly from the White House’s website.

      It follows a request by the administration to submit comments from the public by email to the voter integrity commission, which was set up through an executive order signed by President Trump earlier this year. The commission is focused on investigating alleged reports of voter fraud and improper voting, despite a recent report that showed the average American “will be struck by lightning than that he will impersonate another voter at the polls.”

    • DHS Goes Biometric, Says Travelers Can Opt Out Of Face Scans By Not Traveling

      The DHS has decided air travel is the unsafest thing of all. In the wake of multiple fear mongering presidential directives — including a travel ban currently being contested in federal courts — the DHS has introduced several measures meant to make flying safer, but in reality would only make flying more of a pain in the ass.

    • US border agents: We won’t search data “located solely on remote servers”

      In a new letter, Customs and Border Patrol (CBP) has answered some questions posed months ago by Sen. Ron Wyden (D-Ore.) about the agency’s policies when it comes to searches of digital devices at the border. However, that letter appears to have raised even more questions.

      As Ars reported previously, there is a very broad exception to the Fourth Amendment at the border that allows officials to conduct warrantless searches. If your device is locked or encrypted and you refuse to assist agents’ attempts to open it, the device can be seized.

    • DHS, CBP Admit They Have No Legal Authority To Access Americans’ Social Media Accounts

      Since at least 2009, the DHS has asserted a legal right to copy/search the contents of anyone’s electronic devices at the border. Its privacy assessment said no one has much privacy, at least not near US borders. Building on years of judicial national security deference, the DHS has recently expanded its searches of electronic devices, eliminating most of its adherence to the Fourth Amendment in the process. If your devices wander into the country’s Constitution-free zones, you can expect to suffer diminished expectations of privacy.

    • How many Americans are swept up in the NSA’s snooping programs?

      Former Director of National Intelligence James Clapper famously (or infamously) told Congress the National Security Agency did not “wittingly” collect data on Americans. That turned out to be false.

      More recently, Sen. Ron Wyden (D-Ore.) asked the current director of national intelligence, Dan Coats whether the government could use Section 702 of the Foreign Intelligence Surveillance Act “to collect communications it knows are entirely domestic.”

    • Australian laws aim to force decryption to fight crime

      Australia is set to announce laws to force companies like Google and Facebook to decrypt messages sent by suspected terrorists and other criminals.

    • Aussie Prime Minister Says The Laws Of Math Don’t Apply In Australia When It Comes To Encryption

      Oh boy. It’s no secret that the Australian government — led by George Brandis (who has made it abundantly clear he has no clue what a VPN is or what metadata is) — is pushing strongly for mandated backdoors to encryption. At this point, it’s beating a dead horse, but this is a very, very bad idea for a whole host of reasons — mainly having to do with making absolutely everyone significantly less safe.

    • UK spookhaüs GCHQ can crack end-to-end encryption says Australian A-G

      British signals intelligence agency Government Communications Headquarters (GCHQ) can crack end-to-end encrypted messages sent using WhatsApp and Signal, according to Australian attorney-general George Brandis.

      Brandis made the claim speaking to the Australian Broadcasting Corporation’s AM program, on the occasion of Australia announcing it would adopt laws mirroring the UK’s Investigatory Powers Act. Brandis said the proposed law will place “an obligation on device manufacturers and service providers to provide appropriate assistance to intelligence and law enforcement on a warranted basis where it is necessary to interdict or in the case of a crime that may have been committed.”

    • Not for the first time, Microsoft’s fonts have caught out forgers

      I was confused for a few moments today, after one of my colleagues asked me if I’d heard about “fontgate.”

      “Fontgate?” I queried.

      “Pakistan either loves or hates Calibri,” I was unhelpfully informed.

      Apparently, there were some forged documents, and the forgery was detected by the use of Microsoft’s Calibri. But I was confused; this sounded like a story from years ago. Why was it in the news now?

      On further reading, one thing became clear about Calibri’s popularity in Pakistan: while opponents of the government may indeed be fans, the Sharif don’t like it.

    • Border Patrol Says It’s Barred From Searching Cloud Data on Phones

      U.S. border officers aren’t allowed to look at any data stored only in the “cloud” — including social media data — when they search U.S. travelers’ phones, Customs and Border Protection acknowledged in a letter obtained Wednesday by NBC News.

    • Biometrics catches violent fugitive 25 years on the run

      While we’re not at an Orwellian point in time yet with biometrics, facial-recognition technology is being used for good, no matter how scary the technology sounds. Consider that Nevada authorities have announced that biometrics was behind the arrest of a violent criminal who escaped from prison 25 years ago. It’s another in a string of arrests in which biometrics essentially paved the way for a bad guy’s capture.

  • Civil Rights/Policing

    • Judge, lawyer unions condemn proposed traffic offence changes: “No presumption of innocence”

      Unions representing legal experts have slammed proposed legal changes that would transfer the burden of proof from the prosecutor to the accused when it comes to traffic offences.

    • TASER LOBBYIST QUIETLY APPOINTED TO TOP IMMIGRATION ENFORCEMENT JOB

      THOMAS BLANK, A FORMER lobbyist and Republican official, was recently appointed to serve as the chief of staff to the U.S. Immigration and Customs Enforcement, the agency charged with investigating and enforcing immigration-related matters for the Department of Homeland Security.

      There was no public press release and no announcement to mark the senior appointment. Rather, the only official acknowledgement of Blank’s new post was found through a quiet update to the ICE leadership website this week.

      “Thomas Blank’s appointment as Chief of Staff for U.S. Immigration and Customs Enforcement was finalized on Wednesday, July 12,” said ICE Assistant Director for Public Affairs Liz Johnson, in a statement to The Intercept.

    • Mass Arrests of Protesters: Outrageous in Russia, Barely Worth Mentioning in US

      Major media’s relative lack of interest in the mass arrests by Metro DC police on Inauguration Day is a fact noted by activists and journalists since the incident almost six months ago. One way to measure the dearth of coverage is to compare the attention paid to comparable protester arrests in Russia last month.

      On June 12, over 1,700 Russians throughout the country were arrested for “unauthorized protests” in opposition to President Vladimir Putin and government corruption. “Dozens”—including opposition leader Alexei Navalny—were kept in jail longer than a day, but the vast majority were let go immediately. (Navalny, as well as some others, got between 15–30 days in jail.)

      More than 200 Americans were arrested on January 20 after “rioting” broke out in downtown Washington, DC, in the hours leading up to and after President Donald Trump’s inauguration. Some were let go over the next few weeks, but the bulk of the 200+ still face 10–80 years in federal prison for “felony rioting.”

  • Internet Policy/Net Neutrality

    • Defending Net Neutrality: Millions Rally to Save the Internet, Again

      We’re fighting for net neutrality, again, because it is crucial to the future of the internet. Net neutrality serves to enable free speech, competition, innovation and user choice online.

      On July 12, it was great to see such a diversity of voices speak up and join together to support a neutral internet. We need to protect the internet as a shared global public resource for us all. This Day of Action makes it clear, yet again, that net neutrality it a mainstream issue, which the majority of Americans (76% from our recent survey) care about and support.

    • A Comcast billing nightmare affects woman caring for her sick father

      Amie Stepanovich‏ has been shuttling back and forth between Washington, DC, and Ohio, where her father is “very sick and currently in the hospital and unable to speak for himself,” she wrote in a series of tweets yesterday. Stepanovich has power of attorney for her father and wants to reduce his Comcast bill, which costs “quite a lot” of money each month.

      But when she called Comcast last weekend, a company rep “told me they couldn’t handle [the] request on [the] phone because I wasn’t authorized,” she wrote.

    • 3 ISPs Have Spent $572 Million to Kill Net Neutrality Since 2008

      The group found that Comcast, AT&T, Verizon and the National Cable & Telecommunications Association (NCTA) have spent $572 million on attempts to influence the FCC and other government agencies since 2008.

    • The FCC says net neutrality destroys small ISPs. So has it?

      Dolgenos, of Cruzio, says she fears the FCC’s deregulatory tendencies will push the ISP industry even closer to monopoly or duopoly. If more small providers are forced out, she says, the big ISPs will try to make more money off their existing customer base instead of continuing to expand. “How are we going to service rural or semi-rural?” Dolgenos asks. “There’s no reason to do it if you have to put a line a mile up a road to reach four houses. It’s just not going to happen.”

    • Why you should care about Net Neutrality

      When folks discuss the idea of net neutrality, there are a lot of terms around legislation like “Title I” and “Title 2” and regulatory bodies like the FCC and FTC that are discussed. I’ve linked to articles that dig into this in detail below. While those are interesting pieces of information, I’d like to spend time on why this is a matter of philosophy and principle and why this discussion is very important.

    • Ajit Pai not concerned about number of pro-net neutrality comments

      One day after a large protest of his plan to gut net neutrality rules, Federal Communications Commission Chairman Ajit Pai was asked if the number of pro-net neutrality comments submitted to the FCC might cause a change in course.

      In response, Pai maintained his stance that the number of comments is not as important as the content of those comments.

    • Charter Spectrum ‘Competes’ With New $20 Streaming TV Service Featuring $6 In Entirely Bogus Fees

      You may have noticed that things aren’t going particularly well for the traditional cable TV industry. Ratings for many channels are in free fall, the rate at which customers are cutting the traditional TV cord is accelerating, and the number and quality of competing streaming services is only growing. Cumulatively, this has forced many previously myopic cable and broadcast executives to stop denying the obvious and to candidly admit there’s an actual market (r)evolution afoot, even if most of them still aren’t quite exactly sure how to adapt to it.

      And while the headlines are often filled with dire warnings about traditional cable TV being “doomed,” that’s not really true. Cable operators still lay claim to somewhere around 98 million paying customers. And keeping these users from fleeing to competing streaming services really isn’t that complicated. These companies just don’t want to do what’s necessary. Namely, listen to their customers, offer more flexible and convenient services, shore up their atrocious customer service, and finally begin seriously competing on price.

    • Historic Day of Action: Net Neutrality Allies Send 1.6 Million Comments to FCC

      When you attack the Internet, the Internet fights back.

      Today, the Internet went all out in support of net neutrality. Hundreds of popular websites featured pop-ups suggesting that those sites had been blocked or throttled by Internet service providers. Some sites got hilariously creative—Twitch replaced all of its emojis with that annoying loading icon. Netflix shared GIFs that would never finish loading. PornHub simply noted that “slow porn sucks.”

      Together, we painted an alarming picture of what the Internet might look like if the FCC goes forward with its plan to roll back net neutrality protections: ISPs prioritizing their favored content sources and deprioritizing everything else. (Fight for the Future has put together a great collection of examples of how sites participated in the day of action.)

  • DRM

    • If you’re worried about Net Neutrality, you should be worried about web DRM, too

      Even if we have an open, neutral network we’re still at risk from big incumbents using choke-points to decide what legal activities are and are not acceptable on the web. These companies have lobbied the World Wide Web Consortium (W3C) into standardizing DRM for video in a way that makes a handful of giant companies into judge, juror and executioner for new services and tools online.

    • Net Neutrality Won’t Save Us if DRM is Baked Into the Web

      But overbroad and badly written laws like Section 1201 of the 1998 Digital Millennium Copyright Act (DMCA) upset this balance. DMCA 1201 bans tampering with DRM, even if you’re only doing so to exercise the rights that Congress gave you as a user of copyrighted works. This means that media companies that bake DRM into the standards of the web get to decide what kinds of new products and services are allowed to enter the market, effectively banning others from adding new features to our media, even when those features have been declared legal by Congress.

    • Notice to the W3C of EFF’s appeal of the Director’s decision on EME

      On behalf of the Electronic Frontier Foundation, I would like to formally submit our request for an appeal of the Director’s decision to publish Encrypted Media Extensions as a W3C Recommendation, announced on 6 July 2017.

      The grounds for this appeal are that the question of a covenant to protect the activities that made DRM standardization a fit area for W3C activities was never put to the W3C membership. In the absence of a call for consensus on a covenant, it was improper for the Director to overrule the widespread members’ objections and declare EME fit to be published as a W3C Recommendation.

      The announcement of the Director’s decision enumerated three ways in which DRM standardization through the W3C — even without a covenant — was allegedly preferable to allowing DRM to proceed through informal industry agreements: the W3C’s DRM standard was said to be superior in its accessibility, its respect of user privacy, and its ability to level the playing field for new entrants to the market.

      However, in the absence of a covenant, none of these benefits can be realized. That is because laws like the implementations of Article 6 of the EUCD, Section 1201 of the US Digital Millennium Copyright Act, and Canada’s Bill C-11 prohibit otherwise lawful activity when it requires bypassing a DRM system.

  • Intellectual Monopolies

07.13.17

Links 13/7/2017: Systemd 234, Fedora 27 Plans

Posted in News Roundup at 3:16 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

  • Server

    • Why Is Docker So Popular? Explaining the Rise of Containers and Docker

      By now, you’ve almost certainly heard of Docker containers. You know Docker is massively popular. But do you know why? Here’s a look at the factors driving tremendous interest in Docker today.

      Before delving into a discussion of the factors behind Docker’s popularity, it’s worth noting that Docker is not the only container platform out there. Nor was it the first to come along.

      Other frameworks, like OpenVZ and LXC, were available starting in the mid-2000s. Other container-like technologies, such as FreeBSD jails, go back even further. Docker was released only in 2013, making it a very young technology compared to most of today’s mainstream enterprise technologies.

      Curiously, however, it was Docker, not a more mature container platform, that has risen to massive prominence over the past few years. That’s an outcome worth pondering — for the purposes both of understanding what makes containers in general so popular, as well as why Docker in particular has succeeded so spectacularly, whereas alternative container frameworks have seen little adoption.

  • Kernel Space

    • Three new stable kernels

      Stable kernels 4.12.1, 4.11.10, and 4.9.37 have been released. They all contain important fixes and users should upgrade.

    • Linux 4.12.1
    • Linux 4.11.10
    • Linux 4.9.37
    • What is Linux – A Beginners Guide

      Linux is best known as the most used open source computer operating system in the world. You can think of Linux as the the software that is under all the other software on your computer, making requests on behalf of those programs and forwarding the requests onto the computer’s hardware.

    • Oye! Earth Still Uses Linux in the 23rd Century

      What operating system will be in use in the 23rd century? For fictional inhabitants of The Expanse, a critically acclaimed sci-fi series, it’s Linux.

    • Look at this photo booth in Chicago running linux
    • This exercise bike runs Linux and supports telnet
    • Zero-copy networking

      In many performance-oriented settings, the number of times that data is copied puts an upper limit on how fast things can go. As a result, zero-copy algorithms have long been of interest, even though the benefits achieved in practice tend to be disappointing. Networking is often performance-sensitive and is definitely dominated by the copying of data, so an interest in zero-copy algorithms in networking comes naturally. A set of patches under review makes that capability available, in some settings at least.

      When a process transmits a buffer of data, the kernel must format that data into a packet with all of the necessary headers and checksums. Once upon a time, this formatting required copying the data into a single kernel-space buffer. Network hardware has long since gained the ability to do scatter/gather I/O and, with techniques like TCP segmentation offloading, the ability to generate packets from a buffer of data. So support for zero-copy operations has been available at the hardware level for some time.

    • FD.io: Breaking the Terabit Barrier!

      Since its launch in February of last year, FD.io has been delivering complex routing/switching at the multi-million FIB scale at higher performance than any other software vswitch/vrouter. This is analogous to a shift from something that needs to be delivered via truck (say, an early version of a “computer”) that can now be transferred via carry-on bag (today’s thin and lightweight laptops).

      At launch, FD.io’s VPP technology could route/switch at half a Terabit per second at multimillion fib entry scales. Close examination of the bottlenecks revealed that it was being limited by the ability of the PCI bus to deliver packets from the NIC to the CPU. VPP had headroom to do more, but the PCI bus bandwidth imposed limitations.

    • Linux Foundat’s Hyperledger Fabric 1.0 Ready For Production
    • [Older but no more paywall] Network acceleration with DPDK

      Network acceleration has always been a subject that naturally attracts the interest of network device vendors and developers. Kernel network acceleration techniques that require, for example, the caching of kernel networking data structures inside the network driver (or maintaining a private modified kernel for a specific device) are naturally frowned upon and bound to be rejected by the kernel networking community. There are also user-space kernel-bypass solutions, including the Data Plane Development Kit (DPDK).

      Among the most popular open-source projects providing user-space network acceleration are Snabb, netmap, and DPDK. With the recent announcement by Jim Zemlin this April that DPDK project has moved to the Linux Foundation, it seems that this is a good time to get an overview of the current status of this project and its roadmap.

    • [Older but no more paywall] Namespaced file capabilities

      The kernel’s file capabilities mechanism is a bit of an awkward fit with user namespaces, in that all namespaces have the same view of the capabilities associated with a given executable file. There is a patch set under consideration that adds awareness of user namespaces to file capabilities, but it has brought forth some disagreement on how such a mechanism should work. The question is, in brief: how should a set of file capabilities be picked for any given user namespace?

    • [Older but no more paywall] Some 4.12 development statistics

      Linus Torvalds released the 4.12 kernel on July 2, marking the end of one of the busiest development cycles in the kernel project’s history. Tradition requires that LWN publish a look at this kernel release and who contributed to it. 4.12 was, in many ways, a fairly normal cycle, but it shows the development community’s continued growth.

      The 4.12 kernel includes 14,821 non-merge changesets contributed by 1,825 developers. That is not the highest changeset count we’ve ever seen — 4.9 is likely to hold that record for some time — but it comes in at a solid #2. The 4.12 kernel did set a new record for the number of developers participating and for the number of first-time contributors (334), though. This was also a significant release for the growth of the kernel code base: 4.12 has just over one million lines of code more than its predecessor.

    • Graphics Stack

    • Benchmarks

      • Mesa GL Thread Testing With Pentium + Core i7 & RX 580 + R9 Fury

        With Mesa’s GL threading support ready for wider testing and the developers pursuing per-application enabling of this driver-agnostic Mesa OpenGL multi-threading work, here are some benchmarks of mesa_glthread when using a Pentium and Core i7 CPUs as well as a Radeon RX 580 and R9 Fury.

        AMD developer Marek has reported that BioShock Infinite can be around 76% faster, Civilization VI around 20% faster, Alien Isolation by around 60%, among other improvements when explicitly turning on mesa_glthread for games benefiting from this CPU multi-threading behavior. But for other games it can regress the performance, which is why this feature isn’t turned on unconditionally.

      • Benchmarking The Potato & Firefly: New ARM Linux Boards

        When receiving the long-awaited AMD ARM board yesterday I also received Le Potato Libre Computer Board and the Firefly RK3399.

        Le Potato is the recently talked about ARM SBC that is the New Libre-Focused ARM Board Aims To Compete With Raspberry Pi 3, Offers 4K.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • [Krita] Hooray! Watercolor is paintop now! But…

        From the very beginning, watercolor was conceived as brush engine. I think it is the best place for it. But it brings some troubles. The most important problem is how to make undo engine.

        During a new stroke, the system can have previous strokes that continue to change. And it’s not clear how watercolor should behave with the rest of the engines. And I would like to ask your help. If you have any idea about it, please leave it in comments =)

      • Trip report: Google Code-In 2016 Summit at Google headquarter

        Heya fellow KDE people,

        just a couple of weeks ago I got the opportunity to attend the Google Code-In Summit held in several locations scattered around the San Francisco Bay area. I can tell you first hand: It’s been an awesome trip and I encourage anyone else to participate if the opportunity arises.

      • Akademy 2017

        There will be a workshop titled “Playing with the amalgam of QML and JavaScript” conducted by me.

    • GNOME Desktop/GTK

      • An update on cloud providers integration

        A quick update on my work for GNOME during GSoC. The initial work from Carlos has been split into a library handling the cloud provider management called libcloudproviders and a patch for GTK+ to add cloud providers to the GtkPlacesSidebar.

      • Nautilus Devs Working on a New Way to Integrate Cloud Providers

        Work is underway on a new way to integrate cloud storage providers with Nautilus, delivering a more consistent and uniform experience.

      • Indexing multiple languages source code in GNOME Builder

        In previous post, Code Search for GNOME Builder: Indexing, I wrote about how indexing of source code is implemented to support searching symbols in GNOME Builder. After discussing with Christian Hergert, we changed the design of indexing to make it easier to support indexing of source code in languages other than C/C++.

        This is the new design,
        An interface IdeCodeIndexer is created. This interface will take a source file of a particular language and returns a list of info of symbols present in that file. Returned list of symbols are in form of GListModel. Any class that implements this interface can provide indexing support for a language.

  • Distributions

    • OpenSUSE/SUSE

      • Explanation of what BlackSuse is for me

        BlackSuse OS is an opensuse-based system.
        Focused on security penetration testing and other small things
        Our repository is ready.
        The system is 80% functional.

    • Slackware Family

      • Adobe Flash security update July ’17

        This month’s security update for the Flash Player plugin has arrived. The new version is 26.0.0.137 for both the PPAPI (Google Chrome and friends) and the NPAPI (Mozilla Firefox and friends) based plugins.

        I know… Flash is a monster and should be killed. But as long as people need it on Slackware, and as long as Adobe keeps releasing Linux plugin updates, I will package them and add them to my repository.

    • Red Hat Family

      • Innovation fuels open source, but focus gets it to the finish line

        When open source works, like Linux, it becomes a powerful platform that drives innovation across multiple areas, from applications to hardware and even security, where the open source community becomes an asset rather than a liability because they help identify vulnerabilities and fixing them as a community, according to Wright. Further, the emergence of mid-stream organisations like OPNFV now brings together different open source projects, making them accessible by users, and creating environments no only for collaborations, but solutions integration and testing, he adds.

      • The convergence of open source, 5G and service providers

        The open source community, 5G standardisation and service providers are converging towards a singular goal. As Red Hat CTO Chris Wright explains, open source networking projects are now developing the core technologies necessarily for 5G, which has articulated the same requirements for an agile infrastructure capable of support multiple application types.

        And while there is still a gap between open source developed technologies and formal standardisation for 5G, the solutions themselves are rapidly becoming mainstream within service provider environments.

      • Enterprise Mobility Survey Commissioned by Red Hat Reveals Growing Demand for Mobile Applications in ASEAN Countries
      • Finance

      • Fedora

        • Fedora Developers Begin Talking About Their 28 & 29 Releases For 2018

          While Fedora 26 just shipped yesterday, developers are already talking about their very early release estimates for Fedora 28 and Fedora 29 in 2018.

          The Fedora 27 schedule has been firmed up for a while now and puts the change checkpoint completion deadline on 1 August, beta freeze on 5 September, beta release on 26 September, and the estimated release date for Fedora 27 at 24~31 October.

          Fedora Project Leader Matthew Miller has now laid out “super drafty” release schedules for F28 and F29 based on the fact they like early May and late October releases. The May/October cadence allows them to avoid major public holidays while also being timed nicely around GNOME releases, GCC updates in the spring, etc. They try to hit these targets, but release delays often interfere.

        • super-drafty F28 and F29 schedules
        • Download of The Day: Fedora Linux 26
        • Raspberry Pi: Hands-on with Fedora 26

          I previously mentioned that the Fedora 26 release was imminent, and it was released as planned: the release announcement is a bit thin, but the release notes are, as always, very complete. It is worth reading through both of them before starting to install or upgrade Fedora.

          For new installations, the standard Workstation version, which has the Gnome 3 desktop, can be downloaded from the Get Fedora page. Other desktops, and other targets, can be downloaded from the Fedora Spins page.

        • Latest Fedora Project OS Tips its Hat to Container Upgrades

          The Red Hat-backed Fedora Project released the latest version of its open source operating system that powers container management, data center operations, and developer workstations.

          The Linux-based Fedora OS was initially released in 2003 and is the basis for a number of distribution platforms, including Red Hat’s Enterprise Linux platform and the One Laptop Per Child XO project.

        • Fedora 27 Is Hoping For A Unified Database For DNF

          While the DNF 2.0 package manager is found with this week’s Fedora 26 release, DNF developers aren’t done with changes to the package manager for Fedora.

          With the Fedora 27 cycle they are hoping to accomplish a unified database for DNF in handling package management. Currently, DNF makes use of obsolete Yum databases and related to that PackageKit is also using the Yum databases in a “very hacky way” while the goal is to provide a new, unified package database.

    • Debian Family

      • Debian 9 Stretch – Not by a long stretch

        Debian 9 Stretch is a horrible disappointment. It’s a completely unusable product in my scenario, and I see no real reason why I should bother using it. Ubuntu and friends offer a superior experience. Perhaps Debian serves a purposes somewhere, but I fail to see it. What really irks me is that in six or so years since I’ve last tried it, it’s as if nothing at all has changed. Exactly the same kind of issues, only different hardware and kernel modules.

        Perhaps without Debian we wouldn’t have Ubuntu and such. For that matter, we also wouldn’t have pyramids without slaves. But that does not mean we should be grateful for slavery in giving us big stony architecture. Similarly, Debian may be a baseline for many other distributions. But on its own, without a thick layer of customization and changes, it fails horribly on the desktop. This test makes me sad and angry. Because I know an end when I see one. It’s still a few years away, but it will inevitably come. Anyway, completely not recommended. My last venture into Debian this way. We’re done.

      • Derivatives

        • Parrot Linux 3.7 Review Featured with Kernel 4.11 , Debian GNU/Linux 10 Buster, Debian 10 Testing

          A rumor went out in the Linux world that Parrot developer team is trying to switch from Debian GNU / Linux to Devuan GNU/Linux. After the release , they wiped out this rumor via a tweet “Our release team is evaluating a possible migration of our project from Debian to Devuan,”.

          It seems that Parrot developer team is not ready yet to work with Devuan. They mentioned this in a Facebook Status —“It is not an easy migration and we have still to decide what to do.”

        • Canonical/Ubuntu

          • Industrial Kaby Lake module runs Ubuntu

            Arbor’s “EmETXe-i90M0” COM Express Basic Type 6 features 7th Gen Core EQ SoCs, -40 to 85°C support, triple displays, and an optional carrier.

          • Debian vs. Ubuntu: What’s the Difference?

            For the last four years, Debian and Ubuntu have been in the top three Linux distributions on Distrowatch. Since 2005, neither has been out of the top six. Together, they form one of the greatest influences on Linux development, and that influence seems likely to continue for the foreseeable future. They remain closely related, although if you look closely subtle differences in direction and orientation start to emerge

            You may have heard that Debian is a distribution for experts, and Ubuntu for beginners. That is true, so far as it goes. However, that distinction is more historic than contemporary.

            After Ubuntu burst on to the scene in late 2004, it spent several years making the desktop easier to use, especially for non-English speakers. However, thanks to free licenses, Ubuntu’s improvements have spread to most desktop environments.

            Moreover, Ubuntu’s days of interface innovations are largely in the past. Under the direction of the parent company Canonical, Ubuntu development has been focused elsewhere. For over six years, the emphasis was on the development of the Unity desktop into a common interface for phones, tablets, and desktops. Meanwhile, Canonical seems more concerned with OpenStack, embedded systems and servers. Although the recent abandonment of Unity in favor of GNOME could mean a return to innovation on the Ubuntu desktop, it is still too early to tell. For now, Ubuntu seems no more innovative than Debian.

          • [Older but no more paywall] A little surprise in the Ubuntu motd

            At the end of June, Zachary Fouts noticed something on his Ubuntu system that surprised him a bit: an entry in the “message of the day” (motd) that looked, at least to some, like an advertisement. That is, of course, not what anyone expects from their free-software system; it turns out that it wasn’t an ad at all, though it was worded ambiguously and could be (and was) interpreted that way. As the discussion in the bug Fouts filed shows, the “ad” came about from a useful feature that may or not have been somewhat abused—that determination depends on the observer.

            It is a longstanding Unix tradition to print a message of the day when users log in; in ages past, administrators would often note upcoming software upgrades and/or maintenance downtime that way. Typically that message has come from the /etc/motd file, but Ubuntu has long had a way to dynamically generate messages from local system information (e.g. number of package updates or reboot needed) using scripts in the /etc/update-motd.d/ directory. In Ubuntu 17.04, a new script was added that reaches out to a URL and grabs what it finds there to display as the motd.

            [...]

            Ubuntu Product Manager Dustin Kirkland, who is the author of the original dynamic motd as well as the new motd-news feature, soon arrived in the bug thread (after commenting in a related Hacker News thread). In a lengthy comment, he explained how motd-news works along with some history and functioning of the dynamic motd feature he developed back in 2009. He described how Ubuntu is using the feed and how it can be configured to consult a local URL to get news items that would be displayed instead of (or in addition to) the official feed. There are several categories of messages that will be added, including internet-wide problems (such as Heartbleed) or important information about Ubuntu itself (like an EOL date reminder).

          • Yunit packages for ubuntu 16.04 LTS

            The release of Yunit packages for ubuntu 16.04 LTS marks or first milestone, regarding the availability of Yunit for all the supported platforms. Our next steps is to setup a CI infrastructure which will give us the ability to actually start working with the code and start improving Yunit by either fixing existing unity 8 bugs in launchpad or developing new features.

          • Flavours and Variants

            • Ubuntu-Based ExTiX Linux Distro Now Ships with the Budgie Desktop Environment

              ExTiX developer Arne Exton is informing us today about the availability of a new update to his Ubuntu- and Debian-based ExTiX Linux distribution, versioned 17.7.

              ExTiX 17.7 comes as an update for the previous release, ExTiX 17.5, which the developer launched in early May as the first of the GNU/Linux operating system to be powered by a kernel from the Linux 4.11 series, and it introduces the first ever flavor that’s built around the Budgie desktop environment from the Solus Project.

  • Devices/Embedded

Free Software/Open Source

  • Open Source GIS Tools Helping Save Mangrove Forests

    Ecologists Without Borders and Pronatura México are two nongovernmental organizations that have been trying to quantify and, ultimately, help reverse the decline of mangrove forests in the Marismas Nacionales. In the summer of 2015, EcoWB approached the University of Washington looking for students with GIS experience to recommend a solution. EcoWB needed a cost-effective option that was documented in enough detail for their partner organizations in Mexico to implement it themselves. The UW graduate student team recommended that EcoWB use a free and open source GIS toolkit from the Natural Capital Project’s Integrated Valuation of Ecosystem Services and Tradeoffs. The lessons learned from the team’s work, described below, suggest that, in some situations, a free and open source GIS solution is a better option than a proprietary one.

  • GitHub: It’s time to open source open source Terms of Service

    GitHub is asking for feedback and collaboration from its user community in updating its Terms of Service and other site policies.

    The web-based version control and data hosting organisation is effectively saying then that open source Terms of Service, should indeed be open source.

  • Intel’s goals for open source – governance, acceleration and commercialisation

    Intel is an active contributor to multiple open source projects, but there are unifying goals and strategies for the company’s engagement with the open source community. According to Intel’s John Healy, the company’s involvement with open source is to first ensure a democratic environment to foster ideas, technical contributions to accelerate development, and market driven to ensure technologies and solutions reach commercialisation – to ensure the loop is closed.

  • Lyft to open-source some of its AI algorithm testing tools

    Lyft has spent a lot of time building tools that help it simulate the results of machine learning algorithms, and the company plans to make them available more broadly in the near future.

  • LexPredict Goes [Partly] Open Source, Hopes Others Will Follow

    The company will make the core of its ContraxSuite analytics system free and open source while offering retrofitting services at a cost.

  • Yahoo’s Bullet looks ahead in querying streaming data

    A few months back, we posed the question of whether the world needs another streaming engine. Now we’ll extend that question to querying. Virtually each streaming engine has a way to submit queries – otherwise, why would you need a streaming engine? Although streaming engines offer the promise of fresh real-time data, the ugly truth is that they must cache data first. That means that most streaming query engines must look back at data that has already been collected.

    [...]

    The result is the Bullet project, which Yahoo just open sourced on GitHub.

  • Cannonlake Enablement Continues In Coreboot; Still No Sign Of Ryzen For Coreboot

    Intel developers continue working on Cannonlake support for Coreboot while sadly we’ve seen no activity yet for getting Ryzen/Epyc CPUs working with Coreboot.

    Back in June I wrote about Intel prepping Cannonlake Coreboot support and since then that work has continued on getting Coreboot ready to this next-gen successor to Kabylake.

  • Events

  • CMS

    • Recognizing The Human Touch To Open Source Learning Development, The CLAMP Way

      During the recently-held Hack/Doc Fest, the US Collaborative Liberal Arts Moodle Project (CLAMP) took the time to acknowledge some of the people who have helped make this growing alliance what it is and what the alliance has meant for the development of Moodle. But beyond that, the Recognition Awards, given to people chosen by CLAMP’s Steering Committee, are a nod to the human element in the future development of open technologies for the development of critical thinking skills everywhere.

  • Pseudo-Open Source (Openwashing)

  • Funding

    • Startup Buoyant, Owner of Linkerd Project, Banks $10.5 million in VC

      Buoyant, the year-old startup behind the popular open source Linkerd project and creator of the new service mesh category of cloud infrastructure software, has banked $10.5 million in Series A funding.

      The round, announced July 11, was led by Benchmark Capital, with additional participation from #Angels, a female-led investment group of current and former Twitter executives.

  • FSF/FSFE/GNU/SFLC

    • The Many Loves of Richard M. Stallman

      Have you ever met a man you didn’t see why women would cozy up to, but they did? Or, in the interests of non-sexism, a woman you wondered why men liked, but they did?

      That is RMS.

      I suspect women are attracted to him because he is steadfast, moral, and more than a bit of a hero in his own way. He is also a genius, for real, in the sense that he is the only person I have ever known personally who won a MacArthur Foundation “Genius Grant.”

      Wow. If there is ever an all-star team for Mental Sportsball, RMS is sure to be on it. I’d vote for him. Wouldn’t you? And I’m sure a whole lot of attractive women — not necessarily all Free Software devotees — would, too.

  • Openness/Sharing/Collaboration

    • What determines how collaborative you’ll be?

      In the first part of this series, I presented a list of factors that can influence someone’s decision to approach a project or problem with either a cooperative or competitive mindset. In this follow-up article, I’ll present a few scenarios that illustrate the ways these factors can interact to shape specific instances of collaboration or competition.

  • Programming/Development

    • Do you prefer tabs or spaces?

      Tabs versus spaces: What seems like an age-old debate in the development community has seen renewed interested in the past several weeks as a report came out from Stack Overflow revealing that developers who use spaces may make more money than those who use tabs. Who knew that indentation style could have such a big impact on you, personally?

    • Dangerous Logic – De Morgan & Programming

      Programmers are master logicians – well they sometimes are. Most of the time they are as useless at it as the average joe. The difference is that the average joe can avoid logic and hence the mistakes. How good are you at logical expressions and why exactly is Augustus De Morgan your best friend, logically speaking?

    • Fundamentals of graph databases with Neo4j
    • Is every build system using Ninja just as fast as every other?

      One of the most common arguments against Meson is that “it is only fast because it uses Ninja rather than Make, using any other Ninja build generator would be just as fast”. This is always stated as fact without any supporting evidence or measurements. But is this really the case? Let’s find out.

      For testing one needs a project that has both CMake and Meson build definitions. I’m not aware of any so I created one myself. I took the source code of the Mediascanner 2 project, which is using CMake and converted it to use Meson. This project was chosen solely based on the fact that I wrote the original CMake definitions ages ago so I should have a fairly good understanding of the code base. The project itself is a fairly typical small-to-medium project written in C++ with a handful of system dependencies.

    • JavaScript spec gets strung out on padding

      ECMAScript 2017, the latest edition of the specification upon which JavaScript is based, plugs a gap left by awkward extinction of some Node.js code last year.

      In March, 2016, as a result of a naming conflict with instant messaging app Kik, developer Azer Koçulu withdrew more than 250 of his modules from NPM, the service Node.js developers use to install dependencies.

    • 9 cutting-edge programming languages worth learning now

      The big languages are popular for a reason: They offer a huge foundation of open source code, libraries, and frameworks that make finishing the job easier. This is the result of years of momentum in which they are chosen time and again for new projects, and expertise in their nuances grow worthwhile and plentiful.

      Sometimes the vast resources of the popular, mainstream programming languages aren’t enough to solve your particular problem. Sometimes you have to look beyond the obvious to find the right language, where the right structure makes the difference while offering that extra feature to help your code run significantly faster without endless tweaking and optimizing. This language produces vastly more stable and accurate code because it prevents you from programming sloppy or wrong code.

Leftovers

  • Half of the world’s languages are dying. Should we save them?

    There are currently around 7,000 languages being used today, with one language dying every two weeks. UNESCO says that half of the world’s languages may vanish in a century’s time. And, in my home country of India, 220 languages have died in the last 50 years and 197 languages are endangered.

  • Science

    • Students are Better Off without a Laptop in the Classroom

      First, participants spent almost 40 minutes out of every 100-minute class period using the internet for nonacademic purposes, including social media, checking email, shopping, reading the news, chatting, watching videos, and playing games.

    • Lithium/graphene “foil” makes for a great battery electrode

      Lithium ion batteries, as the name implies, work by shuffling lithium atoms between a battery’s two electrodes. So, increasing a battery’s capacity is largely about finding ways to put more lithium into those electrodes. These efforts, however, have run into significant problems. If lithium is a large fraction of your electrode material, then moving it out can cause the electrode to shrink. Moving it back in can lead to lithium deposits in the wrong places, shorting out the battery.

  • Health/Nutrition

    • Access To Medicines For All By 2030: New WHO Strategic Framework Sets Vision

      Access to affordable and quality medicines for all is one of the major commitments of the World Health Organization, and its new medicines and health products strategic framework for the next 15 years calls for new research and development (R&D) models, including delinkage of the R&D costs from the price of products, and fair pricing.

  • Security

    • Open Source Security Podcast: Good docs ruin my story

      Josh and Kurt talk about Let’s Encrypt, certificates, Kaspersky, A/V, code signing, Not Petya, self driving cars, and failures that become security problems.

    • Reproducible Builds: week 115 in Stretch cycle
    • Security updates for Wednesday
    • Cracking The Data Safety Code

      Keeping our data safe online is something that we get told about a lot. That is because as members of the information generation, it’s all too easy for our most valuable assets our identity and privacy to be compromised. But how can we keep our data safer? Read on to find out.

    • Fighting Cyber Threats with an Open Data Model

      From ABTA, to election hacking to WannaCry, it seems not a day goes by without a cyber-attack dominating the headlines. Cybercrime doesn’t discriminate; it affects organizations of all shapes and sizes. Added to this is the mounting pressure caused by the EU General Data Protection Regulation (GDPR) which will penalize organizations that do not comply with laws that aim to keep customer data safe. It’s imperative for organizations to re-evaluate their security posture and plan for the future.

    • Windows 7 and 8.1 receive Patch Tuesday Updates [Ed: Mind last paragraph. Microsoft breaks Vista 7 again with a security update.]

      If an iSCSI target becomes unavailable, attempts to reconnect will cause a leak. Initiating a new connection to an available target will work as expected. Microsoft is working on a resolution and will provide an update in an upcoming release.

    • Hacker Ethic and Free Software Movement

      Why the word hacking go along with computers? The computer gives us a vast area to explore our creativity. It’s huge code base, and their intricacies and the complicated machines offer us opportunities to HACK.

    • Become a Certified Pentester with Super-Sized Ethical Hacking Course
    • 27 000 errors in the Tizen operating system [Ed: PVS Studio 'article' (marketing) that's made by liars. They extrapolate number of POTENTIAL bugs, based on 3.3% of code, then come up with this scary headline.]
    • Highrise

      Today, July 13th 2017, WikiLeaks publishes documents from the Highrise project of the CIA. HighRise is an Android application designed for mobile devices running Android 4.0 to 4.3. It provides a redirector function for SMS messaging that could be used by a number of IOC tools that use SMS messages for communication between implants and listening posts. HighRise acts as a SMS proxy that provides greater separation between devices in the field (“targets”) and the listening post (LP) by proxying “incoming” and “outgoing” SMS messages to an internet LP. Highrise provides a communications channel between the HighRise field operator and the LP with a TLS/SSL secured internet communication.

    • How CIA Agents Covertly Steal Data From Hacked Smartphones (Without Internet)

      WikiLeaks has today published the 16th batch of its ongoing Vault 7 leak, this time instead of revealing new malware or hacking tool, the whistleblower organisation has unveiled how CIA operatives stealthy collect and forward stolen data from compromised smartphones.

      Previously we have reported about several CIA hacking tools, malware and implants used by the agency to remotely infiltrate and steal data from the targeted systems or smartphones.

    • Trump administration has removed Kaspersky from approved suppliers list

      Kaspersky Lab, a private company, seems to be caught in the middle of a geopolitical fight where each side is attempting to use the company as a pawn in their political game.

    • [Older but no more paywall] Breaking Libgcrypt RSA via a side channel

      A recent paper [PDF] by a group of eight cryptography researchers shows, once again, how cryptographic breakthroughs are made. They often start small, with just a reduction in the strength of a cipher or key search space, say, but then grow over time to reach the point of a full-on breaking of a cipher or the implementation of one. In this case, the RSA implementation in Libgcrypt for 1024-bit keys has been fully broken using a side-channel attack against the operation of the library—2048-bit keys are also susceptible, but not with the same reliability, at least using this exact technique.

      The RSA cryptosystem involves lots of exponentiation and modular math on large numbers with sizable exponents. For efficiency reasons, these operations are usually implemented by a square-and-multiply algorithm. Libgcrypt is part of the GNU Privacy Guard (GnuPG or GPG) project and underlies the cryptography in GPG 2.x; it uses a sliding window mechanism as part of its square-and-multiply implementation. It is this sliding window technique that was susceptible to analysis of the side channel and, thus, allowed for the break.

    • All Your Accounts Are Belong to Us

      It turns out someone called in to Verizon claiming to be me. The individual claimed his phone (my phone) had been stolen, and he wanted to transfer service to another device. He had enough information about me to pass whatever verification Verizon required, and if he’d been a little smoother on the phone, he’d have likely gotten my number. It turned out that the Verizon employee felt the call was suspicious and disabled the account instead of transferring service. (I know that only because the employee made a note on the account.) After a stressful day of back and forth, the company I work for was able to get my phone turned back on, and I still have the same phone number I’ve always had—thank goodness.

  • Defence/Aggression

    • Bay Area: Join us 7/19 to discuss technical troubles with drone warfare

      Drone strikes and surveillance are a major component of modern warfare, but few people outside the military understand how these programs work. That’s why former military technician Lisa Ling became a whistleblower after 14 years in the National Guard. She wanted policymakers to know that drones are not reliable, and they can create more problems than they solve.

      Lisa Ling joined the military in 1991, serving as an army medic and nurse before transferring to the Air National Guard (ANG). In the ANG, she became a communications technician working on various types of electronic equipment, including the Distributed Common Ground System (DCGS). Besides her overseas deployments, Lisa was mobilized during a partial unit mobilization of the 234th intelligence Squadron to the 48th Intelligence Squadron at Beale Air Force Base from October 2007 to September 2009. The 48th Intelligence Squadron provides in-garrison and deployed communications, as well as logistics maintenance for the DCGS.

  • Environment/Energy/Wildlife/Nature

    • A truly enormous iceberg just broke loose from Antarctica

      Concluding a months-long deathwatch, one of the largest icebergs ever seen finally separated from Antarctica’s Larsen C Ice Shelf sometime in the last couple days. The 5,800-square-kilometer iceberg contains over a trillion tons of ice. For years, researchers have been keeping an eye on a growing rift in the floating ice shelf that raced toward completion in recent months.

    • Climate scientists push back against catastrophic scenarios

      One of the challenges of discussing climate change is that it really is that bad. Completely realistic projections of things like sea-level rise, loss of agricultural productivity, and so on can sometimes sound like a disaster movie.

      This is a bit of a problem in two ways. The first is that people naturally tend to dismiss possible future outcomes that they don’t want to believe will happen. The second is that, since its predictions are for very negative changes, all of climate science has been branded “alarmist.” In fact, if you do a Web search for “alarmist,” the first results that aren’t basic definitions or the Alarmist Brewery are all about climate change.

  • Finance

    • Uber driver, who says he was once paid under $2 per hour, advances labor lawsuit

      In 2016, Michael Hood, an Uber driver, claimed in a proposed class-action lawsuit last year that he has been misclassified as an independent contractor rather than an employee, and as such is consistently being paid below minimum wage after expenses. At one point in 2015, after expenses, Hood alleges he made under $2 per hour—well below North Carolina’s minimum wage at the time, which was $7.25 per hour.

    • Let us be clear

      I do not share some journalists’ affection for political chaos. It may give us plenty to talk and write about, but its consequences will inevitably be felt more keenly the further one climbs down the socio-economic ladder from Fleet Street and broadcast studios. Nonetheless, as I first began to write this piece earlier last month, I felt confident I had the makings of a quasi-satirical survey of how an election that had looked so good for the Conservative Party when it was called in mid-April could have turned so bad so quickly. And, more pertinently, what impact it would all have on Brexit.

      [...]

      Without this majority, she explained, invariably after stating that she was about to be “very clear”, she would not be able to secure the Brexit terms and conditions most advantageous to the United Kingdom. She had not yet been remotely clear about what these terms and conditions might be, but she was very clear that if she were to lose as few as six seats then “I will lose this election and Jeremy Corbyn will be sitting down with the Presidents, Prime Ministers and Chancellors of Europe”. This was a “cold hard fact”.

    • Southern rail: unions say £13.4m fine is ‘less than a slap on the wrist’

      The Campaign for Better Transport said the fine was “too little, too late”. Spokeswoman Lianna Etkind said: “The Southern fiasco is estimated to have cost the economy over £300m, and the government has already covered millions of pounds in delay repayments on behalf of Southern as well as handing GTR £20m of public money last year as part of an emergency package.”

  • AstroTurf/Lobbying/Politics

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Edward Snowden’s leaks has NSA in damage-control mode, spy agency official tells Lancaster audience

      A high-ranking official of the National Security Agency said in a talk here Wednesday that the electronic surveillance agency is working to improve its public relations in the wake of Edward Snowden’s damaging leaks.

      Jonathan Darby, the NSA’s deputy chief of cybersecurity operations, said the agency realized it had to “get out and talk more about what we do” after Snowden in 2013 revealed ways in which U.S. spy agencies collect phone, email and other communications.

      Darby contended that most of the Snowden-related stories in 2013 were “twisted or dead-out wrong,” and he pushed back on a movie glorifying the former NSA contractor’s actions, saying the leaks put people’s lives at risk.

      Snowden fled to Moscow in June 2013 after he was identified as the source of information several newspapers printed about previously undisclosed NSA surveillance programs. Snowden remains in Russia, where he was granted asylum until 2020.

    • Amazon may give developers your private Alexa transcripts

      According to sources reported by The Information, Amazon is currently looking at opening up this private transcript data to its developers, which could help them build better voice apps for Alexa. It would also raise serious privacy concerns for users.

    • How Trump Can Avoid Impeachment: Order NSA to Declassify All Intel On Democratic Email Leaks

      So if Trump is innocent, his best shot at avoiding impeachment is order the NSA to declassify its data on the “hacking” of the DNC’s servers and Podesta emails.

    • LAWSUIT STARTED AGAINST NEW DUTCH DATA MINING LAW

      Twelve organizations teamed up to file a lawsuit to stop the implementation of a new data mining law in the Netherlands. The new law was adopted by the Dutch Senate on Tuesday and gives the intelligence services more capabilities to spy on internet traffic on a large scale.

      “We trust that the Dutch judges will pull the brake and say: this law goes too far”, human rights lawyer Jelle Klaas, who is representing the coalition of organizations in their lawsuit, said to RTL Nieuws. The coalition includes the Public Interest Litigation Project, civil rights organization Privacy First, the Dutch Association of Journalists, the Dutch Association of Criminal Law Attorneys and the Platform for the Protection of Civil Rights.

    • Bosses told to stop snooping on employees’ Facebook profiles
    • Your Facebook Messenger app is about to be filled with ads

      After forcing Facebook users to switch to a separate Messenger app to continue chatting, the social network is about to start pushing adverts on those using the function.

    • Six major US airports now scan Americans’ faces when they leave country

      The Department of Homeland Security has been pushing a plan that if enacted would require all Americans submit to a facial-recognition scan when departing the country. This step would be a way to expand a 2004 biometric-tracking law meant to target foreigners.

    • Face scans for Americans flying abroad stir privacy issues

      Pilots projects are underway at six U.S. airports – Boston, Chicago, Houston, Atlanta, New York City and Washington, D.C. DHS aims to have high-volume U.S. international airports engaged beginning next year.

      During the pilots, passengers will be able to opt out. But a DHS assessment of the privacy impact indicates that won’t always be the case.

  • Civil Rights/Policing

    • EFF Condemns Detentions at Turkish Digital Security Meeting

      EFF believes that everyone should be free to learn to protect themselves online and that this is information they have the right to share. Digital security trainings like this one are frequently held across the world to educate lawyers, journalists, and human rights advocates on how best to protect themselves and their communities. Teaching or learning these skills is certainly no grounds for detention. By conducting this raid, Turkey joins Iran and Ethiopia as countries where innocent citizens are intimidated and arrested simply for learning the basic principles of modern technology.

    • Trump’s FBI Pick Has a Troubling History on Digital Liberties

      During his tenure as Assistant Attorney General in the Bush Administration, Wray vocally defended a range of controversial provisions in the USA PATRIOT Act—including Section 215, which would later provide the basis for the bulk collection of Americans’ telephone metadata.

      When Wray went before the Senate Judiciary Committee in 2003 to defend the PATRIOT Act, a Department of Justice document indicated that Section 215’s business records provision had never been used. Wray insisted that was a sign of restraint: “We try to use these provisions sparingly, only in those instances where we feel that this is the only tool that we can use.” In fact, as the Privacy and Civil Liberties Oversight Board (PCLOB) made clear in its report on the bulk metadata program, Section 215 was sitting fallow because the Bush Administration was already collecting much of that data—without statutory authorization.

      Granted, Wray didn’t have all of the information about that secretive wiretapping program until 2004, which we’ll get into below. Still, his insistence that Section 215 was just an effort to bring counterterrorism powers in line with ordinary criminal authorities reflected a concerning lack of skepticism about the risk of abuse. The same holds for his defense of a range of other PATRIOT Act provisions: “sneak and peek” warrants that allow law enforcement to search first and serve notice later; a reduced bar for obtaining a FISA warrant that one district court later found inconsistent with the Fourth Amendment; and a vaguely worded expansion of the kind of Internet data, some of it potentially very sensitive, that can be collected with a pen/trap order.

      Experience teaches that broad grants of surveillance authority are invariably abused, as the PATRIOT Act has been. During Wray’s confirmation process, lawmakers should press him on his insistence that the Act “helped preserve and protect liberty and freedom, not erode them.”

  • Internet Policy/Net Neutrality

    • Fight: The WIRED Guide to Net Neutrality
    • How to Keep the Fight for Net Neutrality Going

      Today’s digital protest is an important effort to help preserve the net neutrality rules that help uphold a free and open internet. It’s also not enough.

    • Net Neutrality is Not a Pirates’ Fight Anymore

      Under the present net neutrality rules, there’s a clear standard that prevents ISPs from blocking, throttling, and paid prioritization of “lawful” traffic. In addition, they allow Internet providers to be regulated as carriers under Title II.

    • Ajit Pai: the man who could destroy the open internet

      The FCC chairman leading net neutrality rollback is a former Verizon employee and whose views on regulation echo those of broadband companies

    • Trump’s ‘war on the open internet’: tech firms join activists in day of protest

      Comments on the FCC’s new proposal will be open until August and an as yet unscheduled vote is expected later this year.

      [...]

      Another supporter, the Writers Guild of America, has called the move a “war on the open internet”.

    • ‘Groundhog Day’ Dawns for Foes of Trump’s Internet-Rule Rollback

      There are two kinds of people in this world: those who have never heard of net neutrality, and those who are deeply, deeply tired of engaging in the debate over net neutrality.

    • Today’s the Day: Let’s Save Net Neutrality

      You might have noticed something unusual when you visited the EFF website today: our site was “blocked” unless you shelled out for “premium” Internet access.

      As part of the day of action to support net neutrality, we decided to imagine what might happen if FCC Chairman Ajit Pai caves to industry pressure and abandons the net neutrality rules the FCC adopted just two years ago. If you don’t want to live in that future, it’s time to take action.

    • On Wednesday, July 12, everyone can stand up for net neutrality
    • The internet is fucked (again)

      Why was it fucked? Because the free and open internet was in danger of becoming tightly controlled by giant telecom corporations that were already doing things like blocking apps and services from phones and excusing their own services from data caps. Because the lack of competition in the internet access market let these companies act like predatory monopolies. And because our government lacked the will or clarity to just say what everyone already knows: internet access is a utility.

    • How You Can Join Today’s Internet-Wide Day of Action to Save Net Neutrality

      We can win again. Below are three things you can do today to make sure we let everyone in Congress and the FCC know that we won’t let them destroy net neutrality.

    • Net Neutrality Is About Much More Than the Internet

      Will the voice of the people be drowned out by a flood of corporate cash?

    • Tech firms unite for ‘net neutrality’ protest

      A host of internet giants – from social networks to dating apps to porn sites – will join a protest Wednesday against plans to roll back rules protecting “net neutrality”.

      The sites will display a variety of messages, or simulate the potential effects of losing the basic principle of all internet traffic being treated equally.

      The US communications regulator earlier this year voted to remove an Obama-era rule that would prevent the prioritisation – or “throttling” – of data, as well as other measures campaigners consider to be detrimental to the internet.

      Opponents to net neutrality say it stifles innovation and discourages investment in telecoms infrastructure.

    • Tech giants rally today in support of net neutrality

      Technology giants like Amazon, Spotify, Reddit, Facebook, Google, Twitter, and many others are rallying today in a so-called “day of action” in support of net neutrality, five days ahead of the first deadline for comments on the US Federal Communications Commission’s planned rollback of the rules.

      In a move that’s equal parts infuriating and exasperating, Ajit Pai, the FCC’s new chairman appointed by President Trump, wants to scrap the open internet protections installed in 2015 under the Obama administration. Those consumer protections mean providers such as AT&T, Charter, Comcast, and Verizon are prevented from blocking or slowing down access to the web.

    • Here’s how you can participate in Net Neutrality Day if you don’t run a website.
    • Support Net Neutrality

      The FCC wants to destroy net neutrality and give big cable companies control over what we see and do online. If they get their way, they’ll allow widespread throttling, blocking, censorship, and extra fees. On July 12th, the Internet will come together to stop them.

  • DRM

    • Encrypted Media Extensions on the World Wide Web

      Before I continue, I want you to fully realize that with Slackware Linux, your rights are not taken away. You are free to use – or not use – technologies that allow you to watch “protected” content like Netflix videos. Our browsers will work just as well if you choose not to use DRM technologies. The libraries which implement the DRM layer are separate from the Slackware packages containing the browsers (Firefox, Chromium) and are not distributed with the OS. It is up to you to add DRM extensions if you need them. You are and remain in control of your OS.

    • [Older] Amid Unprecedented Controversy, W3C Greenlights DRM for the Web [Ed: see “I know this isn’t specifically Linux related, but I’m shocked we’re not talking about this already.”]
    • EFF has appealed the W3C’s decision to make DRM for the web without protections

      Five days ago, the World Wide Web Consortium announced that it would go ahead with its project of making DRM for web-video, and that the Director, Tim Berners-Lee had overruled or decided not to act further on all objections about the dangers this posed to legitimate and important activities including security audits, accessibility adaptation and competition.

      The W3C has an appeals process, which has never been successfully used in W3C history. If 5 percent of the members appeal a decision by the Director, all members are entitled to vote, and if there’s a majority in favor of overulling the Director, the decision is unmade.

    • Global Web standard for integrating DRM into browsers hits a snag

      Days ago, Ars reported on a controversial decision by the industry trade group that oversees the global development of Web standards. The decision by the World Wide Web Consortium (W3C) to back a standard for implementing digital rights management (DRM) for Web-based content is now under appeal, the Electronic Frontier Foundation announced Wednesday.

  • Intellectual Monopolies

    • Copyrights

      • Canada’s Federal Court upholds interim tariff in Access Copyright ruling

        York University is required to pay the interim tariff established by the Copyright Board of Canada in 2010, Canada’s Federal Court rules in Access Copyright v York University. The court said the tariff is “mandatory, not voluntary”

      • Course Packs For Education Ruled Legal In India: Triumph For Access To Educational Materials

        In 2012, three academic publishers, Oxford University Press (OUP), Cambridge University Press (CUP) and Taylor & Francis, sued the University of Delhi (DU) and Rameshwari Photocopy Service (based at the university) for copyright infringement for photocopying parts of their textbooks and distributing them in course packs – collections of assigned reading materials – exclusively to students for a fee.

        The publishers sought to compel Delhi University to enter into a licensing agreement with the Indian Reprographic Rights Organization (IRRO), that manages certain rights on behalf publishers and other rightsholders in India.

      • Battle over selfies taken by macaque monkey back to court

        The battle over now-famous selfie photographs taken by a macaque monkey will head back to federal court. The US Court of Appeals for the Ninth Circuit in San Francisco on Wednesday will hear arguments on whether an animal can own the copyright to a photograph. The proceedings will be broadcast online.

07.12.17

Links 12/7/2017: Fabric 1.0, Wine Staging 2.12, Exo 0.11.4

Posted in News Roundup at 11:26 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • The New Open Source Business Model: Trading Code for Personal Data

    How do companies make money with open source software? Increasingly, the answer is that they use open source programs to collect personal information from users. Here’s how this new open source business strategy is changing the channel.

    For most of the thirty-three year history of free and open source software, companies that developed open code relied on a set of conventional business models. They revolved around strategies like “freemium” pricing, redistributing of open source software through channel partnerships, creating foundations and selling support services.

  • Nextcloud Launches Free, Secure Outlook Plugin for Home Users, Small Businesses

    Nextcloud released last month the second major update to its Outlook Add-in for the Nextcloud self-hosting cloud server, and now they’re announcing a free-as-in-beer version of the plugin for home users and small businesses.

    The Nextcloud Outlook Add-in version 2.0 brought a lot of goodies to the table, including support for HiDPI (High Dots Per Inch) displays, guidance for first-time users, as well as branding options, but it was only available to enterprise users willing to pay to install the add-on on their Nextcloud servers.

  • OpenStack: Driving the Future of the Open Cloud

    As cloud computing continues to evolve, it’s clear that the OpenStack platform is guaranteeing a strong open source foundation for the cloud ecosystem. At the recent OpenStack Days conference in Melbourne, OpenStack Foundation Executive Director Jonathan Bryce noted that although the early stages of cloud technology emphasized public platforms such as AWS, Azure and Google, the latest stage is much more focused on private clouds.

    According to the The OpenStack Foundation User Survey, organizations everywhere have moved beyond just kicking the tires and evaluating OpenStack to deploying the platform. In fact, the survey found that OpenStack deployments have grown 44 percent year-over-year. More than 50 percent of Fortune 100 companies are running the platform, and OpenStack is a global phenomenon. According to survey findings, five million cores of compute power, distributed across 80 countries, are powered by OpenStack.

  • Lucasfilm & ILM Launch Open Source MaterialX Library

    Lucasfilm and Industrial Light & Magic announced the inaugural open source release of MaterialX Library, a CG tool developed by Lucasfilm’s Advanced Development Group and ILM engineers to facilitate the transfer of rich materials and look development content between applications and renderers. Tatooine. The MaterialX team will host a “Birds of a Feather” meeting at SIGGRAPH in Los Angeles on Monday, July 31 (9:30-11:00am, room 511BC).

  • TIP Players Voice Open Source Misgivings [Ed: Fake 'supporters' of FOSS, pretending to have embraced it while attacking it]

    When Facebook launched its Telecom Infra Project (TIP) in early 2016, open source principles seemed essential to its mission. By encouraging members to pool their expertise, and even forego the royalty payments they would normally expect from intellectual property, Facebook aimed to spur innovation and lower costs in the market for telecom network equipment. (See Facebook TIPs Telcos Towards Open Source Networks.)

  • NFV’s path to Open Source and white boxes

    About a year or so into the progress of the ETSI NFV ISG, an off-camera comment by one of our interviewees highlighted one of the attitudinal roadblocks the ‘movement’ was facing. “Open source software,” he was told by a senior executive at one of the telcos, “would come into his network over his dead body.”

    An unusually strong response, but it did indicate an underlying uneasiness felt by many. Both open source software and ‘whitebox’ servers were still pretty ‘left of field’ to many network technical professionals, despite the fact that their colleagues on the IT side of the house were well versed in Linux (say) and had become increasingly comfortable with so called COTS (commercial off-the-shelf) platforms standing in for specialised appliances for OSS/BSS functions, for instance.

  • What’s the difference between SDN and NFV?

    Software defined networking (SDN), network function virtualization (NFV) and the related virtual network functions (VNF) are important trends. But Forrester analyst Andre Kindness says vague terminology from vendors has created a complicated marketplace for end users evaluating next-generation networking technology. “Few I&O pros understand (these new acronyms), and this confusion has resulted in many making poor networking investments,” he says.

  • A free, open resource to solve our third world problems

    At the core of open source are communities. Communities of like-minded individuals, working together, openly and freely sharing ideas and solutions for the benefit of others.

    Because of the diverse group of global contributors in the open source community, problems are identified and surfaced faster. And, more often than not, progress towards a resolution happens faster and the underlying problems are solved better because of this diversity.

    Read more

  • Lucasfilm, ILM Announce Open Source Release of MaterialX Library

    MaterialX development team to host a ‘Birds of a Feather’ meeting at the ACM SIGGRAPH Conference in Los Angeles, CA on Monday July 31 2017.

  • Why Is Open Source Important to You?

    Liferay is a CMS used for intranets, portals, etc.

  • Bringing together Gitter, IRC, and Slack channels in one place on Riot

    Riot is an Open source platform that uses the Matrix protocol. It’s similar to IRC, but it’s a lot more usable. and what is better, one can integrate IRC, Slack, and Gitter into Riot – so one can interact with users over all these platforms in one place. For example, the image below shows Neuroscience-central/Lobby room that I’ve set up on Riot. But, I’ve also gone ahead and connected this room to the Neuroscience-central/Lobby room on Gitter, and to the #neuroscience-central-lobby channel on IRC. So, everyone on any of these platforms can communicate with each other.

  • Events

    • Going to DebConf 17
    • OpenGL/Vulkan SIGGRAPH Event Set For 2 August
    • Power Management and Energy-awareness Microconference Accepted into LPC

      The Power Management and Energy-awareness microconference has been accepted for this year’s Linux Plumber’s Conference, which runs September 13-15 in Los Angeles, CA. “The agenda this year will focus on a range of topics including CPUfreq core improvements and schedutil governor extensions, how to best use scheduler signals to balance energy consumption and performance and user space interfaces to control capacity and utilization estimates. We’ll also discuss selective throttling in thermally constrained systems, runtime PM for ACPI, CPU cluster idling and the possibility to implement resume from hibernation in a bootloader.”

  • Web Browsers

    • Chrome

    • Mozilla

      • Mozilla Fully Paid Parental Leave Program Officially Rolls Out Worldwide

        For most countries around the world, school is out, and parents are reconnecting with their kids to enjoy road trips and long days. Many of our Mozilla employees have benefited from the expanded parental leave program we introduced last year to spend quality time with their families. The program offers childbearing parents up to 26 weeks of fully paid leave and non-childbearing (foster and adoptive parents, partners of childbearing) parents up to 12 weeks of fully paid leave.

  • Oracle/Java/LibreOffice

    • LibreOffice-Based Collabora Online Office Suite Comes to Univention App Center

      Collabora Productivity today announces the availability of its Collabora Online Development Edition (CODE) cloud-based office suite in the Univention App Center marketplace.

      It would appear that Collabora, Univention GmbH, and Nextcloud have joined forces to publish the free edition of Collabora Online on the Univention App Center that’s available for all Univention Corporate Server customers, a move that will make the management of your own LibreOffice-based online office suite easier than before.

  • Pseudo-Open Source (Openwashing)

  • Licensing/Legal

    • Why OSI License Approval Matters

      Does it really matter if a copyright license is OSI Approved or not? Surely if it looks like it meets the benchmark that’s all that matters? I think that’s the wrong answer, and that OSI license approval is the crucial innovation that’s driven the open source revolution.

      “Open Source” describes a subset of free software that is made available under a copyright license approved by the Open Source Initiative as conforming with the Open Source Definition. Having a standards body for licenses — one which ratifies the consensus of an open community of license reviewers — saves individuals from needing to each seek out a legal advisor to tell them whether a given license does in fact give them the rights they need to build or deploy the software they want. By providing easy certainty, open source gives people permission in advance to meet their own needs and innovate with technology.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • Building a Smart Airsoft Gun with Open Source Hardware

        [matt8588] designed a smartgun rig for his Airsoft shotgun (YouTube, embedded below). He has a Rasperry Pi 3 mounted inside a PEQ box connected to an infrared camera with an IR tac light helping with illumination. A series of buttons control a crosshair pattern superimposed on the camera image, which is displayed on a tablet. You can also reposition the crosshairs to shoot further away. One of the buttons triggers a signal on the transmitter, for setting off Airsoft claymores during battle. A second Pi, a Zero, connects to an BerryIMU sensor that controls a “traffic light” arrangement of 12mm LEDs that warn him when he’s moving the gun too much to be accurate.

  • Programming/Development

  • Standards/Consortia

    • G20 Leaders Statement Includes Reference to Industry-Led International Standards

      Following its meeting in Hamburg, Germany, on July 7-8, the Group of Twenty (G20) released a declaration that includes a positive reference to industry-led international standards.

      The G20 Leaders’ Declaration: Shaping an interconnected world outlines several common goals and objectives for the world’s major economies.

Leftovers

  • Science

    • Deep Partisan Divide on Higher Education

      Based on income levels, Republicans are less positive about higher education the more money they make. Just 31 percent of those who earn at least $75,000 a year in family income view colleges positively, compared to 34 percent in the $30,000 to $74,999 range. And 46 percent of Republicans making less than $30,000 gave higher education positive marks.

    • Study: Education cuts threaten civilised society

      The education cuts [that have been] brought about by the Sipilä government are one of the single most significant threats to civilised society, a new survey among highly educated professionals shows.

    • America hits peak anti-intellectualism: Majority of Republicans now think college is bad

      Republican politicians in recent years have pushed back on the four-year degree, building upon their long-hyped attack on institutes of higher education as bastions of liberal indoctrination.

  • Hardware

  • Health/Nutrition

    • BGH grants compulsory license in preliminary proceedings [Ed: Mark Schweizer, one of the more reliable among the Kats, on patents that will screw very ill people]

      According to its media release of 11 July 2017, the German Federal Court of Justice confirmed the decision of the Federal Patent Court granting Merck a compulsory license to EP 1 422 218 owned by Shionogi. This allows Merck the continued distribution of its antiretroviral drug Isentress, an approved medication for treatment of HIV-patients, on the German market.

  • Security

    • Security updates for Tuesday
    • Windows Phone dies today

      Microsoft is killing off Windows Phone 8.1 support today, more than three years after the company first introduced the update. The end of support marks an end to the Windows Phone era, and the millions of devices still running the operating system. While most have accepted that the death of Windows Phone occurred more than a year ago, AdDuplex estimates that nearly 80 percent of all Windows-powered phones are still running Windows Phone 7, Windows Phone 8, or Windows Phone 8.1.

      [...]

      Microsoft has shied away from officially killing off its phone OS efforts, but it’s been evident over the past year that the company is no longer focusing its efforts on Windows for phones. Microsoft gutted its phone business last year, resulting in thousands of job cuts.

    • Unikernels are secure. Here is why.

      There have been put forth various arguments for why unikernels are the better choice security wise and also some contradictory opinions on why they are a disaster. I believe that from a security perspective unikernels can offer a level of security that is unprecedented in mainstream computing.

    • ‘Hacking’ Of US Nuclear Facilities Appears To Be Little More Than The Sort Of Spying The US Approves Of

      This is where the DHS fell down in its “sharing” of internal documents with the New York Times. No one bothered to correct the Times when it went off on a Stuxnet tangent. This could give some government officials the wrong idea about what’s happening — both here and in foreign nations. There are many people in power who get much of their information from the press. This leads to bad bills being hurriedly crafted and public calls to action based on hearsay from a document someone else viewed. And that’s just here in the US.

      On top of that, there’s how we behave and how we expect others to behave. We’re going to do this sort of thing. So are our adversaries. Both sides will continue to play defense. But going from 0-to-Stuxnet in the DHS’s Ambermobile isn’t a great idea. And it allows US officials to further distance themselves from actions we condone as part of our national security efforts.

    • Kaspersky under scrutiny after Bloomberg story claims close links to FSB

      Shortly after Bloomberg Businessweek published an explosive story under the headline: “Kaspersky Lab Has Been Working With Russian Intelligence,” the security firm released a lengthy statement noting that the company does not have “inappropriate ties with any government.”

      The article, which was published in the early morning hours on Tuesday, says that the Moscow-based firm “has maintained a much closer working relationship with Russia’s main intelligence agency, the FSB, than it has publicly admitted. It has developed security technology at the spy agency’s behest and worked on joint projects the CEO knew would be embarrassing if made public.” Media organization McClatchy made seemingly similar claims in a July 3 report.

    • US restricts use of Kaspersky products by govt agencies

      The US government has removed Kaspersky Lab from a list of approved software suppliers for two government-wide purchasing contracts that are used to buy technology services.

    • Trump administration restricts popular Russian security software

      The Trump administration has discouraged government agencies from using a leading Russian cybersecurity firm’s software amid fears that the firm’s products could serve as a Trojan horse for the Kremlin’s hackers.

    • How I Survived the Internet of Things [Ed: Well, cameras with identical passwords, open ports?]

      Based on these goals I chose to work on home automation with a focus on security and lighting. After considering many things that could be done I chose to implement monitoring of fire, carbon monoxide, power, temperature, water intrusion, perimeter intrusion, and video monitoring. I also implemented lighting control with the goals of power savings, convenience, and having lights on when you come home. When designing and implementing the various subsystems I chose commercial grade monitoring, sensors and controls.

      [...]

      In January of 2017, an estimated 70% of the security cameras in Washington DC were compromised by malware and were not able to stream video. Workers had to physically go to each individual camera and do a fresh install of the original firmware to return them to operation.

  • Defence/Aggression

  • Transparency/Investigative Reporting

    • Owner of The Intercept assisting accused NSA leaker’s legal defense

      The parent company of The Intercept online news outlet announced Tuesday that it is helping the legal defense of the Augusta suspect in the National Security Agency leak investigation. At the same time, The Intercept admitted some fault in Reality Winner’s predicament.

      “The ongoing criminal case prevents us from going into detail,” Intercept editor-in-chief Betsy Reed wrote online Tuesday, “but I can state that, at several points in the editorial process, our practices fell short of the standards to which we hold ourselves for minimizing the risks of source exposure when handling anonymously provided materials.”

    • Prosecutors in Reality Winner Case Push for News Reports to Be ‘Classified’

      U.S. Justice Department lawyers prosecuting former NSA contractor Reality Winner over alleged leaks of classified information regarding Russia’s alleged interference in the 2016 presidential election are arguing her defense team should not be allowed to discuss any classified information, even if it was in news reports.

      In a motion filed Tuesday, federal prosecutors said they had reached an impasse with Winner’s defense team and asked the court to resolve the question in the government’s favor.

    • Assange invites PM to visit him in London

      He has been holed up in the embassy since June 2012 after seeking asylum to avoid extradition to Sweden to face a rape allegation.

  • Environment/Energy/Wildlife/Nature

    • Sixth mass extinction: The era of ‘biological annihilation’

      “We’ve got this stuff going on that we can’t really see because we’re not constantly counting numbers of individuals,” he said. “But when you realize that we’ve wiped out 50% of the Earth’s wildlife in the last 40 years, it doesn’t take complicated math to figure out that, if we keep cutting by half every 40 years, pretty soon there’s going to be nothing left.”

    • Two energy powerhouses join together to make big, grid-tied batteries

      Two large energy companies, Siemens and AES Corporation, are joining together to start a new company aimed exclusively at building utility-grade batteries. The company, called Fluence, will market these large lithium-ion storage systems to utilities and energy providers around the world.

    • Launch Of Book On TRIPS And Climate Change

      A new book being launched in Geneva next week reflects the growing recognition that the World Trade Organization Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) could play a more important role in the mitigation of the climate change, according to the programme of the book launch.

      Wei Zhuang, associate at WTI (World Trade Institute) Advisors, will present on 19 July her book, “Intellectual Property Rights and Climate Change: Interpreting the TRIPS Agreement for Environmentally Sound Technologies.”

      The book addresses whether and to what extent the minimum standards of TRIPS facilitate innovation and transfer of environmentally sound technologies. The book also looks at whether an interpretation of the TRIPS flexibilities can facilitate innovation and transfer of such technologies to address global climate change.

    • Iceberg twice size of Luxembourg breaks off Antarctic ice shelf

      A giant iceberg twice the size of Luxembourg has broken off an ice shelf on the Antarctic peninsula and is now adrift in the Weddell Sea.

      Reported to be “hanging by a thread” last month, the trillion-tonne iceberg was found to have split off from the Larsen C segment of the Larsen ice shelf on Wednesday morning after scientists examined the latest satellite data from the area.

  • Finance

  • AstroTurf/Lobbying/Politics

    • Trump begins to dismantle Obama’s “startup visa” program

      The Trump administration has delayed the implementation of the “International Entrepreneur Rule,” an Obama-era policy that would have allowed more foreigners to start businesses in the US. The administration intends to overturn the rule, which would have gone into effect next week.

      Official notice of the delay, which pushes out the effective date of the regulation until March 2018, will be published tomorrow in the Federal Register. The Department of Homeland Security intends to rescind the rule but is taking public comment during a review period.

    • Trump election commission stops collecting personal voter data—for now

      The Presidential Advisory Commission on Election Integrity made headlines on June 28 when it requested that states hand over registered voters’ full names, political affiliations, addresses, dates of birth, criminal records, the last four digits of their Social Security numbers, and other personal identifying information. The government wants to make all of the data public. Many of the states deem varying parts of the data private—meaning state law forbids them from divulging it.

      So far, Arkansas is the only state that has complied with the commission’s demands. But the commission, put together by President Donald Trump amid allegations of voter fraud on a massive scale during the 2016 election, said it has erased Arkansas’ data. And now the commission, which (among other topics) wants to investigate whether dead people voted in elections the past decade, is telling the rest of the states they don’t need to comply—at least for now.

    • Donald Trump Jr. Might Be a Criminal. He Is Definitely a Liar.

      Did Donald Trump Jr. confess to a crime this afternoon? And if so, does he even know it?

      Since Saturday, Trump Jr. has been windmilling wildly, trying to defend himself against a series of New York Times stories about a June 2016 meeting between young Donald, his father’s campaign manager Paul Manafort, brother-in-law Jared Kushner (now a senior Trump adviser), and a Russian lawyer named Natalia Veselnitskaya. At every step, he’s made things worse for himself, and perhaps his father. But on Monday he may have delivered the knockout punch—against himself.

      Just as the Times published a shocking new piece detailing e-mail messages sent to him by Rob Goldstone, a music publicist, promising “very high level and sensitive information” about Hillary Clinton as “part of Russia and its government’s support for Mr. Trump,” Donald Jr. released the entire e-mail chain himself, on Twitter. In it, he appears to be committing the crime of accepting campaign help from a foreign government. Gleefully.

      “If it’s what you say I love it,” Trump quickly replied to Goldstone, adding, “especially later in the summer,” in what seems to be a reference to when the campaign might deploy such damaging information against its opponent. Goldstone, who represents Russian singer Emin Agalarov, the son of Aras Agalarov, a real-estate tycoon who is a crony of both Trump Sr. and Vladimir Putin, told Trump Jr. that both Agalarovs were urging the meeting with a “Russian government attorney,” and he added, tantalizingly, “I can also send this info to your father via Rhona [Trump’s longtime assistant Rhona Graff] but it is ultrasensitive so wanted to send to you first.”

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Granting NSA permanent bulk surveillance authority would be a mistake

      Early last month, Director of National Intelligence Dan Coats reneged on a promise that the National Security Agency would provide an estimate of just how many Americans have seen their communications collected under Section 702 of the Foreign Intelligence Surveillance Act. It was the same broken promise made to Congress by his predecessor, James Clapper.

      Indeed, for the past six years, the NSA has flummoxed congressional oversight with its reluctance to give lawmakers this kind of hard data. And yet, despite this pattern of obfuscation —of promising transparency and then dialing back said promises—Congress is now debating a bill that would give immense power to that same agency.

    • Californians: Demand That Your Legislature Restore Your Broadband Privacy Rights

      Earlier this year, Congress voted to repeal federal privacy rules that kept your ISP from selling information about who you are and what you do online without your permission. That wildly unpopular vote undid years of work at the FCC to prevent companies that you already pay to access the Internet from also monetizing information about what you look at, what you buy, and who you talk to online.

      Last week, companies like Comcast, AT&T, and Verizon attempted to stall the bill in its first committee in hopes of running out the clock. They failed, but now they will now make every effort to vote the bill down in any one of these next three committees. If the telecom lobby wins in any of these committees, the bill will be stalled for the rest of the year.

    • EFF: ‘Encrypted’ WhatsApp will roll over and give up your data to the NSA

      The EFF provides a handy list called “Who has your back?” which provides us with a very good idea of which social and internet companies share what with the US government. WhatsApp does not do very well in the latest list because of all the things that it does on the quiet.

    • WhatsApp ‘not doing enough’ to defend users against governments

      The EFF noted that unlike some other tech companies, “WhatsApp does not explicitly state that it prohibits third-party access to its user data, nor does it say that third parties are prohibited from allowing WhatsApp user data to be used for surveillance purposes”.

    • Amazon and WhatsApp ‘falling short over privacy’, says pressure group

      The seventh annual Who Has Your Back privacy report analysed the policies and public actions of 26 companies, rating them out of five categories covering industry best practices, privacy policies and their dealing with governments – including two new entries of “promises not to sell out users” and “stands up to National Security Letter (NSL) gag orders”.

    • Comcast, AT&T, WhatsApp all score low on new “Who Has Your Back?” list

      Only a handful of tech companies have earned the Electronic Frontier Foundation’s coveted five-star rating in its annual “Who Has Your Back?” scorecard, released on Monday.

      The top-rated companies for 2017 include Adobe, Credo Mobile, Dropbox, Lyft, Pinterest, Sonic, Uber, Wickr, and WordPress. Notable names among the lowest-rated companies include Comcast, AT&T, T-Mobile, Verizon, Amazon, and WhatsApp.

      The EFF’s Who Has Your Back? report analyzes and evaluates how companies deal with user data when government entities come seeking it. “Third-party companies hold more and more of our personal data as technology and user practices evolve,” the EFF writes in its initiative description. “The annual Who Has Your Back? report encourages companies to protect users from government requests for data and helps users make informed choices about their Internet use.”

    • Facebook Is Fighting A Gag Order Over Search Warrants For User Account Information

      Tech companies and civil liberties groups are backing up Facebook in its challenge to a court order that bars it from notifying users about warrants for their information.

    • Facebook Back In Court Challenging More Law Enforcement Gag Orders

      Facebook is at it again, hoping to make law enforcement agencies second-guess their secrecy demands. It recently successfully challenged gag orders attached to 381 warrants served to it by Manhattan DA Cyrus Vance’s office. It also forced Minnesota law enforcement to retract warrants seeking information from a police shooting victim’s girlfriend’s Facebook account by challenging the secrecy added to the demand for data.

    • News industry decries Facebook’s “digital duopoly,” wants government help

      The News Media Alliance, a trade group representing almost 2,000 news organizations, has asked US Congress for an exemption to antitrust law so that it can “negotiate collectively” with Google and Facebook.

      The Alliance, formerly known as the Newspaper Association of America, complains that the two dominant Internet companies form a “de facto duopoly that is vacuuming up all but an ever-decreasing segment of advertising revenue.”

    • Facebook Messenger globally tests injecting display ads into inbox

      Facebook Messenger is expanding its display ad beta test that lets businesses buy space between your chat threads. Later this month, a small percentage of users will start seeing ads in the Messenger app’s home tab.

    • Dutch Senate votes in favor of dragnet surveillance powers

      Late last night the Dutch Senate passed the bill for the new Intelligence and Security Services Act. With the Senate’s vote, a years-long political battle has come to an end: the secret services have been afforded dragnet surveillance powers.

    • End-to-end encryption back door ‘a bad idea’
    • Singapore’s proposed cybersecurity bill should put many on notice

      Singapore’s proposed cybersecurity bill has prompted the need for clarification around the licensing of service providers, government liability, and customer confidentiality, but its aim to push cybersecurity as a top priority for all businesses is certainly now accomplished.

      The Singapore government on Monday unveiled details of the draft bill, outlining new legislations that would require operators of local critical information infrastructures (CIIs) to take steps to safeguard their systems and swiftly report threats and incidents. Released by the Ministry of Communications and Information (MCI) and Cyber Security Agency (CSA), the proposed new laws also would facilitate information sharing across critical sectors and require selected service providers as well as individuals to be licensed.

  • Civil Rights/Policing

    • Third Circuit Appeals Court Establishes First Amendment Right To Record Police

      Early last year, a federal court judge decided filming police officers was not protected by the First Amendment. How the court arrived at this conclusion was by narrowly defining the First Amendment as only protecting “expressive” speech. Simply documenting activity was somehow not covered by the First Amendment, according to the government’s theory (the city of Philadelphia, in this case).

      According to the district court, expression is key. It was the wrong conclusion to reach, but it helped some Philadelphia police officers escape being held accountable for retaliatory arrests of citizen photographers. Even worse, it created a chilling effect for citizen photographers in the court’s jurisdiction, giving them a publish or die be arrested mandate.

    • FBI didn’t need warrant for stingray in attempted murder case, DOJ says

      Weeks before a key hearing, federal prosecutors have submitted their formal opposition to an attempted murder suspect’s recent efforts to suppress evidence found through the warrantless use of an FBI cell-site simulator, better known as a stingray.

      The Tuesday filing reiterates the government’s position in the case known as United States v. Ellis, setting the stage for a key upcoming hearing next month. DOJ officials say that law enforcement’s use of a stingray should not be considered an unreasonable search under the Fourth Amendment and, therefore, it never required a warrant.

  • Internet Policy/Net Neutrality

    • EU Telecom Package: courage over details

      The last discussions on the draft on the European Electronic Communications Code (EECC) before the summer break will take place today and we can only hope for very few changes before the vote on 11 September. The current trend is catastrophic: Pilar del Castillo, the main rapporteur known for her ties with large telcos, is leading to a world of monopolies were very few telcos (3 or 4, she may hope!) would share the whole EU market on optic fiber and radio spectrum. Very few latitude will be allowed to the national regulatory authorities (NRAs) to regulate the market and ensure that the core values also promoted by the European Union will be protected.

    • The Duct Tape Holding the Internet Together

      Due to a security issue with our domain registry, another registrar (not the one that manages our domain) was able to incorrectly mark our domain name as pending deletion. Per the ICANN specification, when a domain has “Pending Delete” status, it’s no longer included in the zone file and becomes inaccessible even if DNS records are configured correctly.

    • AT&T is joining tomorrow’s net neutrality protest, but it hates the FCC’s net neutrality rules

      AT&T is hardly a fan of net neutrality, at least as most people understand it. The company has been accused by the FCC of violating open internet protections, and has forcefully lobbied against the current rules. It’s even joined in lawsuits to block them.

    • AT&T joins net neutrality protest—despite suing to block neutrality rules

      AT&T says it is joining a big protest to save net neutrality—even though the company previously sued the US Federal Communications Commission in a failed attempt to get the commission’s rules thrown out.

      “Tomorrow, AT&T will join the ‘Day of Action’ for preserving and advancing an open Internet,” AT&T Senior Executive VP Bob Quinn wrote in a blog post this afternoon.

    • AT&T Pretends To Love Net Neutrality, Joins Tomorrow’s Protest With A Straight Face

      You’d be hard pressed to find a bigger enemy of net neutrality than the fine folks at AT&T. The company has a history of all manner of anti-competitive assaults on the open and competitive internet, from blocking customer access to Apple FaceTime unless users subscribed to more expensive plans, to exempting its own content from arbitrary and unnecessary usage caps while penalizing streaming competitors. AT&T also played a starring role in ensuring the FCC’s 2010 net neutrality rules were flimsy garbage, and sued to overturn the agency’s tougher, 2015 rules.

    • Telecom Industry Feebly Tries To Deflate Net Neutrality Protest With Its Own, Lame ‘Unlock The Net’ Think Tank Campaign

      With this week’s net neutrality protests being joined by the likes of Google, Facebook, Amazon, Netflix, Reddit and hundreds of startups and small companies, the cable and broadcast industry appears to be getting a little nervous. So far they’ve had a relatively easy time convincing FCC boss Ajit Pai to not only dismantle the rules, but to blatantly ignore the massive public support the rules enjoy. Pai’s even turned a blind eye as somebody used a bot to stuff the agency’s public comment system with bogus support for the telecom industry’s horrible idea.

    • The FCC Insists It Can’t Stop Impostors From Lying About My Views On Net Neutrality

      So we’ve been talking for months now about how the Trump FCC has quite intentionally turned a blind eye to fraudulent comments being posted to the agency’s net neutrality proceeding, since the lion’s share of these bogus comments support the agency’s plan to gut the popular consumer protections. Numerous people say they’ve had their identities lifted by somebody that has used a bot to populate the agency’s comment system with hundreds-of-thousands of fake comments supporting the telecom-industry backed effort. Calls by these folks (and a few Senators) for an investigation have been simply ignored.

    • Defending Net Neutrality: A Day of Action

      As always, Mozilla is standing up for net neutrality.

      And today, we’re not alone. Hundreds of organizations — from the ACLU and GitHub to Amazon and Fight for the Future — are participating in a Day of Action, voicing loud support for net neutrality and a healthy internet.

      “Mozilla is supporting the majority of Americans who believe the web belongs to individual users, without interference from ISP gatekeepers,” says Ashley Boyd, Mozilla’s VP of Advocacy. “On this Day of Action, we’re amplifying what millions of Americans have been saying for years: Net neutrality is crucial to a free, open internet.”

    • Net neutrality protests to blanket internet

      Major technology companies and tech advocacy organizations are banding together in a last-ditch effort to save the Federal Communication Commission’s net neutrality rules.

    • Join Us in the Fight for Net Neutrality

      Automattic strongly believes in a free and open Internet and it’s hard to imagine a truly open Internet without Net Neutrality.

    • The Who’s Who of Net Neutrality’s ‘Day of Action’

      Here’s where seven internet giants stand on the issue, and what a world with fast and slow lanes might mean for them.

    • Net Neutrality: The July 12 Internet-Wide Day of Action protest and what to expect

      Who will come together for the protest: More than 180 companies including Amazon, Twitter, Etsy, OkCupid, and Vimeo, along with advocacy groups such as the ACLU, Change.org, and Greenpeace, will join the protest and urge their users and followers to do the same.

    • Why the 12 July protest to protect net neutrality matters

      What can people do? Tell the FCC and Congress to protect the open web through BattleForTheNet.com, or through one of the widgets on many popular websites on Wednesday.

    • Ars Technica supports net neutrality

      To explain how the current rules work, Ars Senior IT Reporter Jon Brodkin today takes us on a deep-dive into net neutrality and the current “Title II authority” behind the rules. If FCC Chairman Ajit Pai, appointed by President Donald Trump, revokes the rules, as he says he will, “Title II provisions related to broadband network construction, universal service, competition, network interconnection, and Internet access for disabled people would no longer apply.”

    • If You Want To Protect The Internet, Look To Congress

      As you probably know (because it’s almost unavoidable across the web), today is the “Day of Action” on behalf of net neutrality. Tons of other sites are participating in various ways. Many are popping up widgets, warning you of how crappy the internet might become if broadband access providers were allowed to create the kind of internet they dream of — one in which they are the gatekeepers, and where they get to put tollbooths on services trying to reach you. But you already know about all that, because you already read Techdirt, and we’ve been talking about this for over a decade. Many sites are encouraging you to comment on the FCC’s proceedings — which you absolutely should do (even as the FCC itself is making a mockery of the commenting process, by allowing bogus and fraudulent comments in.

      [...]

      Second: while you absolutely should go and file FCC comments (and I highly recommend first reading this guide to filing impactful FCC comments from a former top FCC staffer), this fight is going to end with Congress one way or the other. Two months ago we wrote about the real game plan to destroy net neutrality, and you can see it playing out in realtime. Ajit Pai’s move to get the FCC to repeal the rules is an effort to force the hand of Congress, and make it come in and create new regulations. Indeed, if you look around, it’s not hard to find lots of opeds from telco-funded folks about how “Congress should solve this” (all of which pretend to support net neutrality). And, yes, this is the kind of thing that Congress should solve — if we trusted Congress to actually do what was in the interest of the public, rather than the interests of the broadband access providers. But, right now, you shouldn’t. After all, this is the same Congress that happily voted to kill broadband privacy rules, and then seemed shocked that this upset people.

    • How to write a meaningful FCC comment supporting net neutrality

      Gigi Sohn was a top counselor to former FCC Chairman Tom Wheeler when the commission reclassified ISPs as common carriers and imposed net neutrality rules against blocking, throttling, and paid prioritization. Yesterday, she published a post on Mashable titled “4 steps to writing an impactful net neutrality comment (which you should do).” Even if the FCC repeals net neutrality rules, meaningful comments could help net neutrality advocates argue in a future court case that the rules should be reinstated, she wrote.

      Before joining the FCC, Sohn was president and co-founder of the advocacy group Public Knowledge, which still plays an active role supporting net neutrality rules and other consumer protection regulations. She left the FCC after the election of President Donald Trump and took fellowship positions with Georgetown Law’s Institute for Technology Law & Policy, Open Society Foundations, and Mozilla.

    • If FCC gets its way, we’ll lose a lot more than net neutrality

      The Republican-led Federal Communications Commission is preparing to overturn the two-year-old decision that invoked the FCC’s Title II authority in order to impose net neutrality rules. It’s possible the FCC could replace today’s net neutrality rules with a weaker version, or it could decide to scrap net neutrality rules altogether.

      Either way, what’s almost certain is that the FCC will eliminate the Title II classification of Internet service providers. And that would have important effects on consumer protection that go beyond the core net neutrality rules that outlaw blocking, throttling, and paid prioritization. Without Title II’s common carrier regulation, the FCC would have less authority to oversee the practices of Internet providers like Comcast, Charter, AT&T, and Verizon. Customers and websites harmed by ISPs would also have fewer recourses, both in front of the FCC and in courts of law.

      Title II provisions related to broadband network construction, universal service, competition, network interconnection, and Internet access for disabled people would no longer apply. Rules requiring disclosure of hidden fees and data caps could be overturned, and the FCC would relinquish its role in evaluating whether ISPs can charge competitors for data cap exemptions.

  • DRM

    • People Would Pay A Hell Of A Lot More If DRM Were Gone

      An argument that we’ve made for years is that for all the whining about how the legacy entertainment industry insists it needs DRM, adding DRM takes away value. It limits the content/games/software/etc. that people purchase a license to and therefore limits the value. You don’t need an economics degree to recognize that providing less value decreases how much people are willing to pay (and how many people are willing to pay). Thus, there’s at least some economic force when using DRM that decreases the potential market for DRM’d offerings. Supporters of DRM will likely counter with some version of the argument that this decrease in value/addressable market is okay, because it’s less than the expected decrease in the potential market that happens when “OMG I CAN GET A PIRATED VERSION FOR FREE!?!?!?!??” enters the market. I’m not entirely convinced that’s true — as time and time again, we’ve seen that people are more than happy to pay for (1) official versions in order to support creators they know, appreciate and trust and (2) especially when it comes with other benefits beyond just the content.

    • Intel Is Working On HDCP Content Protection For Linux Graphics Stack

      While sure to face opposition by some free software fans, Intel developers have begun working on High-bandwidth Digital Content Protection (HDCP) support for the Linux Direct Rendering Manager (DRM) code.

      High-bandwidth Digital Content Protection is the form of copy protection for being able to secure audio/video over DP/DVI/HDMI connections. HDCP-encrypted content cannot be played on unauthorized devices, prevents snooping of the data in the middle as the data is being sent, etc. HDCP dates back to the early 2000s while the most recent version is HDCP 2.2 from 2013. Intel Linux developers are working on bringing HDCP 2.2 to the open-source Linux DRM kernel code.

    • Encrypted Media Extensions a W3C Recommendation [Ed: Not just graphics DRM. ” Ugh! Linux is about freedom. Go away with your copy protection crap,” as one comment put it]

      Encrypted Media Extensions (EME) have been under review by the W3C Advisory Committee since last March. This report from the committee addresses comments and objections to EME. “After consideration of the issues, the Director reached a decision that the EME specification should move to W3C Recommendation. The Encrypted Media Extensions specification remains a better alternative for users than other platforms, including for reasons of security, privacy, and accessibility, by taking advantage of the Web platform. While additional work in some areas may be beneficial for the future of the Web Platform, it remains appropriate for the W3C to make the EME specification a W3C Recommendation. Formal publication of the W3C Recommendation will happen at a later date. We encourage W3C Members and the community to work in both technical and policy areas to find better solutions in this space.”

  • Intellectual Monopolies

    • Copyrights

      • Court Says DMCA Safe Harbors Disappear Once Infringing Images Are Printed On Physical Items

        A really weird decision with some implications for DMCA safe harbors has come out of a US district court in California. The case revolves around paintings and pictures licensed by Greg Young Publishing International [GYPI], several of which appeared on Zazzle’s website and, consequently, were turned into physical reproductions (mugs, t-shirts, etc.) via Zazzle’s automated print-on-demand process.

        After some discussion about which prints GYPI actually controls for infringement claim purposes, the court gets down to addressing the supposed infringement. Discussing the safe harbor provisions, the court finds Zazzle qualifies for these protections. Sort of. The court says Zazzle qualifies as a provider of online services and, thanks to GYPI never sending any DMCA notices, it had no knowledge of the infringement.

      • Did you hear the one about a monkey suing a photographer for infringement?

        On Wednesday, a federal appeals court will embark on a legal safari of sorts: animal rights activists, representing an Indonesian monkey named Naruto, are set to argue to the San Francisco-based 9th US Circuit Court of Appeals that their monkey client should be recognized as the lawful owner of property.

        The property at issue are a few infamous and viral selfies that the macaque monkey snapped of himself in the Tangkoko reserve on the Indonesian island of Sulawesi in 2011. The monkey’s self-appointed lawyers from the People for the Ethical Treatment of Animals are suing David Slater, the British nature photographer whose camera was swiped by the monkey while the photographer was on a jungle shoot.

      • What If You Published Half Your Book For Free Online?

        Almost exactly 17 years ago, we wrote about an interesting experiment in the movie world, in which the film Chicken Run freely chose to put the first 7 minutes of the film online (in my head, I remember it being the first 20 minutes, but I’ll chalk that up to inflation). I thought it was a pretty clever experiment and am still surprised that this didn’t become the norm. The idea is pretty straightforward — rather than just doing a flashy trailer that may give away much of the movie anyway — you give people the beginning of the actual movie, get them hooked, and convince them it’s worthwhile to go pay to see the whole thing. Of course, that only works with good movies where the beginning hooks people. But… it’s also interesting to think about whether or not this kind of thing might work for books as well.

      • Lessons From South Africa: Protecting Non-Expressive Uses In Copyright Reform

        This week, the South African Parliament began accepting comments on its pending Bill proposing to amend the South African Copyright Act to align it with the digital age. We and other experts and civil society organizations submitted comments praising many of the Bill’s provisions and proposing that it adopt an “open” fair use right. Here we focus on one major reason to adopt an open fair use right – to authorize so-called non-expressive uses of works. We conclude with some reflections on how international law could help in this regard.

      • A loss for culture and research in today’s copyright votes

        Both votes were in favour of the extra copyright for news publishers creating charges for the use of snippets and links.

07.11.17

Links 11/7/2017: Wayland Protocols 1.9 and Fedora 26 Released

Posted in News Roundup at 10:52 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • How open source took over the world

    GOING WAY BACK, pretty much all software was effectively open source. That’s because it was the preserve of a small number of scientists and engineers who shared and adapted each other’s code (or punch cards) to suit their particular area of research. Later, when computing left the lab for the business, commercial powerhouses such as IBM, DEC and Hewlett-Packard sought to lock in their IP by making software proprietary and charging a hefty license fee for its use.

  • Survey: Open Source Is Growing, But the Community Is Troubled [Ed: Borrowing very old report to accentuate negatives and make FOSS look "troubled"]
  • Can 5G embrace open source?

    Phil Robb, Vice President of Operations for Networking & Orchestration, Linux Foundation

    With the standardisation of 5G underway, the open source community is being increasingly pulled into the fray as key enablers of 5G will inevitably rely on their solutions. So far, there is collaboration between standardisation bodies like the 3GPP and the open source community, with closer collaboration on defining requirements and features.

    Phil Robb outlines the growing efforts being made between standards development and the dynamic open source methodology of collaboration, as well as the innate challenges of merging the two worlds.

  • Open Source Is The New Normal In Data and Analytics
  • SPI 2016 Annual Report Released, Details Various OSS Project Financials

    SPI, Software in the Public Interest, has released their annual report covering 2016. SPI, for the uninitiated, serves as the steward to many open-source projects from Arch Linux to the X.Org Foundation to OpenMPI and LibreOffice.

  • Brevent is an Open Source Alternative to Greenify, Works Without Root

    Android gives 3rd-party application developers a lot of freedom when it comes to what they can do on the platform. Google is aware that this might not be the best idea when it comes to battery life and they hope to fix some of the worst offenders in the upcoming Android O update. Until then, and for those who own devices that will not receive the update, we will have to look elsewhere for ways to keep applications from running rampant on our devices.

    For many, this has resulted in us using a popular application called Greenify. This works by letting the user “hibernate” an application when it’s not in use and it has been phenomenal for many of us within the community. If you haven’t had a good experience with Greenify in the past, or maybe you’re just looking for an alternative, I’d like to point you to an open source application called Brevent from XDA Senior Member liudongmiao.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • OpenBSD and the modern laptop

      One thing that never ceases to amaze me is that whenever I’m out and about with my primary laptop at conferences and elsewhere geeks gather, a significant subset of the people I meet have a hard time believing that my laptop runs OpenBSD, and that it’s the only system installed.

  • Licensing/Legal

    • Open Source Lawsuits Have Crossed The Watershed

      In addition to the monetary claim, CoKinetic requests that the global corporation be compelled to comply with the requirements of the GPL and reveal the source code for the software that serves as the basis for the IFE system.

      [...]

      The court has already rejected Hancom’s motion to dismiss the claim in limine (on the start), and in reference to Hancom’s argument, the court asserted, inter alia, that an open source license is tantamount to a binding contract between the parties in all respects.

  • Programming/Development

    • Crossroad 0.7 released and future…

      Last month, I released Crossroad 0.7. Do you remember Crossroad? My tool to cross-compile for Windows from a Linux platform, which I told about a year ago. Well there is not much to say: small release with bug fixes, minor improvements, update of the third-party pre-built Windows package repository (thanks OpenSUSE!), and so on.

      Also there used to be a bug in pip, so any crossroad installed through pip was broken (I had a quick look at the time, and I think it was because it would break the install prefix).

Leftovers

  • Spotify denies filling popular playlists with ‘fake artists’

    The allegation, first made by industry website Music Business Worldwide and brought to wider attention by culture publication Vulture, is that some playlists on Spotify are full of bands with no public profile, few songs, but millions of song plays – all as a result of their position on the service.

  • Science

    • Google wants to make sure AI advances don’t leave anyone behind

      For every exciting opportunity promised by artificial intelligence, there’s a potential downside that is its bleak mirror image. We hope that AI will allow us to make smarter decisions, but what if it ends up reinforcing the prejudices of society? We dream that technology might free us from work, but what if only the rich benefit, while the poor are dispossessed?

    • The strange and righteous history of the equals sign

      Robert Recorde was one of those people so extraordinarily ahead of his time that he seemed destined to come to a tragic end. In the 16th century, he made advances in economics, medicine, theology, and poetry. But his greatest contribution is taught to every elementary school child, and it arguably laid the groundwork for modern computer science. He invented the equals sign.

  • Hardware

    • So you say you’d like a keyboard that will last more than 6 months?

      All keyboards work by the same basic principle. When you press a key, you engage a mechanism that completes a circuit, telling the computer to put a character on the screen. Most modern day keyboards, like those you find on a laptop, are “membrane” keyboards. These keys are thin plastic slabs suspended over rubbery domes that squish when you depress them, completing the circuit. They can be made well, but have very short throw (the distance the keys travel down before they bottom out) and virtually no click. You’ll be hard-pressed to find any keyboard nerd that’s particularly fond of them.

  • Health/Nutrition

    • Nokia ‘regrets’ Withings health app backlash

      “The first release of the app was so full of bugs it was incredible. Their new app is appalling and everyone wants the old one back, which we loved.

    • REPUBLICAN LAWMAKERS BUY HEALTH INSURANCE STOCKS AS REPEAL EFFORT MOVES FORWARD

      JUST AS THE HOUSE Republican bill to slash much of the Affordable Care Act moved forward, Rep. Mike Conaway, a Texas Republican and member of Speaker Paul Ryan’s leadership team, added a health insurance company to his portfolio.

      An account owned by Conaway’s wife made two purchases of UnitedHealth stock, worth as much as $30,000, on March 24th, the day the legislation advanced in the House Rules Committee, according to disclosures. The exact value of Conaway’s investment isn’t clear, given that congressional ethics forms only show a range of amounts, and Conaway’s office did not respond to a request for comment.

      It was a savvy move. Health industry stocks, including insurance giants like UnitedHealth, have surged as Republicans move forward with their repeal effort, which rolls back broad taxes on health care firms while loosening consumer regulations which prevent insurance companies from denying coverage for medical treatment. UnitedHealth has gained nearly 7 percent in value since March 24.

    • Law banning filming Utah slaughterhouses ruled unconstitutional

      A federal judge on Friday overturned Utah’s so-called “ag-gag” ban on filming private agribusiness and slaughterhouse operations without permission. US District Judge Robert Shelby said the measure, enacted in 2012, violated the First Amendment.

      The named plaintiff, Amy Meyer, in 2013 faced up to six months in prison for filming—from the side of a public road—a sick cow being moved in a tractor at a slaughterhouse.

    • Incurable gonorrhea is lurking—and we may not see it coming, WHO warns

      At least three people in three different countries have turned up with cases of completely incurable gonorrhea—and it’s unclear what happened to all of them and if they’re spreading the infection to others, officials at the World Health Organization report.

      These cases highlight two big concerns about gonorrhea: one is that resistance to last-line drugs is alarmingly popping up around the world and appears to be increasing; and the second is that we have lousy surveillance and data on this.

      In two reports in PLOS Medicine, the WHO warned of the dangers of drug-resistant gonorrhea infections, which can cause infertility and increase the risk of contracting other infections in those left untreated. Summarizing the latest surveillance data, WHO researchers found worldwide incidence of drug-resistant infections and announced that these are on the rise. However, while the data is worrying, it doesn’t actually demonstrate international increases—because there just isn’t enough data to do so.

    • Nation “Too Broke” for Universal Healthcare to Spend $406 Billion More on F-35

      Though the estimated future cost of the program had previously hovered at a mind-boggling $379 billion, an updated draft that could be submitted to Congress as early as today will reportedly exceed $406 billion—a nearly 7 percent increase.

  • Security

    • The .io Error – Taking Control of All .io Domains With a Targeted Registration

      Given the fact that we were able to take over four of the seven authoritative nameservers for the .io TLD we would be able to poison/redirect the DNS for all .io domain names registered. Not only that, but since we have control over a majority of the nameservers it’s actually more likely that clients will randomly select our hijacked nameservers over any of the legitimate nameservers even before employing tricks like long TTL responses, etc to further tilt the odds in our favor. Even assuming an immediate response to a large scale redirection of all .io domain names it would be some time before the cached records would fall out of the world’s DNS resolvers.

    • security things in Linux v4.12
    • Self-Service Food Kiosk Vendor Avanti Hacked {sic}

      The breach may have jeopardized customer credit card accounts as well as biometric data, Avanti warned.

    • Reliance Jio data breached: Why it matters, what it means for you, and everything to know
    • Technical glitch hits NSE, F&O trading stopped
    • NSE hit by technical glitch, trade halted
    • Inquiry set up after Medicare card details leak

      The Australian Government has set up a review to look into the accessibility of Medicare card numbers by health providers, with former public servant Professor Peter Shergold as its head.

    • Two-factor authentication is a mess
    • Desperately Seeking Security: 6 Skills Most In Demand

      The last several years have seen a slew of reports coming out lamenting the typical enterprise’s ability to recruit and retain quality cybersecurity talent.

      Earlier this year, ISACA’s Cybersecurity Nexus survey found that more than one in four organizations take six months or longer to fill priority cybersecurity positions. Respondents to the survey said that 40% of organizations report receiving fewer than five applications for cybersecurity positions. And if things keep going the way they’re already headed, the problem is only going to get worse. According to the 2017 (ISC)2 Global Information Security Workforce Study conducted by Frost & Sullivan, by 2022 there will be a global shortfall of cybersecurity workers of 1.8 million people.

    • ‘Cybersecuring’ the Internet of Things

      I recently had the chance to talk with the legendary Vint Cerf, one of the founding fathers of the internet. We had a wide-ranging discussion about the past, present and future of the internet, network security and what it would take to successfully, safely and reliably merge the digital and physical worlds, a concept known as the “Internet of Things,” or IoT.

  • Defence/Aggression

  • Environment/Energy/Wildlife/Nature

    • Just 100 companies responsible for 71% of global emissions, study says

      Traditionally, large scale greenhouse gas emissions data is collected at a national level but this report focuses on fossil fuel producers. Compiled from a database of publicly available emissions figures, it is intended as the first in a series of publications to highlight the role companies and their investors could play in tackling climate change.

    • Norway-EU row over crabs could fuel oil tensions in remote Arctic

      What is really at stake is oil, some experts claim, and a coming race for the commodity of which there is a lot in the polar region.

    • Audi manager charged in diesel scandal

      The US Justice Department announced criminal charges against former Audi manager Giovanni Pamio late last week. The 60-year-old manager was on a team concerned with thermodynamics in Audi’s diesel engine department between 2006 and 2015—the years when Volkswagen, Audi, and Porsche were producing diesel vehicles that included “defeat device” software. The illegal software killed the cars’ emissions control system when the cars sensed that they were being driven in real-world conditions and not in a lab where emissions were to be detected and reported to the Environmental Protection Agency (EPA).

    • 220 Cities Losing All Passenger Train Service per Trump Elimination of all Federal Funding for Amtrak’s National Network Trains

      The proposal cuts $2.4 billion from transportation, a 13 percent reduction of last year’s funding, and includes:

      Elimination of all federal funding for Amtrak’s national network trains, which provides the only national network service to 23 states, and the only nearby Amtrak service for 144.6 million Americans;

  • Finance

  • AstroTurf/Lobbying/Politics

    • Wait, what? Trump proposed a joint “cyber security unit” with Russia

      President Donald Trump proposed creating a so-called “cyber security unit” with Russia, then he decided against it after the idea was shot down by pretty much anybody who got word of it, including congressional members of his own GOP party. Trump, after meeting with Russian President Vladimir Putin on Friday, said Sunday that they discussed building “an impenetrable Cyber Security unit” to address issues such as election meddling.

    • Donald Trump’s Proposal to Partner With Putin on Cybersecurity Is a Joke
    • Sharp Partisan Divisions in Views of National Institutions

      Republicans increasingly say colleges have negative impact on U.S.

    • Majority of Republicans Say Colleges are Bad for America (Yes, Really)

      A Pew Research Center survey published Monday revealed voters have grown apart in their support of secondary education since the 2016 presidential election season, when a majority of Democratic and Republican Americans agreed the nation’s universities serve as a benefit for the U.S. Whereas 54 percent of Republicans said “colleges and universities had a positive impact on the way things were going in the country” in 2015, the majority now believe the opposite, with 58 percent saying such institutions negatively impact the state of the union.

    • The G20 proves it. Because of Donald Trump, the world no longer looks to America for leadership

      Donald Trump paused briefly as he and the First Lady reached the top of the steps of Air Force One, gave a quick wave, and was on his way. At 6.05pm, he was heading back to the US, leaving the other members of the G20 disgruntled and defiant, but almost certainly glad he was out of there.

      Until recently, the world looked to the US for leadership at such international forums. But in the six months since Trump entered the White House, that has all changed.

      Now, on issues ranging from trade to climate change, on how to deal with problems such as Ukraine, the US has turned its back on the considered consensus. Even on subjects such as Article Five of Nato’s charter – the part that relates to mutual defence – Trump looks nothing less than wobbly.

  • Censorship/Free Speech

    • China Tells Carriers to Block Access to Personal VPNs by February

      Beijing has ordered state-run telecommunications firms, which include China Mobile, China Unicom and China Telecom, to bar people from using VPNs, services that skirt censorship restrictions by routing web traffic abroad, the people said, asking not to be identified talking about private government directives.

  • Privacy/Surveillance

    • Former Head Of GCHQ Says Don’t Backdoor End-To-End Encryption, Attack The End Points

      When he was head of GCHQ, Robert Hannigan said some pretty clueless things about the Internet and encryption. For example, in 2014, he accused tech companies of ‘facilitating murder’, and joined in the general demonization of strong crypto. Last year, he called for technical experts to work more closely with governments to come up with some unspecified way around encryption.

  • Civil Rights/Policing

    • Are our beliefs so fragile that we would kill over Facebook posts?
    • What ails the Valley? The fight is four pronged

      The fight is not just two pronged. There are multiple problems as well. They include the sermons in Mosques, the spread of propaganda through mobile phones, ideology being spread by journalists, writers and others.

    • Iranian women spark debate by defying hijab rule in cars

      A growing number of women in Iran are refusing to wear a hijab while driving, sparking a nationwide debate about whether a car is a private space where they can dress more freely.

      Obligatory wearing of the hijab has been an integral policy of the Islamic republic since the 1979 revolution but it is one the establishment has had a great deal of difficulty enforcing. Many Iranian women are already pushing the boundaries, and observers in Tehran say women who drive with their headscarves resting on their shoulders are becoming a familiar sight.

    • Bahraini rights activist Nabeel Rajab sentenced to two years in jail

      A Bahrain court sentenced rights campaigner Nabeel Rajab to two years in jail on Monday, supporters said, for allegedly making “false or malicious” statements about Bahraini authorities.

      Authorities at Bahrain’s information affairs office could not immediately be reached for comment. Bahrain has repeatedly denied systematic rights abuses.

    • Oakland Police Chief Doubles-Down on Promoting the Cops Who Covered-Up the Celeste Guap Case

      Inside a federal courtroom this afternoon, the City of Oakland’s mayor and police chief reaffirmed their commitment to establishing a culture of accountability within the city’s troubled department. But after the hearing, Chief Anne Kirkpatrick told reporters that the commanders who mishandled last year’s internal sex-crimes investigation would still be receiving promotions.

      In fact, when asked directly by the Express whether John Lois and Roland Holmgren would still be promoted, Kirkpatrick justified the move, saying that federal-court monitor Robert Warshaw himself signed off on the decision.

  • Internet Policy/Net Neutrality

    • 50 Million US Homes Can’t Get 25 Mbps From More Than One ISP

      We’ve talked for a while how while there has been a lot of hype placed upon the nation’s scattered but modest deployment of gigabit networks, broadband in countless parts of the country is actually getting significantly-less competitive. That’s thanks in large part to the nation’s phone companies, which have increasingly refused to pony up the necessary costs to upgrade their aging DSL networks at any scale. Instead, many have shifted their focus either to enterprise services, or as in the case of Verizon, into trying to peddle ads to Millennials after gobbling up AOL and Yahoo.

      As a result, cable has established a growing monopoly over broadband across massive swaths of the country. This reduced competition has resulted in rampant price hikes (usually in the form of hidden surcharges or arbitrary and unnecessary usage caps and overage fees). But it also has eliminated any real incentive to keep rates low or repair what’s statistically some of the worst customer service in any industry in America.

    • Watching Sites Disappear

      At this point there seem to be some systems problems arising on the web. I have had more than minor difficulty attempting to access http://identi.ca as well as http://quitter.se. Identica has frequently been down as of late. As to Quitter.se it seems that there is a site in the so-called fediverse that is providing a proof-of-concept bit of destruction to the federation between social sites. At the last bit I could see, there was discussion of implementing a routing “blackhole” against the miscreant to keep the rest of the federation operating.1

      Between this and other matters, I do have pause to wonder as of late.2 How does our connected world survive? Frankly, I do not know the answer.

      I have noticed lately that the amount of physical media that I own has increased. If there is a DVD version of a movie that I want to watch again, I may in fact own it. I have a decent catalog of books that I own. That you can search that library catalog at https://www.librarycat.org/lib/alpacaherder is something left unfinished.3 Unlike Sheldon Cooper of The Big Bang Theory, I do not have things barcoded and I do not have the circulation module fired up. It is more an attempt to just track what I own.4

  • DRM

    • “W3C Embraces DRM – Declares War on Humanity” – Lunduke Hour

      The W3C has voted to standardize DRM for all of the Web — in direct opposition to their own Mission Statement. What they are doing could have dire consequences for the entire Web. I yell about that for an hour. Because I’m mad.

    • DRM free Smart TV

      Libreboot is a free BIOS replacement which removes the Intel Management Engine. The Intel Management Engine is proprietary malware which includes a back door and some DRM functions. Netflix uses this hardware DRM called the Protected Audio/Video Path on Windows 10 when watching 4K videos. The Thinkpad T400 does not even have an HDMI port, which is known to be encumbered by HDCP, an ineffective DRM that has been cracked.

      Instead of using DRM encumbered streaming services such as Netflix, Entertain or Vodafone TV, I still buy DVDs and pay them anonymously with cash. In my home there is a DVB-C connector, which I have connected to a FRITZ!WLAN Repeater DVB-C which streams the TV signal to the ThinkPad. The TV set is switched on and off using a FRITZ!DECT 200 which I control using a python script running on the ThinkPad. I also reuse an old IR remote and an IRDuino to control the ThinkPad.

    • Over many objections, W3C approves DRM for HTML5

      A narrower covenant not to sue was proposed, but even this much narrower covenant was rejected. The various members of W3C appeared unlikely agree to any particular set of terms, and ultimately were never polled to see if consensus could be reached. Since the original EME proposal didn’t include such a covenant, Berners-Lee decreed that failure to form one should not be allowed to block publication as an official W3C Recommendation.

07.10.17

Links 10/7/2017: Fedora 26 is Coming, Debian 9 ‘Stretch’ Reviewed

Posted in News Roundup at 11:27 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Toward a Reasonably Secure Laptop

    It’s no secret that hardware selection is one of the biggest hurdles Qubes users face. Finding a computer that is secure, trustworthy, and compatible is more difficult than it should be. In an effort to address the compatibility aspect of that problem, we introduced the Qubes-certified laptop program back in 2015.

    So far, only one laptop has been Qubes-certified: the Purism Librem 13v1. A number of users purchased this laptop comfortable in the knowledge that it would be compatible with Qubes, and it served them well in that regard. However, the Librem 13v1 is no longer being manufactured, and the Librem 13v2 has not undergone Qubes-certification (nor has any other laptop yet). This means that the need for compatible hardware is more pressing than ever.

  • Don’t be scared to open-source your startup’s technology

    To open source or not to open source? If you’re in the software business, this is a question you’re going to face at one point or another. The sooner you tackle it, the better.

    The open-source movement is no underground phenomenon; it’s a fully mature and highly effective method of building software systems. You’re likely running open-source software right now. Every time you use Google you’re using one of the largest and most successful open-source operating systems in the world – Linux. Today’s largest enterprises owe much of their success to the open-source movement — we’re all building on-top of, and borrowing from, each other’s work, and this has powered the era of exponential progress we’re living in.

  • How the Puppet DevOps Tool Is Used to Improve Security, Compliance

    The open-source Puppet configuration management tool is widely used by organizations to enable DevOps processes and workflows. Puppet also plays a strong in enabling security and compliance as well, according to Deepak Giridharagopal, CTO and Chief Architect of Puppet.

  • How Google Turned Open Source Into A Key Differentiator For Its Cloud Platform
  • Haiku fixes year 2038 bug

    As Michel points out in the comments, this means Haiku’ll be good until 4 December 292277026596, about in time for the beta release.

  • cron.weekly issue #88: a forum, kernel 4.12, OpenBSD, systemd, elvish, puppet, vtop & more!
  • Mapping paintings, a new medical image repository, and more open source news
  • FSF/FSFE/GNU/SFLC

    • Roland McGrath steps down as glibc maintainer after 30 years

      Open source luminary Roland McGrath has decided “enough is enough” – after 30 years on the GNU compiler library project.

      As a teenager in 1987 – working back from the age he gives in his mailing list post, as a 15-year-old, in fact – McGrath began writing glibc, and he reckons that devoting “two thirds of my lifespan so far” is “long enough”.

  • Programming/Development

    • A first look at Kotlin’s co-routines on Android

      Co-routines have been the biggest addition in Kotlin 1.1. They are absolutely great because of their power, and the community is still discovering how to make the most of them.

      Simply stated, co-routines are a way of writing asynchronous code sequentially. Instead of filling it all up with callbacks, you can write your lines of code one after the other. Some of them will have the ability to suspend execution and wait until the result is available.

Leftovers

  • It’s the End of Network Automation as We Know It (and I Feel Fine)

    Network automation does not an automated network make. Today’s network engineers are frequently guilty of two indulgences. First, random acts of automation hacking. Second, pursuing aspirational visions of networking grandeur — complete with their literary adornments like “self-driving” and “intent-driven” — without a plan or a healthy automation practice to take them there.

  • Science

    • Here’s why parents should not allow children to click selfies

      According to Dr Godsi one should switch off or leave mobile devices behind when out with family. The method should be applied during meal times as well. Youngsters should have ‘real fun’ instead of ‘pretending’ to be enjoying themselves for the camera.

    • The strange and righteous history of the equals sign

      Robert Recorde was one of those people so extraordinarily ahead of his time that he seemed destined to come to a tragic end. In the 16th century, he made advances in economics, medicine, theology, and poetry. But his greatest contribution is taught to every elementary school child, and it arguably laid the groundwork for modern computer science. He invented the equals sign.

  • Health/Nutrition

  • Security

    • Who’s got your hack back?

      The topic of hacking back keeps coming up these days. There’s an attempt to pass a bill in the US that would legalize hacking back. There are many opinions on this topic, I’m generally not one to take a hard stand against what someone else thinks. In this case though, if you think hacking back is a good idea, you’re wrong. Painfully wrong.

      Everything I’ve seen up to this point tells me the people who think hacking back is a good idea are either mistaken about the issue or they’re misleading others on purpose. Hacking back isn’t self defense, it’s not about being attacked, it’s not about protection. It’s a terrible idea that has no place in a modern society. Hacking back is some sort of stone age retribution tribal law. It has no place in our world.

      [...]

      So this has me really thinking. Why would anyone want to hack back? There aren’t many reasons that don’t revolve around revenge. The way most attacks work you can’t reliably know who is doing what with any sort of confidence. Hacking back isn’t going to make anything better. It would make things a lot worse. Nobody wants to be stuck in the middle of a senseless feud. Well, nobody sane.

    • CIA has hacking tools, says Wikileaks

      The leaked papers have revealed that the agency turned to software which is named BothanSpy and Gyrfalcon to steal user credentials.

    • Linux Malware and Attacks on the Rise [Ed: This whole thing is based on a Microsoft ally from Seattle. Microsoft FUD by proxy, to distract from WannaCry Armageddon?]
    • Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years

      A major compromise of U.S. critical infrastructure will occur in the next couple of years, according to a majority of IT security professionals — and most expect breaches of their own enterprise networks to occur even sooner.

      These serious concerns are among those registered by respondents to the 2017 Black Hat Attendee Survey, the results of which are being published Wednesday. The survey offers insights on the plans and attitudes of 580 experienced security professionals, including many cybersecurity leaders who work in critical-infrastructure industries.

    • LinuxKit and Docker Security

      Docker got its start not just as a container system, but also as a Linux container system. Since then, Docker has developed versions of its container management systems for other platforms, including widely used cloud service providers, as well as Windows and the Macintosh OS. Many of these platforms, however, either have considerable variation in the Linux features which are available, or do not natively supply a full set of Linux resources.

  • Environment/Energy/Wildlife/Nature

    • Lynx could return to Britain this year after absence of 1,300 years

      After an absence of 1,300 years, the lynx could be back in UK forests by the end of 2017. The Lynx UK Trust has announced it will apply for a trial reintroduction for six lynx into the Kielder forest, Northumberland, following a two-year consultation process with local stakeholders.

      The secretive cat can grow to 1.5m in length and feeds almost exclusively by ambushing deer. Attacks on humans are unknown, but it was hunted to extinction for its fur in the UK. The Kielder forest was chosen by the trust from five possible sites, due to its abundance of deer, large forest area and the absence of major roads.

    • Renewable energy is becoming so cheap the US will meet Paris commitments even if Trump withdraws

      Research analysts at Morgan Stanley believe that renewable energy like solar and wind power are hurtling towards a level of ubiquity where not even politics can hinder them. Renewable energy is simply becoming the cheapest option, fast. Basic economics, the analysts say, suggest that the US will exceed its commitments in the Paris agreement regardless of whether or not president Donald Trump withdraws, as he’s stated he will.

      “We project that by 2020, renewables will be the cheapest form of new-power generation across the globe,” with the exception of a few countries in Southeast Asia, the Morgan Stanley analysts said in a report published Thursday.

  • Finance

    • Layoffs in IT sector lead to a dip in popularity of software engineers in marriage market

      ITengineers, once hot property in the marriage market, are no longer such a prize catch, going by matrimonial website trends and even traditional matchmakers.

    • German industry warns UK not to expect help in Brexit negotiations

      German industry has warned Britain not to rely on its help in securing a good Brexit deal, in a stark intervention that strikes a blow at the government’s EU departure plans.

      Senior ministers have repeatedly claimed since the election that Germany’s powerful exporters will exert pressure for a deal handing Britain substantial access to the EU’s markets.

      However, ministers are told that it is up to the British government to limit the economic fallout from its decision to leave the single market. With the government facing new pressure from business to soften its Brexit plans, German industrialists also warn that Britain will struggle to avoid economic damage as a result of exiting the bloc.

      Two of Germany’s biggest industry groups have told the Observer that their main concern during the Brexit process is protecting the single market for the remaining 27 members, even if this harms trade with Britain.

    • UK business group: Government has no ‘clear plan’ for Brexit

      The U.K. government has no “clear plan” for Brexit and needs a “serious fact-based discussion about what the future looks like” outside the EU, Paul Drechsler, president of the Confederation of British Industry lobby group, said Sunday.

      Speaking on Sky News’ Sophy Ridge on Sunday show, Drechsler said that although the U.K.’s exit date of March 29, 2019 was “firmly in the ground” the government should “continue to operate to the principles and rules that we apply today” until it can figure out how to transition to a new system.

      “We are no wiser today than we were 12 months ago in terms of what conditions business will be able to plan on for the future,” said Drechsler, just days after the CBI’s Director General Carolyn Fairbairn made the argument for staying in the single market in a speech at the London School of Economics.

    • Theresa May asks Jeremy Corbyn to help deliver Brexit and support her policies amid Tory leadership plots

      Theresa May will ask Jeremy Corbyn for his support in delivering Brexit and pushing through legislation as she faces up to the “reality I now face as Prime Minister”.

      Mrs May will on Tuesday make a direct appeal to opposition parties to “contribute, not just criticise” and help “clarify and improve” her policies in the Commons instead of undermining them.

      It comes at a time Mrs May’s leadership is at its weakest, amid open calls by Tory MPs for her to stand down following her failure to secure a majority at the election.

    • Improve the Brexit offer to EU citizens, or we’ll veto the deal

      In the European parliament we accept that the Brexit decision was a democratic choice, but we were never convinced Brexit would be a positive development economically: certainly not for the standing of Europe and the UK in the world and, most importantly, not for citizens. The UK proposal only confirms this belief – falling short of its own ambitions to “put citizens first”. If implemented, it would cast a dark cloud of vagueness and uncertainty over the lives of millions of Europeans.

    • Jacob Rees-Mogg denies potential conflict of interest over fund links

      Jacob Rees-Mogg, the Conservative MP vying to lead parliament’s powerful Treasury watchdog, has denied claims that his involvement with an investment fund poses a conflict of interest.

      The prominent Brexiter, a founding partner at Somerset Capital Management, is slugging it out with five other MPs to replace the respected Andrew Tyrie as chair of the Treasury select committee.

      “It’s very hard to see how the select committee could have a specific individual benefit to Somerset Capital,” Rees-Mogg said. “It’s a medium-sized investment firm that would never come into direct contact with the committee.

    • Ex-Sainsbury’s CEO: Brexit means ‘higher prices, less choice, and poorer quality’ at supermarkets

      King, who was in charge of Sainsbury’s for a decade until 2014, told BBC’s Panorama programme: “One can say very clearly what the direction will be: higher prices, less choice, and poorer quality, because all of those dimensions have been improved by these open trading relationships that we’ve had over the last 40 years.

  • AstroTurf/Lobbying/Politics

    • No One Wins the Machiavellian Game of Trump vs. the Press
    • TV networks hide bad ratings with typos, report says

      It’s described as a common practice in the world of TV ratings, where programs with higher ratings can charge advertisers more to run commercials. When an episode performs poorly with viewers, the networks often intentionally misspell the show title in their report to Nielsen, according to the Journal. This fools the system into separating that airing out as a different show and keeping it from affecting the correctly-spelled show’s average overall rating.

    • Donald Trump ‘behaving like a dictator by leaving underqualified socialite daughter to fill in for him at G20′
    • ‘Face like thunder’: how the mood soured at Donald Trump’s first G20

      Friday’s much-anticipated head-to-head with Vladimir Putin went well, in the judgment of the White House, with talks extending amicably well beyond two hours. But Trump, according to one western diplomat, sat with arms folded and a “face like thunder” as he listened to China’s President Xi Jinping speak on trade during a working lunch for leaders. Disagreements between the countries on the question of steel dumping have not been resolved by this latest encounter. There was also some bemusement when Trump’s daughter, Ivanka, stood in for the president when, in the words of a subsequent White House statement, he “had to step out”.

    • One by one, Brexit’s ‘salvations’ are seen to be illusory

      Like Vladimir and Estragon, the British right is waiting for its Godot. For years, Godot manifested himself in the unlikely form of the German car industry. English nationalists invoked its name as if it were a spell that could protect the nation from hard times and harder questions.

      From Boris Johnson and Michael Gove in the Leave campaign, through to Iain Duncan Smith and David Davis today, they convinced 17 million or so voters that BMW would ensure we could have our cake and eat it too. “The first calling point of the UK’s negotiator immediately after #Brexit will not be Brussels, it will be Berlin, to strike a deal,” announced Davis in May 2016. German car manufacturers would want access to the British market. The German government would listen and grant us privileged access to the single market in return.

      As it has turned out, economics has not trumped politics. And although I am instinctively a materialist, I have to admit it rarely does. Try to find an economic explanation for nationalism or religious fanaticism, or for middle-class professionals supporting left-wing parties or working-class voters support for rightwing parties, and your arguments rapidly lose conviction. Economics did not trump politics when Britain voted to leave the EU. It does not trump politics now that 27 countries are determined to preserve the union. And not only as a defence against a return of fascism and communism.

    • May’s deal with DUP faces legal challenge from crowdfunding campaign

      A crowdfunding campaign has been launched to raise funds for a potential legal challenge to Theresa May’s parliamentary deal with the Democratic Unionist party, on the grounds that it breaches the Good Friday agreement.

      Ciaran McClean, the son of one of the founders of Northern Ireland’s civil rights movement, Paddy Joe McClean, is spearheading the challenge of the arrangement through which the DUP gained a £1bn aid package for the region.

      The Green party activist believes the deal, which sees the Conservatives granted an overall majority with the support of the DUP’s 10 MPs, breaches both the landmark 1998 Good Friday agreement and the Bribery Act.

    • Old Man Makes Entire World Watch Vacation Slideshow

      A still photo of the president of the United States angrily explaining something to his wife, who is not paying attention, badly compressed so that it looks pixelated beyond belief, with audio that has been carefully miscued to allow a full second of sheet-music rustle before the brass comes in: David Lynch couldn’t fit that much unease on screen if you gave him two TV shows and a feature film. Our authority figures are crumbling as digital technology scrambles and distorts our feeble attempts to connect with each other, Trump seems to be saying, and for the rest of his film, he pokes and prods at the disconnect between the country’s traditional conceptions of leadership, heroism, and happiness and the all-consuming black hole occupying the White House.

    • US isolated as world leaders unite on Paris climate agreement at G20 summit

      “And the fact that negotiations on trade were extraordinarily difficult is due to specific positions that the United States has taken.”

    • G19 rejects Trump’s pro-fossil fuel agenda

      Investors hail “most ambitious G20 climate statement ever produced”, as world leaders dismiss attempt by President Trump to secure group’s backing for fossil fuels

      The G20 Summit in Hamburg ended in an uneasy compromise between the US and the rest of the group of leading economies, after world leaders refused to bow to pressure from the US to step up support for a new wave of fossil fuel development.

      In a move that was widely interpreted as a victory for the German hosts of the latest G20 Summit in Hamburg, the group’s final statement on climate change underlined that all of the group’s members bar the US regard the Paris Agreement as “irreversible”.

    • ‘Atheist Muslim’ says bigoted Donald Trump supporters have hijacked debate on Islam

      A self-styled “atheist Muslim” author says liberals have stifled criticism of Islam and allowed Donald Trump supporters to hijack debate about the religion from “a position of xenophobia and bigotry”.

      Ali Rizvi claimed those on the left and right of the political spectrum are unable to distinguish between “Islamic ideology and Muslim identity”, preventing honest conversations about the link between religion and terrorism.

      And he accused liberals of maintaining a “devastating double standard” by attacking the illiberal beliefs of Christian fundamentalists while branding people “Islamophobic” for condemning similar views held by Muslims.

    • Court ruling over UK arms sales to Saudi Arabia a ‘deadly blow’ to Yemeni civilians

      A UK court ruling that the government is entitled to continue authorizing arms supplies to Saudi Arabia is a potentially deadly setback to Yemeni civilians, Amnesty International said today.

      The High Court in London dismissed a legal challenge from the NGO Campaign Against Arms Trade (CAAT), which claimed that such arms transfers should not take place because of the clear risk that the weapons supplied would be used to commit serious violations of international humanitarian law in Yemen’s armed conflict.

      “This is a deeply disappointing outcome which gives a green light to the UK authorities – and potentially Saudi Arabia’s other arms suppliers – to continue authorizing arms transfers to the Kingdom despite the clear risk they will be used to commit violations,” said James Lynch, Head of Arms Control and Human Rights at Amnesty International.

  • Censorship/Free Speech

    • How CNN Identified HanAssholeSolo

      Nevertheless, it was not necessary to figure out who @HanAssholeSolo was. All CNN had to do was contact him on Reddit if they wanted a comment.

    • Reviewing film censorship in Malaysia

      A painting, a song, a dance and a novel – these are all forms of expression. So too, is a film as art and literature are all forms of expressions.

      When a person expresses himself or herself, he or she is exercising his or her freedom of speech and expression. But these are not absolute. Under international human rights law, freedom of speech and expression may be restricted, but must be through law and only if necessary.

    • Could Philippine senator’s bill criminalising fake news lead to censorship?

      Philippine Senator Joel Villanueva filed a bill in late June that would criminalize the “malicious distribution of false news.” Media groups are warning it could lead to censorship.

      Villanueva’s Senate Bill No. 1492 or “An Act Penalizing the Malicious Distribution of False News and Other Related Violations” defines fake news as “those which either intend to cause panic, division, chaos, violence, and hate, or those which exhibit a propaganda to blacken or discredit one’s reputation.”

      The bill assigns penalties to those who publish “fake news” and even to those who share it, potentially criminalizing social media users who may not fully understand the implications of simply sharing an article with friends.

    • Samizdat: How did people in the Soviet Union circumvent state censorship

      The USSR always had severe censorship, and the rare period of relaxations, for example, during the Second World War, did not change the overall situation. But while in Stalin’s time no one even thought of illegally distributing books and magazines, with the coming of Nikita Khrushchev’s ‘thaw’ and the emergence of the dissident movement the demand for a truthful interpretation of current events and interest in uncensored literature only increased.

    • For China’s censors, livestreaming is a huge headache

      In a show of strength, in anticipation of a huge political event, China is cracking down hard on the one thing it hasn’t been able to control — livestreaming.

      With 731 million internet users in China — of which 300 million have used livestreaming apps — its no surprise that the country’s livestreaming industry is worth an estimated $9 billion.

    • How a proxy is bringing banned Wikipedia to Turkey
  • Privacy/Surveillance

  • Civil Rights/Policing

    • How I learned to stop worrying (mostly) and love my threat model

      I have a healthy level of paranoia given the territory I inhabit. When you write things about hackers and government agencies and all that, you simply have a higher level of skepticism and caution about what lands in your e-mail inbox or pops up in your Twitter direct messages. But my paranoia is also based on a rational evaluation of what I might encounter in my day-to-day: it’s based on my threat model.

    • Brexit: May offering EU workers in UK ‘second-class citizenship’ – MEPs

      Theresa May has been accused of offering EU workers in the UK “second-class citizenship” in a stark warning from the European parliament that it would reject her “damp squib” opening offer on the Brexit negotiations.

      The prime minister, who will on Monday attempt to relaunch her struggling tenure in Downing Street, was told that the EU legislature would “reserve its right to reject any agreement that treats EU citizens less favourably than they are at present”.

    • Rodrigo Duterte’s first year: a human rights disaster the world prefers to ignore

      Rodrigo Duterte’s first year as president of the Philippines should never be forgotten – for all the wrong reasons. For those directly affected by his brutal and lawless “war on drugs”, which has claimed the lives of thousands of people, the only hope is for an end to the suffering. But in the absence of a clear international declaration against Duterte’s disastrous regime, that hope is in vain.

      The sad fact is that much of the suffering Duterte is inflicting was entirely predictable. The Philippines’ human rights institutions are fragile, and Duterte came to office with a well-known record as a mayor who sanctioned death squads to dole out vigilante justice in his city. But the international community failed to respond to his election with due alarm, and it is still failing to realise the sheer destruction the Duterte administration is causing. How bad will it need to get before other nations back away from him?

      Nominally aimed at tackling a much-hyped but poorly understood methamphetamine “crisis”, the scores of extra-judicial killings have resulted in little capture of the networked organised crime Duterte says is behind the “drug menace”. Instead people are gunned down in the middle of the street by vigilantes or by an increasingly brazen police force, whether during arrest or in custody. Their corpses are left in the street, sometimes with a cardboard sign saying “drug user” or “pusher”.

      This is a matter of social cleansing, with many of the victims among the poorest people in Filipino society. And yet many nations refuse to sign a UN declaration condemning the policy.

      [...]

      It doesn’t have to be this way. Duterte is vulnerable and sensitive to foreign criticism, and has little with which to protect himself other than insults. Yet countries such as Australia and the US are providing military assistance to Duterte apparently without applying any serious pressure.

      Their help with airborne intelligence and “special forces liaison” is offered on the pretext of fighting a local militant group supposedly linked to IS, now laying siege to the city of Marawi.

      It’s one thing to overlook Duterte’s war on drugs to help him fight a violent insurgency notionally linked to the so-called Islamic State (IS), but even that flawed alliance has its problems. How can these countries defend their support for a leader who publicly says he is willing to kill civilians – in direct opposition to international humanitarian law?

      Duterte is using IS as a pretext for more abuses, and headlines linking the situation in the southern Philippines to IS with little to no evidence play into his hands. But alas, this tendency has a long history.

  • Internet Policy/Net Neutrality

  • DRM

    • DRM Is Toxic To Culture

      Travelling frequently in Europe, I’ve had the chance to use two approaches to the underground/metro/subway, the Paris Metro and the U-bahn in various German cities. There is a very visible difference between the two, at least in my experience. Here are some sample encounters.

      In Paris, I bought my Metro ticket and then used it in an automated barrier to reach the platform. I noticed lowlife furtively scanning the station and then vaulting the barriers, and I saw armed police at the station to catch the thieves doing this (they didn’t catch any that I saw, and there were several of each at each station).

      By contrast, the U-Bahn in Nürnberg had no barriers. I bought my ticket, boarded the train without fuss, there was no risk of being shot by a policeman targeting a barrier-vaulting cheat, and the system was still clean, efficient and well-used.

    • Day against DRM

      Sunday, July 9, is the Day against DRM. The Document Foundation supports the global campaign led by FSF, to raise the awareness of issues related to the so called Digital Rights Management software. As any other proprietary technology, DRM is killing user freedom of choice, and should always be avoided.

    • How big is the market for DRM-Free?

      They reached a shocking conclusion: DVD players with even minimal circumvention features sell for about 50% more than similarly reviewed DVD players of similar vintage — that means that in a commodity electronics category where the normal profit would be 2% or less, manufacturers that sell a model with just slightly different software (a choice that adds virtually nothing to the manufacturing costs) pocket 25 times the profits.

    • Encrypted Media Extensions: Copyright, DRM and the end of the open Web

      The World Wide Web Consortium (W3C), which sets standards for the Web, has released what it calls a “disposition of comments“, designed to address objections to the controversial Encrypted Media Extensions (EME). EME is officially “a common API that may be used to discover, select and interact with content encryption systems”. In practice, for the first time it builds DRM officially into the very fabric of the Web, a move that will destroy an openness that has underpinned it since its public release in 1991.

      The “disposition of comments” is the formal version of an earlier blog spost by the inventor of the Web, Sir Tim Berners-Lee, which he published back in February. There he explains in more detail why he wants to allow DRM to become part of HTML. It’s clear from both documents that the central argument is that the W3C is simply standardizing an existing situation where many DRM schemes are used, and that by providing a rigorous framework it is making life easier and better for the user. In fact, the W3C even went so far as to insist on Twitter that “There’s no DRM baked in the EME spec.” But as Florian Rivoal pointed out in reply, this is like claiming “Guns are not dangerous if you don’t put bullets in them. We’re just working on guns not bullets, so we’re not doing anything dangerous.”

      [...]

      It is simply tragic that the man who created the World Wide Web, and then, in an act of great generosity, released it freely to the world, should acquiesce in this terrible mistake that will destroy a key aspect of his gift: its openness.

  • Intellectual Monopolies

    • Copyrights

      • Handy: Google Highlights ‘Best Torrent Sites’ in Search Results

        Google is an excellent search engine. The company does its best to present users with relevant information wherever it can. With a reel of popular torrent sites, for example, when users search for it. Or a handy overview of streaming sites such as Netflix, Hulu, Putlocker and Movie4k.to. Whether Hollywood will appreciate this service doubtful though.

      • Would you like a copyright law that said “if Hollywood doesn’t like this law, they can use their own”? Well, you see…

        The net effect of this is that the entire code of the copyright monopoly, except for this one line, is completely nullified. Copyright monopoly law now says “whatever the publisher wants, and it’s criminal to attempt otherwise”. The other provisions never come into effect. This is the result of the insane hubris of lawmakers around the turn of the century insisting on creating a thousand-year copyright reign, innovation and creativity be damned.

        This means that when a book is sold to you in digital format, if the publisher decides you’re only allowed to read your own book at night, or in Ankara, or without any friends nearby, or when you’re marked “single” on Facebook, such insane and normally-utterly-illegal requirements are now the law of the land.

07.09.17

Links 9/7/2017: Wine 2.12, Endless OS 3.2, FreeBSD 11.1 RC2 Released

Posted in News Roundup at 3:17 am by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Fifteen new devices from Technoethical now FSF-certified to respect your freedom

      Last week we happily announced that we awarded Respects Your Freedom (RYF) certification to fifteen new devices from Technoethical (formerly Tehnoetic): the TET-N150HGA, the TET-N300, the TET-N300HGA, the TET-N300DB, the TET-N450DB, the TET-BT4, the TET-X200, the TET-X200T, the TET-X200S, the TET-T400, the TET-400S, the TET-T500, the TET-X200DOCK, the TET-T400DOCK, and the TET-D16. While Technoethical is based in Romania, they are able to ship to many countries around the world. The RYF certification mark means that the products meet the FSF’s standards in regard to users’ freedom, control over the product, and privacy.

      This is a vast expansion of the currently available RYF products, more than doubling the present count. Users now have more options than ever when it comes to devices they can trust. We hope to repeat the feat accomplished this week with even more big launches in the future. Technoethical should be very proud of what they’ve accomplished here, and we look forward to seeing even more new hardware from them.

    • FSF Certifies Another Batch Of Old Hardware For Respecting Your Freedom

      The Free Software Foundation has endorsed fifteen “new” devices under their Respects Your Freedom (RYF) certification.

    • Shadow Icons Looks Great With All Themes, Install in Ubuntu/Linux Mint

      Shadow icon theme is a new comer for Linux desktop, it looks beautiful with all kind of themes. It is meant to be modern clean and customizable, the primary color of this set most likely bluish and many apps icons are in round shape. So basically this theme is mixture of round and normal (square) shape icons, lets see where this theme will head in the future, it should choose shape what users asks. As creator mentioned this icon theme is his first so please bare any bugs or missing icons. You can report bugs or suggest new icons to include in this set via this link. You can use Unity Tweak Tool, Gnome-tweak-tool to change themes/icons.

    • Obsidian Icon Theme Based On Faenza And It Revives Desktop

      Obsidian icons are based on Faenza icon theme which is around from some years but the development of Faenza is almost stopped, hope creator again give some time to his popular icons. Obisidian-1 icon theme offers icons for panels, toolbars and buttons and colourful squared icons for devices, applications, folder, files and menu items, there are two version included to fit with light or dark themes. It is in active development which means if you find any missing icon or problem with this icon set then you can report it via linked page and hopefully it will be fixed in the next update. Arc theme suite used in the following screenshots and you can use Unity Tweak Tool, Gnome-tweak-tool to change themes/icons.

  • Server

    • Privileged Ports Cause Climate Change

      I’m thirty seven years old, which is like ninety nine in programmer years. I’m old enough to remember the earliest days of the public Internet and the first boutique Internet service providers. My first online account was via one called Internet Access Cincinnati (IAC). It provided dialup modem access to a Sun SparcStation 10 where users could run such venerable old terminal applications as elm (a mail client), emacs, lynx (text-mode web browser), and of course IRC.

      Later they added the ability to dial into a CSLIP (predecessor to PPP) terminal server and connect your own Linux or Trumpet WinSock equipped Windows system directly to the Internet with a real bona-fide IP address.

      [...]

      This is all probably water under the bridge. Chances are the path forward will be to develop true secure container multi-tenancy and to achieve with containers what should have been achieved by extending the Unix permission model to networking in user space.

      The purpose of this post is to show how small decisions that nobody really thinks about can have dramatic effects on the future evolution of technology (and society). The 1970s decision to use port numbers as an in-band signaling mechanism to implement cross-system security validation might have been, in retrospect, a trillion dollar mistake that pushed the evolution of the Unix platform down a path of significantly greater complexity, resource use, and cost.

      But hey, maybe it’s not a done deal yet. There’s over a dozen Linux distributions and most of them are doing more or less the same things with a slightly different spin. Implementing something like this would be an interesting way for one of them to differentiate. The first step would be to implement networking permissions something like what was discussed above and to propose it as a kernel patch. For backward compatibility you could make it something enabled via a sysctl setting, or maybe a module (if modules can make changes that deep).

  • Kernel Space

    • daxctl() — getting the other half of persistent-memory performance
    • Gaming hardware support

      The driver landed in kernel 4.10. Note that it only supports the PlayStation 3 version of the tablet, as the Wii and XBox 360 versions require receivers that aren’t part of the package. Here, a USB dongle should be provided.

    • Linux Foundation Continues Networking Project Expansion

      The days when the Linux Foundation was only focused on Linux as an operating system are now long in the past. In recent years, the Linux Foundation has expanded its Collaborative Projects effort to include a growing list of open-source networking efforts, the most recent one being the Open Security Controller Project.

      The Linux Foundation already is the home to several Software Defined Networking (SDN) efforts including OpenDaylight which developer an open-source controller platform.

    • ‘Big 4′ Accounting Firms Are Experimenting With Blockchain And Bitcoin

      In May 2016, Deloitte’s first blockchain lab was created in Dublin followed by a second hub in New York in January this year and more such announcements are expected. Deloitte joined the Ethereum Enterprise Alliance (EEA) and the Hyperledger Project by the Linux Foundation in May 2017.

    • Btrfs RAID 5/6 Support Is “Mostly OK” With Linux 4.12

      I previously reported on Btrfs RAID 5/6 fixes for Linux 4.12 to work on fixing some potentially bad Btrfs RAID 5/6 problems. These changes for Linux 4.12 were enough to elevate the rating of this functionality.

    • POWER Updates Submitted For Linux 4.13

      A variety of POWER architecture updates have been submitted for the Linux 4.13 kernel merge window.

    • Input Updates Submitted For Linux 4.13 Kernel

      Dmitry Torokhov submitted the input subsystem updates today for the Linux 4.13 kernel merge window.

    • Graphics Stack

      • David Airlie Exploring MRT Performance Optimization For RADV

        When comparing differences between the RADV Vulkan driver and the AMDGPU-PRO still-proprietary Vulkan driver, David Airlie has uncovered a new area to explore for potentially getting closer performance out of the open-source driver.

        Airlie has been exploring the performance of MRT, or Multiple Render Targets. MRT is rendering images to multiple render target textures at once and can be used commonly for deferred shading/rendering. Airlie noted some “magic” happening within the AMDGPU-PRO driver and realized it could be a area of performance improvement for not only RADV but also RadeonSI. He explains the technical bits in this mailing list post and these IRC logs.

      • Mesa 17.2 Still Planned For August Release, Feature Freeze In Two Weeks

        Emil Velikov of Collabora has reiterated his release plans for Mesa 17.2 in making it the latest quarterly release to this growing 3D graphics stack.

      • The GSoC Idea

        After the two-part series on the fundamentals of Xwayland, I want to briefly introduce the basic idea for my Google Summer of Code (GSoC) project for X.Org. This means I’ll talk about how Xwayland currently handles the graphic buffers of its applications, why this leads to tearing and how we plan to change that.

        The project has its origin in my work on KWin. In fact there is some connection to my unsuccessful GSoC application from last year on atomic mode setting and layered compositing in KWin. You can read up on these notions and the previous application in some of my older posts, but the relevant part of it to this year’s project is in short the transfer of application graphic buffers directly onto the screen without the Wayland server compositing them into a global scene before that. This can be done by putting the buffers on some overlay planes and let the hardware do the compositing of these planes into a background provided by the compositor or in the simpler case by putting a single buffer of a full screen application directly onto the primary plane.

    • Benchmarks

      • NVIDIA OpenGL vs. Vulkan CPU Core Scaling For Linux Gaming

        At the end of June I posted some Vulkan vs. OpenGL Linux Game CPU Core Scaling using RADV/RadeonSI with a Polaris graphics card. At that time I also carried out some NVIDIA CPU core scaling results in a Vulkan vs. OpenGL manner, but simply forgot to post those numbers until now.

        Due to being preoccupied with other benchmarks, I forgot to post those NVIDIA OpenGL vs. Vulkan CPU core scaling results, but here are those comparison numbers now.

  • Applications

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • 6 Interesting Things on KDE Plasma 5.10

        KDE Plasma 5.10 released at May 30th 2017. This article simply summarizes what’s new from Plasma 5.10.1 (06 June), 5.10.2 (13 June), and 5.10.3 (27 June) for beginners and non-KDE users. Here’s what Plasma Desktop would be if you use it on any GNU/Linux distro today.

      • Let There Be Shapes!

        One of the new features of the upcoming Qt 5.10 is the introduction of the shapes plugin to Qt Quick. This allows adding stroked and filled paths composed of lines, quadratic curves, cubic curves, and arcs into Qt Quick scenes. While this has always been possible to achieve via QQuickPaintedItem or the Canvas type, the Shape type provides a genuine first-class Qt Quick item that from the scene graph’s perspective is backed by either actual geometry or a vendor-specific GPU accelerated path rendering approach (namely, GL_NV_path_rendering).

      • KStars 2.7.9 Released for Linux, Mac, Windows, and Android!
    • GNOME Desktop/GTK

      • Codecs and PackageKit in GNOME Software on Ubuntu Artful

        PackageKit is a distribution-agnostic API for managing installed software packages on a system. For irritating reasons, Ubuntu was stuck for a long time on an old version of PackageKit, but we recently managed to remove the blockers and update to a modern version.

        For me, a really positive thing to come out of this is that we are able to remove our Ubuntu specific apt plugin inside GNOME Software. This plugin uses both libapt and aptdaemon to manage package listing, installation, updating and removal. We had to write all this code, it isn’t in the upstream package, and it has been the source of bugs in the past — bugs which wouldn’t have happened if we had been able to use PackageKit. Once this work is all uploaded to Ubuntu, we’ll be sharing the same plugin as most other distributions, meaning that we all benefit from everybody’s fixes.

      • GNOME Calendar to support creation of recurring events very soon

        The first phase of my GSoC project is over, and I have passed the evaluation for the same. Honestly speaking, it has been quite a difficult start for me. Given that I had to deal with ‘libical’, which is sparsely documented, and also evolution-calendar code, which is hard to understand, I have finally found the flow that was needed for this project.

        For the last 2 weeks I have been working on a modification in edit-dialog that allows the user to create recurring events. The creation part has been taken care of successfully but the editing part (editing recurrence-rules of already recurring events) is not complete.

      • Flat-Remix Icons And Gnome Shell Theme For Ubuntu/Linux Mint

        Flat Remix icons and Gnome shell theme are not new, both were initially released back in the 2015 and are still in active development. The icon set fits perfect on all kind of dark and light themes, it is release under GPL V3 license. Flat remix icons is a pretty simple icon theme inspired on material design. It is mostly flat with some shadows, highlights and gradients for some depth and uses a colorful palette with nice contrasts, and it is compatible with almost every desktop environments such as Gnome, Unity, KDE, Xfce, Cinnamon, Mate and so on. You can report bugs or suggest new icons to include in this icon set via this link. Flat Remix theme is pretty simple and elegant, it is a material design theme for Gnome Shell. If you find any bugs then report here. You can use Unity Tweak Tool, Gnome-tweak-tool to change themes/icons.

      • [Video] Ubuntu Testing Day – GNOME
  • Distributions

    • ArchLabs 5.0: One of the Best, Gets Even Better

      As team of distro-hoppers (and Arch Linux enthusiasts in particular) we have been spending a lot of this year hopping between three of our favourite distros: Manjaro, OBRevenge, and the new kid on the block – ArchLabs.

      Having discovered ArchLabs from a number of great YouTubers including Sudo Reboot and Linux Quest – we were hooked almost immediately with the amazing level of polish and attention to detail evident throughout ever aspect of the distribution. Using Erik Dubois’ modern and beautiful Sardi icon set as a design reference, every element of ArchLabs ties back to performance, usability, and just plain gorgeous design.

    • Endless OS 3.2 Released, Rebases From GNOME Shell 3.8 To 3.22

      Endless OS 3.2 is now available as the newest feature release for this GNOME-based Linux operating system that ships on the budget-friendly Endless Computers and is also available for free to all users.

      Endless OS 3.2 has a number of underlying system updates including to its Linux kernel and Flatpak. On the UI side, there are big updates to its desktop with the re-basing process from GNOME Shell 3.8 to GNOME Shell 3.22. Moving forward, they intend to re-base their desktop changes much more often to allow for a smoother transition to using the newer GNOME code in their operating system.

    • Endless OS 3.2 released!
    • New Releases

      • Sparky 4.6.1 STB

        There is an update of SparkyLinux stable line 4.6.1-STB “Tyche”.
        This is Sparky edition based on Debian stable 9 “Stretch”.

    • Screenshots/Screencasts

    • PCLinuxOS/Mageia/Mandriva Family

      • Success

        In November 2012 I started running an irregular rebuild of all Mageia packages on x86_64, discarding the built packages, to just detect build breakages.

        At first it was running a few times a month, now once a week, except before releases where I run it twice a week.

    • Red Hat Family

      • CentOS and ARM

        The CentOS distribution has long been a boon to those who want an enterprise-level operating system without an enterprise-level support contract—and the costs that go with it. In keeping with its server orientation, CentOS has been largely focused on x86 systems, but that has been changing over the last few years. Jim Perrin has been with the project since 2004 and his talk at Open Source Summit Japan (OSSJ) described the process of making CentOS available for the ARM server market; he also discussed the status of that project and some plans for the future.

        Perrin is currently with Red Hat and is the maintainer of the CentOS 64-bit ARM (aarch64) build. CentOS is his full-time job; he works on building the community around CentOS as well as on some of the engineering that goes into it. His background is as a system administrator, including stints consulting for the defense and oil industries; with a bit of a grin, he said that he is “regaining a bit of my humanity” through his work at Red Hat on CentOS.

      • Finance

      • Fedora

        • Installing Python3.6.1 in your Fedora24/25
        • PHP version 5.6.31, 7.0.21 and 7.1.7
        • Fedora fonts: The Font Strikes Back

          If you happen to be a person who finds the Linux font rendering to be good enough for your ocular sensors, you are a happy bunny. If you are like me, then it’s only Ubuntu that gives you the right sharpness and contrast, and all other distros be heavily lacking in this space. Fedora, first and foremost, which is why I’ve spent months trying to perfect its layout and reading clarity.

          I ranted about the whole font problem in Linux some time ago, and then we also discussed the use of Ubuntu fonts on top of Fedora a couple of months back in another OCS-Mag article. Now, I want to revisit the topic for a third time, and see if we can somehow improve on Fedora’s stock Gnome look, and the way it draws text on the screen. Let us commence hence forth.

        • Fedora Release Time: Welcome F26

          There was a GO / NO GO meeting earlier in the week and the Fedora 26 RC 1.5 build passed. As a result Fedora 26 will be officially released on Tuesday, July 11th. According to the original schedule, F26 was set to be released on June 6th. It got bumped 5 times during the alpha and beta phases but that pretty much always happens to this distro that is constantly leading the pack with innovation.

          What are the new features? I don’t think the release announcement will be made public until release day but you can check out the changeset. Just be aware there are a ton of normal updates beyond the changeset and I mean… how about that new desktop background? LXQT users will also be happy to have their own Spin now. Don’t forget that Fedora appears to be supporting quite a few arches, some as primary and others as secondary. Not as many as Debian and Gentoo but still. Which arches? aarch64, armhfp, i386, ppc64, ppc64le, and x86_64. I’m only using the later myself.

    • Debian Family

      • How to install Debian+LXDE on ANY Android Tablet

        Running a linux distro on android devices is a hot topic these days, and why not? After all, android is already based on linux kernel, but a pretty much locked-down and dumbed-down version of it. The OEM doesn’t give you root and in most cases, not even an open source bootloader and/or kernel. That way, its good for maybe the most average user who doesn’t care about the OS and just want to use their phones. But for a power user, that’s not enough.

      • Derivatives

        • Not So Fast, Slick or Why Did it Take Devuan Two Years to Replace Systemd?

          Recently, a guy asked me two questions: If it is so easy to uninstall and switch init systems why did it take devuan 2 years to figure it out? Why are so many struggling to make something so easy work?

        • Canonical/Ubuntu

          • Ubuntu Desktop Weekly Update: July 7, 2017
          • Ubuntu Server Development Summary – 07 Jul 2017
          • Canonical’s support for Kubernetes 1.7 on Ubuntu released

            The official Ubuntu install of Kubernetes is first to deliver the new Kubernetes 1.7 release with full enterprise support.

            This is a Canonical distribution of pure-upstream Kubernetes, designed for ease of deployment and operations on public clouds and on-premise on bare metal, VMware, or OpenStack. The Canonical distribution osf Kubernetes is also easy to spin up on developer laptops using LXD containers for component isolation and distributed system simulation.

          • OpenStack in a Snap

            OpenStack is complex and many of the community members are working hard to make the deployment and operation of OpenStack easier. Much of this time is focused on tools such as Ansible, Puppet, Kolla, Juju, Triple-O, Chef (to name a few). But what if we step down a level and also make the package experience easier?

          • Say Goodbye to LightDM, GNOME’s GDM Login Manager Now Default in Ubuntu 17.10

            Canonical’s transition to the GNOME desktop environment for the upcoming Ubuntu 17.10 (Artful Aardvark) operating system, due for release later this year on October 19, 2017, continues with yet another major change.

            The company behind the popular Linux-based operating system for desktops, servers, cloud, and IoT (Internet of Things) revealed last month its plans to replace the eye-candy LightDM login manager, which it used until now on numerous Ubuntu releases by default, with GNOME’s GDM (GNOME Display Manager).

          • Ubuntu 17.10 to Have Hardware-Accelerated Video Playback on AMD, Nvidia GPUs Too

            Canonical is working to improve the user experience of its popular Ubuntu Linux operating system, and it looks like they are making quite some progress on the hardware-accelerated video playback for Intel GPUs on Ubuntu 17.10.

          • Some Extra Game Tests Showing AMDGPU+RadeonSI Improvements Since Ubuntu 17.04

            In yesterday’s Windows 10 Radeon Software vs. Ubuntu 17.04 + Linux 4.12 + Mesa 17.2-dev comparison I tested both Ubuntu 17.04 out-of-the-box and then upgraded it to the Linux 4.12 kernel and Mesa 17.2-dev. Here are some complementary tests I did with a larger set of Linux games.

            These results show the stock Linux 4.10 + Mesa 17.0.3 performance of Ubuntu 17.04 compared to the same system upgraded to Linux 4.12 + Mesa 17.2-dev for showing the bleeding-edge Linux gaming experience.

          • Ubuntu 17.10 Still Working Towards Video Acceleration, Unity 7 Woes

            Will Cooke of Canonical has shared another weekly status update for the work going into the GNOME desktop for Ubuntu 17.10 and their other efforts this cycle.

  • Devices/Embedded

Free Software/Open Source

  • Guest Post: Cornelius Kölbel on end to end encryption

    Your Data is at risk. And thus, is your personal life and your company’s values. By using your own cloud storage like ownCloud you can avoid hackers, trade espionage, and rogue governments getting your data. Your data is under your control.

    But depending on where your storage is located some risks still remain. The connection to your ownCloud installation in the hosted datacenter is TLS protected. All data are encrypted on their transport to the datacenter. But within the datacenter your data is plain text.

    You are using ownClouds integrated encryption? You even have the full disk encrypted using LUKS or similar methods? This is fine but only protects you from certain attacks like stealing the sole hard disk. But if the attacker gains access to the very location where the actual encryption takes place, the encryption is useless, since this location also contains the encryption key! Thus, if the attacker has access to the datacenter or – more likely – is a rogue or bribed employee of the datacenter the attacker can get physical access to your encryption key and finally to your data.

  • George Hotz wants to help everyone hack their cars

    A user pairs the Panda hardware with Chfr, a dashcam app previously developed by Comma.ai that lets car owners record and review their drives. If the Panda is paired with Chffr, users can record all the sensor data from their cars. If the car has sensors — Hotz recommends any 2005 or newer luxury car and other vehicles produced beginning in 2010 — then users will be able to see all kinds of data. Users can get simple information like the speed and more complex data like the RPM of the engine, how much gas is in the tank, what the suspension is doing, whether the anti-lock brakes are on, and even how hard the driver hit the brakes.

  • Events

    • Jono Bacon: Open Community Conference: Updates, CFP, Webinar, and Prizes

      A little while back I announced that I am starting a new conference called the Open Community Conference in conjunction with my friends at the Linux Foundation.

    • Speaking at Open Source Bridge’17

      Recently, I got a chance to speak at Open Source Bridge conference which was held in Portland, Oregon!

      I spoke about Outreachy and my open source work. OSB conference was much more than just a ‘conference’. More than content in the talks, it had meaning. I am referring to the amazing keynote session by Nicole Sanchez on Tech Reform. She explained wonderfully the need of the hour, i.e Diversity inclusion is not just ‘inclusion’. Focus should be on what comes after the inclusion, Growth.

    • Library announces free programs

      Photo Editing 101.” Today we learn about the basics of editing digital photos, using the GNU Image Manipulation Program (a free, open-source program much like Photoshop). Students will learn how to open image files, crop and color correct photos and save them as specific formats.

    • NEW IN WEST SEATTLE: WS Linux User Group
  • Databases

    • MySQL infrastructure testing automation at GitHub

      Our MySQL infrastructure is a critical component to GitHub. MySQL serves GitHub.com, GitHub’s API, authentication and more. Every git request touches MySQL in some way. We are tasked with keeping the data available, and maintaining its integrity. Even while our MySQL clusters serve traffic, we need to be able to perform tasks such as heavy duty cleanups, ad-hoc updates, online schema migrations, cluster topology refactoring, pooling and load balancing and more. We have the infrastructure to automate away such operations; in this post we share a few examples of how we build trust in our infrastructure through continuous testing. It is essentially how we sleep well at night.

  • Funding

    • A Call to Arms: Supporting Matrix!

      TL;DR: if you like Matrix (and especially if you’re building stuff on it), please support us via Patreon or Liberapay to keep the core team able to work on it full-time, otherwise the project is going to be seriously impacted. And if you’re a company who is invested in Matrix (e.g. itching for Dendrite), please get in touch ASAP if you’d like to sponsor core development work from the team. And if you’re a philanthropic billionaire who believes in our ideals of decentralisation, encryption, and open communication as a basic human right – we’d love to hear from you too O:-)

  • BSD

    • FreeBSD 11.1 RC2 Released

      FreeBSD developers have announced the second release candidate of the upcoming FreeBSD 11.1.

      FreeBSD 11.1 changes since the previous release candidate include VM subsystem fixes, a gpart issue with systems using an SD card as the primary driver, some network fixes, the ena driver has been added, and various other fixes/alterations.

    • [REVISED] FreeBSD 11.1-RC2 Now Available
  • FSF/FSFE/GNU/SFLC

    • Touch Typing

      My favorite tool is GNU Typist. It’s a small command line tool which can help anyone learn touch typing in a few days. Remember that the package name is gtypist.

  • Openness/Sharing/Collaboration

    • Open Hardware/Modding

      • Best Product Entry: Open Source Internet of Dosimeter

        Has entered a cool project into the Best Product portion of this year’s Hackaday Prize. It’s called an Open Source IoT Dosimeter. It has a Geiger tube for detecting radiation levels along with Internet connectivity and a host of other goodies.

  • Programming/Development

    • An introduction to asynchronous Python

      In his PyCon 2017 talk, Miguel Grinberg wanted to introduce asynchronous programming with Python to complete beginners. There is a lot of talk about asynchronous Python, especially with the advent of the asyncio module, but there are multiple ways to create asynchronous Python programs, many of which have been available for quite some time. In the talk, Grinberg took something of a step back from the intricacies of those solutions to look at what asynchronous processing means at a higher level.

      He started by noting that while he does a lot of work on the Flask Python-based web microframework, this talk would not be about Flask. He did write the Flask Mega-Tutorial (and a book on Flask), but he would be trying to mention it less than ten times during the talk—a feat that he managed admirably. He has also developed a Python server for Socket.IO that started out as something for “that framework”, but has since “taken on a life of its own”.

    • Npm Password Resets Show Developers Need Better Security Practices

      Thousands of developers who publish JavaScript packages in the npm repository have had their passwords reset since May because their login credentials were too weak or had been publicly exposed. The affected accounts were in control of tens of thousands of Node.js modules that, in turn, were direct or indirect dependencies for half of the entire npm ecosystem.

    • A Continuous Testing Crash Course for Software Testers

      Now, software testers are facing increasingly complex applications, delivered at dramatically accelerated paces—and they’re expected to deliver trustworthy go/no-go decisions at the new speed of modern business. More of the same won’t get us there. We need to transform the testing process as deliberately and markedly as we’ve transformed the development process.

Leftovers

  • Getting rid of carpool lanes could double travel times

    To determine the impact on the city’s drivers, Benjamin Olken, an economist at the Massachusetts Institute of Technology in Cambridge, and colleagues queried Google Maps for real-time driving-speed data before and after the new policy went into effect. Following the policy lift, travel delays, defined as the time it takes to travel 1 kilometer, increased by 46% in the morning and almost 90% in the evening, the team reports today in Science.

  • AMC To Charge Cable Customers $5 More To Avoid Advertisements

    We’ve discussed ad nauseum how, as the Internet video revolution accelerates, the cable and broadcast industry’s response has predominantly been to double down on bad ideas in the false belief that they can nurse a dying cash cow indefinitely. Netflix nibbling away at your subscriber totals? Continue to glibly impose bi-annual rate hikes. Amazon Prime Video eroding your customer base? How about we edit programs to be shorter so more ads can be shoveled into every viewing hour? By and large, the cable industry’s response to the cord cutting threat has been to do more of the things that forced annoyed consumers to leave.

  • How the Qatar Crisis Shook Up the World’s Supply of Helium

    Helium has two special abilities. It is extremely light, and it can get extremely cold without freezing.

    Largely for these reasons, the element is needed to use or make all sorts of things: semiconductors, rocket fuel, computer hard drives, the Large Hadron Collider, magnets in MRI machines, airships, scuba tanks, arc welding, anything that needs to be super cold, and of course, balloons.

  • Science

    • [Old] Locking Science Open with Decentralized Scientific Archives
    • Trump Administration Chooses New CDC Director

      Although she has led her state’s public health department, Fitzgerald does not have a background in scientific research, STAT reports, which is “a major function of the agency she has been nominated to lead.”

    • Sorry Veep, America already leads the world in space by a large margin

      If President Donald Trump has had one consistent message about space exploration both during his campaign and presidency, it’s that America is doing badly in space. About a year ago during a campaign stop in Daytona Beach, Florida, Trump said, “Look what’s happened with our whole history of space and leadership. Look what’s going on, folks. We’re like a third-world nation.”

      As Vice President Mike Pence has assumed duties over space policy, he has made a respectable effort to tour NASA and Air Force facilities around the country. But during these visits, he’s also reiterated this Debbie Downer message. When he delivered a speech Thursday at Kennedy Space Center, Pence said that under the Trump administration, America will lead in space “once again” no less than eight times.

      The subtext here is that America has fallen far behind in space—and that it needs strong leadership to get back on its feet. While there are definitely significant problems with US space policy—starting with the lack of a clear direction for human spaceflight and the funding to support those goals—no other nation can come close to the United States in space. Moreover, because of the long lead times baked into aerospace development, almost every “accomplishment” that demonstrates American leadership in space during the next 3.5 years will have started long before President Trump took office.

    • Scientists revisit a strange result from one of the Soviet Venus landers

      Venus’ atmosphere is rightfully famous for a combination of being stunningly hot and containing sulfuric acid. Those conditions, not surprisingly, have ensured that every bit of hardware we’ve sent through said atmosphere has had an extremely short lifespan.

      But at least one of those pieces of hardware—the Soviet Union’s VeGa-2 probe—sent back some data that’s hard to explain, a hint of an unstable atmosphere. Now, a pair of scientists is suggesting that the oddity can be explained by an equally odd feature of the atmosphere: it’s a supercritical fluid where different chemicals partially separate at different altitudes.

    • Creationist sues national parks, now gets to take rocks from Grand Canyon

      “Alternative facts” aren’t new. Young-Earth creationist groups like Answers in Genesis believe the Earth is no more than 6,000 years old despite actual mountains of evidence to the contrary, and they’ve been playing the “alternative facts” card for years. In lieu of conceding incontrovertible geological evidence, they sidestep it by saying, “Well, we just look at those facts differently.”

      Nowhere is this more apparent than the Grand Canyon, which young-Earth creationist groups have long been enamored with. A long geologic record (spanning almost 2 billion years, in total) is on display in the layers of the Grand Canyon thanks to the work of the Colorado River. But many creationists instead assert that the canyon’s rocks—in addition to the spectacular erosion that reveals them—are actually the product of the Biblical “great flood” several thousand years ago.

  • Security

    • Linux Malware on the Rise: A Look at Recent Threats [Ed: Stop citing WatchGuard. It's a Microsoft ally from Seattle that's trying to make Linux look bad.]
    • Hackers {sic} Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say

      Since May, hackers {sic} have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries.

      [...]

      The fake résumés were Microsoft Word documents that were laced with malicious code. Once the recipients clicked on those documents, attackers could steal their credentials and proceed to other machines on a network.

    • FBI-DHS “amber” alert warns energy industry of attacks on nuke plant operators

      The Department of Homeland Security and FBI have issued a joint report providing details of malware attacks targeting employees of companies that operate nuclear power plants in the US, including the Wolf Creek Nuclear Operating Corporation, The New York Times reports. The attacks have been taking place since May, as detailed in the report issued by federal officials last week and sent out to industry.

      The “amber” alert to industry—the second-highest level of severity for these types of reports from the FBI and DHS—noted that the attacks had been focused on employees’ personal computers but had not managed to jump to control systems. Administrative computers and reactor control systems in most cases are operated separately, and the control networks are generally “air-gapped”—kept disconnected from networks that attach to the Internet.

    • India ranks 23rd among 165 nations in cyber security index

      India is ranked a high 23rd out of 165 nations in a global index that measures the commitment of nations across the world to cyber security. The second Global Cyber security Index (GCI), released by the UN telecommunications agency International Telecommunication Union (ITU), said only about half of all countries have a cyber security strategy or are in the process of developing one and urged more countries to consider national policies to protect against cyber crime.

    • Researchers Crack 1024-bit RSA Encryption in GnuPG Crypto Library
    • Wildcard Certificates Coming January 2018

      Let’s Encrypt will begin issuing wildcard certificates in January of 2018. Wildcard certificates are a commonly requested feature and we understand that there are some use cases where they make HTTPS deployment easier. Our hope is that offering wildcards will help to accelerate the Web’s progress towards 100% HTTPS.

      Let’s Encrypt is currently securing 47 million domains via our fully automated DV certificate issuance and management API. This has contributed heavily to the Web going from 40% to 58% encrypted page loads since Let’s Encrypt’s service became available in December 2015. If you’re excited about wildcard availability and our mission to get to a 100% encrypted Web, we ask that you contribute to our summer fundraising campaign.

    • Ripples from Stack Clash

      In one sense, the Stack Clash vulnerability that was announced on June 19 has not had a huge impact: thus far, at least, there have been few (if any) stories of active exploits in the wild. At other levels, though, this would appear to be an important vulnerability, in that it has raised a number of questions about how the community handles security issues and what can be expected in the future. The indications, unfortunately, are not all positive.

    • CIA programs to steal your SSH credentials (BothanSpy and Gyrfalcon)
  • Defence/Aggression

    • A Sino-Indian armed conflict: Why China can bark but can’t bite

      Since there are signs of the US backing off from its position of the global leader, China is eyeing that role. But for that it needs to shed the image of a bellicose dictatorship and an unreliable trader. That’s why China is increasingly presenting itself as a responsible power to the world.

    • Indian Navy outgunned 1 to 4 as China steps up presence in Indian Ocean

      The Indian Navy has sighted over a dozen PLA-N warships, submarines and intelligence-gathering vessels in the Indian Ocean in the last few months.

    • Cholera Spreads as War and Poverty Batter Yemen

      The Yemeni farm laborer was picking crops in a hot field when the call came. His children, all seven of them, had fallen gravely ill.

      Some were vomiting, others had diarrhea, and all were listless, indicating that they had fallen victim to the latest disaster to afflict this impoverished corner of the Arabian Peninsula: one of the worst outbreaks of cholera infection in recent times.

      The laborer, Abdulla Siraa, set about frantically trying to raise money to treat the children — $240, or about six times what he typically earns in a month — and raced as fast as he could on the 30 miles home over roads virtually destroyed in Yemen’s civil war.

      “I spent the whole journey reciting Quranic verses and praying for the survival of my children,” he said.
      Continue reading the main story

      But when he arrived, he learned that his 4-year-old daughter, Ghadeer, had already died, after hours of calling out for him, though the rest of his children would survive.

      For much of the world, cholera, a bacterial infection spread by water contaminated with feces, has been relegated to the history books. In the 19th century, it claimed tens of millions of lives across the world, mainly through dehydration and electrolyte imbalance.

  • Environment/Energy/Wildlife/Nature

    • Construction costs are falling for renewable and natural gas plants

      Numbers from the Energy Information Administration (EIA) reflect the extent of renewable energy development in the US over the past several years. Construction costs per kilowatt for solar, wind, biomass, and hydroelectric projects have fallen, in some cases steeply, since 2013, and natural gas generators are also getting cheaper to build despite getting more expensive year-over-year from 2013 to 2014. Only petroleum liquid generators have shown an increase in cost per kilowatt between 2013 and 2015.

    • G20: One Against 19 On Climate Change; Affordable Antimicrobials, Vaccines Planned

      The G20 governments against some odds passed a joint communique today, but had to accept differences on climate and in one point also on free trade. The US delegation remained firm in their decision to withdraw from the Paris climate agreement and continue to support conventional energy resources, instead of renewable ones. German Chancellor Angela Merkel in her press conference explained that there was a clear division in the climate chapter of the G20 2017 Declaration.

  • Finance

    • Amazon threatened to kill its Whole Foods deal if the grocer started a bidding war

      Whole Foods came back with a counterproposal of $45 a share, which got Amazon to increase its offer to $42. But Amazon’s bankers from Goldman Sachs then “stressed several times” that the increase to $42 represented Amazon’s “best and final offer.”

      Amazon’s bankers “also made it clear again … that Amazon.com would disengage from its efforts to acquire the Company and pursue other alternatives and initiatives if the $42.00 per share price were not accepted,” the filing said, “and that Amazon.com expected that the Company would not approach other potential bidders while the Company was negotiating with Amazon.com.”

      Amazon also threatened it would walk away if the talks leaked to the press, which they did not.

      Translation: $42 or nada.

    • UK to lose global influence after Brexit – Lord Hague

      Brexit will damage Britain’s ability to influence world events, former foreign secretary Lord Hague has warned.
      He told a House of Lords committee it was “logical” that the UK would lose foreign policy influence in both Brussels and Washington.
      And British ministers would have to work harder if they wanted to lead action in global trouble spots.
      Lord Hague’s successor at the Foreign Office, Boris Johnson, says Brexit will free the UK to play a more global role.
      But Lord Hague, who supported remaining in the EU, said: “If you are less influential in crafting the overall approach of the EU you end up with less influence in the rest of the world.”

    • Week in Review: Brexit debate moves on, but May is stuck in the past

      One of the most beneficial aspects of the election is that a degree of realism has been injected into the Brexit debate. A no-deal outcome, which was for a while there starting to look like the most likely one, has now been all-but ruled out, even if Brexit ministers still pay lip service to it. It’s also understood pretty much across the board that any comprehensive free trade agreement with the EU will take a lot longer than the two years of Article 50 – especially once you lose the first three months to a pointless election and the final six to votes in Westminster and Brussels.

    • I put up tuition fees. It’s now clear they have to be scrapped

      Tuition fees of £9,250 and rising won’t survive. Nor do they deserve to. The only question is whether they are abolished entirely or whether cross-party support can be built to keep fees to between £1,000 and £3,000, as per their introduction 13 years ago.

      [...]

      Tony Blair followed, with his mantra “education, education, education”. But he really meant “schools, schools, schools”, which were the political priority of Middle England. When the vice-chancellors realised that they were not New Labour favourites, they agitated hard for fees higher than the modest £1,000 at which they were introduced in 1998. As Blair’s head of policy, I was on the receiving end, and persuaded him that he should forge a new settlement for university funding – copying the Australian scheme of part-payment by students on a sliding scale to reflect cost and benefit, with repayments made only after graduation through the tax system, with no interest. That way, concerns about access for poorer students could be met, while providing a vital new source of income for the universities.

      A new cap was set at £3,000, but the intention was that fees would vary between £1,000 and £3,000, depending on the cost and benefit of the individual course. I expected that this would enhance student choice while making students more demanding and universities more responsive. Virtually none of this happened. The vice-chancellors formed a cartel and charged £3,000 for almost every course. Students continued to choose universities and courses mostly based on where they could get in with their A-level grades. The quality of university teaching remained patchy, and often got worse as lecturers focused on their research ratings – upon which research funding was based – while neglecting their students who had no choice but to pay. Many students never see a professor from one month to the next, and are required to produce far less work than they did at school.

  • AstroTurf/Lobbying/Politics

    • Ivanka Trump briefly takes father’s seat at G20 summit

      Ivanka Trump briefly took her father’s seat at a G20 Summit session on Saturday, sitting next to world leaders including British Prime Minister Theresa May and Russian President Vladimir Putin.

    • Facebook’s success threatens each of us individually and the nation as a whole

      In most cases, advertisers use Facebook’s data and targeting resources for somewhat benign purposes — growing a customer base, selling a product, increasing awareness of a service. But the Trump presidential campaign clearly demonstrated how these tools can be used for social and political manipulation.

    • Does Jared Kushner Even Know Anything About the Countries He’s Supposed to Be Doing Diplomacy With?
    • Why journalism is shifting away from ‘objectivity’

      As press watchers and members of the media wrestle with the president’s rhetoric, some have begun to question a central tenet of modern journalism: striving to be objective and nonpartisan, conveying the news of the day with calm gravitas. But Mr. Trump is not the only disrupter in media; his presidency coincides with fast-paced changes in society and technology that are also reshaping journalism.

    • White House could use AT&T/Time Warner deal as “leverage” against CNN

      Separately, The Daily Caller wrote today that Trump doesn’t want the merger to be approved unless CNN President Jeff Zucker is fired. The conservative news website attributed the information to “a source familiar with President Trump’s thinking.”

      Zucker told the New York Times that the pending merger has not affected his journalistic or management decisions.

    • Are these the ones insulting you? Putin asks Trump pointing at journalists

      It appeared as if Putin was sympathetic and he was perceived to be defending Trump against attacks from the media.

    • Trump team insisted on smaller Putin meeting to avoid leaks: report

      President Trump’s team at the G-20 insisted on limiting the number of people present at his Friday meeting with Russian President Vladimir Putin to avoid leaks and multiple accounts of the event, according to the New York Times.

      The Russians reportedly wanted to bring several staff members to the meeting. But Trump aides insisted on keeping the meeting small to prevent any potential leaks from the highly anticipated meeting.

      The Hill has reached out to the White House for comment on the report.

    • Trump Handed Putin a Stunning Victory

      President Donald Trump needed to accomplish two things this week during his visits to Poland and the G-20 Summit in Hamburg. First, he needed to reassure America’s allies that he was committed to collective defense and the core set of values and principles that bind us together. Second, he needed to demonstrate that he understands that the greatest threat to that alliance, those values, and our security is the Kremlin.

    • Trump’s mistake in his meeting with Putin

      The first day of the G20 summit in Hamburg was notable for the attention given to Donald Trump’s first face-to-face meeting with Vladimir Putin and the ferocity of the day’s protests.

      It would be nice to think that the protesters were particularly irked by the sight of two autocratic, media-hating leaders with dodgy business connections getting together. Sadly, the Trump-Putin meeting is a sideshow as far as the anti-globalization movement is concerned. They object to the whole idea of the G20, seeing the summit as the epitome of a global system based on a rapacious economic model and run by unaccountable elites.

  • Censorship/Free Speech

    • Tom Steiger: A strange attitude concerning press censorship

      I’ve been storing a truckload of my deceased parents’ stuff. This summer, after several moves and even more years, I decided to go through it and make the hard decisions about getting rid of (at least) some of it.

      In one box was a clear plastic bag with newspapers in it. Tribune-Stars, haphazardly folded, but with a similarity; they were the D section of the Sunday Trib containing my essays. My mother was saving my essays. I’d discovered a treasure trove. Until 2007ish I didn’t save my Tribune-Star essays, so these have been termed “Mom’s archive” and I’ve been digitizing them and (re)publishing them on my personal blog.

      [...]

      Ninety-one percent of students agreed that “people should be able to express unpopular opinions.” And those who more frequently consume news and actively engage with news through social media demonstrate stronger support for First Amendment freedoms. Unfortunately, the report does not include data on how many students regularly consumed and engaged with news sources. Based on my experience with my students, I would guess the proportion to be small. Of those who said they engaged “often” the smartphone was their overwhelming source for their news.

    • China’s Newest Censorship Methods on Display

      July, more than most other months, is loaded with politically sensitive anniversaries that keep Communist Party of China (CPC) censors and security forces on their toes.

      First comes the July 1 anniversary of Hong Kong’s transfer from British to Chinese rule. Then there is July 5, marking the 2009 ethnic violence in the Xinjiang region that sparked an unprecedented crackdown on its mostly Muslim Uyghur population. The very next day, July 6, is the Dalai Lama’s birthday, and July 9 is the second anniversary of a sweeping repressive action against China’s human rights lawyers. Finally there is July 20, the date in 1999 when the CPC banned the popular spiritual practice Falun Gong and began a massive — and often violent — campaign to eradicate it.

      This year, the anniversaries overlap with other news stories that Beijing likely wants to quash, including an international uproar surrounding democracy activist Liu Xiaobo’s belated release on medical parole with terminal cancer, and a campaign by exiled tycoon Guo Wengui to publicize corruption allegations involving top Chinese leaders.

    • The Great Firewall Of China Grows Stronger As China Forces App Stores To Remove VPNs
    • Glenn Greenwald: CNN Engaged In ‘Corporate Bullying And Creepy Censorship’ On Pro-Trump Reddit Story

      CNN is still licking their wounds after a rather disastrous couple of weeks, where a shoddy Russia-Trump story led to three staffers resigning, a Project Veritas investigation exposed that the network’s producers peddled the Russia story for ratings, and what came off as a wholly inappropriate veiled threat against an anonymous Reddit user who created a Trump WWE video, which the president tweeted before the Fourth of July Holiday. The video shows Trump beating up WWE’s Vince McMahon, whose face has been superimposed with the CNN logo. The media went apoplectic as an attack against the press; it wasn’t. This spurred the network’s reporters to find the user and pretty much threaten to dox him if he continues to post things CNN doesn’t like. Yet, before we get to that, let’s revisit the Russia-Trump story that had to be retracted, along with The Intercept’s Glenn Greenwald torching the media for their repeated trip ups in covering this story.

    • How anti-choice zealots cry censorship whenever they are challenged

      If you’ve made a habit of either watching Fox News’ Tucker Carlson Tonight or following the anti-abortion groups that frequently appear on the program, then you’ve heard allegations that these organizations — and the anti-choice misinformation they spread — are being censored by any number of media platforms.

      Most recently, Lila Rose, founder of the anti-abortion group Live Action, appeared on the June 26 edition of Tucker Carlson Tonight and claimed that Twitter was censoring Live Action’s ads. Beyond alleging that Twitter was biased against the anti-abortion group, Rose also conveniently mentioned that Live Action had a $40,000 fundraising goal to meet within the week. Mere hours after Rose’s appearance, Live Action’s homepage carried a large ad decrying Twitter’s censorship and begging for donations to meet the fundraising deadline. By June 30, the organization had reached its fundraising goal and was asking supporters to continue donating in order to “guarantee” it could continue working “to expose the abortion industry.”

    • Bob Murray Demands John Oliver Be Silenced… While HBO Moves Case To Federal Court

      We’ve been covering just how silly coal boss Bob Murray’s SLAPP lawsuit against John Oliver is, and things keep getting sillier. Late last week, Murray’s lawyers dug themselves in even deeper, asking for a gag order on Oliver and HBO (first reported by Betsy Woodruff at the Daily Beast). Specifically, they filed for a temporary restraining order and preliminary injunction to gag Oliver. They even admit that it’s a “gag order” on Oliver and HBO. This kind of prior restraint is not supposed to be allowed under the First Amendment, but Murray’s lawyers already have shown some fairly wacky legal theories, so it doesn’t seem likely that “what the law says” is going to stop them from asking for ridiculous things.

      The document specifically requests that the defendants in the case be barred from re-broadcasting Oliver’s hilarious report (which already has 6.6 million views and counting) and also that he be stopped from “publicly discussing the substance of this litigation.” Of course, Oliver himself has already said on his show that, on the advice of HBO’s lawyers, he won’t be discussing the case until it’s over, so this request is even more bizarre. But it’s also silly legally. The First Amendment doesn’t allow for a gag order to prevent someone from discussing a case. That’s blatant prior restraint, and in the immortal words of Walter Sobchak, “the Supreme Court has roundly rejected prior restraint.”

      [...]

      Sure. The courts have noted that defamation isn’t protected by the First Amendment, but this gag order request is not asking for a blocking of just defamatory statements (hell, they barely identify any potentially defamatory statements amidst all the hand waving). They’re literally asking for a gag order on discussing the case itself. The case itself is not defamatory. You can’t silence a defendant from talking about the fact that you stupidly sued him. That’s not what the Supreme Court is saying. Indeed, the two citations that Murray’s lawyers point to from the Supreme Court notably do not support injunctions against speech. They merely note that defamation is not protected speech. But plenty of other cases explicitly make it clear that injunctions on speech should not be granted because of prior restraint. In Near v. Minnesota, the court said that a law granting injunctions on defamation was unconstitutional. In Bantam Books v. Sullivan the court famously said that “[a]ny system of prior restraints of expression comes to this Court bearing a heavy presumption against its constitutional validity.”

    • Lipstick Under My Burkha: Democratic country shouldn’t have censorship, says Alankrita Srivastava responding to Pahlaj Nihalani
  • Privacy/Surveillance

    • Judge Says Twitter Can Move Forward With First Amendment Lawsuit Over NSL Reporting Limitations

      Twitter’s First Amendment lawsuit against the government for limitations on National Security Letter reporting will be allowed to continue. This is good news for Twitter — and the general public — although it’s somewhat disheartening to see things have only moved this far in the three years since the lawsuit was filed.

      Reporting on NSLs is limited to “bands.” A social media service receiving three NSLs has to report it as “0-499.” The same goes for a service that receives 300 NSLs over the same period. Twitter is fighting to have these “bands” removed, in order to more accurately report the number of NSLs it receives.

    • Gov’t Intercepted Millions Of Conversations In Single Drug Investigation, Netted Zero Convictions

      This detail, contained in the US Courts’ latest wiretap report, shows how much the government can get with a single wiretap order. Using assertions of “training and expertise,” US drug warriors intercepted millions of phone calls, ringing up a $335,000 third-party phone bill in the process.

      But hey, the Drug War can’t be won without casting a wide dragnet. Drug conspiracies are vast and far-reaching, often leading law enforcement to bigger fish further down the line. Or so the affidavit assertions say…

    • G20 Reaches Agreement Against Terrorism, Appears To Target Encryption

      At the G20 meeting in Hamburg today, the German hosts chose a retreat over the fight against terrorism as a warm-up, before turning to the controversial topics of free trade and climate change. Governments were very much in agreement when it comes to one thing: Internet platform providers must do more to fight radicalization and the use of the internet by terrorists.

    • Aadhaar has reduced India to a ‘concentration camp’: Petitioners

      A three-judge bench of the Supreme Court, headed by Justice J. Chelameshwar and also comprising Justices A. M. Khanwilkar and Navin Sinha asked the petitioners to mention it before the CJI court. The apex court on Friday allowed the petitioners challenging the making of Aadhaar as mandatory, to mention it before the Chief Justice of India (CJI) for the Constitution bench to hear the matter.

    • The Pentagon Says It Will Start Encrypting Soldiers’ Emails Next Year

      But now the Defense Information Systems Agency or DISA, the Pentagon’s branch that oversees email, says it will finally start using STARTTLS within the year, according to a letter from DISA.

    • Apparently my smartphone is telling everyone exactly where I am right now. Should I care?

      You don’t have to be on image-sharing app Snapchat to have heard about its controversial new “Snap Map”, which shows users their friends’ locations in near-real time, and disconcerting detail. Picture cheery cartoon avatars identified in not just suburbs, not even just streets, but at specific addresses.

    • There are already police visors with built-in face recognition and fugitive spotting

      Police already have access to visors with built-in face recognition and fugitive spotting. The technology was in prototype stage a few years ago, and was successfully tested when police officers walked into dark cinemas full of people and got so-called People of Interest highlighted directly onto their field of vision. The future is approaching fast, and it’s not all shiny happy rainbow unicorns.

  • Civil Rights/Policing

    • Why Protecting The Free Press Requires Protecting Trump’s Tweets

      Sunday morning I made the mistake of checking Twitter first thing upon waking up. As if just a quick check of Twitter would ever be possible during this administration… It definitely wasn’t this past weekend, because waiting for me in my Twitter stream was Trump’s tweet of the meme he found on Reddit showing him physically beating the crap out of a personified CNN.

      But that’s not what waylaid me. What gave me pause were all the people demanding it be reported to Twitter for violating its terms of service. The fact that so many people thought that was a good idea worries me, because the expectation that when bad speech happens someone will make it go away is not a healthy one. My concern inspired a tweet storm, which has now been turned into this post.

      I don’t write any of this to defend the tweet: it was odious, unpresidential, and betrays an animus towards the press that is terrifying to see in any government official – and especially the Chief Executive of the United States of America. But inappropriate, disgraceful, and disturbing though it is, it was still just speech, and calls to suppress speech are always alarming regardless of who is asking for it to be suppressed or why.

    • Appeals Court Tells Lower Court (For The Second Time) To Stop Coddling An Abusive Ex-Deputy

      Obviously, Smith liked throwing his weight around. And he had plenty of it, according to the decision’s footnotes: 6′ 3″ and 270 pounds — all of it apparently deployed to show these arrestees who was in “control” of the situation.

      Sentencing guidelines called for 33-41 months imprisonment. The court considered some mitigating effects (community work, difficult childhood) and those calling for the harsher end of the sentencing spectrum (assaulting juveniles at a detention facility, “unaddressed anger issues,” lying to investigators). For reasons not adequately explained, the district court sentenced Smith to less than half the minimum: 14 months.

      Both parties appealed. In retrospect, Smith may have been better off letting the sentence ride. The Appeals Court sent the case back with instructions to either explain its downward sentencing departure better or to apply a sentence within the guidelines. It pointed out the lower court said Smith was unlikely to reoffend but did not show its homework as to why it had chosen to depart so drastically from the guidelines.

      The lower court took another look at the case and… arrived at the same exact sentence. The court considered the time the officer had served as well as some steps he had taken to reintegrate himself into the real world again. It also pointed to the officer’s statement as a proper expression of remorse for his wrongdoing. The Appeals Court notes the second sentencing attempt is basically a word-for-word replay of the first. It also notes Smith’s “remorseful” statement mainly discussed how difficult things were for him rather than for his victims.

  • Internet Policy/Net Neutrality

    • AT&T Claims Forced Arbitration Isn’t Forced… Because You Can Choose Not To Have Broadband

      For years, AT&T worked tirelessly to erode its customers’ legal rights, using mouse print in its terms of service preventing consumers from participating in lawsuits against the company. Instead, customers were forced into binding arbitration, where arbitrators employed by the companies under fire unsurprisingly rule in their employer’s favor a huge percentage of the time. Initially, the lower courts derided this anti-consumer behavior for what it was, critics highlighting that however brutally-flawed the class action system can be, binding arbitration in many ways made things worse.

    • UK ISP, Three, doesn’t care about net neutrality and will let you pay for zero-rated, unlimited Netflix

      Three Mobile’s Go Binge plan offers unlimited Netflix, and violates net neutrality

    • Cable TV companies can charge higher prices thanks to new court ruling

      The cable TV industry has won a big victory against rate regulation via a court decision that will make it harder for cities and towns to impose price controls on pay-TV service.

      Today’s ruling from the US Court of Appeals for the District of Columbia Circuit upheld a June 2015 decision by the Federal Communications Commission that helped cable companies avoid local rate regulation. The FCC, under then-Chairman Tom Wheeler, ruled that cable TV providers face “effective competition” nationwide, mainly because of the widespread availability of satellite TV service from DirecTV and Dish.

  • DRM

    • Leaders needed for International Day Against DRM (July 9, 2017)

      In the last year, we’ve seen cracks appearing in the foundation of the DRM status quo.

      Of course, the companies that profit from Digital Restrictions Management (DRM) are still trying to expand the system of law and technology that weakens our security and curtails our rights, in an effort to prop up their exploitative business models.

    • Tim Berners-Lee approves Web DRM, but W3C member organizations have two weeks to appeal

      Yesterday Tim Berners-Lee, the chief arbiter of Web standards, approved the controversial proposed Digital Restrictions Management (DRM) standard for the Web, Encrypted Media Extensions (EME).

    • Tim Berners-Lee Sells Out His Creation: Officially Supports DRM In HTML

      For years now, we’ve discussed the various problems with the push (led by the MPAA, but with some help from Netflix) to officially add DRM to the HTML 5 standard. Now, some will quibble with even that description, as supporters of this proposal insist that it’s not actually adding DRM, but rather this “Encrypted Media Extensions” (EME) is merely just a system by which DRM might be implemented, but that’s a bunch of semantic hogwash. EME is bringing DRM directly into HTML and killing the dream of a truly open internet. Instead, we get a functionally broken internet. Despite widespread protests and concerns about this, W3C boss (and inventor of the Web), Tim Berners-Lee, has signed off on the proposal. Of course, given the years of criticism over this, that signoff has come with a long and detailed defense of the decision… along with a tiny opening to stop it.

      There are many issues underlying this decision, but there are two key ones that we want to discuss here: whether EME is necessary at all and whether or not the W3C should have included a special protection for security researchers.

    • The W3C has overruled members’ objections and will publish its DRM for videos

      The final vote was more controversial than any in W3C history. As the months ticked by afterward without a decision from W3C Director Tim Berners-Lee, one W3C member proposed an even more modest compromise: a promise by W3C members not to sue security researchers who revealed defects in DRM that exposed users to privacy breaches. This was immediately rejected by Netflix and the CEO of the W3C and all discussion on it halted.

    • Disposition of Comments for Encrypted Media Extensions and Director’s decision

      After consideration of the issues, the Director reached a decision that the EME specification should move to W3C Recommendation. [...]

    • A DRM standard has been approved for the web, and security researchers are worried

      Doctorow calls out a few specific points that have come up in the five-year-long debate over whether this standard should be approved. One is that there’s no protection for security researchers — in the US, breaking DRM, even for otherwise legal purposes, can be a crime, and the fact that EME doesn’t do anything about that keeps security researchers exposed to prosecution.

  • Intellectual Monopolies

    • Larry Page Ordered to Answer Questions in Uber Lawsuit

      Alphabet Inc. Chief Executive Officer Larry Page was ordered to submit to questioning by Uber Technologies Inc. in his company’s lawsuit over trade secrets for self-driving car technology.

    • Copyrights

      • There Is An Easy Answer To Whether Machines Should Get Copyright Rights And It Comes Down To Copyright’s Purpose

        As the march of progress of robotics and artificial intelligence continues on, it seems that questions of the effects of this progress will only increase in number and intensity. Some of these questions are very good. What effect will AI have on employment? What safeguards should be put in place to neuter AI and robotics and keep humankind the masters in this relationship? These are questions soon to break through the topsoil of science fiction and into the sunlight of reality and we should all be prepared with answers to them.

      • House Appropriation Committee Demolishes Hollywood’s Excuses For Moving Copyright Office Out Of Library Of Congress

        As we’ve discussed there’s this stupid big fight going on these days, in which some in Congress — mainly at the urging of the legacy entertainment industry — are looking to move the Copyright Office out of its historical home in the Library of Congress. The first proposal to sort of (but not completely) do that, involved just making the head of the Copyright Office a Presidential appointment position, rather than (as now) appointed by the Librarian of Congress. The main reason that various members of Congress put forth in support of this change was that this would magically give the Copyright Office the freedom to modernize. Of course, there are few facts to support this argument. We broke the story about serious incompetence at the Copyright Office in managing its own modernization efforts, and there was also plenty of evidence that the current Librarian of Congress was successfully moving forward with a thorough modernization plan.

      • Study: Dutch Piracy Rates In Free Fall Due Mostly To The Availability Of Legal Alternatives

        The claim that the best way to combat content piracy is to offer good legal alternatives and make them widely available isn’t exactly breaking new ground. Case studies made out of several nations’ piracy rates, such as in Australia and Norway, demonstrate the severe impact creating good digital marketplace alternatives to piracy can have. Techdirt’s think tank arm, the Copia Institute, produced the definitive report highlighting this in multiple countries nearly two years ago.

        And, yet, the copyright industries and their mouthpiece organizations typically choose to beat the punishment drum instead, going the route of litigation against pirates that ultimately ends up being a PR nightmare, or instead going the route of wholesale censorship on the internet that is equal parts ineffective and alarming to those of us that think such censorship ought to have a high bar to hurdle in order to be implemented. It’s with that in mind that any new example that simply offering legal alternatives is a better route is useful to highlight.

      • Court Orders Advertisers to Freeze Revenue of ‘Pirate’ Sites

        A federal court in Florida has granted a preliminary injunction against more than two dozen relatively small pirate sites. The order allows the media conglomerate ABS-CBN to seize the associated domain names. In addition, advertising networks including Google Adsense and MGID are instructed to freeze their funds.

      • Online Pirates Have No Constitutional Right to Internet Access, BMG Says

        Internet subscribers who are caught downloading pirated content have no constitutional right to Internet access, BMG says. The music rights group is countering a defense ISP Cox Communications submitted to the Supreme Court, arguing that the cited ruling doesn’t apply here.

      • Pirate Bay Re-enters List of 100 Most Popular Sites on the Internet

        The Pirate Bay has slowly but steadily returned to its former glory. After more than three years, the deviant torrent site has regained a spot among the 100 most-visited sites on the Internet. While many of the site’s users may cheer at the news, there’s also a dark side to the recent resurgence.

        [...]

        Many other indexers rely on TPB for their content, which is something not everyone realizes.

      • Pirate Site Admin Must Pay 13 Million Euros – If Anyone Can Find Him

        Following seven years of legal problems and several court cases, the operator of a defunct warez site has been ordered to pay 13 million euros to movie studios and companies including Microsoft. He also faces a year in jail but with his whereabouts unknown, it seems unlikely that Disney and friends will get a Hollywood ending.

07.07.17

Links 7/7/2017: 2017 Linux Laptop Survey Results, Fedora 27 Previews

Posted in News Roundup at 5:42 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • ‘Open Source Development at Google Is Both Very Diverse and Distributed’

    Open source development at Google is both very diverse and distributed. The larger projects that we release generally have dedicated teams developing and supporting the project, working with their external developer communities and providing internal support to other Googlers. Many of the smaller projects include just one or two engineers working on something experimental or just a fun, side project. While we do have a central Open Source Programs Office (the group I manage), it is relatively small compared to the size of the company. Instead, the actual development happens throughout the company, with hundreds of teams and thousands of engineers, tech writers, designers and product managers contributing to open source in some way.

  • Comma.ai launches an $88 universal car interface called Panda

    …Hotz said he decided to open-source the plans, enabling anyone who wanted to build it for free.

  • From kaftans to Kubernetes – how open source took over the world

    Going way back, pretty much all software was effectively open source. That’s because it was the preserve of a small number of scientists and engineers who shared and adapted each other’s code (or punch cards) to suit their particular area of research. Later, when computing left the lab for the business, commercial powerhouses such as IBM, DEC and Hewlett-Packard sought to lock in their IP by make software proprietary and charging a hefty license fee for its use.

  • Events

    • Snappy Sprint – London June 2017

      I recently attended a Snappy Sprint in London, UK. As well as the Canonical people attending (including me) with experience in the whole Snappy stack (Snapcraft, the Snap store, snapd, snapd-glib) we had great representation from the Elementary, Fedora, GNOME, MATE and KDE communities. My goal was to help improve the Snap experience for desktop apps both on Ubuntu and other distributions.

    • Celebrate Kubernetes and CoreOS this July, and join us at GopherCon and other events

      This July, celebrate the CoreOS and Kubernetes birthdays with us and more. We hope to see you at GopherCon, and at the Los Angeles Kubernetes meetup.

    • Antonio Larrosa — Dragons, Doom and Digital Music

      Antonio Larrosa is the current president of KDE España and he and I have been friends for quite some time now. It may seem logical, since we both live in Málaga, are passionate about Free Software in general, and KDE in particular. But in most other respects we are total opposites: Antonio is quiet, tactful, unassuming and precise. Enough said.

      But that is what is great about Antonio; that and the fact he is very patient when troubleshooting. I know this because he has often helped me out when I have unwittingly wrecked my system by being an idiot and installing what I shouldn’t. When he quietly muses “¡Qué cosas!” (which roughly translates to “That’s interesting”) you know you’ve messed up good.

    • openSUSE.Asia Summit 2017 Tokyo: Call for proposals is open

      openSUSE.Asia Committee calls for proposals of talks for openSUSE.Asia Summit 2017 held at the University of Electro-Communications on October 21 and 22.

      Please refer to the following announcement for the detail of openSUSE.Asia Summit:

      https://news.opensuse.org/2017/06/30/opensuse-asia-summit-2017-tokyo-japan/

      The speakers are eligible to receive sponsorship from openSUSE Travel Support Program (TSP). Even if you live away from Tokyo, please consider applying for the event.

    • DEF CON Badgelife: The Puffy That Runs Linux

      DEF CON is canceled again this year, and this time that statement is at least partially true. There will be no special official badges this year. There is no challenge or mystery embedded in the official DC badge. This is the year that unofficial badges from villages and random attendees finally supersedes the official offering. This is badgelife, and for the next few weeks, we’re going to be taking a look at some of the unofficial badges of DEF CON.

      The idea for [dorkengine]’s Puffy badge began last year with the so-called Bender badges from AND!XOR. Chalk this up to a story that ends with, ‘but you had to have been there’, but the Bender badges were wildly popular, sold like hotcakes, and were an astonishing success of independent badge craft at DC. [dorkengine] decided to get in on the action and build his own badge for DC 25.

  • Web Browsers

    • Mozilla

      • Mozilla launches Project Things IoT framework on Raspberry Pi

        Mozilla unveiled “Project Things,” which builds upon standard web technologies and the Web of Things project, and released code that runs on a Raspberry Pi.

        In March of last year, a few months after Mozilla announced it was shutting down its Firefox OS project for Linux-based mobile phones, it unveiled four Firefox OS based “Connected Devices” projects for the Internet of Things. The Connected Devices project has since shut down, but a website is still available for others to advance the code. Instead, Mozilla turned its IoT team toward an existing Web of Things (WoT) project aimed at developing a decentralized, open source IoT framework built as much as possible using existing World Wide Web technologies.

  • Pseudo-Open Source (Openwashing)

    • Microsoft open sources Visual Studio Code Extension for Arduino [Ed: Microsoft openwashing of proprietary software for another project that's proprietary software and pretends to be "open"]
    • Microsoft makes Visual Studio Code Extension for Arduino open source [Ed: This is pure openwashing. Visual Studio is proprietary and add spying to compiled code. Avoid.]
    • Beware of Pseudo Open Source Hardware EKG/EMG fakes of our shields by Duinopeak company [Ed: even Arduino itself is subjected to openwashing tactics.]

      We got support question for Arduino EKG/EMG shields which do not work correctly.

    • Neuroon Open Is An Open Source Sleep And Meditation Wearable [Ed: Neuroon is openwashing by 'creative' use of the term "Open Source"]

      Neuroon Open is an open source sleep and meditation wearable aimed at enhancing your sleep and providing you with a tool that can help you monitor your sleep patterns. Essentially it’s a sleep tracker, of course, improved sleep is just the main goal of the device. It also works as a smart meditation device that guides you through meditation sessions with audio-assisted feedback. It also has a Lucid Dream function, and it even interacts with smart home devices like lights and thermostats, such as the Nest Smart Thermostat. While sleep tracking and smart home device support aren’t exactly new features for a wearable, those things together with the added Lucid Dream and meditation features makes the Neuroon Open a more unique device than it may seem on the surface.

  • Funding

  • FSF/FSFE/GNU/SFLC

    • Permissive and Copyleft Are Not Antonyms

      Using the term “permissive” as an antonym to “copyleft” – or “restrictive” as its synonym – are unhelpful framing. Describe license reciprocity instead.

      Some open source licenses implement a clever hack invented by Richard Stallman where, as a condition of the copyright license, anyone creating derived versions has to agree they will license the new version the same way as the original. In a play on words, this concept is called “copyleft” and many open source licenses implement this hack.

      In its strongest form, the “copyleft” idea can place a condition on the licensing of all the other code compiled together to make the eventual binary executable program. Complying with this requirement can prevent use of business models that deny software freedom to the end user; as a consequence, many commercial software developers avoid the strongest forms of copyleft licensing.

      There are less stringent forms of copyleft. Licenses like the MPL (Mozilla Public License) only require individual files that are modified to be licensed under the same license as the original and don’t extend that requirement to other files used to build the executable. The Eclipse Public License (EPL) has a copyleft provision that’s triggered by distribution of the source code. These scope-restricted variants are all described as “weak copyleft.”

      In discussing these licensing approaches with clients, I’ve often found that these terms “strong copyleft” and “weak copyleft” lead to misunderstandings. In particular, developers can incorrectly apply the compliance steps applicable to one “weak” license to code under another license, believing that all such licenses are the same. As a consequence, I prefer to use different terms.

    • Should the Fair License Replace the GPL?

      Read the full license, and if you find yourself thinking, “That sounds impossible to enforce,” you aren’t alone. To me, the Fair Source License looks like another one of the many attempts I’ve seen to come up with something that looks like a free or open source license, but really isn’t.

    • Roland McGrath bows out as glibc maintainer

      Hello, friends!

      You might have noticed that I haven’t been present on the list or
      perhaps answered your direct email in several months. I’m sorry I’ve
      been away so long without a word, but I’m not coming back any time soon.
      There’s no big news with me. I’ve just found that I’ve drifted away and
      today I’m acknowledging what’s already happened.

      This summer marks 30 years since I began writing the GNU C Library.
      (That’s two thirds of my lifespan so far.) It’s long enough.

    • Glibc Enables A Per-Thread Cache For Malloc – Big Performance Win

      Glibc has added a per-thread cache to malloc and enabled it by default.

    • GCC Picks Up Support For ARMv8-R

      The GNU Compiler Collection (GCC) now has support for the ARMv8-R architecture.

  • Openness/Sharing/Collaboration

    • Grow Produce at Home With This Open-Source Fish Tank

      The fish in the tank and the plants in the garden above them rely on one another to flourish. The fish produce waste, microorganisms in the water convert the waste to fertilizer, and the plants drink up the fertilizer, cleaning the tank in the process. “Think about it—fish and plants can harmoniously coexist in the same ecosystem,” the Aquapioneers website reads. “So why not put those fish to good use?”

  • Programming/Development

Leftovers

  • Why I Hate Slack and You Should Too
  • Ending carpool-only roads made all trips worse

    If you’ve ever been skeptical about whether carpool policies actually work, Indonesia would like to have a word with you. Jakarta, one of the biggest metropolitan areas on Earth, had a carpool policy that seemed to be particularly susceptible to abuse. Abruptly, in March 2016, the Jakarta government announced that the policy would end in a week.

    This gave a group of economists at Harvard and MIT just enough time to collect traffic data before the policy ended and compare it to the aftermath. What they found wasn’t pretty: that unpopular carpool policy was making a big difference to traffic, which got even nastier after the policy ended.

  • Science

  • Health/Nutrition

    • Health: Report Calls For Increased Efforts On TB; WHO Warns About Antibiotic-Resistant Sexually Transmitted Disease

      Tuberculosis is still a deadly killer, and a new report by two humanitarian organisations raises alarm on poor progress on the disease diagnosis and treatment. The report calls for governments to increase efforts to fight the disease, and for the G20 countries to mobilise funds to help, in particular to boost research and development for new treatments. Separately, the World Health Organization issued a call for new treatments to fight antibiotic resistant gonorrhoea.

  • Security

  • Defence/Aggression

  • Environment/Energy/Wildlife/Nature

    • How polluters are writing the rules at the EPA

      The truth is that when lawsuits settle, they merely require agencies to meet existing legal requirements to protect things like the air we breathe, the water we drink and the wildlife we value. And that means industries can’t pollute as they see fit — which often leaves polluters, and polluter cheerleaders like Pruitt, crying foul.

    • Climate change not an objective for UK at G20 as Theresa May meets Donald Trump

      The Prime Minister has been accused of a “dereliction of duty” after revealing that climate change has been excluded from her top priorities at this weekend’s G20 summit.

    • France wants to ban sale of gas and diesel cars by 2040, end coal by 2022

      In an address on Thursday, France’s environment minister, Nicolas Hulot, said that the country would aim to phase out electricity from coal-fired plants by 2022 and end the sale of gas and diesel internal combustion cars by 2040.

    • France to ban sales of petrol and diesel cars by 2040

      Nicolas Hulot, the country’s new ecology minister, said: “We are announcing an end to the sale of petrol and diesel cars by 2040.” Hulot added that the move was a “veritable revolution”.

    • France considering a ban on all fossil fuel vehicles by 2040

      France is considering banning the sale of all petrol and diesel vehicles by 2040, the country’s environmental minister said Thursday, according to multiple reports. It’s unclear, however, whether this proposal is an official position of French President Emmanuel Macron’s new government, and if so, how it will be implemented. But it’s a sign of France’s desire to be a leader in sustainable energy after the departure of the US from the Paris climate accord.

  • Finance

    • Jawbone is going out of business

      The news comes after more than a year of financial turmoil at the company, which led to deteriorating customer service, dwindling inventory, and key executive departures — all as the company entered into a legal battle with rival Fitbit.

    • Jawbone to Be Liquidated as Rahman Moves to Health Startup

      Jawbone, the consumer electronics firm once valued at $3 billion, is going out of business. The company has begun liquidation proceedings, after years of financial pressures, according to a person close to Jawbone.

  • AstroTurf/Lobbying/Politics

    • What Happens If The Election Was A Fraud? The Constitution Doesn’t Say.
    • Walter Shaub, Director of Office of Government Ethics, Just Resigned

      The implications of his resignation show how hard it is to stop potential ethics violations made by Trump and his administration. “This resignation is yet another indication of how badly Mr. Trump has been violating the Constitution and failing in his oath to uphold it,” explains Corey Brettschneider, a professor of political science at Brown University. “[Shaub] cannot do his job with a president in office who blatantly violates the Emoluments Clause and its requirement that a president not personally benefit from his office. By refusing to put his assets in a blind trust, Trump is trampling on our founding document. He is ignoring its requirement that a president not use the nation’s highest office for profit.”

    • G20: Security, Trade, Climate, Trump Diplomacy Overshadow Health, IT, Innovation

      The controversies over trade and climate, as well as the topics of the anti-terror fight and security policy in foreign policy, are expected to consume most of the attention of the G20 heads of states during their two-day meeting. Much nervousness also has built up over meetings between Donald Trump and Russian President Vladimir Putin.

    • Climate change not an objective for UK at G20 as Theresa May meets Donald Trump

      The Prime Minister has been accused of a “dereliction of duty” after revealing that climate change has been excluded from her top priorities at this weekend’s G20 summit.

      Theresa May left it off her list of key objectives despite the issue likely becoming the central task of the meeting of world leaders, following Donald Trump’s decision to quit the Paris Agreement on climate change.

      The summit in Hamburg will see the Prime Minister meet Mr Trump one-on-one for the first time since he caused outrage by announcing the US would not implement the agreement as it stands.

  • Censorship/Free Speech

  • Privacy/Surveillance

    • Judge denies DOJ effort to halt Twitter lawsuit over national security orders

      A federal judge in California has decided to allow Twitter’s lawsuit against the attorney general’s office to go forward. She rejected arguments that the social media giant should not be allowed to be precise in its transparency reports when describing how it responds to the government’s requests for user data.

      Twitter has argued that, just as it has been precise in other areas of its transparency report, so too should it be allowed to say precisely how many national security orders it has received from American authorities. For now, under federal law, it is only allowed to describe those numbers in vague ranges, such as “0 to 499,” and “500 to 999,” and so forth. Lawyers for Twitter say that this law constitutes a violation of the company’s First Amendment rights and is “prior restraint,” a concept of blocking legitimate speech before it is uttered.

    • China’s Surveillance Plans Include 600 Million CCTV Cameras Nationwide, And Pervasive Facial Recognition

      Two of the recurrent themes here on Techdirt recently are China’s ever-widening surveillance of its citizens, and the rise of increasingly powerful facial recognition systems. Those two areas are brought together in a fascinating article in the Wall Street Journal that explores China’s plans to roll out facial recognition systems on a massive scale. That’s made a lot easier by the pre-existing centralized image database of citizens, all of whom must have a government-issued photo ID by the age of 16, together with billions more photos found on social networks, to which the Chinese government presumably has ready access.

    • Privacy International files lawsuit over secretive Five Eyes intelligence group

      Privacy International has filed a federal lawsuit in which it asks that the Five Eyes alliance coughs up records relating to the 1946 post-war agreement that set it up.

    • Encrypt all the webpages: Let’s Encrypt to offer wildcard certificates for free

      Let’s Encrypt, the free and open certificate authority (CA) launched as a public service by the Internet Security Research Group (ISRG), says it will begin providing free “wildcard” certificates for Internet domains in January 2018. Wildcard certificates allow anyone operating a domain to link a single certificate to multiple subdomains and host names within a domain. That means a single free certificate could be used to provide HTTP Secure (HTTPS) encryption of pages on multiple servers or subdomains hosted on a single server, significantly lowering the barrier for adoption of HTTPS on personal and small business websites.

    • How—and why—you should use a VPN any time you hop on the internet

      One of the most important skills any computer user should have is the ability to use a virtual private network (VPN) to protect their privacy. A VPN is typically a paid service that keeps your web browsing secure and private over public Wi-Fi hotspots. VPNs can also get past regional restrictions for video- and music-streaming sites and help you evade government censorship restrictions—though that last one is especially tricky.

    • Privacy and population-wide whole-genome sequencing in the age of Google

      This is not to argue against population-wide whole-genome sequencing, or to suggest that health institutions should never work with companies like Google. But the fact that this week alone saw the announcement of the UK’s major genomics project, the news that DeepMind is already talking about getting involved in the analysis of data that will be generated, and the discovery that the sensitive medical details of any Australian citizen can be be bought online, underlines the extremely rapid pace of developments in this sector. It also makes clear the pressing need for an informed public debate about mass genome sequencing and privacy in the age of Google.

  • Civil Rights/Policing

  • Internet Policy/Net Neutrality

    • Disney Feels The Heat As Children Lead The Cord Cutting Revolution

      For a while now we’ve noted that it’s actually the youngest among us that are leading the cord cutting revolution. Viacom has watched channels like Nickelodeon experience a ratings free fall for several years now as streaming alternatives have emerged as a useful alternative to strictly-scheduled, commercial-bloated Saturday morning cartoons. Toddlers don’t really care if they’re watching the latest and greatest “True Detective” episode or not, and parents, like everybody else, are tired of paying for bloated cable bundles filled with channels they never watch.

    • Net Neutrality Day of Action July 12 May Be the Largest Online Protest in Years

      Thousands of websites plan massive online protest for July 12th. Other participants include Amazon, Reddit, Netflix, OK Cupid, Mozilla, Etsy, Kickstarter, Vimeo, and PornHub

    • YouTube stars defend net neutrality in open letter to the FCC

      The letter has been signed by major names in the YouTube community, such as the Fine Brothers. In total, the guild says, the letter represents video creators with an audience of more than 150 million people.

    • Australian internet slow and plagued by disconnections, survey finds

      Consumer watchdog finds 60% of consumers have had issues with service in past six months and more than 75% of NBN customers have had problems

    • CSS: The Definitive Guide, 4th Edition

      On Monday, July 3rd, as I sat in the living room of a house just a bit north of New York City, I pushed the last writing and editing changes to CSS: The Definitive Guide, Fourth Edition and notified the production department at O’Reilly that it was ready.

      All twenty chapters, three appendices, and associated front matter are now in their hands.

  • Intellectual Monopolies

    • State Department concocting “fake” intellectual property {sic} “Twitter feud”

      The US State Department wants to team up with other government agencies and Hollywood in a bid to create a “fake Twitter feud” about the importance of intellectual property rights. As part of this charade, the State Department’s Bureau of Economic Affairs says it has been seeking the participation of the US Office of Intellectual Property Enforcement, the Motion Picture Association of America, the Recording Industry Association of America, the US Patent and Trademark Office, and “others.”

    • Trademarks

      • Two Wangs Of Ireland Battle Over Trademarks Nobody Will Confuse

        It’s frankly sort of ridiculous, but the state of trademark protectionism that exists today has rendered the trademarking of a person’s own last name somewhat unwise. Given the low bar that has unfortunately been set in terms of judging real or potential customer confusion in the marketplace, simply using one’s own name for a commercial brand rife with danger where trademarks are concerned. Something of an example of this is currently taking place between a small New York clothing designer named Thaddeus O’Neil and famed surf wear manufacturer O’Neill. The latter has been blocking a trademark application by O’Neil for over a year now.

    • Copyrights

      • EU Parliament Adopts Marrakesh Treaty; Blind Union Prepared To Fight Publisher ‘Compensation’

        The European Parliament today with over 600 votes adopted the legal instruments to ratify the Marrakesh Treaty on access to reading material for the visually impaired. The treaty, adopted by the members of the World Intellectual Property Organization in 2013 and effective since last year, has been subject of controversies due to lobbying from publishers in the European Union, members of Parliament said today in Strasbourg before the vote. EU member states after today’s vote have one year to implement.

      • Google Removed 2.5 Billion ‘Pirate’ Search Results

        Google has just reached a new landmark after removing 2.5 billion ‘pirate’ URLs from its search results. The staggering number is the result of increased efforts from copyright holders to remove links to copyright infringing material from the web. Despite this massive takedown effort by Google, not all rightsholders are pleased.

07.06.17

Links 6/7/2017: Thousands of Microsoft Layoffs, GNU/Linux Preinstalled, Hotspot 1.0 Released

Posted in News Roundup at 2:06 pm by Dr. Roy Schestowitz

GNOME bluefish

Contents

GNU/Linux

Free Software/Open Source

  • Tesla is updating its maps and navigation with open source mapping platforms

    Maps are becoming increasingly important in vehicles and not just for navigation. Self-driving technology is reliant on maps and positioning, which is why Tesla is leading several different efforts to improve maps as part of this transition to autonomous driving and now it is adding new ones.

  • Baidu offers open-source car software as lure for data
  • Baidu Forms Major Alliance to Accelerate the Adoption of Autonomous Driving
  • Baidu unveils vehicle manufacturing partners, declares Apollo the ‘Android of the autonomous driving industry’
  • A History of Open Source GIS, from Humble Beginnings to World-Changing Applications

    The advent of digital mapping and geospatial information systems (GIS) has completely changed the way humans think about and interact with the world around them. The concept of overlapping discrete layers of location information for decision-making was first introduced by Ian McHarg, a landscape architect, in the 1960s. Around the same time, Roger Tomlinson — known universally as the “Father of GIS” — completed his doctoral thesis focused on the use of computing methods for the overlay of geospatial information. Roger then worked to create the first computerized GIS, the Canada Geographic Information System, which was used primarily for surveying.

  • Kubernetes’s days may be numbered as open source changes

    If the open source model is broken, as Apcera founder Derek Collison believes, then container orchestration wunderkind Kubernetes may be its first major casualty. Yes, that Kubernetes, the Google-spawned container king that 71 percent of enterprises surveyed by 451 Research say they’re using for container management.

    It seem far-fetched that Kubernetes could be heading for a fall, even as it continues to rise. But the problem, Collison argues, is one of investment: The old open source model was all about commoditizing a richly funded market filled with proprietary software. Open source came along, democratized the market, and shifted investment dollars elsewhere.

  • Why Is Open Source Software Important For Business?

    Whether or not you rely on open source software in your daily business activities at the moment, it’s crucial you’re aware of it and understand how it can help your business grow.

    Open source software is, to put it simply, software made by the public and available for free.

    There are so many projects out there being developed right now by volunteers all over the world and it’s changing the fundamental way businesses operate. Read on to find out more about what this means for your business.

  • Big Data Trends

    Open source applications like Apache Hadoop, Spark and others have come to dominate the big data space, and that trend looks likely to continue. One survey found that nearly 60 percent of enterprises expect to have Hadoop clusters running in production by the end of this year. And according to Forrester, Hadoop usage is increasing 32.9 percent per year.

    Experts say that in 2017, many enterprises will expand their use of Hadoop and NoSQL technologies, as well as looking for ways to speed up their big data processing. Many will be seeking technologies that allow them to access and respond to data in real time.

  • Baidu Just Released An Open Source Autonomous Driving Platform
  • What a lack of trust can do to a team

    Lincoln Loop is an open organization in many ways. We’re distributed across 7 time zones. We have no central headquarters. All members of our core team can see all our financials (literally every penny earned or spent) and choose their own salaries. We have an open vacation policy and let people set their own work schedules.

  • Web Browsers

  • Oracle/Java/LibreOffice

    • Oracle Posts SPARC M8 Patches For GCC

      It looks like the SPARC M8 processor will end up getting released as an Oracle engineer today posted patches implementing support for the M8 with GCC.

      The future of SPARC has been in question for a while now since layoffs at Oracle, the future of Solaris also looking rather bleak, and M8+ references no longer being on the company’s road-map. There has been mixed reports whether the SPARC M8 and M9 designs have been canned, but with Oracle now submitting GCC compiler patches for the M8, at least that still appears to be happening.

    • U wot M8? Oracle chip designers quietly work on new SPARC CPU

      Oracle engineers are seemingly working on a new SPARC processor: the M8.

      This is judging from a series of patches submitted by Oracle developer Jose Marchesi to the widely used free-as-in-freedom compiler toolkit GCC.

      The code “adds support for the SPARC M8 processor to GCC. The SPARC M8 processor implements the Oracle SPARC Architecture 2017,” according to Marchesi, who runs the GNU Linux toolchain team at Oracle. Spokespeople for the database giant declined to comment further.

      Essentially, the updates allow software built by GCC to make use of the M8′s new instructions and can be optimized for its architecture. The code has been tested on SPARC Linux and Solaris, we’re told. The patches follow updates submitted to the binutils project in May; binutils is another component available to programmers to build software.

  • CMS

    • July Open Source CMS Forecast: Drupal, Jahia, Liferay & More

      The arrival of July marks the halfway mark of 2017, which makes now a good time to briefly recap the year so far for open source CMS.

      So far this year we have seen open source CMS conferences come and go, greeted major releases from WordPress, Joomla and Drupal, and followed the progress of the eagerly anticipated SilverStripe 4 — which is slated for release “later this year.”

      Looking towards the second half of 2017, here’s what to expect from the open source world in July.

  • Pseudo-Open Source (Openwashing)

  • BSD

    • [llvm-announce] LLVM 4.0.1 Release

      This release contains bug-fixes for the LLVM 4.0.0 release. This release is API and ABI compatible with 4.0.0.

    • LLVM 4.0.1 Released

      Tom Stellard of Red Hat (formerly AMD) has released LLVM 4.0.1 as the first bug-fix / point release to the LLVM4 compiler stack.

      LLVM 4.0.1 maintains API/ABI compatibility while including many additional bug fixes since the v4.0.0 release in March.

  • Public Services/Government

    • EC looking for organiser of open source bug-bounty

      The European Commission is looking for companies with experience in organising bug-bounties. The EC wants to run a small-scale bug bounty on one of the open source software projects or libraries that it uses. The exercise should provide the European institutions with open source software that has been screened for potential vulnerabilities.

  • Licensing/Legal

    • Canadian entertainment industry begs Chinese courts to censor its movies

      The Supreme Court of Canada just handed down a controversial ruling in which it ordered Google to block links to a page that was deemed illegal in Canada for every Google user, everywhere in the world — asserting that the Supreme Court of Canada’s jurisdiction extends to the end of the earth.

      Terrifyingly, Canadian entertainment industry execs are celebrating this ruling because they say that it will allow them to get copyright takedown orders in Canada and enforce them everywhere else.

  • Programming/Development

    • PHP 7.2.0 Alpha 3 Released

      The PHP development team announces the immediate availability of PHP 7.2.0 Alpha 3. This release contains fixes and improvements relative to Alpha 2. All users of PHP are encouraged to test this version carefully, and report any bugs and incompatibilities in the bug tracking system.

    • PHP 7.2 Alpha 3 Released

      PHP 7.2.0 Alpha 3 is now available as the latest test release ahead of the official PHP 7.2 debut later in the year. This release offers various fixes and improvements over the earlier alphas.

    • Undefined Behavior in 2017

      Recently we’ve heard a few people imply that problems stemming from undefined behaviors (UB) in C and C++ are largely solved due to ubiquitous availability of dynamic checking tools such as ASan, UBSan, MSan, and TSan. We are here to state the obvious — that, despite the many excellent advances in tooling over the last few years, UB-related problems are far from solved — and to look at the current situation in detail.

Leftovers

  • Search Algorithms Kept Me From My Sister for 14 Years
  • Science

    • White House Science Office in Flux
    • A US state now lets anyone—not just parents—request to ban books in schools

      Nosy Floridians now have another outlet for their moral outrage. Now anybody in the US state can formally complain about books used in public schools, and schools are required to hear them out.

      Last week governor Rick Scott signed a bill that allows any Florida resident to formally challenge new or old materials, like books and movies, available in public schools. In drafting the bill, lawmakers specifically added language that expanded the complaint process to include anyone, not just parents.

    • The birth and rise of Ethernet: A history

      Today, no company would consider using anything except Ethernet for its wired local-area network. But it wasn’t always that way. Steven Vaughan-Nichols tracks the history of Ethernet, and its once-upon-a-time networking protocol competitors.

    • Neanderthal DNA suggests yet another wave of human migration out of Africa

      Modern humans and Neanderthals have a confusing genetic relationship. One set of data suggests our two species diverged around 650,000 years ago—but other clues point to an ongoing close (that is, sexual) relationship between our ancestors that persisted until around 300,000 years ago. This is made all the more muddled by the fact that Neanderthals look like they were living in Eurasia 300,000 years ago while our own ancestors were still in Africa. And then the two groups clearly intermingled once humans did leave Africa.

      One way to account for all this contradictory information is to suggest that another group of humans left Africa sometime between the Neanderthals’ departure and our own. An analysis of Neanderthal DNA, published this week in Nature Communications, adds new weight to this hypothesis.

  • Health/Nutrition

    • Why people with brain implants are afraid of automatic doors

      The trouble is, as medical implants become not only more ubiquitous, but more connected, so does the rest of the world. And device makers have to not only plan for devices that work in today’s environment, but hopefully also a decade down the road, when patients still have the same implant but the world of signals around them may be substantially different.

  • Security

    • Security updates for Wednesday
    • At $30,000 for a flaw, bug bounties are big and getting bigger

      Hackers are being paid as much as $30,000 for finding a single critical flaw in a company’s systems, and the amount companies are willing to pay is increasing.

      While the use of such bug hunting programmes is still limited, some large organisations are offering hackers rewards for spotting flaws in their systems.

    • Windows ransomware found to be incredibly rare [Ed: Android and Linux basher Liam Tung seems to be doing some Microsoft PR today]
    • Linux and macOS malware threats tripled in 2016, according to report [Ed: Microsoft-linked sites like to the above]
    • Researchers Build Firewall to Deflect SS7 Attacks

      Security researchers will release an open-source SS7 firewall at Black Hat USA that aims to bolster security of mobile operators’ core networks.

      Mobile security software can do little to protect end users and BYOD workers when Signaling System 7 (SS7) vulnerabilities are exploited in mobile operotors’ core mobile networks, according to security researchers.

      SS7 vulnerabilities, which can allow cybercriminals to hijack two-factor authentication codes texted to mobile phones, read and redirect text messages, eavesdrop on phone calls, and track a phone’s location, have existed since 2014.

    • Calamares Devs Warn of Weaker Password Salt, Urge Users to Reset Their Password

      The developers of the Calamares open-source universal installer framework issued a warning to inform those who used Calamares 3.1 or a previous version to install their current GNU/Linux operating system of a possible password weakness issue.

    • How to defend your website with ZIP bombs
    • Shadow Brokers translation

      As a service to non native English speakers I am translating the Shadow Brokers “Borat” into simple English. I am not going to do any analysis in this post, just simple translation for people who have difficulty with Shadow Brokers posts.

    • Feelin’ safe and snug on Linux while the Windows world burns? Stop that [Ed: Well, with proprietary software the holes (or back doors) are sometimes intentional, unlike in GNU]

      The ransomware problems reported by The Reg over the past few weeks are enough to make you, er, wanna cry. Yet all that’s happened is that known issues with Windows machines – desktop and server – have now come to everyone’s attention and the bandwidth out of Microsoft’s Windows Update servers has likely increased a bit relative to the previous few weeks.

    • Linux is not as safe as you think [Ed: Having default passwords on a router (or other device) is not as safe as you think]
    • IoT Fuels Growth of Linux Malware [Ed: John P. Mello Jr. is the latest among many to cite a Microsoft ally from Seattle to make Linux look terrible]
    • How 2,000 Unsecured Databases Landed on the Internet [Ed: System administrators made a serious error.]

      There is a simple explanation for why this particular filename was used: In the instructions for the widely used database software MySQL, the name is used in an explanatory example.

    • Linux systems under fire [Ed: Unchanged default passwords on a "Linux" system are not a GNU/Linux issue]

      There was a marked increase in the recorded attacks on Linux systems, which are often connected to the Internet unprotected.

    • Private not state hackers likely to have targeted UK parliament: sources [Ed: Microsoft system]

      A cyber attack on email accounts of British lawmakers last month is likely to have been by amateur or private hackers rather than state-sponsored, European government sources said.

      The private email accounts of up to 90 of the 650 members of Britain’s House of Commons were targeted in late June, with some news reports suggesting that the attack was carried out by a foreign government, such as Russia.

      However, cyber security experts had found that the hackers only managed to access accounts of lawmakers who used primitive and easily discovered passwords, the sources, who are familiar with the investigations into the attacks, said.

    • Backdoor built in to widely used tax app seeded last week’s NotPetya outbreak

      The third-party software updater used to seed last week’s NotPetya worm that shut down computers around the world was compromised more than a month before the outbreak. This is yet another sign the attack was carefully planned and executed.

      Researchers from antivirus provider Eset, in a blog post published Tuesday, said the malware was spread through a legitimate update module of M.E.Doc, a tax-accounting application that’s widely used in Ukraine. The report echoed findings reported earlier by Microsoft, Kaspersky Lab, Cisco Systems, and Bitdefender. Eset said a “stealthy and cunning backdoor” used to spread the worm probably required access the M.E.Doc source code. What’s more, Eset said the underlying backdoored ZvitPublishedObjects.dll file was first pushed to M.E.Doc users on May 15, six weeks before the NotPetya outbreak.

    • Moving Beyond Backdoors To Solve The FBI’s ‘Going Dark’ Problem

      Former FBI Director James Comey stated on more than one occasion that he’d like to have an “adult conversation” about device encryption. He wasn’t sincere. What he actually meant was he’d like to have all the “smart people” in the tech world solve his problems for him, either by capitulating to his requests for encryption backdoors or by somehow crafting the impossible: a secure backdoor.

      Comey is gone, but his legacy lives on. The FBI wants to keep the “going dark” narrative alive. Deputy Attorney General Rod Rosenstein has already asked Congress for $21 million in “going dark” money, supposedly to help the agency explore its options.

      The problem is, the options could be explored for a much lower price. Kevin Bankston offers up a few solutions — or at least a few improved adult conversational gambits — for the low price of $free over at Lawfare. The starting point is Comey’s “adult conversation” talking point. Bankston points out you can’t hold an adult conversation if you refuse to act like one.

    • OpenBSD Will Get Unique Kernels on Each Reboot. Do You Hear That Linux, Windows?

      A new feature added in test snapshots for OpenBSD releases will create a unique kernel every time an OpenBSD user reboots or upgrades his computer.

      This feature is named KARL — Kernel Address Randomized Link — and works by relinking internal kernel files in a random order so that it generates a unique kernel binary blob every time.

      Currently, for stable releases, the OpenBSD kernel uses a predefined order to link and load internal files inside the kernel binary, resulting in the same kernel for all users.

    • BothanSpy

      Today, July 6th 2017, WikiLeaks publishes documents from the BothanSpy and Gyrfalcon projects of the CIA. The implants described in both projects are designed to intercept and exfiltrate SSH credentials but work on different operating systems with different attack vectors.

      BothanSpy is an implant that targets the SSH client program Xshell on the Microsoft Windows platform and steals user credentials for all active SSH sessions. These credentials are either username and password in case of password-authenticated SSH sessions or username, filename of private SSH key and key password if public key authentication is used. BothanSpy can exfiltrate the stolen credentials to a CIA-controlled server (so the implant never touches the disk on the target system) or save it in an enrypted file for later exfiltration by other means. BothanSpy is installed as a Shellterm 3.x extension on the target machine.

      Gyrfalcon is an implant that targets the OpenSSH client on Linux platforms (centos,debian,rhel,suse,ubuntu). The implant can not only steal user credentials of active SSH sessions, but is also capable of collecting full or partial OpenSSH session traffic. All collected information is stored in an encrypted file for later exfiltration. It is installed and configured by using a CIA-developed root kit (JQC/KitV) on the target machine.

    • Hijacking Bitcoin: routing attacks on cryptocurrencies

      The Bitcoin network has more than 6,000 nodes, responsible for up to 300,000 daily transactions and 16 million bitcoins valued at roughly $17B.

      [...]

      BGP (Border Gateway Protocol) is the routing protocol that controls how packets are forwarded in the Internet. Routes are associated with IP prefixes, and are exchanged between neighbouring networks (Autonomous Systems, AS). The origin AS makes the original route announcement, and this then propagates through the network hop by hop.

    • Researchers open sliding window to completely break libgcrypt RSA-1024

      In their paper the researchers display a good sense of humour in calling the vulnerability ‘sliding right into disaster’. That’s because it exploits the fact that exponent bits leaked by the ‘sliding window’ process used by libgcrypt can be used to carry out a key recovery attack against RSA. This despite it previously being thought that even if the entire pattern of squarings and multiplications was observed courtesy of s side-channel attack, it wouldn’t leak enough exponent bits to be of any real use.

  • Defence/Aggression

    • Tony Blair must be prosecuted over Iraq War, High Court hears

      Tony Blair must be prosecuted over the “unnecessary” and “unlawful” Iraq War, a court has heard.

      General Abdul Wahed Shannan Al Rabbat alleges Mr Blair, then UK prime minister, committed “the crime of aggression” by invading Iraq in 2003.

      The general wants to bring a private prosecution against Mr Blair and two other key ministers at the time – foreign secretary Jack Straw and the attorney general, Lord Goldsmith.

  • Transparency/Investigative Reporting

    • Journalists decry move to drop international Walkley​​ award

      Hundreds of the nation’s top journalists, editors, academics and media executives have called on the Walkley awards advisory board to reverse its “short-sighted” decision to drop the international journalism category from the annual awards for excellence in journalism.

      ABC foreign correspondents Philip Williams, Sally Sara and Matt Brown, ABC presenters Leigh Sales, Virginia Trioli, Michael Rowland and Chris Uhlmann, former Gold Walkley winners Adele Ferguson, Liz Jackson and photojournalist Andrew Quilty are among the 480 signatories to a petition delivered to Walkley advisory board chair Angelos Frangopoulos and Walkley chief executive Jacqui Park.

    • CNN implied threat against redditor over Trump-CNN GIF ignites Internet
    • CNN denies blackmailing Reddit user behind viral Trump meme

      In a statement, the spokesman denied CNN had made a “deal” with the Reddit user, and said the inclusion of the controversial statement in their piece was intended to show that no “deal” occurred.

    • CNN Warns It May Expose an Anonymous Critic if He Ever Again Publishes Bad Content

      A controversy erupted late Tuesday night after CNN published an article announcing that it had uncovered the identity of the anonymous Reddit user who created the video of President Donald Trump punching a CNN logo. CNN and other outlets had previously reported that this user, who uses a pseudonym, had also posted anti-Semitic and racist content on Reddit, including an image identifying all of the Jewish employees of CNN, designated with a Jewish star next to their photos.

      Though CNN decided — for now — not to reveal his name, the network made clear that this discretion was predicated on the user’s lengthy public apology, his promise not to repeat the behavior, and his status as a private citizen.

  • Environment/Energy/Wildlife/Nature

    • Volvo says from 2019 all new models it introduces will be electric or hybrid

      On Wednesday, Volvo Cars announced that all new models introduced from 2019 will feature some form of electric propulsion. The news follows an announcement in May that diesel engines have no future with the brand, in part because of ever-stricter EU carbon emissions targets, but also because of the growing concern over the health effects of diesel exhaust, which is loaded with particulates and nitrogen oxides.

      When it comes to socially responsible car companies, Volvo appears to be leading the pack. The Swedish automaker, which built its reputation on safety, has already committed to a goal of reducing the number of deaths or serious injuries in a new Volvo to zero by the year 2020. And it looks like that concern extends beyond the wellbeing of its customers to the rest of us as well.

      Between 2019 and 2021, Volvo plans to launch five new electric vehicles. Details about the new EVs are scarce at present, but the company says that three of them will be badged as Volvos, and the other two will be high-performance EVs badged as Polestars. (Polestar is Volvo’s in-house tuning operation, and you’ll be able to read a review of the S60 Polestar here at Ars in a few weeks.)

    • Germany’s power sector making serious strides in renewable energy

      The German Renewable Energy Federation (known as the “Bundesverband Erneuerbare Energie” or BEE in Germany) has good news and bad news. The good news? From January to June, the country produced a record 35 percent of its electricity from renewable energy.

    • Brexit could block any plans to reintroduce lynx

      In an unlikely side-effect, Brexit could see the UK’s hills and forests remain lynx-free for the foresee­able future, it has been claimed.

    • Satellite temperature record update closes gap with surface records

      Satellites seem like an obvious technological solution to the considerable challenge of tracking changes in Earth’s climate. But Earth-observing ain’t easy. A single instrument can zoom over the locations of thousands of stationary thermometers—but that puts thousands of eggs in one instrumental basket. Measuring temperatures from space takes a lot more than some mercury in a tube, and you can’t fix your instrument if something goes wrong.

      Illustrating that fact is a new update to one of the major satellite temperature datasets, which ends up changing the recent part of the record in a subtle but significant way.

  • Finance

    • Is Brexit an error? Now even Vote Leave’s chief is having doubts

      What would it take to make those who voted for Brexit change their minds? That may turn out to be the dominant question of British politics over the coming years, as the reality of the British exit from the EU comes ever closer. Even the most diehard remainers concede that the only way it can be halted is if British public opinion has a change of heart, collectively repudiating the verdict it expressed in the referendum of 2016.

    • Fake data pushed by Nasdaq gets published, creating stock quote surprise

      Since the markets were closed, luckily no trades could be executed based on the data. The only real-world impact may have been some panic attacks and heart palpitations. Still, the episode shows how much of an impact the corruption of market quote data could potentially have. Even back in 2013, an interruption in Nasdaq data forced the exchange to pause trading. (That problem, caused by a network issue between Nasdaq and one exchange participant, has long since been resolved.) And potential problems like that are exactly why Nasdaq frequently tests its systems after hours to verify network throughput.

  • AstroTurf/Lobbying/Politics

    • Is America past the point of no return?

      A few years back, on my radio show, President Jimmy Carter said that America, in large part because of Supreme Court decisions like Citizens United, has become “just an oligarchy, with unlimited political bribery.”

    • Labour calls on government to drop European court red line

      Britain’s opposition Labour Party called on the government to drop its “deeply unhelpful red line” in Brexit talks over the European Court of Justice, saying it should be more flexible to retain access to EU bodies.

      In a letter to the Financial Times on Wednesday, Labour’s Brexit policy chief Keir Starmer said the party understood that the future relationship with the European Court of Justice would have to change as Britain leaves the European Union, due in March 2019.

      But he said by ruling out any deal that would keep Britain under the jurisdiction of the court meant Prime Minister Theresa May has drawn a red line that “would prevent any future involvement of an EU-UK court-like body, even when such an arrangement is demonstrably in the national interest”.

      “We have called for a more flexible approach that would make it far easier for Britain to stay inside common EU arrangements that benefit the UK,” wrote Starmer, a career lawyer who rose to be head of the state prosecution service before going into politics.

    • States refuse to give Trump commission personal data of registered voters

      As many as 44 US states are now refusing to hand voter data over to President Donald Trump and his administration citing legal and privacy concerns. This cache includes information such as voters’ full names, political affiliations, addresses, dates of birth, criminal records, the last four digits of Social Security numbers, and other personal identifying information. The tussle continues despite the fact that some of the desired data, including whether individuals have voted in the past decade, is set to become part of the public record separate from this situation.

      This wave of refusals comes a week after the Presidential Advisory Commission on Election Integrity sent a letter (PDF) to the nation’s 50 states seeking the information so the newly created Trump commission could “analyze vulnerabilities and issues related to voter registration and voting.” Trump signed the executive order in May to create the commission amid his own claims that there was voter fraud on a massive scale during the 2016 election. Trump alleged that millions had voted illegally, but so far those claims have been unfounded.

    • Trump supporters attack NPR for tweeting ‘propaganda’ before finding out it was the Declaration of Independence

      Some saw the tweets as particularly relevant to the state of current affairs and praised the action as a reminder of why federal funding for the public broadcaster should not be cut, as the Trump administration has proposed.

    • NPR accused of bias for tweeting out full Declaration of Independence

      NPR has celebrated Independence Day for 29 years by having hosts, reporters and commentators read the Declaration of Independence on-air.

  • Censorship/Free Speech

    • Kenya: This Is Internet Censorship Through the Back Door

      Last week, the Communications Authority of Kenya published draft regulations on the use of social media for political messaging in collaboration with the National Cohesion and Integration Commission (NCIC).

      The regulations have two components – one on bulk SMS and the other specifically for social media use within the context of political messaging.

      The regulations on bulk SMS are actually in their second edition. The first edition was gazetted as we went to the polls in 2013 in a clear effort to avoid the repeat of the post election violence witnessed after the 2007 general elections.

    • Judge Tosses Woman’s Lawsuit Brought Against Google Because A Blogger Said Mean Things About Her

      Because even some lawyers can’t seem to understand the legalities of Section 230 of the CDA or third-party liability, the courts are frequently burdened with stupid defamation lawsuits that can’t survive a motion to dismiss. DC lawyer Harry J. Jordan lobbed one of these lawsuits into court late last year on behalf of Dawn Bennett, who felt she was defamed by a blog run by Scott Pierson, an SEO specialist who apparently failed to make Bennett’s less-than-flattering history with the SEC disappear.

    • Streaming services censor themselves in India, even though they don’t need to

      At 2am on March 29, film producer Gaurav Dhingra got an email and a missed call. They were from Netflix. Angry Indian Goddesses, a film Dhingra produced, was due to release on Netflix in a day. It had released in the rest of the world a couple weeks earlier. In 2015, when Netflix bought the film, Dhingra asked for assurance from them that they would release it uncensored everywhere, including India. Netflix agreed. After all, the censored version of the film was only required for theatrical exhibition, not for people watching it online.

    • TVB accused of self-censorship over sudden suspension of political satire show during Xi Jinping’s visit

      Public broadcasting service RTHK has filed an official complaint against free-to-air station Television Broadcasts (TVB) for suspending its political satire show Headliner on short notice during President Xi Jinping’s visit last week.

      The show – usually critical of the government – was scheduled to be aired on TVB Jade last Friday at 6pm, but the broadcaster informed RTHK just minutes before its scheduled broadcast that it had been postponed to 12:30am on Saturday.

    • TVB show switch sparks complaints

      Complaints are flying against Television Broadcasts’ switching of its political satire program Headliner from the golden time of Friday evening to Sunday after midnight during President Xi Jinping’s visit last week.

      The program was scheduled to be broadcast on TVB Jade last Friday at 6pm, but RTHK received a notice from TVB minutes before it was aired that the program had been switched to Sunday after midnight at 12.30am on J5.

      TVB played the news clips of Xi’s visit instead, followed by a feng shui program.

    • Vidangel is a stupid censorship service and we should welcome it anyway

      Vidangel is the latest attempt (along with services like Clearplay and Sony’s own filtering tool) to sell a product that allows cringing, easily triggered evangelicals to skip swear words, sex and blasphemy in the media they watch.

      These tools re-emerge periodically, and every time they do, artists come out to decry them as violations of copyright or moral rights, or both (and Vidangel is no exception).

      This is silly and worse than silly: it’s dangerous.

    • Streaming platforms and self-censorship: An Indian perspective

      In May 2017, a movie titled ‘Angry Indian Goddesses’ was released on Netflix India. A censored version of the film, originally intended for theatrical release was made available. Critics brought attention to the self-censorship Netflix was resorting to, in the absence of censorship guidelines for streaming platforms. While theatrical releases are regulated by the Central Board of Film Certification, their jurisdiction does not extend to online platforms, as was recently made evident through an RTI response from the Ministry of Information and Broadcasting. Eventually, the director of ‘Angry Indian Goddesses’ informed viewers that Netflix had insisted on making the censored version available themselves.

    • ‘More censorship’: Row in Dáil as TD asks why gardaí spoke to professor over Regina Doherty blog
    • Punjab CM rules out media censorship
    • Censorship Board bans songs from Cairokee’s new album

      The censored songs include lyrics about “everyday life, our problems as young people, social media and what we see on TV – our usual topics,” said 33-year old frontman and songwriter Amir Eid, who doesn’t think any of the content is particularly controversial. “If anything, I feel, as a songwriter, that I didn’t say everything I wanted to say.”

  • Privacy/Surveillance

    • Docs Show Police Also Sought (And Obtained) Phone Records For Police Shooting Victim’s Girlfriend

      As we recently covered, Minnesota law enforcement tried to snatch victory from the expiring body of a black driver shot by a St. Anthony police officer by immediately asking an uninvolved social media company to turn over information on Philando Castile’s girlfriend. The reason for this? The “affiant” swore criminals often used social media services to discuss criminal activities. This was an attempt to mine for dirt that might be used to justify an unjustifiable shoot.

      One warrant was served to Facebook, along with an indefinite gag order. Facebook challenged the gag order. Ill-prepared for pushback and having no solid reason to demand the release of Facebook posts and private messages, the warrant was rescinded.

    • Five Eyes Wide Shut: GCHQ Withdraws From the World?

      At a remote mountain resort in New Zealand earlier this year, leaders of the Five Eyes intelligence alliance met for their annual summit. At seventy-one years old, the Five Eyes alliance, between Australia, Canada, Great Britain, New Zealand and the United States, remains the world’s most powerful intelligence partnership, and over decades has endured crises from Suez, to the Falklands, to Iraq. Yet on the same day in March 2017, two separate but linked events in both Washington and London suggest the Five Eyes’ closest partners — Britain’s GCHQ and America’s NSA, are beginning to diverge in their focus and mission.

      On March 20 in Washington DC, sitting in front of perhaps the most high-profile congressional intelligence committee since 9/11, the NSA Director, Admiral Rogers, was asked if the NSA knew about Russian interference in electronic voting systems in Michigan during the 2016 Presidential election. Firmly, Rogers responded: “No. I would highlight we are a foreign intelligence service, not a domestic intelligence organization”. This was a mission shared by the NSA’s closest partner, GCHQ. The agency’s foreign focus is enshrined in British law: the agency, along with MI6, is answerable to the Foreign Secretary — in contrast, MI5 reports to the Home Secretary.

    • NSA Continues To Dodge ‘Incidental Collection’ Question, Wants Its ‘About’ Surveillance Program Back

      It’s been six years since Senator Ron Wyden first asked the Director of National Intelligence how many Americans’ communications are being swept up “incidentally” in the NSA’s Section 702 surveillance net. Six years later, he still doesn’t have an answer.

    • This Indian ISP won’t let its users use 128 bit or 256 bit encryption

      Yet YOU Broadband, and other Indian ISPs, still insist that their users can’t use anything stronger than a twenty-year-broken key size. That’s not viable security in the 21st century, and makes you wonder why encryption is discouraged in the first place. Nowadays, because 40 bit encryption has long been shown to be obsolete, the minimum standard is usually at least a 128 bit encryption key size.

      [...]

      What is the bit length permitted by the Department of Telecommunications, anyways? According to a 2002 note on ISP regulation by the Department of Telecommunications, the encryption key length hard limit is 40 bits for internet service licensees aka internet service providers.

      Internet service licensees, such as YOU Broadband, have an obligation to the licensor, the Department of Telecommunications, to forbid individuals, groups, and organizations from using encryption with keys stronger than 40 bits without permission. Instead of asking the regulators for this permission to allow its users to actually utilize viable encryption key lengths without violating the user policy, YOU Broadband has elected to pass on the 15 year old rule on encryption – essentially making the use of encryption online against the rules of the ISP and a potential reason to lose service. Under the current and previous iterations of the user policy, YOU Broadband subscribers are technically breaking the ISP’s rules every time they access https://www.google.co.in.

    • Facebook can track your browsing activity after you log out: US judge

      The plaintiffs claimed that Facebook violated federal and California privacy and wiretapping laws by storing cookies on their browsers that tracked when they visited outside websites containing Facebook “like” buttons.

    • Facebook challenges US government over gag order

      Details are still mostly sealed, although a recent filing suggests that the newest round of warrants is also related to the anti-Trump protests. The US Attorneys’ office declined to comment.

    • Doctors are turning to Snapchat to bypass ageing NHS systems

      A panel of experts, chaired by former Liberal Democrat MP Dr Julian Huppert, revealed that clinicians are using Snapchat, along with similar camera apps, to record particular details of patient information and share it with colleagues.

  • Civil Rights/Policing

    • Hamburg is transforming itself into an Orwellian dystopia for the G20 Summit

      On July 7-8 the G20 Summit is happening in Hamburg. The city’s authorities plan to transform it into a democracy-free zone of complete surveillance, enforced by paramilitary means. We wrote the open letter below to the Senate of Hamburg to protest.

    • A July 4 Message from EFF Co-founder John Perry Barlow

      There’s no need to make America great again.

      America has been great since it became the first nation on Earth where a set of ideas became the ruling principles of governance.

      America was great when it was established that authority did not come from divine right, or indeed anything beyond the ability to earn it.

      Those who believe America’s greatness depends on her ability to create fear both at home and abroad are the enemies of American greatness.

    • Laptop ban led to 20-percent drop in flights for one Mideast airline

      Some of the Middle Eastern airlines barred from having laptops and other electronics in their main cabins have said their rules are returning to normal after receiving approval from US agencies.

      Turkish Airlines and Emirates Airlines both announced the end of their respective laptop bans yesterday. That follows long-haul carrier Etihad Airlines, which told The Associated Press on Sunday it will no longer bar larger electronics on its flights.

  • Internet Policy/Net Neutrality

    • Take Action Now: Support Nonviolent Direct Action and Join the Fight for Net Neutrality

      Every Tuesday, The Nation sends “Take Action Now,” a weekly newsletter that features three actions each week of varying time commitments. This week, we’re continuing to share actions you can take to defeat the Republicans’ draconian health-care bill, along with an opportunity to get involved in the fight to save net neutrality.

    • The Europe-wide assault on internet freedom

      This is madness. But it is a madness that is spreading across Europe. And don’t be fooled into thinking we are not already in a similar situation in the UK.

    • ‘Free Market’ Group: FCC Comments Show Nobody Really Wants Net Neutrality

      So we’ve discussed how there’s growing controversy about the gaming of the FCC’s public docket on net neutrality to give the illusion of support for what’s an extremely unpopular plan to kill the rules. A bot has been stuffing the ballot box with bogus comments using dead or otherwise fraudulent people, and I’ve seen my name hijacked and used to support the killing of the rules as well. So far, there’s every indication that the FCC has no intention to crack down on any of this, since this fraudulent behavior supports its awful plan to kill net neutrality protections.

      One analysts suggested that up to 40% of the roughly five-million comments submitted so far are coming from the aforementioned bot. After initially telling me they were “looking into” things, the FCC has ignored repeated requests for comment on why it’s failing to police even the most rudimentary abuse of its own systems, like the example in my name above.

    • Cox expands home Internet data caps, while CenturyLink abandons them

      There’s good news and bad news on data caps for home Internet users.

      Cox, the third largest US cable company, last week started charging overage fees to customers in four more states. Internet provider CenturyLink, on the other hand, recently ended an experiment with data caps and is giving bill credits to customers in the state of Washington who were charged overage fees during the yearlong trial.

      Cox, which operates in 18 states with about six million residential and business customers, last week brought overage fees to Arizona, Louisiana, Nevada, and Oklahoma. Cox was already enforcing data caps and overage fees in Arkansas, Connecticut, Florida, Georgia, Idaho, Iowa, Kansas, Nebraska, and Ohio. California, Rhode Island, and Virginia technically have monthly caps but no enforcement of overage fees, according to Cox’s list of data caps by location. Massachusetts and North Carolina seem to be exempt from the Cox data caps altogether.

  • Intellectual Monopolies

    • Dow wins Canada’s largest ever reported patent infringement award

      The Federal Court of Canada has awarded Dow more than C$645 million including prejudgment interest for Nova Chemicals infringing a patent covering polymers

    • State Dept. Enlists Hollywood And Its Friends To Start A Fake Twitter Fight Over Intellectual Property

      So, let’s break this down. This is literally the State Department, working with the IP Enforcement Coordinator (normally called the “IP Czar”) to team up with the MPAA, RIAA and Copyright Alliance (a front group for the RIAA and MPAA), along with the Patent & Trademark Office and the Copyright Office to create a fake Twitter feud over who likes copyright and patents more.

      Everything about this is crazy. First, the State Dept. should not be creating fake news or fake Twitter feuds. Second, even if it were to do so, it seems to have picked one side of the debate, arguing that greater copyright and patent enforcement is obviously a good thing (how far we’ve come from the time when it was the State Department that fought back against SOPA and told the White House not to support it).

      Separate from that, why are the MPAA, the RIAA and the Copyright Alliance agreeing to team up with the US government to create fake stories? That seems… really, really wrong. I get that they are obsessed with always pushing a misleading and one-sided message on copyright law, but creating out and out propaganda with the US government?

    • KEI Recommends WIPO Study On Running Royalties As Limitation On Remedies

      Nonprofit group Knowledge Ecology International (KEI) has requested a study by the World Intellectual Property Organization on the case law of the non-voluntary use of patents as a limitation on remedies, Andrew Goldman, counsel for policy and legal affairs at KEI, said at a side event to a WIPO meeting this week.

    • Newegg fought its way through two appeals to win fees from this patent-holder
    • Nokia and Xiaomi sign patent deal and agree to ‘explore’ areas like VR and A.I.

      The deal will see both companies license so-called standard essential patents — patents which are essential to allow products to comply with an industry standard — from each other.

    • Copyrights

      • Copyright Law Is Broken Because We Say “Copy” When We Mean “Enjoy”

        Copyright law was never meant to apply to how ordinary people enjoy creative works. It was never really even about ensuring authors get paid. It was meant to settle disputes between people who make the mass-market copies we buy and ensure they couldn’t cheat on each other. Those people were (and are) wealthy and operating on huge scales, so the penalties used to keep them in place are massive.

        But then came digital works. By a linguistic accident, we use the word “copy” to describe parts of the process used each time we “open” a digital book or “play” digital music. Because of that, we are forever exposed to copyright laws that were never meant for us. As a result, using works we have paid for requires a license to mitigate the copyright.

      • Indie Developer Finds Game On Torrent Site, Gives Away Free Keys Instead Of Freaking Out

        When game developers find their products available for download on torrent sites and the like, it’s understandable if their reaction isn’t exactly positive. Many gamemakers pour their hearts into developing their art and finding it available for free, fully cracked of any DRM that they might have included, can be understandably frustrating. It’s typically that frustration that launches into DMCA takedowns, complaints about piracy harming the gaming business, and talk of site-blocking and legal threats.

      • Changes to the Singapore copyright system: an update on the recent public consultations

        At the same time, Singapore is in the running for a rosy digital future. As a consequence, Singapore Government will keep its promises and expectations on the successful implementation of any possible consultation paper. Whatever may be the outcome on the CA and future collective rights management eco-system, both public consultation papers would perhaps tip the balance in favour of the authors and confine additional limitations and exceptions to the freedom of the contracting parties.

      • Chrome’s Default ‘Ad-Blocker’ is Bad News for Torrent Sites

        Torrent sites are having trouble maintaining a steady flow of revenue, with the increasing use of ad-blockers affecting sites right across the board. And with Google’s plan to add a default ad-blocker to the Chrome browser looming, some operators fear that they might not be able to keep their sites afloat.

« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources

No

Mono

ODF

Samba logo






We support

End software patents

GPLv3

GNU project

BLAG

EFF bloggers

Comcast is Blocktastic? SavetheInternet.com



Recent Posts