Bonum Certa Men Certa

Links 2/10/2016: Wine 1.9.20, Raspberry Pi PIXEL





GNOME bluefish

Contents





GNU/Linux



  • Windows vs. Linux vs. Mac: the channel comparison


    Linux is open source meaning you can customise and modify the code any which way you like. This flexibility has made the system hugely popular amongst the developer community. This is not the same in Windows and Mac. Neither the Windows and Mac programmes nor the operating systems are open source.

    So there we have it, three entirely different operating systems offering unique experiences that can meet the differing demands of the modern user, whilst offering unique opportunities throughout the channel. So the real question now is, are you a Mac Linux or Windows user?


  • Linux Journal October 2016
    There was a show a few years back called, "Extreme Makeover: Home Edition". The premise of the show was to find families who needed their houses overhauled, but couldn't afford to do it on their own. Generally, those chosen had sacrificed for others rather than spend time and money on themselves. Then the show would completely redo their houses, making it so nice the happy families no longer could afford the taxes, and they'd soon be homeless. I might have missed the point of the show, but the idea of improving on outdated infrastructure certainly rings true for IT folks. This month, we look at improving our lives by improving on the tech we depend on every day.


  • Desktop



  • Server



    • Kubernetes 1.4 Improves Container Security
      The latest release of the open-source container orchestration technology adds new security features, including TLS bootstrap. The open-source Kubernetes 1.4 release, which debuted Sept. 26, provides users with a host of enhanced security capabilities for container deployment and orchestration.

      Kubernetes originated at Google and is now part of the Cloud Native Computing Foundation, benefiting from the contributions of multiple vendors.

      Among the new features in Kubernetes 1.4 is TLS bootstrap, which is designed to improve the use of encryption for data in motion across a cluster. TLS (Transport Layer Security) is widely used on the internet today for encryption.

      "The TLS bootstrapping work done in Kubernetes 1.4 is a step toward automating the addition of new hosts to the Kubernetes cluster," Clayton Coleman, Red Hat's lead architect for OpenShift, explained to eWEEK.




  • Kernel Space



    • Why kernel development still uses email
      In a world full of fancy development tools and sites, the kernel project's dependence on email and mailing lists can seem quaintly dated, if not positively prehistoric. But, as Greg Kroah-Hartman pointed out in a Kernel Recipes talk titled "Patches carved into stone tablets", there are some good reasons for the kernel community's choices. Rather than being a holdover from an older era, email remains the best way to manage a project as large as the kernel.

      In short, Greg said, kernel developers still use email because it is faster than any of the alternatives. Over the course of the last year, the project accepted about eight changes per hour — every hour — from over 4,000 developers sponsored by over 400 companies. It must be doing something right. The list of maintainers who accepted at least one patch per day contains 75 entries; at the top of the list, Greg himself accepted 9,781 patches over the year. Given that he accepts maybe one third of the patches sent his way, it is clear that the patch posting rate is much higher than that.

      Finding tools that can manage that sort of patch rate is hard. A poor craftsman famously complains about his tools, Greg said, but a good craftsman knows how to choose excellent tools.

      So which tools are available for development work? Greg started by looking at GitHub, which, he said, has a number of advantages. It is "very very pretty" and is easy to use for small projects thanks to its simple interface. GitHub offers free hosting and unlimited bandwidth, and can (for a fee) be run on a company's own infrastructure. It makes life easy for the authors of drive-by patches; Greg uses it for the usbutils project and gets an occasional patch that way.


    • Fireside Chat with David Rusling and Linus Torvalds


    • The Problem with Linux Kernel Documentation, and How We’re Fixing it
      The Linux Kernel has one of the biggest communities in the open source world; the numbers are impressive: over 4,000 contributors per year, resulting in about 8 changes per hour. That results in 4,600 lines of code added every day and a major release every 9-10 weeks. With these impressive numbers, it’s impossible for a traditional printed book to follow the changes because by the time the book is finally written, reviewed and published, a lot of changes have already merged upstream. So, the best way to maintain updated documentation is to keep it close to the source code. This way, when some changes happen, the developer that wrote such changes can also update the corresponding documents. That works great in theory, but it is not as effective as one might think.


    • How To Use Systemd For Application Sandboxing & How To Easily Crash Systemd
      Another one of the interesting systemd.conf 2016 presentations in Berlin was a talk by Djalal Harouni of EndoCode for using systemd to carry out application sandboxing.


    • Graphics Stack



      • Experimental Unity Vulkan Demos For Linux
        Some of the exciting news this week was Unity releasing their Vulkan renderer in preview form and this initial debut did contain Linux support. There are now some unofficial Unity demos built for Linux with the Vulkan renderer enabled.

        Levi Bard is hosting some sample Linux player builds with the Vulkan preview support enabled. There are two demos currently offered: Corridor Lighting Example and Viking Village. There are both x86 and x86_64 builds and should work with newer Vulkan Linux drivers.


      • The Talos Principle native radv vulkan amdgpu (SI)


      • We Might Never See A New OpenGL Version, At Least Not For A Long Time
        During past Khronos press briefings about OpenGL/Vulkan and in other communications, while Vulkan is the organization's big graphics API focus, it was implied during these conversations that OpenGL would continue to march to its own beat and evolve as needed. While OpenGL continues to be significantly used by cross-platform graphics application/game developers, it turns out there might not be a new official version for a long time - if ever.






  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • KDE neon Korean Developer Edition (... and future CJK Edition?)
        Among many other locations around the planet, the local community in Korea is planning to put on a KDE 20th Anniversary birthday party in Seoul on October 14th. The KDE neon Korean Developer Edition was directly created on request for this event, to be made available to attendees.

        That said - this is actually something we've been wanting to do for a while, and it's not just about Korean.

        None of the bits that make up the new image are new per-se; KDE has supported Korean for a long time, both with foundational localization engineering and regular maintenance activity. And as of the Plasma 5.6 release, our Input Method Panel is finally bundled with the core desktop code and gets automatically added to the panel on first logon in a locale that typically requires an input method.

        Yet it's pretty hard to keep all of this working well, as it requires tight integration and testing across an entire stack, with some parts of the whole living upstream or downstream of KDE.org. For example: After we attempted to make the Plasma panel smarter by making it auto-add the Input Method Panel depending on locale, we couldn't actually be sure it was working as desired by our users, as it takes time for distros to get around to tuning their dependency profiles and for feedback from their users to loop back up to us. It's a very long cycle, with too many opportunities to lose focus or domain knowledge to turnover along the way.


      • Qt Champion nominations for 2016 now open


      • MediaWikiToLearn Hackathon + Editathon


      • Mobile IMG 20160930-021219


      • KIO GDrive 1.0 released
        I’m happy to finally announce the first stable release of KIO GDrive. KIO GDrive enables KIO-aware applications (such as Dolphin, Kate or Gwenview) to access and edit Google Drive files on the cloud.

        Given the lack of an official Google Drive client for Linux, KIO GDrive can be used as replacement for managing your Drive files with Dolphin. Even better, you don’t have to use space on your disk! The files are still in the cloud, yet you can edit them as if they were locally stored on your machine.

        For example you can edit a text file in Kate or crop an image in Gwenview, and just save those files as you normally would. The edited file will be automatically uploaded on the cloud. This will also work with non-KIO applications, for example Libreoffice, but in this case a dialog will explicity ask if you want to upload the new version of the file.
      • In Defence for Permissive Licences; KDE licence policy update


      • My Adventures and Misadventures in Qt Quick Land
        I have the worst sense of timing when adopting technologies and always find myself at transition points. Python 2 to 3, OpenGL fixed to programmable pipeline, and Qt widgets to Qt Quick. Perhaps the most significant thing to come out of Nokia’s short stewardship of Qt, Qt Quick (originally Qt QUICK, or Qt User Interface Creation Kit) is perhaps the biggest, and somewhat most controversial, change in Qt in recent years. Unless The Qt Company makes a highly unlikely U-turn, it is also probably Qt’s future (without discarding regular widgets, of course). It is also definitely the future for Plasma, the KDE desktop. In fact, it is already its present. Of course, I just had to sink my teeth into it, if only briefly. Since I still wasn’t yet set firmly in the ways of the Widget, I thought it might be easier to wrap my head around this new way of coding. I was both wrong and right. Here is my story.
      • Qt on Android: How to create an Android service using Qt


      • Using Qt Quick for prototyping


      • KDAB talks at QtCon 2016


      • Tomorrow is a New Day – Joining Blue Systems


      • [Krita] New Stable and Development Builds


      • Kubuntu 16.10 Beta 2 is here! Test Test Test! And then more Testing


      • RFC: How to fix a tricky leak in QFormLayout?


      • Kirigami 1.1


      • Kirigami 1.1


      • Emoji restyling
        I started to restyling and try to finish the Emoji.




    • GNOME Desktop/GTK



      • An Introduction to GNOME Boxes (virtualization) on Linux
        GNOME Boxes is a system virtualization application that is a core part of the GNOME desktop environment. Based on the QEMU machine emulator, it offers a simplified and user-friendly approach to the whole OS virtualization idea. This post is just an introduction to its capabilities and a statement that it finally works in other distributions besides Fedora.

        Once you launch Boxes, you are greeted with a message to press the “New” button to add a new system. Doing so will let the application quickly search in your home folder to find any supported image files. You may either select from the list, navigate your disk, or even insert a URL address.






  • Distributions



    • This Week in Solus – Install #36
      Welcome to the 36th installation of This Week in Solus.


    • Reviews



      • Sabayon Bizarre But Useful
        Sabayon, which gets its name from the the Italian egg-derived dessert known as zabaione, is a distribution that we don’t hear too much about these days, although the British Linux press gave it some love a few years ago. It was unassuming…with a hint of mystery. I tried it back then, when I was still fairly new to actually using Linux and thought it was a nice effort, but a little too weird. That wasn’t their fault; that was mine. I was still clinging sharply to Ubuntu at the time. Plus, I was a bit more shallow in those days because I was really set on the idea that an operating system had to look good before I would really put some hours into using it. I still am in many respects. I’m just not crazy about boring.

        So when I approached Matt with the idea of documenting a revisitation to Sabayon, he greenlighted it immediately. Team Sabayon has been very busy. It still has a hint of mystique that I find very attractive. It’s got a lot of applications at default and offers you a lot of decision-making power as well. More on that later.




    • Screenshots/Screencasts



    • OpenSUSE/SUSE



      • Mesa, Kernel, GNOME, KDE apps update in Tumbleweed
        Another week and another five snapshots for openSUSE’s rolling release Tumbleweed produced updates for openSSL, GNOME 3.22, Mesa and the Linux Kernel.

        Dominique Leuenberger, a core member of the openSUSE release team, informed subscribers of the openSUSE Factory Mailing List about some of the packages that were updated during the week and some packages users can expect over the next couple of weeks.

        Snapshot 20160928 produced an update for openSSL to 1.0.2j, which patched a high severity Online Certificate Status Protocol vulnerability. The same snapshot also gave users the updated 4.7.5 Linux Kernel.




    • Red Hat Family



    • Debian Family



      • Derivatives



        • Canonical/Ubuntu



          • Ubuntu Phone pre OTA 14 quick view


          • Canonical Brings Kubernetes to Ubuntu
            It appears as if the guys and gals at Canonical have been working overtime to stay ahead in the cloud, where its Linux distribution, Ubuntu, is the decisive winner as far as the number of deployments goes. Evidently, they'd like to keep it that way. On Tuesday the company unveiled its own fully supported enterprise distribution of Kubernetes. This comes only a week after the company announced it had worked with IBM to bring its own implementation of OpenStack to Big Blue's hardware.

            If you don't know, Kubernetes is a container tool for DevOps that was originally developed by Google but which is now managed by the Cloud Native Computing Foundation and available under the Apache open source license. To develop its own distribution, Ubuntu copied its IBM mainframe move and worked with the source, in this case Google. They've come up with what Canonical founder Mark Shuttleworth is calling a "pure, vanilla version" of the platform.


          • Flavours and Variants



            • Mintbox Mini Pro: A Cheap Linux Machine With Compelling Specs
              The Mintbox Mini has been received a major hardware upgrade and it is now called Mintbox Mini Pro. The Linux machine comes at a price of $395 and features an all-metal casing which eliminates the need for a cooling fan. Significant bumps having been given to the storage, RAM, processor, wireless, and other hardware components.


            • budgie-remix 16.10 beta 2 is now available


            • Addressing FUD


              I find it really despicable to see developers, maintainers and communities from competing projects create and spread FUD about Linux Mint in an effort to promote their own distribution.

              At this cost, getting more users is futile. Of course, a project needs a large audience to succeed, but what matters the most is how happy your users are. If you want your project to work, make it great. If you want to promote it, highlight your own work and efforts.

              At the time when Ubuntu was dominant in the Linux market, it continuously received a huge amount of FUD. It was unfair, it was stupid and frankly, it was embarrassing for the entire Linux community. It still is and it has gotten worse for us because we’re now receiving a significant chunk of that FUD, some of it coming from the very same project who already suffered so much from it.


            • Monthly News – September 2016
              Many thanks to you all for your help, support and donations. This month has been very exciting for us because the release cycle was over, the base jump to the new LTS base was achieved, we had plenty of ideas to implement, nothing got in our way and we could focus on development. Not only that but the development budget was high, and that’s thanks to you, and it tightens the bonds a little more between us. It makes everybody happy, some developers start looking for a new laptop, others use the money to relax. No matter how it’s used, it always helps, and because it helps them, it helps us.

              Another team was set up recently to gather artists and web designers who are interested in improving our websites. This is a new team, with 9 members who just started to get to know each others. It’s hard to predict how the team will evolve, or if it will be successful. It’s hard to know also who in this team might end up being central to our designs and maybe not only to our websites but also to our software, our user interfaces.













  • Devices/Embedded





Free Software/Open Source



  • Trainline creates open source platform to help developers deploy apps and environments in AWS
    The Trainline, the independent rail ticket retailer, has created an open sourced standardised way for its developers to deploy and manage individual applications and environments in Amazon Web Services' public cloud.

    The company has 150 staff in its development area, who focus on improving user experience, and in order to ensure that its underlying infrastructure wasn't a constraint on time to market, the firm recently migrated all of its development, staging, UAT and production environments from a legacy private data centre to Amazon's public cloud.


  • Trainline creates open source platform to let developers test apps in AWS


  • Yahoo open-sources machine learning porn filter


    Yahoo is the latest tech company to open source its computer vision code. The beleaguered outfit's application for it? Filtering porn. Yahoo hopes that its convolutional neural net (CNN) will empower others to better guard innocent eyes, but admits that because of the tech's very nature (and how the definition of "porn" can vary wildly), that the CNN isn't perfect.

    "This model is a general purpose reference model, which can be used for the preliminary filtering of pornographic images," a post on the Yahoo Engineering Tumblr says. "We do not provide guarantees of accuracy of output, rather, we make this available for developers to explore and enhance as an open source project." The code is available on Github at the moment, and if you need any testing material, well, there isn't exactly a shortage of it on Tumblr. Just ask Indonesia.


  • Jahshaka VR alpha release
    We have finally managed to release the alpha version of the Jahshaka VR authoring toolkit under the GPL and wanted to invite people to jump in, look at the code and help out. We have been working on it for 6 months now and its starting to stabilize.


  • Events



    • The Linux Foundation Announces Session Lineup for ApacheCon(TM) Europe


    • OpenShift Commons Gathering event preview
      We're just two months out from the OpenShift Commons Gathering coming up on November 7, 2016 in Seattle, Washington, co-located with KubeCon and CloudNativeCon.

      OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. Origin adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams. And we're excited to say, the 1.3 GA release of OpenShift Origin, which includes Kubernetes 1.3, is out the door! Hear more about the release from Lead Architect for OpenShift Origin, Clayton Coleman.




  • Web Browsers



    • Mozilla



      • Firefox ready to block certificate authority that threatened Web security
        The organization that develops Firefox has recommended the browser block digital credentials issued by a China-based certificate authority for 12 months after discovering it cut corners that undermine the entire transport layer security system that encrypts and authenticates websites.

        The browser-trusted WoSign authority intentionally back-dated certificates it has issued over the past nine months to avoid an industry-mandated ban on the use of the SHA-1 hashing algorithm, Mozilla officials charged in a report published Monday. SHA-1-based signatures were barred at the beginning of the year because of industry consensus they are unacceptably susceptible to cryptographic collision attacks that can create counterfeit credentials. To satisfy customers who experienced difficulty retiring the old hashing function, WoSign continued to use it anyway and concealed the use by dating certificates prior to the first of this year, Mozilla officials said. They also accused WoSign of improperly concealing its acquisition of Israeli certificate authority StartCom, which was used to issue at least one of the improperly issued certificates.

        "Taking into account all the issues listed above, Mozilla's CA team has lost confidence in the ability of WoSign/StartCom to faithfully and competently discharge the functions of a CA," Monday's report stated. "Therefore we propose that, starting on a date to be determined in the near future, Mozilla products will no longer trust newly issued certificates issued by either of these two CA brands."


      • Firefox gains serious speed and reliability and loses some bloat
        There's no way around it. Firefox has struggled. As of this writing, Firefox 47 is the top of the Firefox market share heap at a scant 3.14 %. Given that Chrome 52 holds 23.96 % and IE 11 holds 17.74 %, the chances of Firefox displacing either, anytime soon, is slim. If you scroll way down on the browser market share listing, you'll notice Firefox 49 (the latest release) is at .19 %. Considering 49 is the stable release candidate that was only recently unleashed, that is understandable (to a point).

        Thing is, Firefox 49 is a really, really good browser. But is it good enough to give the open source browser any significant gains in the realm of market share? Let's take a look at what the Mozilla developers have brought to the fore with the latest release of their flagship browser and see how much hope it holds for the future of the software that was once leader among its peers.


      • Mozilla's Project Mortar Wants Pepper API Flash & PDFium In Firefox
        This week word of Mozilla's "Project Mortar" surfaced, which aims to explore the possibility of bringing the PDFium library and Pepper API based Flash plugin into Firefox. This project is being led by various Mozilla engineers.

        Mozilla is so far developing Project Mortar in private while they plan to open it up in the future.






  • SaaS/Back End



    • What’s Happening in OpenStack-Ansible (WHOA) – September 2016
      Welcome to the fourth post in the series of What’s Happening in OpenStack-Ansible (WHOA) posts that I’m assembling each month. OpenStack-Ansible is a flexible framework for deploying enterprise-grade OpenStack clouds. In fact, I use OpenStack-Ansible to deploy the OpenStack cloud underneath the virtual machine that runs this blog!




  • Pseudo-Open Source (Openwashing)



  • BSD



    • Next Tech Book


      Instead, I’m starting a book on OpenBSD’s web stack.




  • FSF/FSFE/GNU/SFLC



    • ​For lessons on digital swaraj, Gandhi is an open source


      Gandhi engaged with the copyright law to subvert the economics he disagreed with, and to infuse it with values close to his heart, wrote a US law professor in a 2013 paper titled ‘Gandhi and Copyright Pragmatism’. “Toward the later part of his life, he also came to deploy copyright law to curtail market-based exploitation when he could. In many ways then, Gandhi’s approach did with copyright law what open source licensing and the Creative Commons Project would begin doing with copyright in the 21st century,” wrote Shyamkrishna Balganesh of University of Pennsylvania Law School.

      Now, consider the life and work of Richard M Stallman (callsign RMS in the geek-verse). A champion of the movement for Free and Open Source Software (FOSS), he is more commonly known as the pioneer of ‘Copyleft’. “If you want to accomplish something in the world,” says his Wikiquote page, “idealism is not enough — you need to choose a method that works to achieve the goal. In other words, you need to be pragmatic.” RMS was among the first to call for a free online encyclopaedia. Wikipedia, no surprise, is governed by Creative Commons licensing.


    • GNU project- the free software movement turns 33
      On September 27, 1983 he had announced the launch of GNU, which was a free software replacement for UNIX.




  • Openness/Sharing/Collaboration





Leftovers



  • The makers of the video game “No Man’s Sky” are under investigation for false advertising
    No Man’s Sky was billed as a revolutionary video game—one that contained such multitudes of programmatically generated planets and animals that the developers said even they weren’t sure what players would find in its vast universe.


  • Science



    • Sexual harassment in STEM: 'It's tragic for society'
      These are the experiences of three women who spoke to CNN about a culture of pervasive sexual harassment in academia, especially in the sciences. They were harassed by different men, throughout different parts of their education and careers. "We see it in anthropology, we see it in philosophy, we see it in physics, we see it in the humanities, we see it in the social sciences. We see it in engineering in particular. Astronomy just happened to be, sort of, first" to get attention, said Alessondra Springmann, a rocket scientist at the University of Arizona who studies asteroids and comets. Distinguished scientists in the field of astronomy have been making headlines for harassing students they are supposed to be advising. And it's happening at the same time as a nationwide push to get more American women into science careers. Young girls are increasingly encouraged to embrace STEM -- the acronym for science, technology, engineering and mathematics -- in elementary and middle school.


    • 9 Bizarre and Surprising Insights from Data Science
      Data is the world's most potent, flourishing unnatural resource. Accumulated in large part as the byproduct of routine tasks, it is the unsalted, flavorless residue deposited en masse as organizations churn away. Surprise! This heap of refuse is inherently predictive. Thus begins a gold rush to dig up insightful gems.

      Does crime increase after a sporting event? Do online daters more consistently rated as attractive receive less interest? Do vegetarians miss fewer flights? Does your e-mail address reveal your intentions?





  • Health/Nutrition



    • Clinical Trial Reporting Biased; Full Disclosure, Transparency Needed, Speakers Say
      A conference on clinical drug trials held today shed a harsh light on the availability and honesty of clinical trial reports. Many factors concur to possible distortion of results, speakers said, calling for more stringent obligations to provide all data for analysis. They also noted legislative efforts to tackle the issue. Speakers also pointed out a growing trend for pharmaceutical companies to conduct clinical trials in developing countries.


    • Developing Countries Should Be Able To Shield Their Markets From Cheap Food Imports, Panel Says
      On the first day of the World Trade Organization Public Forum, which took place from 27-29 September, a panel organised by Our World Is Not for Sale (OWINFS), and The Right to Food campaign, looked at ways to reduce hunger and achieving the right to food in Africa, Asia, and the Middle East. In particular, the panel considered the possibility of developing countries investing in domestic production for food security.


    • DEA has kratom users holding their breath, lawmakers write more letters
      Starting today, the US Drug Enforcement Administration is free to list a popular herbal supplement called kratom as a Schedule I controlled substance. This would put kratom in the same lineup as heroin and make its sale and use a felony. But, in statements to the press, the agency said it has no timetable for officially listing kratom—it could be next week or longer—leaving users on the edge of their seats.

      Since the DEA announced its plan to ban kratom at the end of last month, thousands of users have frantically sought to reverse the decision, as well as buy up as much of the drug as they can. Users claim kratom, or Mitragyna speciosa, a tree in the coffee family, is effective at treating chronic pain, as well as depression, anxiety, PTSD, and other ailments. The main active ingredients in kratom are mitragynine and 7-hydroxymitragynine, which can interact with opioid receptors in the brain. While the data to back up medical use of the plant is scant, users are adamant that it's a lifesaver, allowing them to kick deadly and all-too-common opioid addictions.




  • Security



    • Report: Linux security must be upgraded to protect future tech
      The summit was used to expose a number of flaws in Linux's design that make it increasingly unsuitable to power modern devices. Linux is the operating system that runs most of the modern world. It is behind everything from web servers and supercomputers to mobile phones. Increasingly, it's also being used to run connected Internet of Things (IoT) devices, including products like cars and intelligent robots.


    • security things in Linux v4.6
      Hector Marco-Gisbert removed a long-standing limitation to mmap ASLR on 32-bit x86, where setting an unlimited stack (e.g. “ulimit -s unlimited“) would turn off mmap ASLR (which provided a way to bypass ASLR when executing setuid processes). Given that ASLR entropy can now be controlled directly (see the v4.5 post), and that the cases where this created an actual problem are very rare, means that if a system sees collisions between unlimited stack and mmap ASLR, they can just adjust the 32-bit ASLR entropy instead.


    • Let's Encrypt Wants to Help Improve the CA Model
      Let's Encrypt, a non-profit effort that brings free SSL/TLS certificates to the web, was first announced in November 2014 and became a Linux Foundation Collaborative Project in April 2015. To date, it has provided more than 5 million free certificates.

      While having an SSL/TLS certificate to encrypt traffic is an important element of web security, it's not the only one, said Josh Aas, executive director of the Internet Security Research Group and leader of Let's Encrypt.

      "There is a lot in the total picture of what makes a website secure, and we can do a lot to help a certain part of it," he said in a video interview.


    • How to Throw a Tantrum in One Blog Post
      The systemd team has recently patched a local denial of service vulnerability affecting the notification socket, which is designed to be used for daemons to report their lifecycle and health information. Some people have used this as an opportunity to throw a fresh tantrum about systemd.




  • Defence/Aggression



    • Rodrigo Duterte compares himself to Hitler and pledges to 'slaughter three million drug addicts'
      The Philippine President has likened his national crackdown on drug crime to the Holocaust, saying he would be "happy" to kill as many addicts as Hitler slaughtered Jews.

      Rodrigo Duterte said he had been compared to a "cousin of Hitler" by critics during a press conference in southern Davao city on Friday. "Hitler massacred three million Jews... there's three million drug addicts. I'd be happy to slaughter them," he said.

      At least six million Jews and other minority groups are known to have been killed by the Nazis before and during the second world war.

      Since taking up office in June, Mr Duterte has overseen a vicious anti-drug campaign in which more than 3,000 suspected drug dealers and users are understood to have been killed by police operations or vigilantes. The bodies of those killed are often left in the streets with signs listing their crimes.






  • Finance



    • Panic, Anxiety Spark Rush to Build Luxury Bunkers for L.A.'s Superrich
      Given the increased frequency of terrorist bombings and mass shootings and an under-lying sense of havoc fed by divisive election politics, it's no surprise that home security is going over the top and hitting luxurious new heights. Or, rather, new lows, as the average depth of a new breed of safe haven that occupies thousands of square feet is 10 feet under or more. Those who can afford to pull out all the stops for so-called self-preservation are doing so — in a fashion that goes way beyond the submerged corrugated metal units adopted by reality show "preppers" — to prepare for anything from nuclear bombings to drastic climate-change events. Gary Lynch, GM at Rising S Bunkers, a Texas-based company that specializes in underground bunkers and services scores of Los Angeles residences, says that sales at the most upscale end of the market — mainly to actors, pro athletes and politicians (who require signed NDAs) — have increased 700 percent this year compared with 2015, and overall sales have risen 150 percent. "Any time there is a turbulent political landscape, we see a spike in our sales. Given this election is as turbulent as it is, we are gearing up for an even bigger spike," says marketing director Brad Roberson of sales of bunkers that start at $39,000 and can run $8.35 million or more (FYI, a 12-stall horse shelter is $98,500).




  • AstroTurf/Lobbying/Politics



    • USA TODAY's Editorial Board: Trump is 'unfit for the presidency'
      In the 34-year history of USA TODAY, the Editorial Board has never taken sides in the presidential race. Instead, we’ve expressed opinions about the major issues and haven’t presumed to tell our readers, who have a variety of priorities and values, which choice is best for them. Because every presidential race is different, we revisit our no-endorsement policy every four years. We’ve never seen reason to alter our approach. Until now.

      This year, the choice isn’t between two capable major party nominees who happen to have significant ideological differences. This year, one of the candidates — Republican nominee Donald Trump — is, by unanimous consensus of the Editorial Board, unfit for the presidency.

      From the day he declared his candidacy 15 months ago through this week’s first presidential debate, Trump has demonstrated repeatedly that he lacks the temperament, knowledge, steadiness and honesty that America needs from its presidents.

      Whether through indifference or ignorance, Trump has betrayed fundamental commitments made by all presidents since the end of World War II. These commitments include unwavering support for NATO allies, steadfast opposition to Russian aggression, and the absolute certainty that the United States will make good on its debts. He has expressed troubling admiration for authoritarian leaders and scant regard for constitutional protections.


    • A principled option for U.S. president: Endorsing Gary Johnson, Libertarian
      As Nov. 8 looms, a dismayed, disconsolate America waits and wonders: What is it about 2016?

      How has our country fallen so inescapably into political and policy gridlock? How did pandering to aggrieved niche groups and seducing blocs of angry voters replace working toward solutions as the coin of our governing class? How could the Democratic and Republican parties stagger so far from this nation's political mainstream?

      And the most pressing question: What should tens of millions of voters who yearn for answers do with two major-party candidates they disdain? Polls show an unprecedented number of people saying they wish they had another choice.


    • Jill Stein Eagerly Pointed Out All The Holes In The First Debate
      After being escorted away from Hofstra University ahead of the first presidential debate on Monday, Green party candidate Jill Stein took to Twitter to share her views as the two major party candidates faced off. Stein fell far short of the Commission on Presidential Debate's requirement that candidates must be polling at 15 percent or more to earn a spot on the stage — Stein was averaging 3.2 percent, according to the commission. But still, she jumped on the opportunity to have her policies lined up next to Hillary Clinton's and Donald Trump's. Ultimately, Stein's tweets made me wish she had debated on the main stage to present her extremely progressive politics.

      Stein's policies skew much farther left than those of Clinton or Trump on nearly every issue — and even farther left than many of Vermont Sen. Bernie Sanders' proposals. Given the impact that Sanders arguably had on Clinton's positions throughout the primaries, it would have been interesting to see if Stein's presence on the debate stage exerted a leftward pull on not only Clinton, but Trump as well. But more importantly, it would have been a service to the viewing public to hear from someone other than the major-party candidates, with whom the electorate is not thrilled.


    • Poll: Desire for major third party grows
      Most Americans say that the country needs a third major political party according to a Gallup poll released Thursday.

      Fifty-seven percent say that the two major parties aren’t enough to represent the country’s voters.

      The majority opinion represents an increase from recent elections. In 2012, some 46 percent said a third party was needed.

      Those who currently want to see another major party include 73 percent of independents, 51 percent of Republicans and 43 percent of Democrats.


    • Ukip denies that Farage is coaching Donald Trump for next debate
      Ukip has denied reports that Nigel Farage has flown to the US to coach the Republican presidential nominee, Donald Trump, for his next debate with Hillary Clinton.

      Farage hinted in his farewell speech at Ukip’s conference last month that he might return to Trump’s side following an appearance with the Republican candidate in August, saying: “Who knows, I may even go back to the United States of America at some point.” Ukip sources at the conference also confirmed Farage would travel to the US to help support Trump before the election.



    • Leaked Tape Exposes Hillary Mocking Bernie’s Supporters in Front of Big Donors
      The Democratic nominee said that Bernie’s supporters believed in a fictional world and are "living in their parents’ basement" hoping the United States becomes "Scandinavia, whatever that means."

      A leaked audio recording of Hillary Clinton from a high-dollar fundraiser in February shows the Democratic nominee mocking not just progressive firebrand Bernie Sanders, but also the cadre of young supporters who favored the insurgent candidacy of the Vermont Senator, a revelation that is bound to have damning ramifications for Clinton’s campaign.




  • Censorship/Free Speech



    • [Older] Facebook thanks Norway PM after censorship row [Ed: publicity stunt after an ugly act of revisionism by censorship]
      After a protracted debate on censorship and Facebook’s outsized role in today’s media world, the social media giant has thanked Prime Minister Erna Solberg for raising “important issues”. Facebook restored a post by Solberg which it had taken down over an iconic Vietnam War photo of a naked girl escaping a napalm bombing. The world's leading social network later backtracked on the decision to remove the PM’s post, which is believed to be the first such online censorship involving a government leader.


    • Evidence of Feared Israel-Led Censorship as Zuckerberg Facebook Bans Palestinian Editors


    • To Stage Or Not To Stage: Theatre Censorship in India
      In December 1872, the Calcutta National Theatrical Society staged Nil Darpan, a play written by Dinabandhu Mitra, that exposed the atrocities committed by British indigo planters on Indian farmers. While the play received glowing reviews in most newspapers with nationalistic leanings, it was expectedly criticised by the British press. There was a demand that the play be banned. Other plays followed, criticising and making fun of the white rulers. Finally, in 1876, came the Dramatic Performances Act, putting restrictions on the public performance of plays.

      Cut to 2016. Nearly seven decades after the country’s independence from British rule, actor-director Amol Palekar moved the Mumbai high court in September, challenging rules framed under provisions of the Bombay Police Act, 1951, which make pre-censorship of drama scripts mandatory by the Maharashtra State Performance Scrutiny Board. In his petition, Palekar said the rules framed under the provisions of the Act were arbitrary and violated citizens’ fundamental right to freedom of expression, guaranteed under the Constitution. However, on September 26, the state government told the Bombay High Court that in March this year, the then commissioner of police had repealed the rule which required prior scrutiny of theatre scripts. Palekar has not replied to HT’s email requesting an interview. Repeated calls to advocate Sugandh Deshmukh, who is representing him in court, also went unanswered. But veteran theatre personality Alyque Padamsee who had filed an affidavit in support of Palekar’s petition said he is not surprised by the court proceedings. “It is the way bureaucracy works,” he says.


    • Your right to read trumps censorship


      "I Know Why the Caged Bird Sings." "To Kill a Mockingbird." "Harry Potter and the Sorcerer's Stone."

      Three very different books that share a common thread.

      Each year, individuals across the country take it upon themselves to decide what books you should and should not read. These are three that apparently you should not.

      Yes, censorship and attempts at censorship are alive and well in 2016. In most instances, the censor is someone who is sincerely concerned about a societal issue and feels strongly that censoring a book, magazine, film or artwork will improve society, protect children, and restore their idea of moral values.

      However, the First Amendment to the United States Constitution gives each of us the right to read, view and listen to things that others might find offensive. No one, no matter how well-intentioned, can take away that right.


    • Recreation of removed art echoes 40-year-old accusations of censorship
      A piece of public art is set to be erected in the Plateau next week, 40 years after its predecessor was torn down amid accusations of censorship towards city hall – accusations being echoed towards the current mayor.

      A reclining cross, designed by artists Pierre Ayot, once sat at the corner of Park and Pine, but it didn’t last long.

      Longtime resident Michael Hendricks remembered how in 1976, just before Montreal would host the Olympic Games, then-Mayor Jean Drapeau ordered 16 large works of art torn down.

      “For us, it was a shock,” he said. “It was so beautiful.”

      “It was done in the night, a sneaky dirty trick and that was the end of it,” he added. “The artists weren’t respected, nobody was respected.”

      At the time, Drapeau called the artworks “indecent” because some of them criticized overspending on the Olympics.


    • Racist social media users have a new code to avoid censorship
      Racist online communities have developed a new code for racial, homophobic and bigoted slurs in an attempt avoid censorship, according to an online report from Buzzfeed News.

      The code, using terms like Google, Skittle, and Yahoo as substitutes for offensive words describing blacks, Muslims and Mexicans, appears to be in use by various accounts on Twitter and elsewhere. Many tweets using the code are doing so in support of Republican Presidential nominee Donald Trump.




  • Privacy/Surveillance



    • The U.S. presidential candidates on technology, privacy issues
      Stein: “End-to-end encryption should be an internet standard, just like SSL for financial transactions.”


    • 'Shadow Brokers' Whine That Nobody Is Buying Their Hacked NSA Files
      The hacking group responsible for stealing a large cache of National Security Agency hacking tools is very upset that no one seems to be bidding on their pilfered files.

      Early Saturday morning, the person or group which calls itself “TheShadowBrokers” authored another bizarre rant, expressing their annoyance at the seeming lack of interest in ponying up bitcoins to release the full set of stolen files.
    • Hackers Angry That People Don't Want To Pay For The NSA Tools They Stole


    • Spotify's 40 Million Tunes Won't Go Far With CD-Happy Japanese [Ed: music that spies on the listeners]
      On a recent muggy afternoon in Tokyo, 21-year old Shintaro Naganuma joined several hundred customers browsing CDs at the eight-story downtown outpost of music retail chain Tsutaya.

      Having discovered a couple of new rock artists on YouTube, the third-year university student hit Tsutaya Co.’s flagship store in trendy Shibuya to look up their albums. That process encapsulates the dilemma now facing Spotify Ltd.’s head Daniel Ek, who on Thursday presided over the music streaming service’s long-awaited entry into the world’s second-largest music market.

      On the one hand, the nation’s consumers have grown accustomed to finding music or listening casually through smartphones, which should help the Swedish company attract users for its free ad-supported version. But when it comes time to hand over the cash, most people in Japan continue to buy CDs and even vinyl. That’s largely because record labels remain wary of signing away their music to streaming services.
    • The US government can’t protect its dirtiest laundry, so what makes anyone think a government is capable and willing to protect data about you?
      Governments collect insane amounts of data about ordinary people, and officials get caught red-handed again and again using governmental surveillance networks to stalk private relations. It’s been the NSA, it’s been the FBI, and now it’s the police abusing collected data. The U.S. government has shown it can’t even protect its own dirtiest laundry, so what makes anyone think any government is willing and capable of protecting the data of a random citizen?

      Yesterday, there was yet another story breaking about abuse of surveillance, as police was discovered abusing law enforcement surveillance to spy on basically anybody they were personally interested in. It’s not the first story and it won’t be the last.


    • Networks of Control by Wolfie Christl and Sarah Spiekermann
      The collection, analysis and utilization of digital information based on our clicks, swipes, likes, purchases, movements, behaviors and interests are now part of everyday life. But, while individuals become increasingly transparent, companies take control of the recorded data. Wolfie Christl and Sarah Spiekermann show in their book “NETWORKS OF CONTROL” how today’s networks of corporate surveillance are constantly tracking, profiling, categorizing and rating the lives of billions – across platforms, devices and life contexts.
    • On Phone Numbers and Identity
      Coinbase sees a lot of motivated attackers, it’s one of the things that makes working in security at Coinbase so interesting. I want to deep dive into one recent attack for a few reasons: 1) when we share we all get stronger; 2) It was a really interesting way to end-run around a lot of traditional security protections and highlights, the extent of which personal and corporate systems are linked; 3) we found very little in the way of public discussion around this set of attack vectors and want to help move it from ‘theoretical’ to ‘this really happens’. To be crystal clear, I’m happy to say, no customer data or funds were lost or at risk of loss.

      Rewind back to 25 Aug. It’s around 9 AM when one of our high profile employees wrote in to our on call security engineer. The user said that something weird was happening with his phone.


    • GCHQ gave private Dutch data to Australian firm: report


      The private conversations of thousands of Dutch citizens have ended up in the hands of the Australian technology company Appen which develops software for converting speech into text.

      A report in the Dutch online site Volkskrant said telecommunications experts had opined that the only way this could have happened was by the British spy agency GCHQ tapping the information and then handing it over to Appen.

      Both Appen and GCHQ have been contacted for comment.

      According to Volkskrant, the matter came to light through a Dutch woman who had been employed by Appen in the UK. The company has four main offices: in Sydney, Seattle, San Rafael (California) and Davao City (the Philippines).




  • Civil Rights/Policing

    • Women competitors must wear hijabs at chess world championship, oddly awarded to Iran
      If you thought soccer's world cup being awarded to baking-hot Qatar marked the zenith of sporting corruption, give FIDE a chance: the international chess federation's forthcoming world championship is headed to Iran, and women players must wear the hijab to compete. UK tabloids quote leading women chess players as threatening to quit the tournament rather than obey.


    • Female chess players from around world outraged after being told to wear hijabs at tournament in Tehran
      The world’s top female chess players have reportedly been told they must wear hijabs if they wish to compete in next year’s world championships.

      The next Women’s World Championships are due to be held in Tehran, Iran in March 2017 but several Grandmasters have threatened to boycott the tournament if female players are forced to conform to the country’s strict clothing laws.

      Iran, which has been welcomed back into the diplomatic fold after signing a nuclear deal with the US and several other countries last year, is a theocratic country which strictly polices how women dress, behave and where they go.


    • Justice Watchdog Rips D.E.A.’s Use of Confidential Sources
      The Drug Enforcement Administration is running a freewheeling confidential sources program that leaves the agency vulnerable to fraud and constitutional abuses, according to an audit by the Department of Justice’s Inspector General (OIG).

      While DEA officials boast that the use of informants is the “bread and butter” of their enforcement, the agency does not adequately oversee their activities. Nor does it sufficiently track the payments made to them, the investigation found.

      The lack of oversight, according to the report: “exposes the agency to an unacceptably increased potential for fraud, waste, and abuse, particularly given the frequency with which DEA offices utilize and pay confidential sources.”

      Over the last five years, the DEA has employed more than 18,000 sources, paying them roughly $237 million. The inspector general stated, however, that the agency is unable to analyze the quality of information they provide.


    • Ex-drug squad chief gets three-year prison sentence
      Former head of the Helsinki Police anti-drug unit, Jari Aarnio, was handed a three-year unconditional prison sentence in Helsinki Appeal Court on Friday after being convicted of charges including malfeasance, fraud and accepting bribes.


    • Saudi Arabian teen arrested for online videos with American blogger
      A male Saudi Arabian teenager has been arrested in Riyadh over a series of online videos of conversations between him and a female Californian streaming-video star that went viral.

      A Riyadh police spokesperson, Colonel Fawaz Al-Mayman, said the teenager, known online as Abu Sin, was arrested on Sunday for engaging in “unethical behaviour” in videos with Christina Crockett, a popular broadcaster on the conversational live-streaming site YouNow. Abu Sin’s real name is not known.

      “His videos received many comments and many of the commenters of the general public demanded for him to be punished for his actions,” Al-Maymann added, according to the Saudi Gazette.

      The two amassed thousands of fans on the YouNow network, and later on YouTube after videos of the two speaking were uploaded there. The videos featured Abu Sin – a nickname given to him for his broken teeth – and Crockett communicating despite their significant language barriers.

      The popularity of the videos of the two of them surprised Crockett, she told the Guardian in an interview. As a broadcaster on YouNow, she can invite her fans to join her broadcasts on split-screen, which is known as “guesting”.


    • Kodi boxes are now a key target in the UK government's piracy crackdown
      Kodi boxes and other devices which can be configured to enable the streaming of pirated content are to become key targets in a UK government intellectual property crime crackdown.

      Revealing the extent to which so-called "fully-loaded" Kodi boxes are being used to circumvent copy protection laws, the Federation Against Copyright Theft (FACT) has stated that half of its investigations currently centre around streaming devices using third party piracy software or add-ons.

      Set top boxes are of course legal, and the open-source Kodi software in its vanilla configuration is a harmless media centre. But, Kodi can be tweaked to facilitate the illegal streaming of premium content, ranging from current cinema releases to streams of cable TV channels.




  • Internet Policy/Net Neutrality

    • Last Formal Tie To Historic US Internet Control Is Cut
      “The federal court in Galveston, Texas denied the plaintiffs’ application for declaratory and injunctive relief. As of 1 October 2016, the IANA functions contract has expired.” This two-sentence statement from Assistant US Commerce Secretary for Communications and Information and National Telecommunication and Information Administration Administrator Lawrence Strickling ended an era of direct United States oversight over changes to the authoritative root zone of the internet domain name system, and as a contractor for a set of core internet databases.




  • Intellectual Monopolies



    • Copyrights



      • J.J. Abrams Can’t Stop Copyright Lawsuit Against Star Trek Fan-Film
        Paramount Pictures and CBS Studios have no plans to end their lawsuit against the crowdfunded Star Trek spin-off 'Prelude to Axanar'. Director J. J. Abrams previously announced that the case would be dropped soon. However, paperwork filed in court this week reveals that the movie studios dismiss this claim as an irrelevant third party statement.


      • RIAA Label Artists & A-List Stars Endorse Megaupload In New Song
        MegaUpload is currently being portrayed by the MPAA and RIAA as one of the world's leading rogue sites. But top music stars including P Diddy, Will.i.am, Alicia Keys, Snoop Dogg and Kanye West disagree and are giving the site their full support in a brand new song. TorrentFreak caught up with the elusive founder of MegaUpload, Kim Dotcom, who shrugged off "this rogue nonsense" and told us he wants content owners to get paid.
      • 'When Is A Chair Just A Chair?' And Other Annoying Copyright Questions
        Last year, the UK decided to repeal a part of its copyright law that enforced a drastically reduced copyright term for "industrially exploited artistic works" including "works of artistic craftsmanship" — in other words, the industrial design of manufactured objects that are primarily functional, like appliances and furniture. Rather than the full life-plus-seventy term, the copyright on such works was limited to 25 years from the date of manufacturing, making it somewhat closer to the US approach where functional designs can't be copyrighted but can qualify for 15-year design patents. It was a sensible rule (at least far more sensible than giving them full copyright, even if giving them any at all is still questionable) that allowed industrial designs to rapidly enter the public domain and be used by multiple manufacturers for everything from inexpensive reproductions to retro-chic luxuries — or, in the eyes of IP maximalists and the furniture industry, it was a travesty of a rule that cruelly robbed aging designers and flooded the market with cheap knockoffs and brazen cash-grabs.

        In any case, the rule was repealed and it was repealed retroactively: furniture designs that had already entered the public domain were shoved back under life-plus-seventy copyrights, and the industry was given a grace period to purge their stocks. The repeal officially came into effect in July, and the transitional window will end in January. Then we can watch the lawsuits begin to flow — and they are going to involve a whole lot of wrangling over stupid, highly subjective questions, with lots of flowery protestations about artistry and judges thrust unwittingly into the role of critic, because the question of what exactly this law applies to is one big gray area.








Recent Techrights' Posts

"Security Advantages" Explained by a Scammy "Security" Site That Uses LLMs to Spew Out Garbage
destroying the Web by saturating it with "bullshit".
 
Links 13/10/2024: Science, Politics, and Some Gemini
Links for the day
Links 13/10/2024: Writing, Remembering John Wheeler, Voice Cloning
Links for the day
Certificate Authority Let's Encrypt Falls to 0.7% in Geminispace (It Was Around 12% Just 2 Years Ago and 7.5% This Past February)
Let's Encrypt is down again
Gemini Links 13/10/2024: Self-hosting Snac2 and Invasion of e-ink
Links for the day
SDxCentral, which the Linux Foundation Paid to Produce Marketing SPAM, Has Now Become Slop (LLM Spew) Disguised as 'Articles'
Google should delist it
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 12, 2024
IRC logs for Saturday, October 12, 2024
Links 12/10/2024: More Site Blocking, China's Hostility, and Evan Gershkovich's Upcoming Book
Links for the day
Links 12/10/2024: Boeing to Cut 17,000 Jobs, Medieval Sleeping Habits, Warning About Liquidweb
Links for the day
Links 12/10/2024: Health, Safety and Climate Concerns
Links for the day
Gemini Links 12/10/2024: Ensemble and Assembler
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
Links 12/10/2024: TikTok Layoffs and Risk of More Wars
Links for the day
IRC Proceedings: Friday, October 11, 2024
IRC logs for Friday, October 11, 2024
Gemini Links 11/10/2024: Against Cynicism, on Atheism, and Dropping Off The Internet
Links for the day
IBM Employees Smell Another Wave of Mass Layoffs (and Explain the Signs)
IBM currently has the policy of hiding the layoffs from shareholders and from the press using NDAs
Links 11/10/2024: Lots More Censorship and Growing Concerns About Health Impact of Social Control Media
Links for the day
Going Almost 4.5 Decades Back to Find 'Dirt' on a Person
That incident was 42.5 years ago. Is that how far some people would go in an effort to discredit a person?
XBox is Dead. This is Just the Beginning.
the main reason Microsoft bought Activision/Blizzard was to hide the growing losses and failure of XBox
The Risk to the "Linux" Brand
Brands that are not guarded from misuse/abuse will inevitably lose their original meaning and their value
Gemini Links 11/10/2024: Deploying Common Lisp Programs and Examining FreeBSD
Links for the day
Links 11/10/2024: Discord Still Blocked in Turkey, Google Might be Split
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 10, 2024
IRC logs for Thursday, October 10, 2024