Bonum Certa Men Certa

Links 21/1/2018: Wine 3.0 Coverage, KaOS 2018.01, Red Hat Among 'Admired Companies'





GNOME bluefish

Contents





GNU/Linux



  • How Live Patching Has Improved Xen Virtualization
    The open-source Xen virtualization hypervisor is widely deployed by enterprises and cloud providers alike, which benefit from the continuous innovation that the project delivers.

    In a video interview with ServerWatch, Lars Kurth, Chairman of the Xen Project Advisory Board and Director, Open Source Solutions at Citrix, details some of the recent additions to Xen and how they are helping move the project forward.


  • The Gravity of Kubernetes
    Most new internet businesses started in the foreseeable future will leverage Kubernetes (whether they realize it or not). Many old applications are migrating to Kubernetes too.

    Before Kubernetes, there was no standardization around a specific distributed systems platform. Just like Linux became the standard server-side operating system for a single node, Kubernetes has become the standard way to orchestrate all of the nodes in your application.

    With Kubernetes, distributed systems tools can have network effects. Every time someone builds a new tool for Kubernetes, it makes all the other tools better. And it further cements Kubernetes as the standard.


  • Welcome to 2018
    The image of the technology industry as a whole suffered in 2017, and that process is likely to continue this year as well. That should lead to an increased level of introspection that will certainly affect the free-software community. Many of us got into free software to, among other things, make the world a better place. It is not at all clear that all of our activities are doing that, or what we should do to change that situation. Expect a lively conversation on how our projects should be run and what they should be trying to achieve.

    Some of that introspection will certainly carry into projects related to machine learning and similar topics. There will be more interesting AI-related free software in 2018, but it may not all be beneficial. How well will the world be served, for example, by a highly capable, free facial-recognition system and associated global database? Our community will be no more effective than anybody else at limiting progress of potentially freedom-reducing technologies, but we should try harder to ensure that our technologies promote and support freedom to the greatest extent possible.

    Our 2017 predictions missed the fact that an increasing number of security problems are being found at the hardware level. We'll not make the same mistake in 2018. Much of what we think of as "hardware" has a great deal of software built into it — highly proprietary software that runs at the highest privilege levels and which is not subject to third-party review. Of course that software has bugs and security issues of its own; it couldn't really be any other way. We will see more of those issues in 2018, and many of them are likely to prove difficult to fix.


  • Desktop



    • My Linux story: Coding not required
      For more than 15 years, I have earned a living working exclusively with open source products. How did I get here?

      In many ways, my journey started before Linux existed. In college, I had friends who were admins in the engineering computer lab. Although I did not do too well in my CS programming classes, as a hobby and to spend time with my friends I learned about newgroups, ftp sites, and Unix systems. As a data aide student intern, I realized I made a good translator between the astronomers and the C programmer computer support staff. I could read just enough code to identify the problem, but not enough to actually fix it.




  • Audiocasts/Shows



    • Pixel C Android tablet remembered – Unleaded Hangouts
      Pixel C Android tablet remembered. This Android powered Google offering may be no more, however we take the time to remember the Google Pixel C. I’m joined by Mike Stone for this special edition of Unleaded.


    • Command Line Heroes – get your no-cost RHEL developer subscription


      Red Hat has announced Command Line Heroes (CLH), an original podcast from Red Hat. Hosted by Saron Yitbarek, developer, and the founder of CodeNewbie, Command Line Heroes is about geeks, hackers, developers, programmers, and all sorts of passionate open source builders, makers, and users.






  • Kernel Space



    • Experimental KPTI Support For x86 32-bit Linux
      For the Kernel Page Table Isolation (KPTI) support currently within the Linux kernel for addressing the Meltdown CPU vulnerability it's currently limited to 64-bit on the x86 side, but for the unfortunate souls still running x86 32-bit operating systems, SUSE is working on such support.


    • AMD Secure Encrypted Virtualization Is Ready To Roll With Linux 4.16
      With the Linux 4.16 kernel cycle that is expected to begin immediately following the Linux 4.15 kernel debut on Sunday, AMD's Secure Encrypted Virtualization (SEV) technology supported by their new EPYC processors will be mainline.

      Going back to the end of 2016 have been Linux patches for Secure Encrypted Virtualization while with Linux 4.16 it will finally be part of the mainline kernel and supported with KVM (Kernel-based Virtual Machine) virtualization.


    • Deadline scheduler part 2 — details and usage
      Linux’s deadline scheduler is a global early deadline first scheduler for sporadic tasks with constrained deadlines. These terms were defined in the first part of this series. In this installment, the details of the Linux deadline scheduler and how it can be used will be examined.

      The deadline scheduler prioritizes the tasks according to the task’s job deadline: the earliest absolute deadline first. For a system with M processors, the M earliest deadline jobs will be selected to run on the M processors.

      The Linux deadline scheduler also implements the constant bandwidth server (CBS) algorithm, which is a resource-reservation protocol. CBS is used to guarantee that each task will receive its full run time during every period. At every activation of a task, the CBS replenishes the task’s run time. As the job runs, it consumes that time; if the task runs out, it will be throttled and descheduled. In this case, the task will be able to run only after the next replenishment at the beginning of the next period. Therefore, CBS is used to both guarantee each task’s CPU time based on its timing requirements and to prevent a misbehaving task from running for more than its run time and causing problems to other jobs.


    • New Sound Drivers Coming In Linux 4.16 Kernel
      Due to longtime SUSE developer Takashi Iwai going on holiday the next few weeks, he has already sent in the sound driver feature updates targeting the upcoming Linux 4.16 kernel cycle.

      The sound subsystem in Linux 4.16 sees continued changes to the ASoC code, clean-ups to the existing drivers, and a number of new drivers.


    • Varlink: a protocol for IPC
      One of the motivations behind projects like kdbus and bus1, both of which have fallen short of mainline inclusion, is to have an interprocess communication (IPC) mechanism available early in the boot process. The D-Bus IPC mechanism has a daemon that cannot be started until filesystems are mounted and the like, but what if the early boot process wants to perform IPC? A new project, varlink, was recently announced; it aims to provide IPC from early boot onward, though it does not really address the longtime D-Bus performance complaints that also served as motivation for kdbus and bus1.

      The announcement came from Harald Hoyer, but he credited Kay Sievers and Lars Karlitski with much of the work. At its core, varlink is simply a JSON-based protocol that can be used to exchange messages over any connection-oriented transport. No kernel "special sauce" (such as kdbus or bus1) is needed to support it as TCP or Unix-domain sockets will provide the necessary functionality. The messages can be used as a kind of remote procedure call (RPC) using an API defined in an interface file.


    • Statistics for the 4.15 kernel
      The 4.15 kernel is likely to require a relatively long development cycle as a result of the post-rc5 merge of the kernel page-table isolation patches. That said, it should be in something close to its final form, modulo some inevitable bug fixes. The development statistics for this kernel release look fairly normal, but they do reveal an unexpectedly busy cycle overall.

      This development cycle was supposed to be relatively calm after the anticipated rush to get work into the 4.14 long-term-support release. But, while 4.14 ended up with 13,452 non-merge changesets at release, 4.15-rc6 already has 14,226, making it one of the busiest releases in the kernel project's history. Only 4.9 (16,214 changesets) and 4.12 (14,570) brought in more work, and 4.15 may exceed 4.12 by the time it is finished. So far, 1,707 developers have contributed to this kernel; they added 725,000 lines of code while removing 407,000, for a net growth of 318,000 lines of code.


    • A new kernel polling interface
      Polling a set of file descriptors to see which ones can perform I/O without blocking is a useful thing to do — so useful that the kernel provides three different system calls (select(), poll(), and epoll_wait() — plus some variants) to perform it. But sometimes three is not enough; there is now a proposal circulating for a fourth kernel polling interface. As is usually the case, the motivation for this change is performance. On January 4, Christoph Hellwig posted a new polling API based on the asynchronous I/O (AIO) mechanism. This may come as a surprise to some, since AIO is not the most loved of kernel interfaces and it tends not to get a lot of attention. AIO allows for the submission of I/O operations without waiting for their completion; that waiting can be done at some other time if need be. The kernel has had AIO support since the 2.5 days, but it has always been somewhat incomplete. Direct file I/O (the original use case) works well, as does network I/O. Many other types of I/O are not supported for asynchronous use, though; attempts to use the AIO interface with them will yield synchronous behavior. In a sense, polling is a natural addition to AIO; the whole point of polling is usually to avoid waiting for operations to complete.


    • Linux Foundation



    • Graphics Stack



      • Mesa 17.3.3 Released With RADV & ANV Vulkan Driver Fixes
        Mesa 17.3.3 is now available as the latest point release for the Mesa 17.3 stable series.

        This bi-weekly point release to Mesa presents several RADV Vega/GFX9 fixes, various Intel ANV Vulkan driver fixes, a DRI3 fix, and random fixes to the OpenGL drivers like RadeonSI, Etnaviv, and even Swrast.


      • R600g "Soft" FP64 Shows Signs Of Life, Enabling Older GPUs To Have OpenGL 4 In 2018
        Most pre-GCN AMD graphics cards are still limited to OpenGL 3.3 support at this time due to not supporting FP64. Only the HD 5800/6900 series on R600g currently have real double-precision floating-point support working right now so at present they are on OpenGL 4.3 rather than 3.3, but those other generations may be catching up soon thanks to the "soft" FP64 code.


      • AMDGPU DC Gets More Raven Ridge Improvements, Audio Fixes
        Harry Wentland of AMD has sent out the latest batch of patches for the AMDGPU DC display code stack. Fortunately it lightens up the DRM driver by about six thousand lines thanks to removing some unused code.

        Besides gutting out a chunk of unused code, the DC code has a few audio fixes (no word yet on supporting newer audio formats with DC), fixes on driver unload, a "bunch" of continued Raven Ridge display updates, and various other code clean-ups.


      • AMDGPU Firmware Blobs Updated For Video Encode/Decode
        There are updated AMDGPU microcode/firmware files now available for recent Radeon GPUs.

        The updated firmware files now available via the main linux-firmware.git repository are centered around the video blocks: UVD video decoding, VCE video encode, and the new VCN video encode/decode block with Raven Ridge.


      • Intel Exploring Cgroups Support For DRM Driver Management
        An Intel open-source driver developer has posted preliminary patches taking Cgroups v2 to DRM driver management.


      • OpenSWR Rasterizer Improvements Land Ahead Of Mesa 18.0
        Besides Intel and Radeon OpenGL/Vulkan driver improvements squeezing into Mesa Git ahead of the imminent Mesa 18.0 code branching, the Intel-developed OpenSWR has landed its latest improvements.


    • Benchmarks





  • Applications



  • Desktop Environments/WMs



    • K Desktop Environment/KDE SC/Qt



      • Linux and Qt in Automotive? Let’s meet up!
        For anyone around the Gothenburg area on Feb 1st, you are most welcome to the Automotive MeetUp held at the Pelagicore and Luxoft offices. There will be talks about Qt/QML, our embedded Linux platform PELUX and some ramblings about open source in automotive by yours truly ;-)


      • What about AppImage?
        I see a lot of people asking about state of AppImage support in Discover.

        It’s non-existent, because AppImage does not require centralized software management interfaces like Discover and GNOME Software (or a command-line package manager). AppImage bundles are totally self-contained, and come straight from the developer with zero middlemen, and can be managed on the filesystem using your file manager

        This should sound awfully familiar to former Mac users (like myself), because Mac App bundles are totally self-contained, come straight from the developer with zero middlemen, and are managed using the Finder file manager.




    • GNOME Desktop/GTK



      • 5 of the Best Linux Dark Themes that Are Easy on the Eyes
        There are several reasons people opt for dark themes on their computers. Some find them easy on the eye while others prefer them because of their medical condition. Programmers, especially, like dark themes because they reduce glare on the eyes.

        If you are a Linux user and a dark theme lover, you are in luck. Here are five of the best dark themes for Linux. Check them out!
      • GNOME Rolls Out The GTK Text Input Protocol For Wayland
        GNOME developers have been working on a new Wayland protocol, the "gtk_text_input" protocol, which now is implemented in their Mutter compositor.

        Separate from the zwp_text_input protocol, the gtk_text_input protocol is designed for representing text input and input methods associated with a seat and enter/leave events. This GNOME-catered protocol for Mutter is outlined via this commit with their protocol specification living in-tree to Mutter given its GNOME focus.
      • Wine, Mozilla, GNOME and DragonFly BSD


        While GNOME is moving to remove desktop icon support in version 3.28, Ubuntu 18.04 LTS will continue to ship with an older version of Nautilus (3.26) in an effort to keep this age-old practice alive, at least for its upcoming LTS release.

        In more GNOME-related news, version 3.28 of the Photos application will include a number of enhancements to its photo-editing arsenal, such as shadows and highlight editing, the ability to alter crop orientation, added support for zoom gestures and more. For a complete list, visit the project's roadmap.







  • Distributions



    • The 5 Best Linux Distributions for Development
      When considering Linux, there are so many variables to take into account. What package manager do you wish to use? Do you prefer a modern or old-standard desktop interface? Is ease of use your priority? How flexible do you want your distribution? What task will the distribution serve?

      It is that last question which should often be considered first. Is the distribution going to work as a desktop or a server? Will you be doing network or system audits? Or will you be developing? If you’ve spent much time considering Linux, you know that for every task there are several well-suited distributions. This certainly holds true for developers. Even though Linux, by design, is an ideal platform for developers, there are certain distributions that rise above the rest, to serve as great operating systems to serve developers.


    • New Releases



      • KaOS 2018.01 KDE-focused Linux distro now available with Spectre and Meltdown fixes
        It can be difficult to find a quality Linux distribution that meets your needs. This is partly because there are just too many operating systems from which to choose. My suggestion is to first find a desktop environment that you prefer, and then narrow down your distro search to one that focuses on that DE. For instance, if you like KDE, both Kubuntu and Netrunner are solid choices.

        With all of that said, there is another KDE-focused Linux distro that I highly recommend. Called "KaOS," it is rolling release, meaning you can alway be confident that your computer is running modern packages. Today, KaOS gets its first updated ISO for 2018, and you should definitely use it to upgrade your install media. Why? Because version 2018.01 has fixes for Spectre and Meltdown thanks to Linux kernel 4.14.14 with both AMD and Intel ucode.


      • KaOS Linux Gets First ISO Snapshot for 2018 with Spectre and Meltdown Patches
        The development team behind the KaOS Linux operating system have released today the first ISO snapshot for 2018, bringing all the latest software and security updates.

        First thing first, the KaOS 2018.01 installation snapshot includes patches for the Meltdown and Spectre security vulnerabilities publicly disclosed earlier this month by shipping with the latest Linux 4.14.14 kernel built with Retpoline support. Intel and AMD microcode firmware updates are also present.




    • OpenSUSE/SUSE



      • Tumbleweed Rolls Forward with New versions of Mesa, Squid, Xen
        This week provided a pretty healthy amount of package updates for openSUSE’s rolling distribution Tumbleweed.

        There were three snapshots released since the last blog and some of the top packages highlighted this week are from Mesa, Squid, Xen and OpenSSH.

        The Mesa update from version 17.2.6 to 17.3.2 in snapshot 20180116 provided multiple fixes in the RADV Vulkan driver and improvements of the GLSL shader cache. The Linux Kernel provides some fixes for the security vulnerabilities of Meltdown in version 4.14.13 and added a prevent buffer overrun on memory hotplug during migration for KVM with s390. The snapshot had many more package updates like openssh 7.6p1, which tightened configuration access rights. A critical fix when updating Flatpak packages live was made with the gnome-software version 3.26.4 update. File systems package btrfsprogs 4.14.1 provided cleanups and some refactoring while wireshark 2.4.4 made some fixes for dissector crashes. Xen 4.10.0_10 added a few patches. Rounding out the snapshot, ModemManager 1.6.12 fixed connection state machine when built against libqmi and blacklisted a few devices to include some Pycom devices.


      • openSUSE Tumbleweed Rolls To Mesa 17.3, Linux 4.14.13
        OpenSUSE has continued rolling in the new year with several key package updates in January.

        Exciting us a lot is that openSUSE Tumbleweed has migrated from Mesa 17.2 to now Mesa 17.3. Mesa 17.3.2 is the version currently in openSUSE's rolling-release.


      • openSUSE Tumbleweed Users Receive Important Mesa Linux Graphics Stack Update
        Four snapshots were released this week for OpenSuSE Tumbleweed, which is a rolling release GNU/Linux distribution where users install once and receive updates forever. Probably the most important change added in these snapshots was related to the graphics stack, which was updated to Mesa 17.3.2, a release that neede to be split into two parts to improve the build performance of the distribution.

        "In order to improve the distro build performance, Mesa was split into two parts to be built. Users that updated their system using “–no-recommends” did not get Mesa-dri auto-installed, resulting in the graphical system possibly not starting up. Simply install Mesa-dri for now manually (dependency chain fixes are underway)," said Dominique Leuenberger in the mailing list announcement.




    • Slackware Family



      • What’s new for January? Plasma5 18.01, and more
        When I sat down to write a new post I noticed that I had not written a single post since the previous Plasma 5 announcement. Well, I guess the past month was a busy one. Also I bought a new e-reader (the Kobo Aura H2O 2nd edition) to replace my ageing Sony PRS-T1. That made me spend a lot of time just reading books and enjoying a proper back-lit E-ink screen. What I read? The War of the Flowers by Tad Williams, A Shadow all of Light by Fred Chappell, Persepolis Rising and several of the short stories (Drive, The Butcher of Anderson Station, The Churn and Strange Dogs) by James SA Corey and finally Red Sister by Mark Lawrence. All very much worth your time.




    • Red Hat Family



    • Debian Family



      • TLCockpit v0.8
        Today I released v0.8 of TLCockpit, the GUI front-end for the TeX Live Manager tlmgr. I spent the winter holidays in updating and polishing, but also in helping me debug problems that users have reported. Hopefully the new version works better for all.


      • Google's Linux workstations are switching from Ubuntu to Debian
        Like many companies, Google uses a variety of operating systems in-house. macOS and Windows are used by a large number of employees, a modified build of Debian Linux is used on its servers (as of 2014, at least), and Chrome OS and Android devices are commonplace. In work environments where Linux is needed, Google uses a customized version of Ubuntu 14.04 called 'Goobuntu,' which has never been released publicly.


      • Derivatives



        • Canonical/Ubuntu



          • In a Snap, Slack Comes to Linux. Here's How To Install It
            While binaries for Slack have been available for Ubuntu and Fedora, other Linux operating systems are not so lucky. To overcome this, Canonical has released Slack as a Snap, which allows Slack to be installed and used on a greater variety of Linux distributions.

            Snapcraft is a command line tool that allows you to install containerised applications called Snaps on many different Linux distribution. As these Snap containers contain all the required dependencies that a program needs to run, it makes it very easy to create and distribute a single container that works on a variety of Linux versions.


          • Linux Users Can Now Download Slack as a ‘Snap’
            Slack is one step closer to becoming the workplace staple for businesses across the globe. The software is now available for use on Linux environments, bundled as a Snap – an application package for opensource systems.

            Tens of millions of users across the world run Linux on their systems, opting for one among its many distribution avatars. In comparison, Slack reported that over 6 million active profiles used the app daily last year, 2 million of them with paid subscriptions. The new release could open Slack up to a whole new set of customers.


          • Slack has arrived on Linux thanks to Canonical Snap
            CANONICAL HAS made the wishes of its users come true again as it brings another major app to Linux users for the first time.

            This time it's popular team platform Slack. The secret sauce is Ubuntu's "Snap" packages, a form of containerisation which puts an app into a little bubble that makes it run in the Linux environment. At Christmas, the technique was used to bring a desktop Spotify to Linux for the first time.

            The important thing here is that Snaps, first launched in 2016, run on any Linux distro, not just Canonical's own Ubuntu. Named specifically were Linux Mint, Manjaro, Debian, ArchLinux, OpenSUSE and Solus. Not only that, they work across desktop, server, cloud and IoT.


          • Your first robot: Introduction to the Robot Operating System [2/5]
            This is the second blog post in this series about creating your first robot with ROS and Ubuntu Core. In the previous post we walked through all the hardware necessary to follow this series, and introduced Ubuntu Core, the operating system for IoT devices. We installed it on our Raspberry Pi, and used it to go through the CamJam worksheets. In this post, I’m going to introduce you to the Robot Operating System (ROS), and we’ll use it to move our robot.










  • Devices/Embedded





Free Software/Open Source



  • Open source casino tech biz TGG enters Cambodia
    The firm provides “all essential source codes with open API [application program interface] for game designers to create customisable premium content for casino operators, enabling the operators to focus on making the best possible gaming experience for their players worldwide without additional investment in information technology infrastructure,” added its release.


  • Events



  • Web Browsers



    • Mozilla



      • Firefox Quantum Eats RAM Like Chrome
        For a long time, Mozilla’s Firefox has been my web browser of choice. I have always preferred it to using Google’s Chrome, because of its simplicity and reasonable system resource (especially RAM) usage. On many Linux distributions such as Ubuntu, Linux Mint and many others, Firefox even comes installed by default.

        Recently, Mozilla released a new, powerful and faster version of Firefox called Quantum. And according to the developers, it’s new with a “powerful engine that’s built for rapid-fire performance, better, faster page loading that uses less computer memory.”


      • Mozilla Communities Speaker Series #PrivacyMonth
        As a part of the Privacy Month initiative, Mozilla volunteers are hosting a couple of speaker series webinars on Privacy, Security and related topics. The webinars will see renowned speakers talking to us about their work around privacy, how to take control of your digital self, some privacy-security tips and much more.


      • “Ewoks or Porgs?” and Other Important Questions
        You ever go to a party where you decide to ask people REAL questions about themselves, rather than just boring chit chat? Us, too! That’s why we’ve included questions that really hone in on the important stuff in our 2nd Annual Firefox Census.


      • These Weeks in Firefox: Issue 30


      • TenFourFox FPR5 available
        TenFourFox Feature Parity Release 5 final is available for testing (downloads, hashes, release notes). There are no other changes other than the relevant security updates and the timer resolution reduction for anti-Spectre hardening. Assuming no major issues, it will become live on Monday evening Pacific time.


      • Mozilla mandates that new Firefox features rely on encrypted connections
        Mozilla this week decreed that future web-facing features of Firefox must meet an under-development standard that requires all browser-to-server-and-back traffic be encrypted.

        "Effective immediately, all new features that are web-exposed are to be restricted to secure contexts," wrote Mozilla engineer Anne van Kesteren in a post to a company blog. "A feature can be anything from an extension of an existing IDL-defined object, a new CSS property, a new HTTP response header, to bigger features such as WebVR."


      • Rogue Chrome, Firefox Extensions Hijack Browsers; Prevent Easy Removal
        Any malware that hijacks your browser to serve up ads or to redirect you to random websites can be annoying. Even more so are extensions that take control of your browser and prevent you from landing on pages that can help you get rid of them.

        Security researchers at Malwarebytes recently discovered extensions for Chrome and Firefox that display precisely that behavior. According to the security vendor, the extensions are designed to hijack browsers and then block users from removing them by closing out pages with information on extensions and add-ons, or by steering users to pages where extensions aren't listed. Rogue extensions like these are often an overlooked attack vector that can leave organizations exposed to serious threats.






  • Pseudo-Open Source (Openwashing)



  • Funding



  • FSF/FSFE/GNU/SFLC



    • Future directions for PGP
      Back in October, LWN reported on a talk about the state of the GNU Privacy Guard (GnuPG) project, an asymmetric public-key encryption and signing tool that had been almost abandoned by its lead developer due to lack of resources before receiving a significant infusion of funding and community attention. GnuPG 2 has brought about a number of changes and improvements but, at the same time, several efforts are underway to significantly change the way GnuPG and OpenPGP are used. This article will look at the current state of GnuPG and the OpenPGP web of trust, as compared to new implementations of the OpenPGP standard and other trust systems.

      GnuPG produces encrypted files, signed messages, and other types of artifacts that comply to a common standard called OpenPGP, described in RFC 4880. OpenPGP is derived from the Pretty Good Privacy (PGP) commercial software project (since acquired by Symantec) and today is almost synonymous with the GnuPG implementation, but the possibility exists for independent implementations of the standard that interoperate with each other. Unfortunately, RFC 4880 was released in 2007 and a new standard has not been published since then. In the meantime, several extensions have been added to GnuPG without broader standardization, and a 2017 IETF working group formed to update RFC 4880 ultimately shut down due to lack of interest.

      GnuPG 2 is a significantly heavier-weight software package than previous GnuPG versions. A major example of this change in architecture is GnuPG 2's complete reliance on the use of the separate gpg-agent daemon for private-key operations. While isolating private-key access within its own process enables improvements to security and functionality, it also adds complexity.

      In the wake of the Heartbleed vulnerability in OpenSSL, a great deal of scrutiny has been directed toward the maintainability of complex and long-lived open-source projects. GnuPG does not rely on OpenSSL for its cryptographic implementation, instead it uses its own independent implementation: Libgcrypt. This leads to the question of whether GnuPG's cryptographic implementation is susceptible to the same kinds of problems that OpenSSL has had; indeed the concern may be larger in the case of GnuPG.


    • Foundations of Amateur Radio - Episode 137
      I've been playing with a wonderful piece of software called GNU Radio, more on that in a moment.




  • Public Services/Government



    • Barcelona chooses Linux, Apple's Lisa OS goes open source, and more news


    • Barcelona Opts for Breath of Open Source Fresh Air
      Barcelona city officials have voted to shut the door on Microsoft Windows in favor of the Linux operating system and open source technology.

      The city hopes to save money from proprietary software license fees and to build a specialized library of open source applications targeting the needs of government workers. Its goal is to encourage specialized open source solutions throughout governmental agencies in Spain.

      The city last fall unveiled the Barcelona Digital City Plan to improve government-provided online services. The plan also supports urban technology and smart-city projects and promotes open data.




  • Programming/Development



    • An introduction to the BPF Compiler Collection
      In the previous article of this series, I discussed how to use eBPF to safely run code supplied by user space inside of the kernel. Yet one of eBPF's biggest challenges for newcomers is that writing programs requires compiling and linking to the eBPF library from the kernel source. Kernel developers might always have a copy of the kernel source within reach, but that's not so for engineers working on production or customer machines. Addressing this limitation is one of the reasons that the BPF Compiler Collection was created. The project consists of a toolchain for writing, compiling, and loading eBPF programs, along with example programs and battle-hardened tools for debugging and diagnosing performance issues.

      Since its release in April 2015, many developers have worked on BCC, and the 113 contributors have produced an impressive collection of over 100 examples and ready-to-use tracing tools. For example, scripts that use User Statically-Defined Tracing (USDT) probes (a mechanism from DTrace to place tracepoints in user-space code) are provided for tracing garbage collection events, method calls and system calls, and thread creation and destruction in high-level languages. Many popular applications, particularly databases, also have USDT probes that can be enabled with configuration switches like --enable-dtrace. These probes are inserted into user applications, as the name implies, statically at compile-time. I'll be dedicating an entire LWN article to covering USDT probes in the near future.






Leftovers



  • Drone comes to the rescue of two swimmers in Australia
    One day, they may yet turn against us, but for now, they're still our allies: A drone rescued two teenage swimmers in distress off the course of New South Wales in Australia, according to a new report. The drone spotted two teenagers in trouble around a half-a-mile out from shore, and then dropped a flotation device it carries for the purpose to give them something to hang on to (via Verge).


  • A drone has rescued two people from rough seas off the coast of Australia
    Lifeguards testing out new drone technology in Australia have saved two people stranded off the coast of New South Wales state, as spotted by Quartz. The drone footage shows a birds-eye view of the ocean before the drone ejects the yellow floatation device, which inflates when it hits the water. The two teenage boys were caught about 700 meters (0.4 miles) offshore at Lennox Head in a swell of around three meters (9.8 feet). They were able to grab onto the floatation device and swim to shore.


  • A drone was just used to rescue swimmers, and it recorded the whole event
    Lifeguards used a drone to rescue two teenagers from rough seas off the northern coast of New South Wales in Australia today (Jan. 18).

    The lifeguards happened to be piloting the new technology when they received a distress signal and deployed a drone to search for the struggling swimmers. Footage relayed from the drone camera (which can be viewed here) caught two people in distress near Lennox Head in the northern coastline of the state. The video shows the drone releasing a flotation device, which the two teenagers swam toward and clung onto as they are pounded by waves. Ben Franklin, parliamentary secretary for Northern New South Wales, said the whole process only took 70 seconds, compared to the six minutes it usually takes a lifeguard to rescue swimmers.


  • Science



    • China enters the battle for AI talent
      A mountainous district in western Beijing known for its temples and mushroom production is tipped to become China’s hub for industries based on artificial intelligence (AI). Earlier this month, the Chinese government announced that it will spend 13.8 billion yuan (US$2.1 billion) on an AI industrial park — the first major investment in its plan to become a world leader in the field by 2030.
    • Information engine operates with nearly perfect efficiency
      Physicists have experimentally demonstrated an information engine—a device that converts information into work—with an efficiency that exceeds the conventional second law of thermodynamics. Instead, the engine's efficiency is bounded by a recently proposed generalized second law of thermodynamics, and it is the first information engine to approach this new bound.

      The results demonstrate both the feasibility of realizing a "lossless" information engine—so-called because virtually none of the available information is lost but is instead almost entirely converted into work—and also experimentally validates the sharpness of the bound set by the generalized second law.


    • State of US science enterprise report shows US leads in S&E as China rapidly advances
      According to the National Science Foundation's (NSF) Science and Engineering Indicators2018 report released today, the United States is the global leader in science and technology (S&T). However, the U.S. global share of S&T activities is declining as other nations -- especially China -- continue to rise.


    • China declared world’s largest producer of scientific articles
      For the first time, China has overtaken the United States in terms of the total number of science publications, according to statistics compiled by the US National Science Foundation (NSF).

      The agency’s report, released on 18 January, documents the United States’ increasing competition from China and other developing countries that are stepping up their investments in science and technology. Nonetheless, the report suggests that the United States remains a scientific powerhouse, pumping out high-profile research, attracting international students and translating science into valuable intellectual property.


    • Breakthrough study shows how plants sense the world


      Only a small portion of these sensing proteins have been studied through classical genetics, and knowledge on how these sensors function by forming complexes with one another is scarce. Now, an international team of researchers from four nations—including Shahid Mukhtar, Ph.D., and graduate student Timothy "TC" Howton at the University of Alabama at Birmingham—has created the first network map for 200 of these proteins. The map shows how a few key proteins act as master nodes critical for network integrity, and the map also reveals unknown interactions.

      "This is a pioneering work to identify the first layer of interactions among these proteins," said Mukhtar, an assistant professor of biology in the UAB College of Arts and Sciences. "An understanding of these interactions could lead to ways to increase a plant's resistance to pathogens, or to other stresses like heat, drought, salinity or cold shock. This can also provide a roadmap for future studies by scientists around the world."


    • Breaking the Zimmermann Telegram
      Running, Lieutenant Nigel De Grey decided as he narrowly avoided colliding with another paper-laden trolley, was not something that the corridors of the Admiralty Old Building had been designed for.

      Nor was it something that the Royal Navy approved of from its junior officers, apparently. This was clear from the angry shouts of the people he dodged as he raced down the building’s narrow back corridors.

      Right now though De Grey didn’t care. It was 17th January 1917 and Europe had been locked in a bloody stalemate for almost three years, but the scrap of paper he held in his hand might well change the outcome of the Great War.


  • Hardware



    • Designing Customizable Self-Folding Swarm Robots
      Robot swarms generally come in two flavors. You’ve got your homogenous swarms, made up of tens or hundreds or sometimes thousands of identical robots. You’ve also got your heterogenous swarms, made up of a handful (or possibly a few tens) of robots that aren’t all identical, and may in fact be significantly different. Heterogeneity is appealing, because robots are bad multitaskers, and with a heterogenous swarm you can deploy a bunch of specialists instead. Problem is, designing, constructing, and then deploying a bunch of specialists is way harder than when you’re only dealing with one type of generalist robot, which is why we don’t see large heterogeneous swarms.


    • Years after predicted “death,” game consoles are doing better than ever


  • Health/Nutrition



    • The Trump Administration Continues the Racist and Disastrous War on Pot
      The majority of Americans support legalizing marijuana. The Marijuana Justice Act will do just that.

      If polling is correct, pot no longer gives Americans fits. Recent Gallup polls indicate that 64 percent of Americans approve of legalizing marijuana — the highest level of public support in almost 50 years. Nevertheless, we have an administration that is tone deaf to the will of the people and insists on reinstituting failed policies of decades past.

      But there are members of Congress who are listening. Earlier this week, Reps. Barbara Lee (D-Calif.) and Ro Khanna (D-Calif.) introduced the Marijuana Justice Act in the House of Representatives. Both agree that legalizing marijuana under federal law is an important step to confronting and eroding the harms that the failed war on drugs has had on people across the country, disproportionately Black and brown communities.

      In addition to legalization, the bill would cut federal funding for state law enforcement and prison construction if a state disproportionately arrests and incarcerate people of color for marijuana offenses. It also would retroactively apply to those currently serving sentences and allow people in federal prison for marijuana offenses to go to court and ask a judge to reduce their sentence.


    • ‘A Marijuana-Related Charge Can Still Impact Somebody for Life’


      But Attorney General Jeff Sessions’ stance is reflected in his declaration, “Good people don’t smoke marijuana.” His recent move, rescinding Obama-era guidance that had federal prosecutors take a laissez-faire approach to states, should probably be understood in that light.

      What are the possible impacts of Sessions’ animus, and what—or who—is missing from the current conversation about marijuana and its legal status? Art Way is a senior director for national criminal justice reform strategy at the Drug Policy Alliance, and state director for DPA’s Colorado office.


    • A Cheap and Easy Blood Test Could Catch Cancer Early
      A simple-to-take test that tells if you have a tumor lurking, and even where it is in your body, is a lot closer to reality—and may cost only $500.

      The new test, developed at Johns Hopkins University, looks for signs of eight common types of cancer. It requires only a blood sample and may prove inexpensive enough for doctors to give during a routine physical.


    • Antimicrobial Resistance The “Scariest” Public Health Issue, Needs Financial R&D Incentives, Industry Says
      On the eve of the annual January World Health Organization Executive Board meeting, an alliance of pharmaceutical industries launched its first report on efforts made to curb antimicrobial resistance. The alliance also organised a conference on the report and on challenges of antimicrobial resistance, in particular the need for research and development incentives so that the industry can continue its efforts sustainably. Some light was also shed on the need to support access to diagnostics, and lower their prices.




  • Security



    • Meltdown and Spectre Linux Kernel Status - Update
      I keep getting a lot of private emails about my previous post previous post about the latest status of the Linux kernel patches to resolve both the Meltdown and Spectre issues.

      These questions all seem to break down into two different categories, “What is the state of the Spectre kernel patches?”, and “Is my machine vunlerable?”
    • Security updates for Friday


    • Seeking SOS Fund Projects
      I’m spending some time over the next few days looking for the next round of projects which might benefit from an SOS Fund security audit.


    • Strong Incident Response Starts with Careful Preparation
      Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the companies with robust IR functions, the rapidly evolving threat landscape, constantly changing best practices, and surplus of available tools make it easy to overlook important steps during planning. As a result, by the time an incident occurs, it’s too late to improve their foundational procedures.


    • The Intel Management Engine: an attack on computer users' freedom
      Over time, Intel imposed the Management Engine on all Intel computers, removed the ability for computer users and manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's memory.


    • What Is WPA3, and When Will I Get It On My Wi-Fi?
      WPA2 is a security standard that governs what happens when you connect to a closed Wi-Fi network using a password. WPA2 defines the protocol a router and Wi-Fi client devices use to perform the “handshake” that allows them to securely connect and how they communicate. Unlike the original WPA standard, WPA2 requires implementation of strong AES encryption that is much more difficult to crack. This encryption ensures that a Wi-Fi access point (like a router) and a Wi-Fi client (like a laptop or phone) can communicate wirelessly without their traffic being snooped on.


    • We Didn't Pull CPU Microcode Update to Pass the Buck


    • Red Hat Will Revert Spectre Patches After Receiving Reports of Boot Issues
      Red Hat is releasing updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot.

      "Red Hat is no longer providing microcode to address Spectre, variant 2, due to instabilities introduced that are causing customer systems to not boot," the company said yesterday.

      "The latest microcode_ctl and linux-firmware packages are reverting these unstable microprocessor firmware changes to versions that were known to be stable and well tested, released prior to the Spectre/Meltdown embargo lift date on Jan 3rd," Red Had added.


    • Another Face to Face: Email Changes and Crypto Policy
      The OpenSSL OMC met last month for a two-day face-to-face meeting in London, and like previous F2F meetings, most of the team was present and we addressed a great many issues. This blog posts talks about some of them, and most of the others will get their own blog posts, or notices, later. Red Hat graciously hosted us for the two days, and both Red Hat and Cryptsoft covered the costs of their employees who attended.

      One of the overall threads of the meeting was about increasing the transparency of the project. By default, everything should be done in public. We decided to try some major changes to email and such.


    • Some Basic Rules for Securing Your IoT Stuff

      Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked [sic] IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.



    • A look at the handling of Meltdown and Spectre
      The Meltdown/Spectre debacle has, deservedly, reached the mainstream press and, likely, most of the public that has even a remote interest in computers and security. It only took a day or so from the accelerated disclosure date of January 3—it was originally scheduled for January 9—before the bugs were making big headlines. But Spectre has been known for at least six months and Meltdown for nearly as long—at least to some in the industry. Others that were affected were completely blindsided by the announcements and have joined the scramble to mitigate these hardware bugs before they bite users. Whatever else can be said about Meltdown and Spectre, the handling (or, in truth, mishandling) of this whole incident has been a horrific failure.

      For those just tuning in, Meltdown and Spectre are two types of hardware bugs that affect most modern CPUs. They allow attackers to cause the CPU to do speculative execution of code, while timing memory accesses to deduce what has or has not been cached, to disclose the contents of memory. These disclosures can span various security boundaries such as between user space and the kernel or between guest operating systems running in virtual machines. For more information, see the LWN article on the flaws and the blog post by Raspberry Pi founder Eben Upton that well describes modern CPU architectures and speculative execution to explain why the Raspberry Pi is not affected.


    • Addressing Meltdown and Spectre in the kernel
      When the Meltdown and Spectre vulnerabilities were disclosed on January 3, attention quickly turned to mitigations. There was already a clear defense against Meltdown in the form of kernel page-table isolation (KPTI), but the defenses against the two Spectre variants had not been developed in public and still do not exist in the mainline kernel. Initial versions of proposed defenses have now been disclosed. The resulting picture shows what has been done to fend off Spectre-based attacks in the near future, but the situation remains chaotic, to put it lightly.

      First, a couple of notes with regard to Meltdown. KPTI has been merged for the 4.15 release, followed by a steady trickle of fixes that is undoubtedly not yet finished. The X86_BUG_CPU_INSECURE processor bit is being renamed to X86_BUG_CPU_MELTDOWN now that the details are public; there will be bug flags for the other two variants added in the near future. 4.9.75 and 4.4.110 have been released with their own KPTI variants. The older kernels do not have mainline KPTI, though; instead, they have a backport of the older KAISER patches that more closely matches what distributors shipped. Those backports have not fully stabilized yet either. KPTI patches for ARM are circulating, but have not yet been merged.


    • Is it time for open processors?
      The disclosure of the Meltdown and Spectre vulnerabilities has brought a new level of attention to the security bugs that can lurk at the hardware level. Massive amounts of work have gone into improving the (still poor) security of our software, but all of that is in vain if the hardware gives away the game. The CPUs that we run in our systems are highly proprietary and have been shown to contain unpleasant surprises (the Intel management engine, for example). It is thus natural to wonder whether it is time to make a move to open-source hardware, much like we have done with our software. Such a move may well be possible, and it would certainly offer some benefits, but it would be no panacea.

      Given the complexity of modern CPUs and the fierceness of the market in which they are sold, it might be surprising to think that they could be developed in an open manner. But there are serious initiatives working in this area; the idea of an open CPU design is not pure fantasy. A quick look around turns up several efforts; the following list is necessarily incomplete.
    • Notes from the Intelpocalypse
      Rumors of an undisclosed CPU security issue have been circulating since before LWN first covered the kernel page-table isolation patch set in November 2017. Now, finally, the information is out — and the problem is even worse than had been expected. Read on for a summary of these issues and what has to be done to respond to them in the kernel. All three disclosed vulnerabilities take advantage of the CPU's speculative execution mechanism. In a simple view, a CPU is a deterministic machine executing a set of instructions in sequence in a predictable manner. Real-world CPUs are more complex, and that complexity has opened the door to some unpleasant attacks.

      A CPU is typically working on the execution of multiple instructions at once, for performance reasons. Executing instructions in parallel allows the processor to keep more of its subunits busy at once, which speeds things up. But parallel execution is also driven by the slowness of access to main memory. A cache miss requiring a fetch from RAM can stall the execution of an instruction for hundreds of processor cycles, with a clear impact on performance. To minimize the amount of time it spends waiting for data, the CPU will, to the extent it can, execute instructions after the stalled one, essentially reordering the code in the program. That reordering is often invisible, but it occasionally leads to the sort of fun that caused Documentation/memory-barriers.txt to be written.


    • OnePlus admits 40,000 customers were affected by credit card breach

      The findings of its ongoing investigation, which it's carrying out with a third-party security firm, reveal that malicious script was injected into the OnePlus.net payment page code, and allowed the as-yet-unknown attackers to see customer's credit card numbers, expiration dates, and security codes.





  • Defence/Aggression



    • NBC's ErdoÄŸan escape claim during coup attempt deserves top fake news award, Assange says
      WikiLeaks founder Julian Assange on Thursday pointed out the fake news regarding defeated coup in Turkey was not mentioned in U.S. President Donald Trump's self-proclaimed "Fake News Awards".

      "The most serious case of recent fake news is not on Trump's #FakeNewsAwards list. NBC substantially assisted the military coup in Turkey which killed hundreds," Assange wrote on his official Twitter account.

      Gülenist Terror Group (FETÖ) and its U.S.-based leader Fetullah Gulen orchestrated the defeated coup on July 15, 2016, which left 250 people martyred and nearly 2,200 others injured.


    • Trump Is Turning the State Department into a Global Weapons Dealer
      The Trump administration will soon announce its next move in the ongoing assault on diplomacy and human rights currently taking place in the United States. Through a plan dubbed “Buy American,” the administration is calling for U.S. attachés and diplomats to play a larger role in the sale of U.S. weapons, effectively solidifying their role as lobbyists for the arms industry rather than agents of diplomacy.

      This means the State Department, the agency that is meant to foster diplomatic relations and maintain peaceful engagement with other countries, will now openly operate as a weapons dealer. The administration is essentially forcing the State Department to undermine itself, as seeking out and expanding opportunities for increased weapons sales are certainly not conducive to fostering peaceful global relations.


    • Regime Change and Globalization Fuel Europe’s Refugee and Migrant Crisis
      Anti-establishment political forces in the both the United States and Europe have seized on the issue of illegal immigration, seen by many voters as a threat to both economic well-being and cultural identity, as a key components of their electoral strategies. While Donald Trump has made the wall with Mexico one of his priorities and has worked to uphold a ban on immigration from a number of Muslim nations, in Europe, numerous political parties have been following this script for many years.




  • Transparency/Investigative Reporting



    • 'Granting Ecuadorian citizenship to Assange won't sway UK'
      A former Ecuadorian President has said the current administration's decision to grant citizenship to WikiLeaks Founder Julian Assange "will not convince the British to let him exit the UK".

      "If that was the Foreign Ministry's strategy, they're quite naive.




  • Environment/Energy/Wildlife/Nature



    • The trend continues, 2017 one of the hottest years on record
      2017 was once again one of the hottest years on record, ranked as the second-warmest by NASA and third-warmest by the National Oceanic and Atmospheric Administration. The findings "continue the planet's long-term warming trend," according to NASA. A trend that is driven predominately by human activity through carbon dioxide emissions.

      Temperature records for the planet, monitored independently by both agencies, go back to 1880. The announcement came at a joint press conference on Thursday in Washington. The hottest year on record remains 2016, while 2015 ranks second according to NOAA and third by NASA, which means the top three years have been the most recent three.






  • Finance



    • 'Entire aisles are empty': Whole Foods employees reveal why stores are facing a crisis of food shortages
      Whole Foods is facing a crush of food shortages in stores that's leading to empty shelves, furious customers, and frustrated employees.

      Many customers are blaming Amazon, which bought Whole Foods in August for $13.7 billion. Analysts have speculated that the shortages could be due to a spike in shopper traffic in the wake of the acquisition.

    • UMich Confidence Tumbles - Economic Conditions Hit 14-Month Low
      Tax reform was spontaneously mentioned by 34% of all respondents; 70% of those who mentioned tax reform thought the impact would be positive, and 18% said it would be negative.

      The disconnect between the future outlook assessment and the largely positive view of the tax reform is due to uncertainties about the delayed impact of the tax reforms on the consumers. Some of the uncertainty is related to how much a cut or an increase people, especially high income households who live in high-tax states, face.

      Six-in-ten consumers reported that the pace of economic growth had recently improved in early January. While the majority expected good economic times during the year ahead, half of all consumers anticipated a growth slowdown during the next five years.
    • Chinese investment in the US crashed in Trump’s first year in office
      Chinese investment in the United States plummeted in 2017, a product of policies stemming both from Beijing and Washington. The drop comes after 2016’s record levels of foreign direct investment (FDI) from China in the US, and looks set to continue this year.

      According to research firm Rhodium Group, in 2017 Chinese investment in the United States reached $29 billion in consummated deals, marking a 35% decrease from the year prior.


    • What Silicon Valley Tech Jobs Pay the Highest Salaries?


      Indeed.com just released its 2017 Silicon Valley salary survey, looking at which tech jobs command the highest average pay over the past year, according to job openings posted on the job search firm’s web site from November 2016 through October 2017.

      Product development engineer claimed the number one spot, with an average salary of US $173,570, and director of product management was just a few dollars behind, with an average salary of $173,556.




  • AstroTurf/Lobbying/Politics

    • Why People Dislike Really Smart Leaders


    • Twitter says it exposed nearly 700,000 people to Russian propaganda during US election

      Twitter this evening released a new set of statistics related to its investigation on Russia propaganda efforts to influence the 2016 US presidential election, including that 677,775 people were exposed to social media posts from more than 50,000 automated accounts with links to the Russian government. Many of the new accounts uncovered have been traced back to an organization called the the Internet Research Agency, or IRA, with known ties to the Kremlin.



    • Keeanga-Yamahtta Taylor: Democratic Party Faces Reckoning for Purging Sanders Supporters
      As President Trump completes his first year in office, activists in cities across the country will hold mass protests Saturday on the first anniversary of the historic Women’s March. This comes as a slew of lawmakers have joined members of the Black Congressional Caucus in backing a resolution to censure President Trump over his racist comments in which the president reportedly used an expletive to refer to African nations, El Salvador and Haiti. Several Democratic lawmakers say they will also skip the State of the Union address on January 30 over Trump’s racist remarks. Meanwhile, Trump himself denies being a racist, claiming on Sunday that he is “the least racist person.” To discuss Trump’s first year in office, the direction of the Democratic Party and where racial justice movements go from here, we are joined by Keeanga-Yamahtta Taylor, assistant professor of African American studies at Princeton University. She is the author of “From #BlackLivesMatter to Black Liberation” and editor of a new collection of essays titled “How We Get Free: Black Feminism and the Combahee River Collective.”

    • House Spending Bill Changes Law to Let Trump Administration Secretly Shift Intelligence Money
      The House spending bill released Wednesday would allow President Donald Trump, or people under him, to secretly shift money to fund intelligence programs, a break with 70 years of governing tradition.

      Since 1947, section 504 of the National Security Act has mandated that the administration inform Congress if it intends to shift money from one intelligence project to another, if the new project has not been authorized by Congress. That notification can be — and almost always is — done in secret, but it is at least a minimal check on executive power.

      The spending bill currently under consideration, known as a continuing resolution, or CR, breaks with that tradition, allowing funds to “be obligated and expended notwithstanding section 504(a)(1) of the National Security Act of 1947.”
    • Who Trump Is Putting in Power
    • Watchdogging a Nonprofit Watchdog
      Earlier this week, we published a story with the Chicago Sun-Times that identifies a right-leaning public policy organization as the primary source of money behind Project Six, a Chicago-based nonprofit that investigates government waste, fraud and abuse.

      Project Six is led by former Chicago City Council inspector general Faisal Khan, who says the group is independent and nonpartisan — even though 98 percent of the funds it received during its first year came from the Illinois Policy Institute. The institute’s crusades for small government, lower taxes and reduced labor-union power are highly influential within the state Republican Party.

      Determining who funded Project Six took several steps, as well as some luck.
    • Russian Politician Who Reportedly Sent Millions to NRA Has Long History in Spain
      As the Spanish police investigated the presence of a notorious Russian organized crime group on the resort island of Mallorca in 2012, they realized that a key figure described by some of the suspects as their “godfather” was a powerful Moscow politician: Alexander Torshin.

      Spanish prosecutors decided in the summer of 2013 to arrest Torshin, who was then a senator, officials say. Police set up an operation to capture him during a visit to Mallorca, but he mysteriously canceled the trip at the last minute, apparently as the result of a tip, authorities said. Torshin was never charged, while the other suspects were convicted of money laundering. Last year, he publicly denied any wrongdoing in the Spanish money-laundering case.
    • The Stormy Daniels story should be a bigger deal
      Donald Trump's personal lawyer formed a private company just before the 2016 election to pay $130,000 in exchange for a porn star's silence about her alleged 2006 relationship with the now-President of the United States, according to the Wall Street Journal.

      That seems like a big story, no? And yet, while it's drawn some attention -- particularly in the wake of the Journal's latest reporting Thursday about the private company -- it appears to not be moving the needle much with the public.


    • A record $107 million was raised for Trump’s inauguration. So where did it all go? No one will say.
      Nearly a year after President Trump’s inauguration, the committee that raised a record $106.7 million for the event has not disclosed how much surplus money it still has or provided a final accounting of its finances.

      “We must decline comment at this time,” Kristin Celauro, a spokeswoman for the inaugural committee’s chairman, Thomas Barrack, said this week in response to a USA TODAY inquiry about the committee’s finances.

      Barrack, a California investment manager and longtime Trump friend, has said consistently that remaining funds would go charity. He announced plans in September to give $3 million to three non-profit groups —The American Red Cross, the Salvation Army and Samaritan’s Purse — to help with hurricane relief efforts and said the committee planned more contributions “that serve America’s agenda.”
    • Election season in Russia: violent acts and criminal cases against rights defenders, political activists
      Russia’s presidential elections are drawing close and the machinery of repression, which is working overtime, has apparently no intention to stop. We continue to cover these events.




  • Censorship/Free Speech

    • Sudan Jails Journalists in New Sign of Repression

      Press advocates said Friday that the arrests, carried out by Sudan’s National Intelligence and Security Service, reflected an increasingly repressive censorship in the vast African nation, where news media independence has long been under assault.



    • Catalan teacher denies hate speech accusations at court


    • Facebook to start ranking news outlets on community trust

      Publishers with higher ratings will get priority in users’ news feeds, a move that the company says will cut down on “sensationalism, misinformation and polarization” in the media.



    • Facebook is going to start surveying users to determine trustworthy news sources


    • 5 Questions About Facebook's Plan to Rate Media by 'Trustworthiness'

      But we don’t know who will be responsible for this yet. This should be a public matter, given its import to the public sphere.



    • Facebook's Latest Fix for Fake News: Ask Users What They Trust

      The vetting process will happen through Facebook’s ongoing quality surveys — the same surveys it uses to ask whether Facebook is a force for good in the world and whether the company seems to care about its users. Now, Facebook will ask users if they are familiar with a news source and, if so, whether they trust the source.



    • Southwest's Bullshit Lawsuit Over A Site That Made $45 Helping People Book Cheaper Flights
      In the past, I've been a pretty big fan of Southwest Airlines. On many routes it has been my first choice for flights. However, after digging into a new lawsuit the company filed earlier this month, I'm pretty close to swearing off Southwest forever. I can't support this kind of bullshit legal bullying. First off, Southwest does have a bit of history legally bullying sites that improve the Southwest experience. Back when your seating on Southwest really depended on how close to 24 hours prior to your flight that you checked in, there were a few services that would automate checking you in at exactly the 24 hour mark, and Southwest sued to shut them down. The company has also threatened tools that merely scraped Southwest fares -- which could be kind of useful, since Southwest doesn't share its shares with popular flight info aggregators like Kayak and Expedia.

      It is somewhat questionable whether or not Southwest actually has a legal right to block that -- pricing info is not covered by copyright -- but there are lots of attempts these days to twist laws to argue that merely putting something in a terms of service is enough to create a legal obligation.

      Enter a new site: SWMonkey.com. The idea behind the site is fairly simple. Because Southwest Airlines (unlike basically every other airline) actually has no fees to change your flight, if you spot your same flight available for less, you can call Southwest and basically exchange your ticket for the new ticket and get credit for future flights (and sometimes even cash back). Southwest, of course, relies heavily on the idea that not many people take advantage of this. SWMonkey's clever idea was to monitor price changes for you, and alert you if the price on your flight dropped significantly. The site charged a $3 fee if it could save you $10 or more.
    • The Rapid Rise of Censorship in Southeast Asia
      The number of blocked sites, as documented by independent internet monitors, is on the rise in nearly every Southeast Asian nation, part of a wider downturn in freedom of information across the region. What started out as a move to limit access to certain “illicit” sites, such as those hosting pornography or copyrighted content, has morphed into broad, unchecked power by each country’s internet governing agencies to block access to sites with little, if any, oversight, and increasingly, arrest citizens for what they post on social media.

      “Censorship is on the rise and internet freedom is declining in Southeast Asia,” said Madeline Earp, Asia research analyst with Freedom House. “We [are] seeing that with some specific tactics – website blocking, arrests, cyber attacks, other rights violations.”
    • Russian Censorship Scandal Forces Ministry to Reissue Paddington 2 License
      A British family comedy about a friendly bear has sparked an unlikely scandal over government discrimination against foreign films in Russia this week.

      Russian cinemas were left dumbfounded after the Culture Ministry delayed issuing a screening license for “Paddington 2,” one day before it was scheduled to be released in theaters. The ministry said it delayed the Jan. 18 screening until Feb. 1 because of another film scheduled to premiere on the same day, the film's distributor told the Kommersant business daily.


    • New Climate Censorship Tracker Comes Online
      Columbia University and the Climate Science Legal Defense Fund today launched an online tracker of the Trump administration's crackdown on climate science.

      The project, called the Silencing Science Tracker, has so far assembled 96 entries of federal restrictions or prohibitions on climate science since November 2016. The database is built from media reports, and it's searchable by agency, date and type of action.

      More than half the entries are listed as censorship, either from government restriction or researchers who are self-censoring. Other instances include targeted personnel changes, budget cuts and other federal actions aimed at minimizing or hindering climate research. The project also links to resources for whistleblowers and legal help.
    • Trump has tried to restrict science almost 100 times already.
      The online resource is a joint project of Columbia’s Sabin Center for Climate Change Law and the Climate Science Legal Defense Fund, a non-profit originally created in 2011 to defend scientists from what at the time seemed like the biggest threat facing the climate science community: legal attacks against individual scientists by conservative groups. The group’s priorities have shifted somewhat since Trump’s election. “Political and ideological attacks on science have a long and shameful history, and such attacks are the most dangerous when carried out or condoned by government authorities,” said Lauren Kurtz, CSLDF’s executive director.

      To be included in the Silencing Science Tracker, a federal government action must have the effect of “prohibiting scientific research, education or discussion, or the publication or use of scientific information,” the site says. The tracker divides actions into six broad categories, and includes Trump’s appointments of unqualified nominees to science-related posts, the removal of various climate references from executive agency websites, and suspensions on scientific research. The category with the most entries is “government censorship,” which includes 40 instances when the administration changed website content, restricted public communication by scientists, or made data more difficult to access.


    • The Constant Pressure For YouTube To Police 'Bad' Content Means That It's Becoming A Gatekeeper
      For many, many years we've talked about how people were wrong to say that the internet "cut out middlemen" because there are still plenty of middlemen around. Instead, what was important was that the type of middlemen were changing. Specifically, we were moving from an age of gatekeepers to an age of enablers. And the difference here is profound. Gatekeepers keep out most people who want to use their platforms. Think: record labels or movie studios. Most people who wanted to become musicians just a couple of decades ago were not able to. Record labels would not sign them, and without a recording deal, your chance of making any money was just about nil. A few people were signed, a very few of those that signed would make lots of money, the rest would make a little money, and everyone who didn't sign would make basically nothing. The "curve" of how much money people made trying to become musicians was not very smooth. You had a few at the top end, and a giant cliff down to basically zero if you couldn't get past the gatekeeper.

      But the internet changed that in a massive way. Anyone could start using the various internet platforms to release their content, to build an audience, and to make some money. There remain complaints from some that the amount most users make isn't very much, but that ignores that under the previous gatekeeper system, that amount was almost certainly zero for the vast majority of people who wished to make money from their creative endeavors. With various internet services -- Kickstarter, Patreon, Spotify, YouTube, etc. -- artists could at least make more than zero.

      There has been some fear that yesterday's enablers would turn into tomorrow's gatekeepers. Unfortunately, one of the most disturbing aspects of what's happening with the internet these days is that more and more people seem to be pressuring these enabling services to become gatekeepers and to lock out smaller creators, out of this new fear that some people shouldn't be allowed to use these platforms to make any money at all.


    • The Pentagon Papers Team Tells How The Times Defied Censorship
      Four alumni of The New York Times met Tuesday on Facebook Live to recount the dramatic events surrounding our 1971 publication of the Pentagon Papers, a watershed moment in the history of press freedom.

      The Washington Post’s publication of the Pentagon Papers returned to the national spotlight with the release last week of the feature film “The Post.” But The Times was the first to publish portions of the Papers, starting June 13, 1971. We published three articles over a period of two days before a federal court ordered us to stop. On July 1, 1971, we resumed publication after winning a landmark Supreme Court decision.


    • Palestinians fight Facebook, YouTube censorship
      Amid an ever-shrinking space for dissenting Palestinian voices, a new initiative sets out to recover some of the ground lost online.

      Sada Social, a group launched in September by three Palestinian journalists, aims to document "violations against Palestinian content" on social networks such as Facebook and YouTube, and to liaise with its executives to restore some of the pages and accounts that have been shut down.




  • Privacy/Surveillance

    • The omnipresent Seth Moulton is reluctant to explain his NSA vote
      Whether he’s trolling the president on Twitter or lambasting him on cable news, the congressman from the North Shore has been one of the most vocal critics of the year-old Trump administration, on grounds of both policy and character. In a radio interview over the summer, Moulton said Trump “lies all the time.” In the spring he called for the resignation of Attorney General Jeff Sessions.
    • The NSA knows who you are just by the sound of your voice—and their tech predates Apple and Amazon


      For technology users who have marveled at the ability of Siri or Alexa to recognize their voice, consider this: The National Security Agency has apparently been way ahead of Apple or Amazon.

      The agency has at its disposal voice recognition technology that it employs to identify terrorists, government spies, or anyone they choose — with just a phone call, according to a report by The Intercept. The disclosure was revealed in a recently published article, part of a trove of documents leaked by former NSA contractor Edward Snowden.

      The publication wrote that by using recorded audio, the NSA is able to create a "voiceprint," or a map of qualities that mark a voice as singular, and identify the person speaking. The documents also suggest the agency is continuously improving its speech recognition capabilities, the publication noted.
    • Julian Assange Senses 'Political Propaganda' as Amazon's Alexa Becomes Feminist
      Amazon's virtual assistant Alexa has just received an enhanced personality: now, not only can she give you the correct answers, but can even offer a response in case of insults and personal attacks. Creators also expect that she could potentially express her own opinions on certain political issues, a move that has prompted criticism.
    • Aadhar Services Suspended In AP?


    • Analog Equivalent Privacy Rights (12/21): Our parents bought things untracked, their footsteps in store weren’t recorded

      Yes, this kind of people tracking is documented to have been already rolled out citywide in at least one small city in a remote part of the world (VästerÃ¥s, Sweden). With the government’s Privacy Oversight Board having shrugged and said “fine, whatever”, don’t expect this to stay in the small town of VästerÃ¥s. Correction, wrong tense: don’t expect it to have stayed in just VästerÃ¥s, where it was greenlit three years ago.



    • The Last Government Shutdown Rocked The NSA. Another Will Only Increase The Suffering.
    • NSA failed to preserve some data related to surveillance court case: report


    • NSA erased surveillance data related to pending lawsuits: Report


    • NSA deleted surveillance data it pledged to preserve
      The National Security Agency destroyed surveillance data it pledged to preserve in connection with pending lawsuits and apparently never took some of the steps it told a federal court it had taken to make sure the information wasn’t destroyed, according to recent court filings.
    • NSA Deleted Surveillance Data It Promised To Keep
      According to recent court filings viewed by Politico, The National Security Agency destroyed surveillance data it had promised to preserve in connection with pending lawsuits. Additionally, the NSA reportedly did not take steps it had told a federal court it was taking in order to ensure that the information was not destroyed. The NSA told U.S. District Court Judge Jeffrey White in a filing this week that it did not preserve internet communications that were intercepted between 2001 and 2007, as part of a set of court orders regarding surveillance efforts during the Bush administration. “NSA senior management is fully aware of this failure, and the Agency is committed to taking swift action to respond to the loss of this data," NSA's deputy director of capabilities wrote in a court document.
    • AT&T prevails in fight for classified NSA IT contract
      AT&T has prevailed in a bid protest battle over a lucrative and classified National Security Agency contract.

      The $2.5 billion ontract is part of NSA’s work to recompete the multi-billion dollar Groundbreaker IT infrastructure contract held by CSRA.


    • Trump signs bill extending NSA's warrantless surveillance
    • Trump signs renewal of NSA's surveillance program
    • Trump Signs Bill Renewing Warrantless NSA Surveillance
    • Trump signs bill renewing NSA's internet surveillance program
    • Trump Signs Bill Renewing NSA's Internet Surveillance Programme


    • Trump renews NSA internet surveillance program for six more years
    • Trump Signs Bill Renewing NSA's Internet Surveillance Program


    • NSA surveillance programs live on, in case you hadn't noticed
      For all the controversial issues US lawmakers have debated lately, there was one bill that made it through both houses of Congress and on to President Donald Trump with little fanfare.

      There was so little fuss around its passing, you might be surprised to hear the law renews two government surveillance programs that less than five years ago caused public outcry and panic.

      They're the US National Security Agency's Prism and Upstream programs, both of which former NSA contractor Edward Snowden revealed to journalists in 2013. The law that authorizes those programs were set to expire Friday, but Congress renewed them with little difficulty.

      Did privacy advocates put up a fight? Yes. But what debate there was focused on reforming a narrow aspect of the programs, and that effort made too few inroads in Congress to get results.
    • EFF Asks Ninth Circuit Appeals Court To Strengthen Privacy Protections Of Smart Phones At The Border
      The Electronic Frontier Foundation (EFF) urged the U.S. Ninth Circuit Court of Appeals to require federal agents to obtain a warrant before conducting highly intrusive searches of electronic devices at the border by requiring federal agents to obtain a warrant if they want to access the contents of travelers’ phones.

      “The Ninth Circuit four years ago issued an important ruling requiring officials to show they have reasonable suspicion of criminal activity to forensically search digital devices. While that was an improvement over the government’s prior practice of conducting suspicionless searches, the court didn’t go far enough,” said EFF Staff Attorney Sophia Cope. “We are now asking the Ninth Circuit to bar warrantless device searches at the border.”


    • Dark Caracal: Good News and Bad News
      Yesterday, EFF and Lookout announced a new report, Dark Caracal, that uncovers a new, global malware espionage campaign. One aspect of that campaign was the use of malicious, fake apps to impersonate legitimate popular apps like Signal and WhatsApp. Some readers had questions about what this means for them. This blog post is here to answer those questions and dive further into the Dark Caracal report.

      First, the good news: Dark Caracal does not mean that Signal or WhatsApp themselves are compromised in any way. It only means that attackers found new, insidious ways to create and distribute fake Android versions of them. (iOS is not affected.) If you downloaded your apps from Google’s official app store, Google Play, then you are almost certainly in the clear. The threat uncovered in the Dark Caracal report referred to “trojanized” apps, which are fake apps that pretend to look like real, trusted ones. These malicious spoofs often ask for excessive permissions and carry malware. Such spoofed versions of Signal and WhatsApp were involved in the Dark Caracal campaign.
    • Forget About Siri and Alexa — When It Comes to Voice Identification, the “NSA Reigns Supreme”
      AT THE HEIGHT of the Cold War, during the winter of 1980, FBI agents recorded a phone call in which a man arranged a secret meeting with the Soviet embassy in Washington, D.C. On the day of his appointment, however, agents were unable to catch sight of the man entering the embassy. At the time, they had no way to put a name to the caller from just the sound of his voice, so the spy remained anonymous. Over the next five years, he sold details about several secret U.S. programs to the USSR.



    • Can you hear me now?: NSA can find & track people with ‘voice-matching technology’
      Declassified documents reveal the National Security Agency has been using secret “speaker recognition” technology to identify people by their unique “voiceprint” for more than a decade.

      The NSA has been recording and gathering private phone calls for years, but it used to be difficult for the agency to identify unknown speakers. In the past, signals intelligence (SIGINT) transcribers worked on the same targets for years before they became familiar enough with a speaker’s unique voice to be able to verify their identity.


    • Congress demanded NSA spying reform. Instead, they let you down
      For the first time in five years, since the Edward Snowden disclosures that exposed the NSA's mass surveillance powers and programs, lawmakers had an opportunity this month to rein in and reform the bulk of the government's powers.
    • Senate Passes Legislation That Allows NSA to Keep Spying on Americans
      The Senate affirmed the legality of the NSA’s warrant-free surveillance activities on Thursday with a six-year renewal of Section 702 of the Foreign Intelligence Surveillance Act.

      Section 702 allows the NSA to obtain the communications of foreign targets for national security purposes. This law provided the legal backing for the PRISM program that Edward Snowden brought to national attention in 2013 when he leaked classified NSA documents.

      The legislation passed with a 65-34 vote.


    • #FISA: Senate passes bill to give NSA 6 more years of warrantless surveillance on Americans
      The U.S. Senate today passed a bill that will renew the National Security Agency’s warrantless internet surveillance program for six years with no substantive changes. It's bad news, say privacy and security advocates, but not a surprise.

      The re-up gives NSA powers that were first granted in response to the September 11 terrorist attacks. Opponents argued that FISA section 702, as the section of law is known, allows the NSA and other agencies to spy on Americans in a way that violates principles protected by the U.S. Constitution.


    • Lebanese security agency turns smartphone into selfie spycam: researchers

      Lebanon’s General Directorate of General Security (GDGS) has run more than 10 campaigns since at least 2012 aimed mainly at Android phone users in at least 21 countries, according to a report by mobile security firm Lookout and digital rights group Electronic Frontier Foundation (EFF).

      The cyber attacks, which seized control of Android smartphones, allowed the hackers [sic] to turn them into victim-monitoring devices and steal any data from them undetected, the researchers said on Thursday. No evidence was found that Apple (AAPL.O) phone users were targeted, something that may simply reflect the popularity of Android in the Middle East.

    • In the age of algorithms, would you hire a personal shopper to do your music discovery for you?




  • Civil Rights/Policing

    • Is the Porn Industry Doing Enough For Performers' Mental Health?

      But the rash of sudden, consecutive deaths has prompted some performers to call for change in an industry with a low barrier to entry, minimal oversight and nearly non-existent job security despite extreme working conditions. Unlike pre-Internet porn stars, performers today face the added pressures of social media interactions, increased competition without increased pay and a demand for more physically taxing sex scenes – all of which can exacerbate existing mental health or substance abuse issues. So is the adult industry doing enough to protect its performers?

    • EXCLUSIVE: Snap Threatens Jail Time for Leakers

      The chief lawyer and general counsel of Snapchat’s parent company, Michael O’Sullivan, sent a threatening memo to all employees last week just before The Daily Beast published an explosive story with confidential user metrics about how certain Snapchat features are used.



    • Jeffrey Sterling, Convicted of Leaking About Botched CIA Program, Has Been Released From Prison
      JEFFREY STERLING, THE former CIA agent convicted under the Espionage Act for talking to a New York Times reporter, has been released from prison after serving more than two years of his 42-month sentence, and is now in a halfway house.

      Sterling’s case drew nationwide attention because the Obama-era Department of Justice unsuccessfully tried to force the reporter, James Risen, to divulge the identity of his sources for “State of War,” a book in which he revealed the CIA had botched a covert operation against Iran’s nuclear program. Risen reported that instead of undermining the Iranians, the CIA had provided them with useful information on how to build a nuclear bomb. (Risen is now The Intercept’s senior national security correspondent and directs First Look Media’s Press Freedom Defense Fund.)

      The case had a racial dimension, too. Sterling, who had joined the agency in 1993, was one of the few black undercover operatives at the CIA. After several years of what he believed was discriminatory treatment, he filed a complaint against the agency, and then a lawsuit. The CIA fired Sterling in 2002, and his lawsuit was blocked by the courts after the government argued successfully that proceeding with the suit would expose state secrets.
    • Trump Administration to Deny Temporary Work Visas to Haitians
      The Trump administration has removed Haitians from eligibility under a pair of U.S. visa programs that offer immigrants a chance to work in low-wage jobs. In a regulatory filing, the Department of Homeland Security said this week Haitians will no longer be allowed to obtain H-2A agricultural and H-2B non-agricultural temporary work permits. In explaining its move, the DHS cited what it called “high levels of fraud and abuse” committed by Haitians. In November, President Trump ended temporary protected status—or TPS—for nearly 60,000 Haitians, many of whom came to the United States after the devastating 2010 earthquake in Haiti.

    • Trump’s Pick to Oversee Civil Rights in Schools Has a History of Attacking Civil Rights
      Marcus is laissez-faire about enforcing laws to protect marginalized groups, but crusades against those who criticize Israel.

      The Senate committee overseeing education voted yesterday, on party lines, to confirm President Trump’s nominee to run the Department of Education’s Office for Civil Rights. His nomination will now proceed to the full Senate for a final confirmation vote. Given the significance of the role in the protection of the rights of young people, senators should take a close look at Kenneth L. Marcus’s record before voting.

      While the ACLU does not support or oppose any nomination for any government office, we strongly urge all senators to oppose moving forward on the nomination at least until they have had a meaningful opportunity to review and debate Marcus’s full record on civil rights.

      Marcus’s past actions raise serious concerns about whether he will responsibly exercise his authority to protect the civil rights of students. In previous government positions, he has led political attacks on programs designed to ameliorate the historic effects of discrimination. More recently, he has played a central role in advocating for the suppression of student speech — particularly speech critical of Israel.
    • Dashcam Recording Instantly Undercuts Officers' Concocted Reason For A Traffic Stop


      Dashcams -- unlike body cameras -- have been around for years. So while it might be understandable an officer could forget his actions are being documented by his new-ish body camera-- say, when he heads into an alley to plant evidence -- it's difficult to draw the same conclusion when an officer apparently forgets his dashcam is recording his bogus traffic stop.

      In a criminal case resulting in suppressed evidence, Officer William Davis of the Dayton (OH) Police seems to have done exactly that. His bogus traffic stop resulted in the discovery of marijuana and a firearm, but none of that matters now. What was captured by his cruiser's dashcam undercut his assertions and sworn testimony. That has lead to an Ohio appeals court's memorable decision, in which it's declared the lower court was correct to rely on dashcam footage -- rather than the officer's testimony -- when the two narratives diverged. (via FourthAmendment.com)


    • Chinese SWAT team detains outspoken rights lawyer Yu Wensheng hours after he called for constitutional reform
      Chinese authorities detained a prominent human rights lawyer on Friday, people familiar with the case said, just hours after he provided journalists with a letter calling for constitutional reform.




  • Internet Policy/Net Neutrality

    • Apple's Incoherent App Approval Process Strikes Again, Net Neutrality App Banned For No Real Reason
      Neither Apple nor Verizon were willing to comment about the apparently arbitrary ban, raising obvious questions about transparency. These sort of tools are, it should go without saying, going to be important as the government increasingly makes it clear it has zero real intention of protecting consumers from lumbering, predatory telecom duopolies eager to abuse a lack of sector competition for additional financial gain. With government now sitting on its hands in fealty to telecom providers, the onus is on the consumer to do due diligence regarding their own connections.

      According to FCC boss Ajit Pai, public shame alone is supposed to help hold ISPs accountable in the wake of federal apathy to the net neutrality violations caused by a lack of broadband competition:




  • Intellectual Monopolies



    • Miami Law Startup Students Can Now Appear Before The USPTO
      Professor Dan Ravicher, who has represented startup companies and investors since for over two decades, leads the Startup Practicum. He is also a registered patent attorney, who has prosecuted, licensed and litigated patents and other intellectual property like software copyrights. Ravicher is an entrepreneur himself, founding businesses in various industries.


    • Teaching IP to kids with Ed Shearling, Kitty Perry and friends
      Many people have puzzled over how to educate the public about intellectual property. This task is even harder when trying to educate children. The UK IPO believes it has found a solution...

      Children like cartoons, so they made a cartoon about IP told through the story of Nancy (a French bulldog) and her gang of meerkats. There are lots of videos and other resources in the series but the episode which caught the attention of the BBC concerns logos...


    • UK Begins Absolutely Bonkers 'Education' Of Grade Schoolers About Intellectual Property And Piracy
      Several years ago, a music industry transplant into Parliament, Mike Weatherley, made a glorious push to get the government to invade primary schools in the country to teach them that piracy is the worst thing in the world and intellectual property laws are super cool. Children as young as seven years old would be subjected to "educational information" provided by the government on the "proper" use of the internet. This was not the first attempt at pushing copyright propaganda on kids. In fact, we've reported on many of these, going all the way back to 2003 -- and many of the programs have been mockable, including the infamous Captain Copyright.
    • UK Government Teaches 7-Year-Olds That Piracy is Stealing


      The UK Government has expanded its copyright curriculum for small children, targeting them from the age of just five years old. By using cartoon videos with fictitious characters such as Kitty Perry, Ed Shealing, and Justin Beaver, it aims to educate kids on key intellectual property issues, including illegal downloading.
    • Google, Tencent Agree to Share Patents in Global Tech Alliance


      Alphabet Inc.’s Google and Tencent Holdings Ltd. have agreed to share patents covering a range of products and technologies, an alliance between two of the world’s largest corporations.

      The cross-licensing deal comes with an understanding that the search giant and Tencent -- the world’s second largest and fifth largest company, respectively -- will team up on developing future technologies. The agreement may smooth the U.S. company’s business in China while helping Tencent’s push to expand beyond its dominant position on the mainland.

      The agreement is a typical industry arrangement between corporations designed to minimize patent infringements, with the U.S. company signing similar deals with Samsung Electronics Co. and others.



    • Patent Deal Struck Between Google And Tencent
    • Google and China's Tencent in patent cross-licensing deal
    • Alphabet's Google Signs Patent Licensing Deal With Tencent
    • China: Tencent and Google to Share Patents of Products, Technologies


    • Google takes a big step in China and Tencent joins the patent licensing world in major cross-licence deal
      Google and Tencent have announced a patent cross-licence deal that they say will pave the way for future technology collaboration. The pact is said to be “long term” and covering “a wide range of products and technologies”. Beyond that there are no details, including on whether the licence is royalty-bearing.

      [...]

      For Alphabet’s Google business, the patent cross-licence is its first in China. In the region, Google did deals with Android partners Samsung and LG back in 2014. Last year it agreed to a licence as part of a $1.1 billion buy-out of the HTC research team working on its Pixel devices. In China, where many of the biggest makers of Android devices are now based, only Coolpad was announced as a member of the Android Networked Cross-License (PAX).


    • Prosecution history - as relevant as any inventor evidence?
      Readers interested in patent law will be familiar with last summer's decision of the UK Supreme Court in Actavis v Eli Lilly [2017] UKSC 48. This has raised a number of issues, including whether the Supreme Court decision opens the door to greater use of the file history in the UK.


    • Trademarks



      • easyGroup loses trade mark fight against EasyRoommate
        A property letting business called EasyRoommate does not infringe any of the easy trade marks owned by Sir Stelios Haji-Ioannou’s easyGroup, according to a judgment by Mr Justice Arnold in the England and Wales High Court




    • Copyrights



      • Sequel To 'Man From Earth' To Be Released On Pirate Sites By Its Creators
        While we cover much here in terms of content creators actually embracing what the internet can do for them rather than fighting what is essentially mere reality, some stories truly do stand out more than others. If you aren't familiar with the story of the film The Man From Earth, you should read up on it because it's plainly fascinating. The sci-fi film was directed by Richard Schenkman on a fairly barebones budget and set for the sort of release that these types of independent films tend to get.

        And then somebody put a screener DVD up on The Pirate Bay and the film became known in a way it never would have otherwise.
      • EFF Tells Court That Boing Boing Linking To Playboy Images Is Not Infringement
        Back in November, we wrote about a fairly crazy case in which Playboy Enterprises was suing the blog Boing Boing for copyright infringement, over a post by Xeni Jardin, linking to a collection of all Playboy centerfold images on Imgur (and a video version on YouTube). As we wrote in our post, this seemed like a very strange hill for Playboy to die on, given that Boing Boing clearly did not post the images, but merely linked to them, meaning that it was pretty clearly not infringement. There were some really strange arguments in the complaint, and the initial reporting on it that we saw was really bad -- falsely claiming the lawsuit said that Boing Boing "stole every centerfold ever." But, of course, there was no stealing at all. Just linking.

      • Now Another Judge Smacks Around A Guardaley Shell Company Acting As A Copyright Troll
        While we were just discussing Judge Zilly in California smacking around one of the front-attorneys for a shell-company of the infamous Guardaley company (which pretends to be able to detect copyright infringement from Germany) another case was working its way through the courts. Judge Zilly focused his efforts on just how little evidence there is for the actual existence of many of the shell and parent companies that show up with Guardaley evidence, as well as whether or not Guardaley's "experts" even actually "exist." This other case in Oregon seems to have pointed out that yet another Guardaley front company can't even get the basics of standing in copyright law right and may well have tried to fool the court into thinking it had standing when it didn't.


      • Linking Is Not Copyright Infringement, Boing Boing Tells Court

        The popular blog Boing Boing has asked a federal court in California to drop the copyright infringement lawsuit filed against it by Playboy. With help from the EFF, Boing Boing argues that its article linking to an archive of hundreds of centerfold playmates is clearly fair use. Or else it will be "the end of the web as we know it," the blog warns.



      • Hollywood Asks New UK Culture Secretary To Fight Online Piracy

        Stan McCoy, president of the Motion Picture Association’s EMEA division, has penned an open letter to the UK's new culture secretary Matt Hancock. McCoy implies that more can be done to tackle online piracy, including dealing with pirate sites and illicit streaming devices. Considering the UK already has a considerable track record tackling all of these things, an eyebrow or two might be raised.









Recent Techrights' Posts

GNU/Linux and ChromeOS in Qatar Reach 4%, an All-Time High
Qatar has money to spend, but not much of it will be spent on Microsoft, or so one can hope
This 'Article' About "Linux Malware" is a Fake Article, It's LLM Slop (Likely Spewed Out by Microsoft Chatbot)
They're drowning out the Web
Early Retirement Age: Linus Torvalds Turns 55 Next Week
Now he's almost eligible for retirement in certain European countries
 
Technology: rights or responsibilities? - Part XI
By Dr. Andy Farnell
Links 22/12/2024: Election Rants and More Sites Available via Gemini
Links for the day
Links 22/12/2024: North Pole Moving and Debian's Joey Hess Goes Solar
Links for the day
Gemini Links 22/12/2024: Solstice and IDEs
Links for the day
BetaNews: Microsoft Slop is Your "Latest Technology News"
Paid-for garbage disguised as "journalism"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 21, 2024
IRC logs for Saturday, December 21, 2024
Links 21/12/2024: EU on Solidarity with Ukraine, Focus on Illegal and Unconstitutional Patent Court in the EU (UPC)
Links for the day
[Meme] Microsofters at the End of David's Leash
Hand holding the leash. Whose?
Deciphering Matt's Take on WordPress, Which is Under Attack From Microsofters-Funded Aggravator
the money sponsoring the legal attacks on WordPress and on Matt is connected very closely to Microsoft
Gemini Links 21/12/2024: Projections, Dead Web ('Webapps' Replacing Pages), and Presentation of Pi-hole
Links for the day
American Samoa One of the Sovereign States Where Windows Has Fallen Below 1% (and Stays Below It)
the latest data plotted in LibreOffice
[Meme] Brian's Ravioli
An article per minute?
Links 21/12/2024: "Hey Hi" (AI) or LLM Bubble Criticised by Mainstream Media, Oligarchs Try to Control and Shut Down US Government
Links for the day
LLM Slop is Ruining the Media and Ruining the Web, Ignoring the Problem or the Principal Culprits (or the Slop Itself) Is Not Enough
We need to encourage calling out the culprits (till they stop this poor conduct or misconduct)
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024