Chromebooks are great because they're simple: there's a lot you can get done with web services without exposing yourself to the troubles and security issues that plague more complex platforms.
But if you need to do a bit more with your Chromebook, you have a few options. Most Chromebooks these days allow you to install apps from the Google Play Store, which should fill most productivity gaps. If not, you'll soon have one more option: installing Linux apps. To be clear, you've been able to install Linux apps on Chromebooks for years because Chrome OS is Linux. But, it's about to get much easier.
Google’s Chrome OS gets a lot of things right, and the platform has evolved considerably over the years. Not only does it offer an always up-to-date version of the Chrome browser, but there are also Android apps, stylus input, and even Linux support on some devices. However, Chrome OS is far from perfect. You have to make compromises if you choose to live with a Chromebook, but you shouldn’t have to make quite this many. Here are the top five things Google should fix.
If you’re not considering a Chromebook when you're shopping for a notebook, you’re doing it wrong. Google's low-cost laptops are typically light, fast, secure, and have almost everything you need for remote work a.k.a. the Internet. Today, you can get in on the action for a great price. Walmart is selling the Acer Chromebook 14 (CB3-431-C6ZB) for $220. That’s about $30 to $40 cheaper than you’d usually pay for this laptop.
The Linux kernel's crypto subsystem updates were sent out today with its new feature work for the Linux 4.19 kernel. One change we were curious to see was whether they were going to nuke the Speck cipher code, but they did not.
Back during Linux 4.17, the Crypto updates added the Speck block cipher (and in 4.18, file-system encryption support with Speck was added) which has come under fire since Speck was developed by the US National Security Agency (NSA) and it's speculated that it could be back-doored by the agency but at the very least can't be a fully trusted for encryption.
David Miller sent in the networking subsystem updates today for the Linux 4.19 kernel merge window.
A new round of changes for 64-bit ARM architecture (ARM64/AArch64) were just loaded into the Linux 4.19 kernel merge window, and its generally some pretty good stuff being included.
The 64-bit ARM space on Linux as been fairly busy, and there’s likely more to come before Linux 4.19 kernel is released.
Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window.
The Linux Kernel Hardening Project is making significant strides in reducing vulnerabilities and increasing the effort required to exploit vulnerabilities that remain. Much of what has been implemented is obviously valuable, but sometimes the benefit is more subtle. In some cases, changes with clear merit face opposition because of performance issues. In other instances, the amount of code change required can be prohibitive. Sometimes the cost of additional security development overwhelms the value expected from it.
The Linux Kernel Hardening Project is not about adding new access controls or scouring the system for backdoors. It’s about making the kernel harder to abuse and less likely for any abuse to result in actual harm. The former is important because the kernel is the ultimate protector of system resources. The latter is important because with 5,000 developers working on 25 million lines of code, there are going to be mistakes in both how code is written and in judgment about how vulnerable a mechanism might be. Also, the raw amount of ingenuity being applied to the process of getting the kernel to do things it oughtn’t continues to grow in lockstep with the financial possibilities of doing so.
The Linux kernel is written almost exclusively in the C programming language — while the most significant reasons that the kernel needs to be hardened arise from aspects of this programming language.
Nothing lasts forever, and this also applies for GSoC projects. In this report, I tried to summarize my experience in the DRI community and my contributions.
One of the student summer coding projects that ended up being a cross between Google Summer of Code (GSoC) and Outreachy was the VKMS driver to provide a virtual KMS implementation for headless systems and other interesting use-cases.
Rodrigo Siqueira applied to GSoC 2018 to work on the long talked about "VKMS" driver while separately Haneen Mohammed had applied to Outreachy with a similar goal. Given the overlap, they worked together to get the Virtual KMS driver working. These summer student coding projects are drawing to a close and this initial driver is being sent sent into Linux 4.19 via the DRM tree. Not bad considering most GSoC/Outreachy projects introducing new code don't make it mainline so quickly, if ever.
Once upon a time, the only way to control how the kernel's CPU scheduler treated any given process was to adjust that process's priority. Priorities are no longer enough to fully control CPU scheduling, though, especially when power-management concerns are taken into account. The utilization clamping patch set from Patrick Bellasi is the latest in a series of attempts to allow user space to tell the scheduler more about any specific process's needs.
Contemporary CPU schedulers have a number of decisions to make at any given time. They must, of course, pick the process that will be allowed to execute in each CPU on the system, distributing processes across those CPUs to keep the system as a whole in an optimal state of busyness. Increasingly, the scheduler is also involved in power management — ensuring that the CPUs do not burn more energy than they have to. Filling that role requires placing each process on a CPU that is appropriate for that process's needs; modern systems often have more than one type of CPU available. The scheduler must also pick an appropriate operating power point — frequency and voltage — for each CPU to enable it to run the workload in a timely manner while minimizing energy consumption.
Linux kernel 4.18 was released on Sunday, August 12, 2018, by Linus Torvalds, and it's currently the most advanced kernel series available for Linux-based operating systems. The first point release, Linux 4.18.1, is now available, which marks the Linux 4.18 kernel series as stable and ready for mass deployments.
All Linux OS vendors are now urged to adopt the latest Linux 4.18 kernel series for their operating systems on supported architectures as it brings various new features, improvements, and updated drivers for better hardware support. Linux kernel 4.18.1 is now available for download from kernel.org or our software portal.
Following in the footsteps of the recently released Linux 4.18 kernel series, the GNU Linux-libre 4.18 kernel is now available for those who don't want to run any proprietary firmware on their Linux-based operating system or the GNU operating system.
Including pretty much the same new features and enhancements as Linux kernel 4.18, the GNU Linux-libre 4.18 kernel cleans up the new psp-dev crypto and icn8505 touchscreen drivers, removes the atom isp driver, and adjusts numerous others.
The Linux Foundation has posted session descriptions for the Embedded Linux Conference Europe and OpenIoT Summit Europe, to be held Oct. 22-24, in Edinburgh, with topics ranging from RISC-V to deep learning to workplace diversity.
Even if you can’t make it to Edinburgh Oct. 22-24 for the Embedded Linux Conference Europe (ELCE) and co-located OpenIoT Summit Europe, the session descriptions are a good place to find clues about what’s hot in Linux and open source embedded technology. To be sure, the Linux Foundation offers a heavy dose of sessions on Linux Foundation projects such as Zephyr or Yocto Project, but it’s still a very inclusive collection from across the industry.
The Linux Foundation has always been committed to welcoming companies and organizations of all sizes as part of its heritage and ongoing vision for opening technology for all to experiment with and to build things.
The Zephyr Project, an open source project to build a real-time operating system (RTOS) for the Internet of Things (IoT), announced last week they grew their community of contributors with support for more than 100 developer boards and the addition of six new members.
These industry and academic leaders include Antmicro, DeviceTone, SiFive, the Beijing University of Posts and Telecommunications, The Institute of Communication and Computer Systems (ICCS) and Northeastern University.
Mesa 18.2 as the next quarterly feature release to the contained OpenGL/Vulkan drivers is about two weeks out if all goes well, but today for testing Mesa 18.2-RC3 is now available.
David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates.
Thanks to a little Twitter tip, we've learned today that NVIDIA are indeed working to provide better support for NVIDIA Optimus on Linux.
Currently, if you have a laptop with NVIDIA Optimus the official NVIDIA driver gives you the option between using the Intel GPU or switching over to the NVIDIA GPU. It doesn't handle it like you would expect it to on Windows, where it would offload the work to the more powerful NVIDIA GPU. Not an ideal situation, to switch between the two GPUs and from when I had a laptop with one (some time ago) it required logging out before it would take effect.
This is mostly a request for testing, because I've received zero feedback on the patches that I merged a month ago and libinput 1.12 is due to be out. No comments so far on the RC1 and RC2 either, so... well, maybe this gets a bit broader attention so we can address some things before the release. One can hope.
[...]
Because basically every trackpoint has different random data ranges not linked to anything easily measurable, libinput's device quirks now support a magic multiplier to scale the trackpoint range into something resembling a sane range. This is basically what we did before with the systemd POINTINGSTICK_CONST_ACCEL property except that we're handling this in libinput now (which is where acceleration is handled, so it kinda makes sense to move it here). There is no good conversion from the previous trackpoint range property to the new multiplier because the range didn't really have any relation to the physical input users expected.
While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD.
I should have my initial BSD vs. Linux findings on Threadripper 2 out later today. There were about 24 hours worth of FreeBSD-based 2990WX tests going well albeit DragonFlyBSD currently bites the gun with my Threadripper 2 test platforms. More on that in the upcoming article as the rest of those tests finish. It's also been a madhouse with simultaneously benchmarking the new Level 1 Terminal Fault (L1TF) vulnerability and the performance impact of those Linux mitigations on Intel hardware will start to be published in the next few hours.
Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.
The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers.
One of the frequent requests/comments stemming from the launch-day Windows 10 vs. Linux benchmarks on the new AMD Threadripper 2990WX were questions about whether this 32-core / 64-thread processor would do better with Windows Server given Microsoft's obvious tuning of that Windows flavor to high core/thread counts... Well, here are some initial figures with Windows Server 2016 and a Windows Server 2019 preview.
Given the immense interest and speculation about the Windows Server performance on the AMD Threadripper 2990WX, to see if it would give Linux better competition relative to Windows 10, I ran some initial benchmarks so far. I am still doing some more Windows vs. Linux exploration and benchmarking (a lot of other interesting tests from this new hardware) while for today are the Windows Server 2016/2019 results alongside the other operating system tests on this 2990WX system.
Whenever one is engaged in large-scale changes to a software project, it is nice to have some assurance that regressions are not being introduced in the process. Test suites can be helpful in that regard. But while the testing of low-level components can be relatively straightforward, testing at the user-interface level can be harder. Web applications, which must also interact with web browsers, can be especially challenging in this regard. While working on just this sort of project, your editor finally got around to looking at Selenium WebDriver as a potential source of help for the testing problem.
The overall goal of the Selenium project is automating the task of dealing with web browsers (from the user side). The WebDriver component, in particular, provides an API allowing a program to control a browser and observe how the browser reacts. There are many potential applications for this kind of functionality; it could be used to automate any of a number of tiresome, web-oriented tasks that resist the use of simpler tools, for example. But perhaps the most obvious use case is regression-testing of web applications.
The Selenium code is distributed under version 2.0 of the Apache license; it is available on GitHub. The WebDriver component offers API bindings for a number of languages, including Java, JavaScript, C#, Perl, PHP, Python (2 and 3), and Ruby. Your editor, naturally, was interested in the Python bindings. Fedora 28 packages the relatively old 3.7.0 release from December 2017, which is discouraging, but the current 3.14.0 release can be had from PyPI. One must also obtain a "driver" for one or more specific browsers; your editor has been using geckodriver to test with Firefox.
A password manager is a utility which helps users store and retrieve passwords and other data. Most password managers use a local database to hold the encrypted password data.
In modern society, people face a bamboozling amount of information to retain. Most people read a considerable amount of information online on a regular basis. Whether you conduct business online, read for your job, or just read for pleasure, the internet is a vast source of information. Retaining that information on a long-term basis can be difficult. However, some nuggets of information need to be recalled quickly. Passwords are one such example.
As a computer user, you’ll no doubt have numerous passwords to remember. Sites have arbitrary rules for various services. For example, a site may insist on a minimum number of characters, capital letters, numerals, and special characters which make choosing the same password for each site to be impossible. More importantly, there are good security reasons not to duplicate passwords. Password reuse and simple, easy-to-guess passwords are difficult issues. If you’re using the same password on more than one site, you risk having several accounts stolen if any one of them is breached.
MAAS 2.4.1 has now been released and it is a bug fix release. Please see more details in discourse.maas.io [1].
Tropico 6 is having a little extra time in the oven, with it being announced today for a January 2019 release.
One thing that concerned me, was that their announcements and PR emails only mentioned Windows for the PC release. They cleared that it up on the Steam forum post after I asked about it, to confirm Linux support is still happening. When speaking to them over email, they clarified further that they are aiming to launch the Linux version at the same time as Windows, but they can't give a 100% guarantee on that right now. Either way it's happening—great!
Tomorrow Corporation have officially announced that their programming puzzle game 7 Billion Humans will launch on August 23rd with Linux support.
Always love their style, I have fond memories of World of Goo which was one of the indie games that came to Linux back in the "early days" of 2009. Tomorrow Corporation also previously put out Human Resource Machine and Little Inferno, so it's really great to see yet another developer continue supporting Linux for so long.
Puzzle game Evergarden from Flippfly is out today with Linux support and not only is it gorgeous, it's also a very interesting puzzle experience.
Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems.
Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."
Something to look forward to: Gaming on Linux has never been the ideal experience, and the lack of AAA game compatibility is one of the main reasons for this. That's where Valve comes in, apparently - the company seems to be quietly working on a compatibility tool of its own, called "Steam Play."
It seems Valve could be taking another shot at bringing Linux to the forefront of PC gaming if recently-discovered Steam GUI files are anything to go by.
Curious Reddit users dug into Steam database files obtained by Steam Tracker. Recent updates to the database include numerous hints at something called "Steam Play," which is beginning to sound like a compatibility tool of sorts.
Valve announced the Linux-based SteamOS in 2013, just prior to the reveal of the vaguely console-like Steam Machine PCs. It was a big, bold move that ultimately petered out: Valve ditched the Steam Machines section of its website in April, aalthough you can still hit it directly if you know the URL.
A few lines of code uncovered in Steam suggest that Valve is working on compatibility tools to allow users to play games regardless of operating system. Put another way, Steam’s going to let you run Windows games on Mac and Linux with a set of software built directly into the client.
Uncovered strings all come under the “Steam_Settings_Compat” header, and all reference back to Steam Play. That’s currently the moniker Valve used to distinguish games that come as a single purchase playable across Windows, Mac, and Linux, but the strings suggest a new definition on the way.
In a very interesting move, sleuths over at GamingOnLinux appear to unearthed evidence that Valve is experimenting with tools that could allow Windows Steam games to be playable on Linux operating systems.
Up until this point, a game has to be specifically developed for Linux in order to be compatible with Unix-based operating systems. There are workarounds available right now, but it’s notoriously unreliable and a major hassle to get sorted.
However, updates posted to the Steam Database github indicates Valve is at least testing an automatic method for running Windows games on Linux. Picking through the github notes, the tool appears to be called ‘Steam Play’, which the compatibility info says “Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems.”
An observant Reddit user recently noticed that one of the latest commits for the Steam Database on GitHub contains a few lines of code that reference Steam Play and Wine compatibility, which may mean this is something Valve is working on for a future update.
Steam Play is a feature that allows users to buy a game one time, and then install it in whatever OS it is supported in – which sounds like a great feature, unless you own a game that isn’t supported in Linux. At this point, Steam won’t allow games that do not have Linux support to be installed on a Linux machine.
If this code actually makes it to a future Steam update, it could mean that Steam users on Linux machines will be able to install Windows games on the Linux version of the Steam client, through Wine – or maybe directly through the Steam client.
The Free Ones is a first-person platformer that sees a slave escape from captivity and it's out with Linux support. One that sadly got a little buried under our steaming pile of release emails. They just recently updated it again, so I took a bit of time to see if it's worth your cash.
Good stuff from Daedalic Entertainment here as they've released State of Mind today with full Linux support. This Unreal Engine powered adventure game will see you explore a world on edge, as natural resources are running low, crime is on the rise and there's a lot of pullution in the air and water.
Graveyard Keeper is a slightly amusing game that has you manage a medieval graveyard while facing ethical dilemmas and making questionable decisions. It's officially out now with Linux support.
A little different to what OpenRA [Official Site] are doing with updated gameplay on an open source game engine, CnCNet [Official Site] are providing downloads for Red Alert & Tiberian Sun that have an updated OpenGL renderer so they work better with Wine. They also offer up the original Command & Conquer, although that doesn't seem to have the single-player portion.
KDE Connect is awesome, we all know that. But sometimes you still want (or need) to acces the files on your Android phone via a good old USB cable. And to do so, you need a working implementation of the MTP protocol.
Many people on bugzilla complain that the MTP support in Plasma is just broken. And indeed the MTP implementation we have has always been ignoring a fundamental limitation of MTP: the protocol doesn’t allow parallel operations, unlike the old Android USB mass storage did. In practice, if more than one process spawns an mtp ioslave, everything breaks.
Tomorrow, there’s the fund raiser training session. Given that we’ve been raising funds for Krita since time immemorial (our first fund raiser was for two Wacom tablets and art pens so we could implement support for them, the second to let Lukas Tvrdy work on Krita for a couple of months and after that, we’ve had the kickstarters), that might seem superfluous. But I’m still hoping to learn lots. After all, it’s not like we’re exactly awash in money.
Almost ever since I first started using Linux, I've been on a mission to find the perfect window manager.
My first experience with Linux was in the late 90s, and I first tried installing it on my own in the early 2000s. Like many converts, my previous experience was largely with Windows, and so my early mission was to find an experience that closely replicated Windows, or at least let me interact with it in a familiar way.
[...]
So I've been making a concerted effort to learn the GNOME keyboard shortcuts, and honestly, it hasn't been as hard to stick with them as I had thought. Just like any other set of keyboard shortcuts, the trick is to practice them a bit, and then do what you can to discourage you from slipping back into your old ways. I set my mouse just a wee bit further away, and when practical, will flip the switch on the bottom when I'm in a keyboard-heavy activity so I'm not tempted by muscle memory.
The other trick is to have a good cheat sheet handy, posted up somewhere that you can easily see it. I made my own for GNOME, and I've created a version of it that you can download too.
The GNOME project turns twenty-one years old this month, but as it keeps growing and evolving to keep up with the changing needs of computing environments, it wouldn't surprise me if I'm still using it twenty-one years from now. And if you are too, I hope you will have taken the time to learn the keyboard shortcuts by then.
Today marks 21 years since the GNOME desktop environment project was started by Miguel de Icaza and Federico Mena. Coincidentally, released today is GNOME 3.29.91 that is the GNOME 3.30 desktop's second beta release.
GNOME 3.29.91 is now available!
Coming two weeks after the first beta release, the highly anticipated GNOME 3.30 desktop environment received a second beta release today as Michael Catanzaro informed us via an email announcement. This beta 2 release is tagged as GNOME 3.29.91, and it marks the Software String Freeze stage in the development cycle.
But it doesn't look like it was an easy release for the GNOME Release Team, as Michael Catanzaro reports build failures for several components, including GNOME Boxes, which didn't make it for this second beta release. As a consequence, numerous components weren't updated in this beta 2 release.
The latest update to the popular Ubuntu-based Linux distribution, Zorin OS 12.4 boasts of being “more secure and compatible than ever before.”
“This new release brings together the latest software updates, bug fixes, performance enhancements and hardware support out of the box. Zorin OS 12.4 introduces an updated hardware enablement stack,” say the Zorin devs.
Shipping with the updated HWE (Hardware Enablement) stack from the recently announced Ubuntu 16.04.5 LTS point release, which is powered by the Linux 4.15 kernel from Ubuntu 18.04 LTS (Bionic Beaver), as well as an updated X graphics stack, Zorin OS 12.4 brings all the latest software and security updates from the Ubuntu repositories, along with performance enhancements and bug fixes.
"Zorin OS 12.4 introduces an updated hardware enablement stack. The newly-included Linux kernel 4.15, as well as an updated X server graphics stack," reads the release announcement. "In addition, new patches for system vulnerabilities are included in this release, so you can have the peace of mind knowing that you’re using the most secure version of Zorin OS ever."
This week is the One Year Anniversary of the PodCTL podcast! We’ve now got a few teeth coming in and we’re ready for the terrible twos.
This week we dug into the role of Container Registries and how they interact with both Kubernetes, but also CI/CD pipelines and security systems (e.g. scanning, image signing, etc.). We also go into some design consideration basics for container registry usage.
Released back in May 2018, CentOS Linux 7.5 is based on the Red Hat Enterprise Linux 7.5 operating system and supported 32-bit (i386), 64-bit (x86_64), ARM64 (AArch64), PowerPC 64-bit Little Endian (PPC64el), PowerPC 64-bit (PPC64), and ARMhf architectures. However, the initial release only supported IBM POWER8 processors, but it's now available for IBM POWER9 processors too.
"I am pleased to announce the general availability of CentOS Linux 7 (1804) for POWER9 processors (ppc64le - powerpc 64-bit little endian). This release is derived from Red Hat Enterprise Linux 7.5 ALT," said James O'Connor. "Note this release is 99% equivalent to the existing CentOS 7 Linux 7 (1804) for POWER8 processors (ppc64le - powerpc 64-bit little endian)."
Red Hat, the 800-pound gorilla of the open source software world, bought CoreOS at the end of January. That was important for anyone interested in containers, and here's why: by combining the two companies Red Hat hoped to consolidate its position as one of the leading players providing useful software based around Kubernetes, the open source container management system.
You'll recall that CoreOS developed Tectonic, an entire container management platform built around Kubernetes, and has been a champion of the software for some time. Since then, the CoreOS team at Red Hat has been hard at work, and at the beginning of May it introduced what it is calling an "Operator Framework" for building Kubernetes applications.
"Halftime Report" traders Jon and Pete Najarian spot unusual activity in Red Hat, Boston Scientific, and Bank of America.
One of the oldest Linux distribution still in development, Debian has just turned 25. Let’s have a look at some interesting facts about this awesome FOSS project.
When the late Ian Murdock announced 25 years ago in comp.os.linux.development, "the imminent completion of a brand-new Linux release, [...] the Debian Linux Release", nobody would have expected the "Debian Linux Release" to become what's nowadays known as the Debian Project, one of the largest and most influential free software projects. Its primary product is Debian, a free operating system (OS) for your computer, as well as for plenty of other systems which enhance your life. From the inner workings of your nearby airport to your car entertainment system, and from cloud servers hosting your favorite websites to the IoT devices that communicate with them, Debian can power it all.
Today, the Debian project is a large and thriving organization with countless self-organized teams comprised of volunteers. While it often looks chaotic from the outside, the project is sustained by its two main organizational documents: the Debian Social Contract, which provides a vision of improving society, and the Debian Free Software Guidelines, which provide an indication of what software is considered usable. They are supplemented by the project's Constitution which lays down the project structure, and the Code of Conduct, which sets the tone for interactions within the project.
Most of Japan is on summer vacation now, only a small village in the north resists the siege, so I am continuing my reports on DebConf. See DebConf 18 – Day 1 and DebConf 18 – Day 2 for the previous ones.
I have been out of touch for the past six months, because I accepted a teaching position in Amsterdam. The amount of time that required, and the weekly commute from Switzerland (yes, really, weekly), was vastly more than I expected, and left me no time to do justice to my blog. But now I am back again, and determined to manage my time more effectively and keep up with blogging.
Although I haven't been writing, I certainly have been keeping up with news and developments in the Linux world. What really inspired me to get busy and write again was the announcement of LMDE 3 (Cindy) Beta. Hooray! How long have we been waiting for this? It feels like years. Oh, that's because it has been years.
Both Canonical and Red Hat emailed us with regards to the L1 Terminal Fault security vulnerability, which are documented as CVE-2018-3620 for operating systems and System Management Mode (SMM), CVE-2018-3646 for impacts to virtualization, as well as CVE-2018-3615 for Intel Software Guard Extensions (Intel SGX). They affect all Linux-based operating system and machines with Intel CPUs.
"It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS)," reads the Ubuntu security advisory.
Lanner’s rugged, Linux-friendly “R6S” railway computer runs on an Intel 7th Gen Core i7-7600U chip and offers 10x M12 PoE ports, 3x mini-PCIe slots, and EN 50155 and EN 45545 certification.
The R6S uses the same dual-core, Kaby Lake Core i7-7600U CPU as Lanner’s recent V6S vehicle surveillance NVR computer and similarly offers 10x GbE ports with Power-over-Ethernet (PoE). Yet, the R6S is more specifically targeted at trains. It offers compliance with ISO 7637-2, EN 50155, and EN 45545 certifications, and has passed EN 61373/MIL-STD-810G shock and vibration resistance certifications. It also supports a wider set of applications, including “rolling stock control and monitoring, infotainment, video surveillance and fleet management.”
Popular fashion brand, Michael Kors, has announced an update to its long-serving Runway series of watches. It’s reviving the Runway watch as a Wear OS smartwatch, adding new silicone band option while retaining the familiar design, case and steel bracelet options.
Open source software has the potential to drive innovation and collaboration across an enterprise, and can transform the way developers work together.
"Open source is now part of the evaluation criteria when deciding on a software platform, so much so that it is expected," said Matt Ingenthron, senior director of engineering at Couchbase. "In this way, open source has somewhat faded into the background in a positive way. Just like no consumer would inquire if a mobile phone had internet access or text messaging, choosing an open source solution is almost always an option."
Mobile phone-related fraud is big business. Fraudsters, hackers, and other bad actors employ creative techniques to compromise networks, hijack user information, and piece together customer identities that are then sold for big bucks on the dark web. To protect its customers, Sprint needed to transform the way it detected and blocked fraudulent activity.
“In the mobile phone business, there’s no markup on selling devices — our bread and butter is the network and the services that are delivered on that network, through the devices,” says Scott Rice, CIO of Sprint. “Identity theft is a huge problem and the ability for nefarious actors to use that theft of information to impersonate our customers means we were eating the costs of the devices and the costs of services delivery.”
The latest release of InfluxData, an open source platform for metrics, events, and other time series data, adds LDAP integration, new advanced analytics, and self-healing capabilities in the time series database platform. According to the company, time series data, collected and stored with InfluxData’s Time Series database platform is integral to observability and is becoming mission critical for organizations. Enhancements to InfluxEnterprise make it easier for administrators to keep this mission critical data available and secure by checking and verifying every requested action. This includes creating databases, storing data and running queries – against a user’s stored authorizations and role.
The YOYOW-WeCenter Special Edition, customized and developed by YOYOW and based on WeCenter Q&A community framework, has been released on GitHub. Compared to regular WeCenter frameworks, YOYOW is providing free open source services and will be continually iterating products and will be introducing an incentive mechanism. Each Q&A community can directly integrate into YOYOW's bottom layer network and enjoy the network services provided by YOYOW.
Software patents account for more than half of all utility patents granted in the US over the past few years. Clearly, many companies see these patents as a way to fortune and growth, even while software patents are hated by many people working in the free and open-source movements. The field of patenting has now joined the onward march of artificial intelligence. This was the topic of a talk at OSCON 2018 by Van Lindberg, an intellectual-property lawyer, board member and general counsel for the Python Software Foundation, and author of the book Intellectual Property and Open Source. The disruption presented by deep learning ranges from modest enhancements that have already been exploited—making searches for prior art easier—to harbingers of automatic patent generation in the future.
The O'Reilly Open Source Conference (OSCON) returned to Portland, Oregon in July for its 20th meeting. Previously, we covered some retrospectives and community-management talks that were a big part of the conference. Of course, OSCON is also a technology conference, and there were lots of talks on various open-source software platforms and tools.
An attendee who was coming back to OSCON after a decade would have been somewhat surprised by the themes of the general technical sessions, though. Early OSCONs had a program full of Perl, Python, and PHP developer talks, including the famous "State of The Onion" (Perl) keynote. Instead, this year's conference mostly limited the language-specific programming content to the tutorials. Most of the technical sessions in the main program were about platforms, administration, or other topics of general interest, some of which we will explore below.
WebTorrent is the first torrent client that works in the browser. It’s written completely in JavaScript – the language of the web – and uses WebRTC for true peer-to-peer transport. No browser plugin, extension, or installation is required.
Using open web standards, WebTorrent connects website users together to form a distributed, decentralized browser-to-browser network for efficient file transfer. The more people use a WebTorrent-powered website, the faster and more resilient it becomes.
Bitslicing (in software) is an implementation strategy enabling fast, constant-time implementations of cryptographic algorithms immune to cache and timing-related side channel attacks.
This post intends to give a brief overview of the general technique, not requiring much of a cryptographic background. It will demonstrate bitslicing a small S-box, talk about multiplexers, LUTs, Boolean functions, and minimal forms.
There is a popular browser add-on which is installed by 222,746 Firefox users according to Mozilla’s own statistics of add-on downloads. According to a German security blogger, Mike Kuketz, and the author of uBlock Origin, Raymond Hill, this particular add-on has been spying on users’ activity by tapping into their browser histories and keeping track of the web pages that they visit. This add-on is the Web Security extension for the Mozilla Firefox browser.
Web Security is designed to protect users from online phishing and malware attacks that could potentially steal personal information. This comes across as ironic as the extension is found to be unethically keeping tabs (pun intended) on your own information, evading your privacy without your consent. The reason that this news is hitting the stands so massively is that the add-on was publicized by Mozilla itself in a blog post just last week. The add-on boasts fantastic reviews and that’s why it is used so widely by so many people too.
I riffed on this a bit over at twitter some time ago; this has been sitting in the drafts folder for too long, and it’s incomplete, but I might as well get it out the door. Feel free to suggest additions or corrections if you’re so inclined.
You may have seen this list of latency numbers every programmer should know, and I trust we’ve all seen Grace Hopper’s classic description of a nanosecond at the top of this page, but I thought it might be a bit more accessible to talk about CPU-scale events in human-scale transactional terms. So: if a single CPU cycle on a modern computer was stretched out as long as one of our absurdly tedious human seconds, how long do other computing transactions take?
According to the reports by Mike Kuketz, an independent security blogger from Germany and uBlock Origin, an add-on named “Web Security” has been caught collecting users’ browsing history.
[...]
Soon after this discovery by Hill, Kuketz added a post on his blog about the same extension pointing to the same strange behavior of the add-on. A user on Kuketz’s blog decoded the garbled data and found that the add-on was collecting users’ browsing history and sending it to a German server.
Oracle, a company not exactly known for having the best relationship with the open source community, is releasing a new open source tool today called Graphpipe, which is designed to simplify and standardize the deployment of machine learning models.
The tool consists of a set of libraries and tools for following the standard.
Oracle today open-sourced Graphpipe, a tool created to make it easy to serve machine learning models in the cloud made by popular frameworks like TensorFlow, MXNet, Caffe2, and PyTorch. Graphpipe was designed to simplify the deployment of machine learning for use on mobile apps and IoT devices, as well as web services for end users or AI for internal use at companies.
“Graphpipe is an attempt to standardize the protocol by which you speak to a remotely deployed machine learning model, and it includes some reference servers that allow you to deploy machine learning models from existing frameworks very easily in an efficient way,” Oracle cloud architect Vish Abrams told VentureBeat in a phone interview. Prior to joining Oracle, Abrams led efforts at NASA to open-source the OpenStack cloud computing platform.
Machine learning is expected to transform industries. However, its adoption in the enterprise has been slower than some might expect because it's difficult for organizations to deploy and manage machine learning technology on their own. Part of the challenge is that machine learning models are often trained and deployed using bespoke techniques, making it difficult to deploy models across servers or within different departments.
Oracle has developed an open source specification for transmitting tensor data, which the company wants to become a standard for machine learning.
Called GraphPipe, the specification provides a protocol for network data transmission. GraphPipe is intended to bring the efficiency of a binary, memory-mapped format while being simple and light on dependencies. There also are clients and servers for deploying and querying machine learning models from any framework.
Major tech firms regularly open-source internal software projects, but it’s not often that Oracle Corp.’s name comes up in this context. Today marked one of those occasions.
The database giant this morning released GraphPipe, a tool for easing the deployment of machine learning models. Development on the project was led by Oracle cloud architect Vish Abrams, an open-source veteran who previously worked at NASA as part of the team that created the OpenStack data center operating system.
Matt Chapman used the Freedom of Information Act to get the City of Chicago's very mess parking ticket data; after enormous and heroic data normalization, Chapman was able to pinpoint one of the city's most confusing parking spots, between 1100-1166 N State St, which cycled between duty as a taxi-stand and a parking spot with a confusingly placed and semi-busted parking meter.
After surveying the site and deducing the problem, Chapman contacted the alderman responsible for that stretch of North State Street, and, eight months later, the signage was cleaned up and made more intuitive.
Followup data analysis showed that Chapman's work had halved the number of parking tickets issued on the spot, with 600-odd fewer tickets in the past 20 months, for a savings of $60,000 to Chicago motorists.
Bluespec Inc. has released Piccolo, its first in a family of RISC-V open-source processors provided as a vehicle for open innovation in embedded systems.
Piccolo is a 3-stage RV32IM processor whose small “footprint” is ideal for many IoT applications. The repository (https://github.com/bluespec/Piccolo) contains a royalty-free synthesizable Verilog core that can be easily integrated and deployed into an ASIC or FPGA. Bluespec, Inc. will actively maintain Piccolo. It also offers commercial-grade tools for the customization and verification of RISC-V cores. Configurations will be continually added to provide the full spectrum of embedded controller features. Companies or universities interested in contributing to the Piccolo project should contact Bluespec, Inc. (add contact – RISC-V open source support).
I have been working on a pet project to write a File Indexer, which is a utility that helps me to search a directory for a given word or phrase.
The motivation behind to build this utility was so that we could search the chat log files for dgplug. We have a lot of online classes and guest session and at time we just remember the name or a phrase used in the class, backtracking the files using these are not possible as of now. I thought I will give stab at this problem and since I am trying to learn golang I implemented my solution in it. I implemented this solution over a span of two weeks where I spent time to upskill on certain aspects and also to come up with a clean solution.
What are the best ways for governments to improve effectiveness and efficiency? At San Jose City Hall, we’re getting traction with an unconventional approach: agile for non-technical teams. Public servants who do everything from emergency management to parks programs are finding that Agile methods help them with that most basic of challenges: Getting things done amid frequent interruptions and evolving priorities.
Last September, I proclaimed, "Scrum is the best thing that’s happened to our government team." Our innovation team of five had discovered that planning and delivering work in small increments enables us to stay focused, aligned, and continuously improving. We didn’t yet know if our experience would be replicable by other teams in our organization. We offered Agile training for 10 colleagues to see what would happen.
Nine months later, 12 teams and more than 100 staff members throughout our organization are using Agile methods to organize their work. Notably, the spread of Agile among city teams has been largely organic, not driven by top-down mandates.
Without question, Linux was created by brilliant programmers who employed good computer science knowledge. Let the Linux programmers whose names you know share the books that got them started and the technology references they recommend for today's developers. How many of them have you read?
[...]
Linux was developed in the 1990s, as were other fundamental open source applications. As a result, the tools and languages the developers used reflected the times, which meant a lot of C programming language. While C is no longer as popular, for many established developers it was their first serious language, which is reflected in their choice of influential books.
“You shouldn't start programming with the languages I started with or the way I did,” says Torvalds. He started with BASIC, moved on to machine code (“not even assembly language, actual ‘just numbers’ machine code,” he explains), then assembly language and C.
“None of those languages are what anybody should begin with anymore,” Torvalds says. “Some of them make no sense at all today (BASIC and machine code). And while C is still a major language, I don't think you should begin with it.”
It's not that he dislikes C. After all, Linux is written in GNU C. "I still think C is a great language with a pretty simple syntax and is very good for many things,” he says. But the effort to get started with it is much too high for it to be a good beginner language by today's standards. “I suspect you'd just get frustrated. Going from your first ‘Hello World’ program to something you might actually use is just too big of a step."
Aretha Franklin, the undisputed Queen of Soul and a music legend who enjoyed a career longer than many of her successors, died Thursday. She was 76.
Her publicist confirmed her death to the Associated Press, saying she died in at her home in Detroit from advanced pancreatic cancer.
“In one of the darkest moments of our lives, we are not able to find the appropriate words to express the pain in our heart," her family said in a statement. "We have lost the matriarch and rock of our family.”
In a study published today in the journal Science Robotics, researchers from Germany and the UK demonstrated that children are susceptible to peer pressure from robots. The findings, say the researchers, show that, as robots and AIs become integrated into social spaces, we need to be careful about the influence they wield, especially on the young.
Where is the biggest smartphone factory in the world? If you guessed Shenzhen, or anywhere else in China, you’re wrong as of last month. Samsung in July opened what has been dubbed the world’s largest smartphone factory in Noida, just outside of Delhi. Meanwhile, South Korean media this week reported that Samsung may be on the verge of shuttering its smartphone factory in the northern Chinese city of Tianjin. The news comes as the top global handset maker ramps up production in other parts of Asia.
Dell inspiron with extra Intel Pro/1000 Dual port Server Adapter
3 Nodes Dell Poweredge 610 ( each with a different Solid State Drive)
Juniper SRX 220 Router
Tenda 8 port Gigabit Desktop switch
The whole thing is housed in a StarTech.com 12U Adjustable Depth Open Frame 4 Post Server Rack
Here’s what it looks like:
A defense contractor has agreed to pay $9.1 million to settle claims that it furnished U.S. service members with earplugs that it knew were defective, the Department of Justice announced on Thursday. The settlement suggests that pure greed may be partly to blame for the military’s “silent epidemic” of hearing loss.
A liberal veterans group is suing to block the influence of three outside advisers who have been secretly influencing the Department of Veterans Affairs from Mar-a-Lago, President Donald Trump’s private club in Palm Beach, Florida.
ProPublica reported last week that the advisers — Marvel Entertainment chairman Ike Perlmutter, West Palm Beach doctor Bruce Moskowitz and Washington lawyer Marc Sherman — have been shaping VA personnel and policy decisions despite having no official role or relevant expertise.
The trio, sometimes referred to as the “Mar-a-Lago Crowd,” is failing to disclose its activities as required by federal law, according to a lawsuit filed today in federal court in Washington, D.C., by VoteVets, a liberal activist group that says it represents 500,000 supporters.
Like the Spectre and Meltdown exploits earlier this year, the new L1TF / Foreshadow vulnerabilities allow for a form of speculative execution attack. Unlike those earlier exploits, these affect modern chips with SGX architecture extensions, designed to protect data and applications from interference.
On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack triggered by a specially crafted stream of IP datagrams that cause expensive processing within the Linux kernel. This vulnerability is similar to the Linux TCP vulnerability announced August, 6th, 2018.
The US CERT Coordination Center posted an alert about the security issue, tagged with the ID CVE-2018-5391, and notes the issue affects versions 3.9 and above of the Linux kernel.
US-Cert announced updates and patches for VMware, Samba, Internet Key Exchange, and Linux kernel, respectively, to address a host of vulnerabilities.
The VMware security updates fixed vulnerabilities in vSphere, Workstation, Fusion, and Virtual Appliances which could allow an attacker to obtain sensitive information if exploited, according to an August 14 advisory.
The Samba Team released security updates to address several vulnerabilities which if exploited could allow threat actors to gain control of an affected system.
QEMU 3.0 is now officially available. This big version bump isn't due to some compatibility-breaking changes, but rather to simplify their versioning and begin doing major version bumps on an annual basis. As an added bonus, QEMU 3.0 comes at a time of the project marking its 15th year in existence.
QEMU 3.0 does amount to being a big feature release with a lot of new functionality as well as many improvements. Changes in QEMU 3.0 include Spectre V4 mitigation for x86 Intel/AMD, improved support for nested KVM guests on Microsoft Hyper-V, block device support for active mirroring, improved support for AHCI and SCSI emulation, OpenGL ES support within the SDL front-end, improved latency for user-mode networking, various ARM improvements, some POWER9 / RISC-V / s390 improvements too, and various other new bits.
Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
Theo de Raadt (deraadt@) posted to the tech@ mailing list with some background on how the latest discovered Intel CPU issues relate to OpenBSD.
[...]
These 3 issues (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) together are the currently public artifacts of this one bug.
The head of the OpenBSD project, Theo de Raadt, has warned that more flaws related to speculative execution in Intel CPUs are likely to be found and that the two vulnerabilities found by Intel, as a result of examining the Foreshadow bug — found by two independent teams — are cause for much worry.
De Raadt told iTWire that Foreshadow was "the wrong name. It is one of three side effects of a very poor Intel decision".
And he added in a mailing list post, "CVE-2018-3615 (Foreshadow) is by receiving the most press which is amazing considering it is by far the most boring of the 3, since very few few people give a rat's ass about SGX – who cares if SGX is broken when the CPU can't run your OS safely? Some convincing press agencies were hired, I guess, and have performed a masterful job of distracting."
Three newly discovered speculative execution vulnerabilities found in Intel CPUs may turn out to be more serious than their Spectre and Meltdown cousins, because this time the side-channel attack bugs affect microprocessors that support Intel Software Guard Extensions, as well as virtual machines running on the same third-party cloud as the susceptible device.
The new family of Spectre-like flaws, dubbed Foreshadow (CVE-2018-3615) and Foreshadow-NG (CVE-2018-3620 and CVE-2018-3646), were independently uncovered by two separate research teams -- one from imec-DistriNet-KU Leuven in Belgium, and the other from Technion - Israel Institute of Technology, the University of Michigan, and University of Adelaide and CSIRO's Data61 in Australia.
At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine.
This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”
Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections.
Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site.
Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.
Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.
Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps.
Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable.
"In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."
The Speck cipher is geared toward good performance in software, which makes it attractive for smaller, often embedded, systems with underpowered CPUs that lack hardware crypto acceleration. But it also comes from the US National Security Agency (NSA), which worries lots of people outside the US—and, in truth, a fair number of US citizens as well. The NSA has earned a reputation for promulgating various types of cryptographic algorithms with dubious properties. While the technical arguments against Speck, which is a fairly simple and straightforward algorithm with little room for backdoors, have not been all that compelling, the political arguments are potent—to the point where it is being dropped by the main proponent for including it in the kernel.
The WireGuard VPN tunnel has been under development — and attracting attention — for a few years now; LWN ran a review of it in March. While WireGuard can be found in a number of distribution repositories, it is not yet shipped with the mainline kernel because its author, Jason Donenfeld, hasn't gotten around to proposing it for upstreaming. That changed on on July 31, when Donenfeld posted WireGuard for review. Getting WireGuard itself into the mainline would probably not be all that hard; merging some of the support code it depends on could be another story, though.
WireGuard implements a simple tunneling protocol allowing network traffic to be routed through a virtual private network provider. It has been developed with an eye toward smallness, ease of verification, and performance, rather than large numbers of features. It is, according to the patch posting, "used by some massive companies pushing enormous amounts of traffic". Some effort has gone into making WireGuard widely available, an effort that has helped to create a significant user community. But the ultimate way to make this kind of software widely available is to get it into everybody's kernel; that requires upstreaming.
Mitchell said political stickers, for instance, can land you in secondary search or result in being detained while crossing a border. In one case, Mitchell said a hacker friend ended up missing a flight over stickers.
But the room check captured on video suggests the walkthroughs are subject to abuse by hotel personnel who may use them as opportunity to snoop on guests or take and post images for amusement. And accounts of other searches that involved hotel security staff refusing to show ID or showing insufficient ID, and displaying bullying and threatening behavior to guests in occupied rooms, raises questions about the legality of the searches and the tactics and training of security personnel.
Researchers identified a security gap in more than 10 applications used by millions around the world, including an app used by Finland's population registry.
It has only taken a few years, but the press, public and law enforcement appear to finally be waking up to the problem of SIM hijacking. SIM hijacking (aka SIM swapping or a "port out scam") involves a hacker hijacking your phone number, porting it over to their own device (often with a wireless carrier employee's help), then taking control of your personal accounts. As we've been noting, the practice has heated up over the last few years, with countless wireless customers saying their entire identities were stolen after thieves ported their phone number to another carrier, then took over their private data.
Sometimes this involves selling valuable Instagram account names for bitcoin; other times it involves clearing out the target's banking or cryptocurrency accounts. Case in point: California authorities recently brought the hammer down on one 20-year-old hacker, who had covertly ported more than 40 wireless user accounts, in the process stealing nearly $5 million in bitcoin.
One of the problems at the core of this phenomenon is that hackers have either tricked or paid wireless carrier employees to aid in the hijacking, or in some instances appear to have direct access to (apparently) poorly-secured internal carrier systems. That has resulted in lawsuits against carriers like T-Mobile for not doing enough to police their own employees, the unauthorized access of their systems, or the protocols utilized to protect consumer accounts from this happening in the first place.
If we truly want to get to a place where we can live in a society that treats mental health seriously and effectively we need to have the ability to have tough conversations. Following the Danforth shooting we need to be able to speak openly and honestly about Islamic terrorism, guns, crime, mental health, fentanyl and policing without getting into shouting matches.
Sterling Heights is unique in that it is home to not only a growing Muslim community but one of the largest concentrations of Chaldean Catholic Christians in the U.S. These Christians fled persecution in Iraq. Word of the open house spread quickly among Chaldeans and other Christians when a flyer showing the targeted church started circulating in the area last week.
"Now listen, you people of NATO," Gaddafi said on the eve of NATO's invasion of Libya in 2011. "You're bombing a wall which stood in the way of African migration to Europe and in the way of al-Qaeda terrorists. This wall was Libya. You're breaking it."
Her father Kallu Gazi and brother Aas Mohammad were very annoyed with her eloping with Abid whom they disliked. About a week ago, Aas Mohammad had publicly announced in the colony that he would behead her sister for daring to go against the family members.
According to Dawn, Diamer Superintendent Police (SP) Roy Ajmal said 12 schools, including only-girls schools were set on fire. He also said that in a few cases, books were also thrown out and torched.
Dawn quoted local police officer Mohammad Bashir as saying that the attack on schools took place near Chilas before dawn on Friday, however, no casualties were reported as the schools were closed when the attack took place.
Police added that no group has claimed responsibility for the attack yet.
Amnesty International says Turkish forces in the northern Syrian city of Afrin are giving Syrian militias "free rein" to commit serious human rights abuses. The group alleges torture, forced disappearances and looting.
Research released today reveals that residents in Afrin are enduring a wide range of violations, mostly at the hands of Syrian armed groups that have been equipped and armed by Turkey. These violations include arbitrary detentions, enforced disappearances, and confiscation of property and looting to which Turkey’s armed forces have turned a blind eye. Some of these groups, and Turkish armed forces themselves, also have taken over schools, disrupting the education of thousands of children.
Russian-backed separatists are "adept at identifying Ukrainian positions by their electrometric signatures," US Army Col. Liam Collins wrote in late July.
News outlets have performed torturous linguistic contortions to avoid stating the simple fact that Israel is shooting hundreds of demonstrators with live ammunition, killing 30 and injuring close to 2,000. An Associated Press headline (4/6/18) said, “Palestinian Protesters Burn Tires, Sending Smoke Billowing at Gaza/Israel Border; Israeli Troops Fire Back Sporadically.” That’s a logical impossibility: Israeli forces cannot “fire back” at people who aren’t firing at them. The sentence rests on the absurd assumption that burning tires is the same as shooting people.
The man who allegedly used a pickaxe to vandalize President Trump's star on the Hollywood Walk of Fame has reportedly been charged with vandalism.
Known as “Black Friday,” Israel’s assault on Rafah in the southern Gaza Strip on Aug. 1, 2014, was one of the deadliest and most scrutinized episodes in the 50-day war that summer.
On Wednesday, the Israeli military cleared itself of wrongdoing in the bitterly contested episode. It published the conclusions of the examination into its conduct as Israel eased some restrictions on Gaza and moved to shore up the fragile cease-fire agreements that ended that war.
Human rights groups like Amnesty International have said there was “strong evidence” that Israel carried out war crimes in Rafah by killing scores of Palestinians, most of them civilians. Some accused the Israeli military of firing in revenge, disproportionately and indiscriminately, after Hamas militants abducted a soldier, Lt. Hadar Goldin.
The troops waging America’s 17-year-old war in Afghanistan are confronting a puzzle: What has become of the enemy who drew them there?
Al-Qaeda, the group whose September 11 terror attacks provoked the U.S. invasion in 2001, has shrunk to relative obscurity among the military’s other missions in Afghanistan, supplanted by newer threats such as a local branch of the Islamic State. And it is a matter of debate how much al-Qaeda’s remaining Afghan presence still focuses on launching attacks overseas, according to current and former military officers and government officials, experts, and Afghans from areas where the group operates.
Only a small portion of the 15,000 American troops in Afghanistan are involved in the counterterrorism mission that the military calls its “core objective” there. Even fewer of those are hunting al-Qaeda, whose presence in the country has dwindled after years of drone strikes. Instead, U.S. special operations forces are focusing on the Afghan branch of ISIS, a less secretive group that in some way offers an easier target.
The US Democratic National Committee (DNC) has subpoenaed Wikileaks via Twitter.
Cohen Milstein Sellers & Toll, the DNC’s law firm, filed a motion to serve Wikileaks through Twitter and first-class mail on 20 July. The motion was granted by US District Court Judge John Koeltl on 6 August.
On 10 August, Cohen Milstein tweeted to Wikileaks from a newly created account linking to legal documents hosted on a website that appears to have been created for the purpose.
The Democratic National Committee’s vendetta against WikiLeaks, Russia and pro-Trump political operatives took an unconventional turn recently when the political party served WikiLeaks with a subpoena over Twitter.
A law firm representing the DNC notified WikiLeaks it had been sued simply by mentioning the document publisher in a tweet and dumping the associated legal URLs to fill out the rest of the tweet. "By Court order, you are being served with the following legal documents," the law firm said August 10.
Last Friday, the Democratic National Committee (DNC) served WikiLeaks via Twitter. While the microblog service is extremely popular within the White House these days, it’s one of only a handful of instances when it has been used for such an official purpose, maybe except that time when the U.S. Secretary of State found out he had been fired in a presidential tweet.
So, the law firm representing the DNC in its civil lawsuit against WikiLeaks officially served the legal documents on the case to WikiLeaks by tagging its official account in a post. Notably, the account seems to have been created specifically for that purpose, as it is relatively new and has no other tweets.
We thank Naomi Colvin for her work as Courage Director over the last year, including the successful campaign to resist Lauri Love’s extradition to the US, which was widely publicised in the UK and abroad. Naomi joined Courage in 2014. We wish her all success.
Courage defends those who are subject to serious prosecution or persecution. It is designed to increase the power of defence campaigns through mutual aid, sharing basic financial and internet infrastructure and solidarity.
Omarosa’s decision to slowly leak out her taped conversations is exactly what Trump and WikiLeaks did with the Russian hacked Clinton emails, and it is terrifying the White House.
An organization formed to provide legal help to opponents of the Dakota Access oil pipeline is launching an effort to help protesters with criminal warrants resolve their cases.
There are about 100 outstanding warrants issued for people from 25 states.
And while red tide is an annual event, Ruane sees the severity of this year as a chance to educate his constituents about the risks of over-fertilizing, not addressing pollution from stormwater run-off and the need for long-term fixes to the Everglades. He’s also hoping to convince the Corps — he took the agency’s South Florida deputy commander Lt. Col. Jennifer Reynolds on a tour Tuesday — to speed up changes in managing the lake and reconsider flushing water to the coasts.
It should also serve as a wake-up call, Baroon said.
“Wildlife is the canary in the coal mine,” she said. “It’s the thing telling us your environment is very unhealthy and as a human species you need to do something about it.”
Later this year, Audi will sell an electric vehicle that can keep up with Tesla’s performance and range. Mercedes, Volkswagen, and BMW will follow soon, as they are set to regain technological leadership, especially when it comes to luxury cars. But even if they do, they will be depending on suppliers from China, Korea, or Japan to deliver one crucial part of their EVs: the battery cells. As it turns out, Germany’s automotive industry is not able to build those highly needed components. At least, not anymore.
Horrific photos reveal the aftermath of a brutal killing of a pod of whales on a remote Arctic island.
The animals are rounded up and slaughtered by villagers several times a year in a tradition that has caused outrage across the world.
One of these culls happens every summer where thousands of pilot and beaked whales are massacred in bays across the Danish-owned Faroe Islands as inhabitants prepare for the harsh winter months ahead.
Images show fishermen driving herds into shallow waters that have already been stained red by the blood of previously slaughtered animals.
The water is littered with dozens of corpses many of which can be seen with massive gashes on their bodies where people have hacked at them.
Back in 2011, about one in four FHA loans in California included down payment money from relatives. Today, it's one in three.
Japan’s Fair Trade Commission is looking into whether Apple improperly pressured Yahoo Japan to shut down a game streaming platform that competed with the iOS App Store, according to Nikkei. Yahoo Japan’s Game Plus service allowed people to stream full games made for other platforms and to play HTML5 games on mobile phones, which would have allowed iPhone owners to get games without going through the App Store.
Yahoo told multiple business partners that it was forced to cut back because of pressure behind the scenes from Apple. The Japanese company relies on the U.S. tech giant for part of its profits in the form of sales through the App Store.
Bloomberg characterized the report as Khosrowshahi embracing the company’s “growth above profit” ethos. But it has cast a spotlight on some of Uber’s more expensive, trouble-prone projects. Specifically, the company’s beleaguered self-driving car operation is said to be losing as much as $200 million a quarter, The Information reported today. And Bloomberg noted that Uber is being urged by investors to off-load the unit.
Nearly a year into Khosrowshahi’s tenure, Uber reported on Wednesday a second-quarter loss of $891 million. While it’s a 16 percent improvement from a year earlier, the loss follows a rare profit posted in the first quarter, thanks largely to the sale of overseas assets.
The very government that has favored Tencent as a technology champion is now directly hurting its results, with the bureaucratic shakeup in Beijing blocking its path to making money from games. The Shenzhen-based company relies on new content to draw and keep users on its WeChat messaging service, over which it sells in-game items and advertising to a billion-plus users. Tencent hasn’t been able to cash in on the world’s most popular games, including Fortnite and PlayerUnknown’s Battlegrounds.
No, you know, it’s always struck me as bizarre, even if you are a great lover of capitalism, our system, and you just think it’s the greatest thing since sliced bread. Even if you’re like that, if that’s your point of view, the fact is that places, like, I don’t know, let’s pick one: the People’s Republic of China—for the last 25 years, that economy, which is organized in ways that are different from the one we have here in the United States, that People’s Republic of China has achieved the most rapid economic transformation from poor country to superpower economically, that we have ever seen in the history of the human race. OK…. That alone would mean we ought to be exploring, in our classrooms, in our media: What’s that about? How did they accomplish that? That’s something that most of the world’s people dream of, and so it’s an important matter.
And now you add another couple of other considerations. That it’s the largest country by population on this planet. And it is a superpower, has nuclear weapons and all of that. And you’d say, any rational person would understand: Of course we have to look at that model of how you do economics, how you organize an economic system, to ask the logical, rational question: not necessarily that we must copy them, but are there things about what they do, and how they organize, that we might be able to learn something from?
Gordon Brown has said more than one million Labour supporters who voted for Brexit have now changed their mind, as pressure grows on Jeremy Corbyn to back a second EU referendum.
The former prime minister said on Wednesday that the country was “losing hope” and had been “immobilised by divisions”.
“Remain voters are despondent, fearing that we have moved from a soft Brexit to a hard Brexit to a no-deal Brexit,” he told the Edinburgh International Book Festival.
“But leave voters believe that none of the Brexit options- a Norway-style deal, a Swiss-style deal or the Canadian option - can deliver what they were promised and now feel betrayed.
“Our country is often accused of being stuck in the past. The problem this time is that we are stuck in the present – and, as each day passes, becoming less and less optimistic about the future.”
Brown said polling, including a survey from Hope not Hate that suggested 21% of Labour leave votes had changed their mind, meant more than one million of the party’s supporters had abandoned Brexit.
Labour’s internal arguments over Brexit are set to come to a head at its annual conference in September.
Corbyn is facing a move by pro-EU members to hold a vote committing the party to holding referendum on Theresa May’s final Brexit deal.
An anchor, Trish Regan, called the country a warning about socialism, mentioning it alongside Venezuela. The Danish finance minister led an angry response.
The memorandum required that an extensive interagency process take place before the U.S. government embarks on any cyberattacks. Trump reversed the rules to try and ease some of those restrictions, which critics argued were detrimental to launching the attacks quickly, according to the Journal.
There’s more than meets the eye to President Donald Trump’s decision to revoke the security clearances that ex-CIA Director John Brennan enjoyed as a courtesy customarily afforded former directors. The President’s move is the second major sign that Brennan is about to be hoist on his own petard. It is one embroidered with rhetoric charging Trump with treason and, far more important, with documents now in the hands of congressional investigators showing Brennan’s ringleader role in the so-far unsuccessful attempts to derail Trump both before and after the 2016 election.
Brennan will fight hard to avoid being put on trial but will need united support from from his Deep State co-conspirators — a dubious proposition. One of Brennan’s major concerns at this point has to be whether the “honor-among-thieves” ethos will prevail, or whether some or all of his former partners in crime will latch onto the opportunity to “confess” to investigators: “Brennan made me do it.”
Today, hundreds of newspapers, at the initiative of The Boston Globe, are purporting to stand up for a free press against Trump’s rhetoric.
Today also marks exactly one month since I was dragged out of the July 16 Trump-Putin news conference in Helsinki and locked up until the middle of the night.
As laid in my cell, I chuckled at the notion that the city was full of billboards proclaiming Finland was the “land of free press“.
So, I’ve grown an especially high sensitivity to both goonish behavior toward journalists trying to ask tough questions — and to those professing they are defending a free press when they are actually engaging in a marketing exercise.
As some have noted, the editorials today will likely help Trump whip up support among his base against a monolithic media. But, just as clearly, the establishment media can draw attention away from their own failures, corruptions and falsehoods simply by focusing on Trump’s.
Big media outlets need not actually report news that affects your life and point to serious solutions for social ills. They can just bad mouth Trump. And Trump need not deliver on campaign promises that tapped into populist and isolationist tendencies in the U.S. public that have grown in reaction to years of elite rule. He need only deride the major media.
They are at worst frenemies. More likely, at times, Trump and the establishment media log roll with each other. The major media built up Trump. Trump’s attacks effectively elevate a select few media celebrities.
The Austin American-Statesman reported Wednesday that the pirate radio station, Liberty Radio, was hit with a $15,000 fine and at least temporarily pulled from the airwaves.
A pirate radio station that serves as controversial host Alex Jones’ Austin flagship has been knocked off the city’s airwaves – at least temporarily – and the Federal Communications Commission has levied a $15,000 penalty that the station’s operators are refusing to pay.
Eight years after Google initially took a stand against Internet censorship by exiting the Chinese search market, we are disappointed to learn the company has been secretly re-considering an extended collaboration with the massive censorship and surveillance-wielding state. According to an Intercept report released at the beginning of the month, Google is working on a censored version of its search service for release in China.
In 2010, EFF and many other organizations praised Google for refusing to sacrifice the company’s values for access to the Chinese market. At the time, this move followed public backlash and several attacks on Google’s infrastructure that targeted the personal data of several prominent Chinese human rights activists. Google’s departure from China showed that strong core values in fundamental human rights could beat out short-term economic gain in the calculus of an Internet company.
But now it seems the company has reversed course.
This news comes amid other reports of American tech giants compromising values to enter or remain within China: Facebook has piloted a censored version of its own platform, and Apple recently faced criticism for moving its customers' data into China-hosted servers, and adding code to filter the Taiwanese flag emoji in Chinese locales.
Within China, Google’s direct competitor, Baidu, has been facing a significant amount of social, regulatory, and economic backlash over recent advertising malpractice, such as monetizing questionable medical advertisements, heavily deprioritizing non-Baidu services, and allegedly promoting phishing sites. There may well be a growing demand for competition within the Chinese search engine market.
Another (partial) win for the First Amendment, the ACLU, and American citizens. The Ninth Circuit Court of Appeals has overturned a decision forbidding the photography of CBP officers at border crossings. (h/t Mitra Ebadolahi)
The CBP seems to have a problem respecting the First Amendment rights (along with several other rights) of American citizens when engaged in its border patrolling and protecting. This same appeals court recently allowed the heavily-harassed citizens of an Arizona border town to move forward with their First Amendment lawsuit against the agency, ruling that the CBP acted arbitrarily when dealing with protesters and activists documenting checkpoint activity. The record clearly showed the CBP removed people it didn't like from its imaginary zone of exclusion while allowing other random citizens more aligned with the CBP's open harassment of American citizens to venture inside the ad hoc DMZ to harass citizens documenting harassment.
[...]
The decision does not hand the plaintiffs a complete victory. It does shift the burden of proof back on the government and instructs the lower court to allow the case to proceed to see if the government can actually offer up anything supporting its random time/place restrictions that border on total violation of established First Amendment principles. The appeals court seems inclined to believe the CBP cannot simply forbid photography of publicly-viewable enforcement activities by members of the public. We'll have to see what the lower court does on remand, considering it already granted the government a free pass once, because National Security > Established Constitutional Rights, apparently.
Twitter just suspended Alex Jones for a week after he called on millions of people to pick up weapons to attack the press. I am still in the dark about what I said on Twitter that is x Infinity worse, as mine is a permanent suspension.
Anyway, I hope with Alex Jones (and me) gone, your Twitter is better, kinder, more… ideologically pure. @jack seems to be on a campaign ahead of the midterms to make Twitter less politically diverse, so I hope that is good for you, not to have to block all those nasty contrary opinions and all. Soon enough it’ll be just down to what the Party wants you to read and for most people that is a comfortably numb place to be. I wish you well! You will learn, as I have, to love Big Brother. Twitter will help you learn.
[...]
Supreme Court Justice Louis Brandeis held people must discuss and criticize unpopular ideas, that free speech is not an abstract virtue but a key element at the heart of a democratic society. Even the fact that speech is likely to result in “violence or in destruction of property is not enough to justify its suppression.” Brandeis concluded “the deterrents to be applied to prevent violence and disruption are education and punishment for violations of the law, not abridgment of free speech.”
Free speech is not an ends, it is a means, in a democracy. Shame on Twitter, et al, for treading on that mighty concept. Free speech is messy, and it is our essential defense against fascism, whether from the left or the right.
As you likely know, Germany has some very restrictive laws surrounding how and when Nazi iconography can appear in the country. This has resulted in a heavily-policed artistic community, particularly when it comes to video games, which has produced some fairly funny happenings about games accidentally going to Germany chock full of Nazi stuff and other funny happenings in which the game makers make a show of doing as little as possible to get around the law. In the realm of other media, such as movies, the German government has put in place a review process to make sure that the use of Nazi symbols furthers the artistic or historical accuracy of the entertainment. Video games have not had such a review system. And, look, on some level this sort of attempt by Germany to restrict the use of these hateful symbols is understandable. The kind of global embarrassment that comes with committing the worst genocide in history is the sort of thing that leaves a mark. But we've also pointed out that these German laws aren't so much stamping out fascist thought as they are putting the government's collective head in the sand as some kind of grand virtue signal to the planet.
A new standard for cryptography is on the horizon, called Transport Level Security 1.3 (TLS 1.3).
TLS 1.3 is a major update to cryptography, and fundamentally changes how websites and services will handle negotiating and executing encrypted services.
Among the big improvements are faster handshakes with websites (meaning faster page load times), new ciphers (new and stronger types of encryption) and new hash functions (types of verification to check if data is genuine). It also features privacy improvements such as reducing the amount of metadata that is exposed to eavesdroppers, as all metadata that isn’t needed for the routing around the web itself is now hidden behind encryption.
ProPublica does not have an editorial page, and we have never advocated for a particular policy to address the wrongs our journalism exposes. But from the very beginning of our work more than a decade ago, we have benefited enormously from the traditions and laws that protect free speech. And so today, as the nation’s news organizations remind readers of the value of robust journalism, it seems fitting to add our voice.
ProPublica specializes in investigative reporting — telling stories with “moral force” that hold government, businesses and revered institutions to account. There are few forms of journalism more vulnerable to pressure from the powerful. What we publish can change the outcome of elections, reverse policies, embarrass police or prosecutors and cost companies boatloads of money. The main subjects of our work, in most cases, would much prefer that our reporting never appear or be substantially watered down.
In a recent tweet, US Senator Chris Murphy (D-CT) warned that “Infowars is the tip of a giant iceberg of hate and lies that uses sites like Facebook and YouTube to tear our nation apart.” His solution: “These companies must do more than take down one website. The survival of our democracy depends on it.”
Yes, odd as it might seem, Senator Murphy believes that the future of America can only be secured by suppressing information and discussion he doesn’t like. That sentiment seems to be going around. David McCabe of Axios reports on a leaked policy paper from the office of US Senator Mark Warner (D-VA). Two of its most dangerous proposals:
“[N]ew federal funding for media literacy programs that could help consumers sort through the information on online platforms. ” In other words, well-financed government propaganda to make sure we hear what Mark Warner wants us to hear (and think what he wants us to think about what we hear elsewhere).
Described as “at the forefront of postwar publishing and a towering figure in the fight against censorship,” the Canadian-born Calder founded his own company in 1949, now part of Alma Classics. Calder Publishing published Chekhov, Tolstoy, and Dostoevsky as well poetry, novels, criticism and plays of Beckett.
Alma Books' founder Alessandro Gallenzi told The Bookseller that Calder died on Monday morning (13th August) at the Western General Hospital in Edinburgh after suffering a rapid decline in health over the past few weeks.
Gallenzi described Calder, who was a publisher, bookseller and author himself, as "a passionate publisher and a fiercely independent man”.
The banning of right wing controversialist Alex Jones from multiple social media platforms last week was a cause of celebration for many liberals, but should those on the left really be so complacent about creeping censorship?
So far, the evidence suggest that there is indeed plenty for the left to worry about when it comes to corporations like Facebook and Twitter and their alliances with government censors.
Internet Australia has raised serious privacy and security concerns about the Australian Government’s proposal to introduce a new cyber encryption law, warning the draft law seeks unprecedented expansion of powers to access citizen’s devices.
Trump, who famously made a cameo in Zoolander, this week signed the Defense Authorization Act into law. The bill, which goes into effect over the next two years, introduces a ban on devices and equipment used to route or view user data made by Chinese manufacturers including Huawei and ZTE.
Brazil’s newly passed data protection law is a huge step forward in the protection of user privacy. It’s great to see Brazil, long a champion of digital rights, join the ranks of countries with data protection laws on the books. We are concerned, however, about President Temer’s veto of several provisions, including the Data Protection Authority. We urge the President and Brazilian policymakers to swiftly advance new legislation or policies to ensure effective enforcement of the law.
Facial recognition technology — unregulated, prone to error, and poorly understood — is being rapidly rolled out in schools.
The idea of facial recognition technology conjures up scenes from books and films set in dystopian futures in which freedom and liberty have been forfeited in exchange for the illusion of security. From 1984 to Minority Report, these are worlds where everyone is suspect, and no one is safe.
Today, you don’t need to look to fiction to imagine these consequences. Facial recognition technology — unregulated, prone to error, and poorly understood — is being rapidly rolled out in the institutions where we should place the most trust: our schools.
In recent weeks, the NYCLU sounded the alarm after the Lockport City School District received $4 million in state funds to purchase facial recognition technology. More recently, RealNetworks announced that it is offering its facial recognition technology to any K-12 school in the country for free, claiming it’ll make schools safer.
This is a dangerous path that schools should think twice about.
We will do just about anything to protect our children. Promises of an omnipotent machine correctly identifying and stopping potential perpetrators make facial recognition technology alluring to parents and educators. And from the perspective of cash-strapped school districts, obtaining this technology for free can seem like a no-brainer.
But facial recognition technology does not make our schools safer. In fact, facial recognition technology is especially prone to sabotage: For 22 cents, you can purchase a pair of cardboard glasses to fool it.
"Consequently the church teaches, in the light of the Gospel, that the death penalty is inadmissible because it is an attack on the inviolability and dignity of the person," and she works with determination for its abolition worldwide," reads the new text, which was approved in May but only published Thursday.
After the other girl in the arrangement was killed by her own husband, Hameya's husband began to torture her in revenge and eventually killed her, Shahabi told AFP.
“The arrests of Samar Badawi and Nassima al-Sadah signal that the Saudi authorities see any peaceful dissent, whether past or present, as a threat to their autocratic rule,” said Sarah Leah Whitson, Middle East director at Human Rights Watch, in a statement.
Judge finds the state’s signature-match process to be “fundamentally flawed.”
On Tuesday, a federal judge struck down a New Hampshire law that disenfranchised hundreds of voters each general election because of their handwriting. The law in question required election moderators to compare the signature on a voter’s absentee-ballot application to the signature on an affidavit that the voter sends with the absentee ballot. If the election official felt that that the signatures did not match, they would simply throw out the vote.
In the ruling, U.S. District Judge Landya McCafferty called the process, “fundamentally flawed,” finding that it violates the Equal Protection Clause of the Fourteenth Amendment to the U.S. Constitution because the law did not provide voters with notice and an opportunity to be heard before they were disenfranchised.
Under the law, New Hampshire voters were not informed of the decision that their signatures do not match or given an opportunity to address it before their vote is discarded. This is exactly what happened to our client Mary Saucedo, a 95-year-old woman who is legally blind and requires the help of her husband Gus to fill out her ballot. In 2016, an election moderator determined that Mary’s signatures did not match and threw out her vote without notification. It was one of the rare times Mary was not able to participate in the democratic process since 1944, when she first voted in a presidential election.
Disenfranchisement does not only violate individuals’ constitutional rights — it can impact close elections. At least two voters at the Laconia Rehabilitation Center were disenfranchised during the 2016 general election because of the signature-match law. The Senate District 7 race — which covers Laconia — was decided by only 17 votes and, in fact, was subject to a recount. During the recount, the secretary of state took the position that he did not have the authority to overturn the moderator’s decision to reject these ballots due to “signature mismatch.” As the court noted, “[T]he likelihood of error . . . is only compounded by the lack of meaningful review or oversight.”
The court also agreed, “It cannot be emphasized enough that the consequence of a moderator’s decision—disenfranchisement—is irremediable.”
The Trump Administration, with Attorney General Jefferson Beauregard Sessions as its willing lightning rod, is in the process of dismantling key aspects of the U.S. political asylum program. To that end, the administration has begun to zero in on what is known as Temporary Protected Status(TPS). TPS was established by Congress in the Immigration Act of 1990. It’s a humanitarian program that mandates that the United States should suspend deportations to countries that have been destabilized by war, civil conflict, or natural catastrophe.
According to the National TPS Alliance, if the trump Administration manages to crush the program, over 450, 000 people would face possible deportation, putting them in harm’s way, facing extreme violence and possible death.
In response, a national grassroots coalition of refugee and immigrants rights activists will caravan from Los Angeles to Washington D.C. Those who are directly affected by Trump’s extreme anti immigrant policy–the TPS recipients themselves will lead the Journey for Justice Caravan.
As the midterm elections approach, Republican state officials and lawmakers have stepped up efforts to block students from voting in their college towns. Republicans in Texas pushed through a law last year requiring voters to carry one of seven forms of photo identification, including handgun licenses but excluding student IDs. In June, the GOP-controlled legislature in North Carolina approved early voting guidelines that have already resulted in closing of polling locations at several colleges. And last month, New Hampshire’s Republican governor signed a law that prevents students from voting in the state unless they first register their cars and obtain driver’s licenses there.
One nationally prominent Republican, however, once took the opposite stance on student voting. As an undergraduate at Ouachita Baptist University in Arkadelphia, Arkansas, Sarah Huckabee — now White House Press Secretary Sarah Huckabee Sanders — sued to allow students to vote after being one of more than 900 purged from the county’s rolls.
“It’s almost like taxation without representation,” she said at the time. “They thought that because we were young that they could walk all over us, but obviously that’s not the case.”
Illustrating the adage that politics makes strange bedfellows, the 2002 lawsuit paired a then-20-year-old Sanders with the American Civil Liberties Union. It began, as disputes over student voting often do, with a town-and-gown conflict. Reversing the usual pattern, a Democrat rather than a Republican instigated the student disenfranchisement.
Because of the tablets, inmates will have to return the players, and they can't transfer the music they already purchased onto their new devices.
The corrections system is switching to JPay. Unfortunately, nothing else is switching. Money isn't easy to obtain in prison, meaning most of this suddenly useless music was purchased with funds from friends and family at inflated prices. The prison system comes out of it OK. It has collected $11.3 million on the sale of worthless infinite goods to a literally captive audience.
Now, with a lucrative JPay contract in effect, inmates are out millions of dollars in digital goods. The only options to keep what they purchased means shelling out more cash for the opportunity to put their purchased music completely out of reach.
A very sad story in England had a good court outcome the other day: The mother of a boy who ran into the street and got seriously injured by a car (at age 8) was found NOT guilty of his accident -- something the insurance company had accused her of, because she wasn't with him at
August has seen a rash of confrontations as far-right ensembles — from open white nationalists to radical right anti-immigrant and anti-LGBT groups — hit the streets and are met by massive community contingents. The story has evolved from one of opposing street contingents to a mass anti-fascist upswell in cities around the US — a point that has been eclipsed by allegations of massive police overreach on protests meant to halt the rise of the far right.
Last weekend saw far-right activists convene in Washington, DC, on the one-year anniversary of the first “Unite the Right” rally in Charlottesville, Virginia. An estimated 40 “alt-right” supporters turned out for “Unite the Right 2,” and counter-protesters showed up in larger numbers. “Their rally happened, but it was clearly [outnumbered] 300 to 1,” said Scott Brown, an organizer with Shut It Down DC, the coalition which coordinated the actions across Washington, DC, on August 11 and 12.
Last year’s “Unite the Right” rally was intended to be the high-water mark for a racist movement moving toward ascendancy. Donald Trump’s presidency offered a huge opportunity for the “alt-right” and the larger white nationalist movement to access recruits, but as conservative moderates started to turn on them, they needed to see exactly where they stood among the right. That event on August 12, 2017, brought out a thousand people from a range of organizations, from the National Socialist Movement to the Ku Klux Klan (KKK) to various “alt-right” fraternal projects.
CIA Director Gina Haspel is facing a new wave of criticism over the excessively colorful description of enhanced interrogation techniques under her supervision at a Thailand black site in 2002, which prompted WikiLeaks to ask whether the current CIA chief "has a sexual response to torture."
New CIA documents, declassified at the request of the National Security Archive, an independent non-governmental research institution, and released on August 10, have shown the agency's director Gina Haspel in a new light.
The ACLU has been fighting gender discrimination since its founding. Under the leadership of Ruth Bader Ginsburg in the 1970s, the Women’s Rights Project was instrumental in knocking down the vast majority of laws that explicitly treated women differently from men and in establishing constitutional protections against discrimination on the basis of sex.
Gov. Andrew Cuomo of New York has a bill before him that would create a commission to bring a greater measure of accountability to prosecutors who withhold evidence, suborn perjury or commit other ethical violations that undermine justice. It would be the first of its kind in the country and conceivably create a model for other states to follow.
The bill, passed overwhelmingly by the Senate and Assembly in June, authorizes the governor, the Legislature and the state’s chief judge to pick 11 people to investigate allegations of misconduct. The panel, when it sees fit, could issue warnings and recommend sanctions, or even firings, to the governor.
Now, prosecutors are overseen like any other lawyer — by disciplinary committees attached to the state’s appellate courts. But ProPublica’s 2013 analysis found that even when convictions are thrown out as a result of harmful misconduct on the part of prosecutors, the appellate courts often fail to refer them to disciplinary committees.
Following the Court of Appeal’s decision that two of Regeneron’s patents were valid and infringed, it refused to grant Kymab permission to appeal to the Supreme Court, but held that the injunction against Kymab should be stayed, subject to certain conditions, whilst Kymab applied directly to the Supreme Court for permission to appeal.
Last week Qualcomm reached an agreement with the Taiwanese Fair Trade Commission (TFTC), overturning the $778 million penalty the TFTC levied in October. Qualcomm promised to invest $700 million in Taiwan and commit to certain process safeguards over their licensing arrangements with handset makers. In exchange, the original TFTC ruling is wiped away. Qualcomm will not be required to pay the majority of the fine and—far more important—Qualcomm can continue to ignore license requests from other baseband chip manufacturers.
As covered before, the ability to refuse to license competitors—in violation of Qualcomm’s commitment to license their standard-essential patents on non-discriminatory terms—is an anti-competitive act that provides Qualcomm with the ability to raise competitors’ costs and obtain more than the value of their patents in licensing.
Turkey has welcomed the new Intellectual Property Code (the IP Code) numbered 6769. This came force on January 10 2017.
One of the major changes in the new IP Code is an explicit provision in Article 155 preventing later dated IP registrations being submitted as a defence in infringement actions.
The Federal Court of Justice held that in utility model registration proceedings, the utility model department must examine whether one of the grounds for refusal listed in Sec. 2 Utility Model Law exists.
Last week, in Pappalardo v. Stevins, the Federal Circuit affirmed-in-part, vacated-in-part, and remanded a decision by the U.S. District Court for the Middle District of Florida granting a motion to dismiss filed by Defendant-Appellee Samantha Stevins, in which Ms. Stevins sought to dismiss an amended complaint filed by Plaintiff-Appellant Michael Pappalardo for lack of subject matter jurisdiction. Mr. Pappalardo had filed suit against Ms. Stevins asserting state law claims of fraud and negligent representation and seeking a declaratory judgment naming him as sole inventor of U.S. Patent Application No. 15/275,597.
As alleged in Mr. Pappalardo's complaint, he met Ms. Stevins at a pharmaceutical products trade show, where he disclosed to her a product related to liquid and solid cannabis delivery systems. As also alleged in the complaint, Ms. Stevins indicated that she had access to funding from a network of investors for the product, and the two entered into a business relationship to commercialize the product. The complaint further alleges that Ms. Stevins recommended filing the '597 application, which names Ms. Stevins as a joint inventor. Mr. Pappalardo's complaint further alleges that Ms. Stevins attempted to independently exploit his technology, and he responded by filing suit against her asserting claims of fraud and negligent representation and seeking declaratory judgment of sole inventorship. The District Court dismissed the declaratory judgment claim on the grounds that it lacked jurisdiction to hear claims for correction of inventorship for a pending patent application, and dismissed the state law claims on the grounds that they were contingent on the U.S. Patent and Trademark Office's determination on the '597 application.
[...]
The District Court had also determined that it lacked diversity jurisdiction over Mr. Pappalardo's state law claims. The Federal Circuit noted, however, that because the District Court had original jurisdiction over a federal question in the declaratory judgment claim, it could have exercised supplemental jurisdiction to hear the state law claims because they were so related to claims in the action that they formed part of the same case or controversy. The Federal Circuit also noted that because that authority is generally discouraged where a court has dismissed all claims over which it has original jurisdiction, and because the District Court stated that it was "hard-pressed to find that [Mr.] Pappalardo has adequately plead[ed] damages and causation—both elements needed to state an actionable claim for fraud and negligent misrepresentation—with the requisite particularity," the Federal Circuit would interpret that statement as a decision declining to exercise supplemental jurisdiction over the state law claims. The Federal Circuit therefore affirmed the District Court's dismissal of the state law claims.
African honey badgers became well known in 2011 for their feisty nature. At the peak of their popularity, a multitude of cars were plastered with bumper stickers decorated with such catchphrases as “honey badger don't care”, “honey badger don't give a s***” and other variations on that theme. The impetus behind the now-infamous honey badger is the humorous soundtrack recorded over a National Geographic video about African honey badgers and their prey, titled The Crazy Nastyass Honey Badger, which was written and produced by comedian and writer Christopher Z Gordon.
The launch of any fashion brand is usually preceded by clearance and the registration of one or more trademarks. However, this is not always the case and a trademark registration does not always provide the necessary scope of protection against copycats. This drives the need for unconventional means of brand protection.
Does Disney really want to go to trial to prevent knockoffs of Darth Vader, Iron Man and Elsa and Anna from Frozen from showing up at children's birthday parties? If the studio really wishes to continue a lawsuit over unlicensed characters, it may need to after experiencing a setback against Characters for Hire, LLC.
On Thursday, a New York federal judge refused to grant summary judgment in favor of Disney in its ongoing case against Nick Sarelli, alleged to run a "knock-off business ... built upon the infringement of Plaintiffs' highly valuable intellectual property rights."
What's more, U.S. District Court Judge George Daniels threw out most of Disney's trademark claims against a defendant who will send out individuals dressed as "The Princess" (meaning Leia) or "Big Hairy Guy" (meaning Chewbacca) for special events.
Daniels recognizes some similarity, but isn't buying that Disney and Sarelli compete in the same business nor that Sarelli's customers are likely to be confused. The judge makes the point that it's "adults, not children" who plan parties and there's no evidence of actual confusion.
Late last year, we discussed a lawsuit brought by Disney against Characters For Hire, a small company that sends costume characters to children's birthday parties. Those characters, as we said at the time, are barely-altered clear homages to storied Disney-owned characters, such as Dark Lord (Dearth Vader) and Big Hairy Guy (sigh, Chewbacca). While Disney sued over both trademark and copyright, the alterations to the characters and the very clear disclaimer Characters For Hire puts on its site and documents meant the chances for confusion as to Disney's affiliation was always non-existent. When you add that the changes in the characters and the medium in which they were offered at least partially put us in the idea/expression dichotomy zone for copyright law. That part of the law essentially says copyright applies to specific expressions (written stories, film, music, and sometimes characters), but not general ideas (a Dark Lord, a, sigh, Big Hairy Guy).
Becker has gone after Edwards and Wedge LIVE! as well, claiming the site is funded by "realtors" using "dark money." The contentious relationship has escalated in recent months, with the formation of an activist group by Edwards that opposes the policies and zoning changes Becker would like to institute. Edwards also asked readers to comment on proposed plans during the public comment period, leading to Becker receiving negative responses by readers of his site.
All of this has now culminated in an intellectual property war without the knowledge of one of the participants. A public notice of a business registration was spotted by a Wedge LIVE! Fan while reading the analogue version of the local paper. This was passed on to Edwards, who had no idea his site's name was being turned into a business by a subject of his criticism.
Just when you think all has been said about linking, framingand communication to the public, another judgment shows up and proves you wrong. This time, a legal dispute between the Deutsche Digitale Bibliothek (DDB = ”German Digital Library”, the German content provider for Europeana) and the Verwertungsgesellschaft Bild-Kunst (VG Bild-Kunst), a German collecting society for visual artists, gave the Higher Regional Court of Berlin the chance to further clarify what constitutes a communication to the public, and what does not.
Topple Track's failures came to the EFF's attention because it targeted one of its URLs, supposedly for infringing on artist Luc Sky's copyright for his song "My New Boy." The page targeted by Topple Track discusses the EMI lawsuit against MP3Tunes -- one that has been on the EFF's site for eight years. If Luc Sky even exists (the EFF could find no info on the artist/track), the discussion of a long-running legal battle certainly didn't contain an unauthorized copy of this track.
Presumably Topple Track has customers. (The "Luc Sky" dead end isn't promising.) If so, they're being ripped off by DMCA notices sent in their names that target tons of legit sites containing zero infringing content. The URLs targeted have no relation to the name/title listed as protected content and it's impossible to see how an algorithm could do the job this badly. There's obviously no human interaction with the DMCA process Topple Track employs, otherwise none of the DMCA notices listed would even have been sent to Google.
What did we say about trust?
U.S. District Judge Paul Engelmayer of the Southern District of New York recently entered an opinion and order in a copyright case involving the famed “Last Sitting” photographs of American movie star Marilyn Monroe. Although the case will continue to proceed towards a trial, Judge Engelmayer resolved various issues in the case including a determination that the owner of the copyrights to the Last Sitting photographs is the trust of the now-deceased photographer who took the photos and not Condé Nast, the publisher of the magazine Vogue where the photographs first appeared in 1962.
A line added to Facebook’s commerce policies this week specifically bans “Promoting the sale or use of streaming devices with Kodi installed,” though the policy does allow the sale of remote controls and keyboards that support the app.
We’ve been over this a few times: Kodi is not a piracy application. It’s an open source video player that happens to support add-ons, and a few third party developers happen to make add-ons for pirating TV shows and movies. Another group of people and companies sell “fully loaded” Kodi boxes, which are basically small computers with Kodi installed alongside a bunch of piracy add-ons.
If you haven't noticed, the entertainment industry has a new, terrifying bogeyman. Over the last year or two, pressure from entertainment industry lobbying groups has resulted in an all-out war on streaming video devices (aka computers) that run Kodi, the video streaming software. Kodi has technically been around since 2002, first as Xbox Media Player, after which it became the Xbox Media Center until 2014. The XBMC Foundation then renamed the software Kodi, and it became popular as an easy way to store and stream content, including copyrighted content, from hardware running Kodi to other devices in or out of the home.
For years now, tinkerers everywhere have built custom-made PCs that use the open-source Kodi platform. In more recent years, outfits like Dragonbox or SetTV have taken things further by selling users tailor-made hardware that provides easy access to live copyrighted content by not only including Kodi, but integrating numerous tools and add-ons that make copyright infringement easier. Driven largely by clearly-terrified entertainment-industry execs and lobbyists, numerous studios, Netflix and Amazon have tried to sue these efforts out of existence.
Even the FCC has tried to help the entertainment industry in this fight, demanding that Ebay and Amazon crack down on the sale of such devices. Since the FCC lacks authority over copyright, it has instead tried to justify its involvement here by focusing on these devices' illegal use of the FCC approval logo. It's another big favor to the entertainment industry by the Pai FCC, who you'll recall killed efforts to help make the traditional cable box sector more open and competitive.
Here's one that might create a bit of a stir. The history of the 20th century and maximalist, ever expanding copyright is often associated with one particular company: Disney. I mean, the 1998 Copyright Term Extension Act (CTEA) is regularly called the "Mickey Mouse Protection Act" and Tom Bell once created this lovely Mickey Mouse Curve showing how copyright terms always seemed to expand just before the original movie starring Mickey, Steamboat Willie was about to enter the public domain...
Congress has never made a law saying, "Corporations should get to decide who gets to publish truthful information about defects in their products,"— and the First Amendment wouldn't allow such a law — but that hasn't stopped corporations from conjuring one out of thin air, and then defending it as though it was a natural right they'd had all along.
Some background: in 1986, Ronald Reagan, spooked by the Matthew Broderick movie Wargames (true story!) worked with Congress to pass a sweeping cybercrime bill called the Computer Fraud and Abuse Act (CFAA) that was exceedingly sloppily drafted. CFAA makes it a felony to "exceed[] authorized access" on someone else's computer in many instances.
Fast forward to 1998, when Bill Clinton and his Congress enacted the Digital Millennium Copyright Act (DMCA), a giant, gnarly hairball of digital copyright law that included section 1201, which bans bypassing any "technological measure" that "effectively controls access" to copyrighted works, or "traffic[ing]" in devices or services that bypass digital locks.
Notice that neither of these laws bans disclosure of defects, including security disclosures! But decades later, corporate lawyers and federal prosecutors have constructed a body of legal precedents that twist these overbroad laws into a rule that effectively gives corporations the power to decide who gets to tell the truth about flaws and bugs in their products.
Businesses and prosecutors have brought civil and criminal actions against researchers and whistleblowers who violated a company's terms of service in the process of discovering a defect. The argument goes like this: "Our terms of service ban probing our system for security defects. When you login to our server for that purpose, you 'exceed your authorization,' and that violates the Computer Fraud and Abuse Act."
Following massive protests, the EU copyright reform plans were sent back to the drawing board last month. This means that the proposal will be opened up for changes, also to the controversial "upload filter" text. In support of this effort and to show critics that the opposition is real, the protests will soon move beyond the web, to the streets of several European cities.