Bonum Certa Men Certa

Links 17/8/2018: GNU/Linux From ASUS, Debian at 25, Lubuntu Plans





GNOME bluefish

Contents





GNU/Linux



  • Desktop



    • ASUS Begins Offering Linux-Based Endless OS On Select Laptops
      It has been a while since ASUS last offered any Linux options for laptops, but they appear to have a new effort underway with Endless OS.

      For those that remember Eee PC from a decade ago, ASUS used to offer some Linux laptops/netbook options that back was using Xandros Linux during the netbook fad...


    • Endless OS and Asus, Update on L1TF Exploit, Free Red Hat DevConf.US in Boston, Linux 4.19 Kernel Update
      Some of us may recall a time when ASUS used to ship a stripped down version of Xandros Linux with their line of Eee PC netbooks. Last week, the same company announced that Endless OS will be supporting non-OS offerings of their product. However it comes with a big disclaimer stating that ASUS will not officially support the operating system's compatibility issues.


    • The Chromebook Grows Up
      What started out as a project to provide a cheap, functional, secure and fast laptop experience has become so much more. Chromebooks in general have suffered from a lack of street-cred acceptance. Yes, they did a great job of doing the everyday basics—web browsing and...well, that was about it. Today, with the integration of Android apps, all new and recently built Chrome OS devices do much more offline—nearly as much as a conventional laptop or desktop, be it video editing, photo editing or a way to switch to a Linux desktop for developers or those who just like to do that sort of thing.


    • Windows 10 Linux Distribution Overload? We have just the thing [Ed: Microsoft is still striving to control and master GNU/Linux through malware, Vista 10]




  • Audiocasts/Shows





  • Kernel Space



    • Some Of The Smaller Features Hitting The Linux 4.19 Kernel This Week
      Here is a look at some of the smaller features landing in the Linux 4.19 kernel this week in a variety of different subsystems.


    • Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators?
      In a controversial move, the Linux kernel will be pushing the question off to distribution vendors on whether to put trust in CPU hardware random number generators.

      Google's Ted Ts'o sent out the random subsystem updates this week for the Linux 4.19 kernel merge window. In addition to the recent change of better protecting entropy sent in from user-space, the decision on whether to trust the CPU hardware random number generators like Intel's RdRand will now be left up to the Linux distribution vendors or end-users having the final say in overriding that decision.


    • L1TF / Foreshadow Mitigations Land In Linux 4.18 / 4.17 / 4.14 / 4.9 / 4.4 Kernel Update
      Linux stable maintainer Greg Kroah-Hartman has released new updates across the Linux 4.18, 4.17, 4.14, 4.9, and 4.4 kernel channels to address the recently exposed L1 Terminal Fault "L1TF" / Foreshadow Meltdown-like CPU vulnerability affecting Intel processors.

      Linux 4.4.148, 4.9.120, 4.14.63, 4.17.15, and 4.18.1 are all out this morning with their principal changes in these patch releases being the inclusion of L1TF/Foreshadow mitigation. As covered already, the default behavior is to carry out conditional L1D flushes on VMENTER, but there are kernel knobs available for always forcing L1 cache flushes on VMENTER and the full protection of disabling SMP/HT support.


    • Linux 4.19 Goes Ahead And Makes Lazy TLB Mode Lazier For Small Performance Benefit
      Last month I wrote about lazy TLB mode improvements on the way to the mainline kernel and this week the changes were indeed merged for the in-development Linux 4.19 kernel.


    • AMD Begins Staging AMDGPU Patches For Linux 4.20/5.0, Including FreeSync Refactoring
      With the DRM feature work for Linux 4.19 now in the kernel, AMD's stellar open-source driver team has begun staging their work-in-progress changes for the AMDGPU Direct Rendering Manager driver for the next kernel cycle.

      There is now drm-next-4.20-wip as part of AMD's development Git tree of the Linux kernel for Radeon/AMDGPU development. That's for "Linux 4.20" that will almost surely be renamed to "Linux 5.0" given Linus Torvalds' expressed versioning preference of bumping the major kernel version once hitting that number equal to all of his fingers and toes.


    • More AMDGPU Work For Linux 4.19 Has VCN + PSP Firmware Hookup For Future Hardware
      The good news is that the open-source AMD graphics team continues working on support for upcoming hardware, but the bad news is that it looks like their VCN video hardware might be a bit more locked down than it is now.

      With current Raven Ridge APUs there is VCN as "Video Core Next" as a replacement to UVD and VCE for video decoding and encoding, respectively. This dedicated hardware core for video encode/decode has been supported well now for some months on the open-source Linux graphics driver stack. The latest patches hitting the mailing list for hopeful integration to Linux 4.19 are a bit interesting and reveal a change for future hardware.


    • POWER Changes On The Way To Linux 4.19 Include More Spectre Work
      The POWER architecture changes have been submitted for the in-development Linux 4.19 kernel.


    • Qualcomm Adreno 600 Series Support Submitted For Linux 4.19
      Following the main DRM features update for Linux 4.19, a secondary pull request has now been submitted that offers up the nine thousand lines of code for bringing up the Adreno 600 series support for supporting the very latest Qualcomm Snapdragon SoCs.

      Last week Freedreno/MSM founder and maintainer Rob Clark proposed getting A6xx support into Linux 4.19 after this Direct Rendering Manager code has been reviewed and revised for months on mailing lists. These code contributions in part come from Qualcomm / Code Aurora and there are also Google developers working on it too, including the bring-up of A6xx support within the Freedreno Gallium3D driver. This A6xx device support is good enough for running various OpenGL test cases and other basic code. The Adreno 600 series hardware can be found in Snapdragon SoCs like the new Snapdragon 845, 730, and others.


    • Linux Foundation



      • James Bottomley on Linux, Containers, and the Leading Edge
        It’s no secret that Linux is basically the operating system of containers, and containers are the future of the cloud, says James Bottomley, Distinguished Engineer at IBM Research and Linux kernel developer. Bottomley, who can often be seen at open source events in his signature bow tie, is focused these days on security systems like the Trusted Platform Module and the fundamentals of container technology.


      • More Open Source Automotive Grade Linux Members


      • Automotive Grade Linux Extends Global Reach with Six New Members
        Automotive Grade Linux (AGL), a collaborative cross-industry effort developing an open platform for the connected car, is announcing that six new members have joined the project including Kinetica, Neusoft, NXM Technologies, NYU Tandon School of Engineering, Spireon Inc. and Veniam. With the addition of these companies and organizations, the project is 130 members strong.

        "We are delighted to see six new members deepen their investment in automotive open source," said Dan Cauchy, Executive Director of Automotive Grade Linux, The Linux Foundation. "As we continue to advance our platform through the release of AGL UCB 6.0, expanding our global community is crucial. We look forward to further leveraging their expertise in embedded automotive technologies as we advance the connected car ecosystem."


      • Open Source Comes to Hollywood and a New Foundation is Formed
        In another sign of how mainstream “open source” technology has become, last Friday, the Academy of Motion Picture Arts and Sciences—you know, the folks who award the Oscars—officially partnered with the Linux Foundation to create the Academy Software Foundation, an open-source repository for film and media makers.


      • Hollywood teams with Linux Foundation to fix open source


        Formation of a new industry body always begs the question why it was needed now and did not exist before and that certainly applies to the newly formed Academy Software Foundation (ASWF). It has been established by the Academy of Motion Picture Arts and Sciences (AMPAS) and the Linux Foundation to foster open source software development in the movie and video production businesses. It already has strong backing with premier founding members including Cisco, Google Cloud, Intel, Animal Logic, Blue Sky Studios, DreamWorks, Walt Disney Studios and Weta Digital, who are a combination of major content creators and video infrastructure vendors. The focus is on animation, audio and visual effects, for which 84% of studios already use open source software,…




    • Benchmarks



      • Linux Scaling Benchmarks With The AMD Threadripper 2990WX In Various Workloads
        While yesterday were the benchmarks showing how Linux games struggle to scale past a few CPU cores/threads, in this article is a look at the scaling performance of various applications/workloads under Linux up to 64 threads using the AMD Threadripper 2990WX. Here's a look at how the Linux performance changes in a variety of applications from one to sixty-four threads with this new HEDT processor.

        The benchmarks today are for mostly curiosity sake about Linux and the Threadripper 2990WX, particularly on the impact of 32 threads (cores) to 64 threads with SMT, etc. In the next few days is a much more interesting comparison and that is looking at the Windows Server 2019 vs. Linux performance on the Threadripper 2990WX at various SMT and CCX configurations. That should reveal a lot about Windows' scaling abilities given the immense interest this week in the Windows vs. Linux Threadripper performance. But for today are just these reference numbers.






  • Applications



  • Desktop Environments/WMs



    • What is your favorite Linux window manager?


      While many Linux users have a strong preference for a window manager of choice, for those just making their way over from Windows or Mac, it may be hard to understand what a window manager is, or that it's even something you have a choice in. A window manager is the part of your system that dictates how individual application windows look, and how you can interact with, control, and arrange them.

      There are many choices, some more popular than others. Yesterday, we wished the GNOME Project a happy twenty-first birthday and launched a cheat sheet for interacting with GNOME 3's windows via hotkeys. But others are popular too; our article on "5 reasons the i3 window manager makes Linux better" was last week's most-read article.


    • K Desktop Environment/KDE SC/Qt



      • KDE Applications 18.08 Open-Source Software Suite Released, Here's What's New
        Being in development for the past several months, KDE Applications 18.08 goes stable today and will hit the software repositories of various popular GNU/Linux distributions during the next few days. This is a major release and brings numerous new features and improvements across multiple apps, including Dolphin, Konsole, Gwenview, KMail, Akonadi, Cantor, Spectacle, and others.

        "We continuously work on improving the software included in our KDE Application series, and we hope you will find all the new enhancements and bug fixes useful," reads today's announcement. "More than 120 bugs have been resolved in applications including the Kontact Suite, Ark, Cantor, Dolphin, Gwenview, Kate, Konsole, Okular, Spectacle, Umbrello and more!"


      • KDE Applications 18.08 Released
        Today the quarterly update to the collection of KDE software applications has shipped with its newest features.


      • KDE Ships KDE Applications 18.08.0
        We continuously work on improving the software included in our KDE Application series, and we hope you will find all the new enhancements and bug fixes useful!


      • KDE 18.08 Receives Massive Quarterly Update with Entire KDE Suite Upgraded
        KDE released earlier today their quarterly update to the entire collection of KDE software applications with all of the latest features. This includes many application enhancements and bug fixes – over 120 bug fixes to be more precise.

        The Konsole (KDE’s terminal emulator app) has received some additional changes, such as the ‘Find’ widget now appearing on the top of new windows, which will not disrupt workflows. Furthermore, it now features support for more escape sequences (DECSCUSR and XTerm Alternate Scroll Mode), as well as being able to assign any character as a key for a shortcut.


      • KDE5 August release for Slackware with Applications 18.08
        A repetition of events… just like in July, an update in Slackware-current broke lots of 3rd party stuff. This time it was the boost package that got updated and, oh man. The most visible victims are my LibreOffice and Qbittorrent packages, but also some of the software in Plasma5 stopped working due to the library ABI update in libboost. A new LibreOffice package is coming (64bit package is ready) and Qbittorrent will be next, but first: back to the topic for this article.

        Here is my monthly update of my ‘ktown’ repository, containing latest sources from the KDE download server and built on the latest Slackware-current.


      • Invite me to your meetings
        I was invited by my boss to a dinner. He uses exchange or outlook365 or something like that. The KMail TNEF parser didn’t succeed in parsing all the info, so I’m kind of trying to fix it.


      • Last week in Kube


      • Akademy & Binary Factory
        During Akademy it was brought to my (and the other Kate developers) attention, that we should take a closer look on the Binary Factory for KDE. There were some blogs about the Binary Factory in the past but we somehow never really linked it on our homepage as potential source for up-to-date installers for the different operating systems. I feel a bit sorry for neglecting that area in the past year.

        Therefore, as we have now some time during Akademy together as team, we did take a look at the current state of the installers there for Windows and macOS.


      • Akademy: closing time
        Akademy is always a whirlwind which is my excuse for not blogging! Today we wrapped up the program which leaves us in a nearly-empty venue and a bit of time after lunch to catch up.

        I did manage to gather photos together in Google Photos: https://photos.app.goo.gl/qHPwehW8C1zPGuav7

        Thanks again to the KDE e.V. for sponsoring my hostel and the Ubuntu Community Fund for part of my travel expenses. This allowed me to attend. Meeting Popey from the Ubuntu community and the Limux team was great, although we didn't do as much Kubuntu work as in past years. However, attending the Distro BoF was a great experience; very friendly and collaborative.


      • Akademy 2018 Wrap-Up


        The Akademy 2018 ends today.

        Like each Akademy I attended, it was an interesting experience. As the location switches around each year, so does the set of people attending change every year, too.

        That is actually nice, as you get always to meet some of your old “friends” but additionally new members of the KDE community. I think this kind of “conferences” or “meetings” are an important way to get some more cohesion in the community, which is sometimes a bit lacking between people only meeting online via mail/…


      • Memories from Akademy 2018


        Here is my semi-traditional "memories from Akademy" post for this year. I have to admit I don't manage to do it consistently each year but this edition was special enough that for sure it deserves one.

        First of all, it was the first time I did live sketchnoting of the sessions I attended. I posted the result on social media as soon as the talk was over and I also had a special blog post to present them. I think it was all well received which is motivating. I will likely do it again I think.




    • GNOME Desktop/GTK



      • Richard Hughes: NVMe Firmware: I Need Your Data
        In a recent Google Plus post I asked what kind of hardware was most interesting to be focusing on next. UEFI updating is now working well with a large number of vendors, and the LVFS “onboarding” process is well established now. On that topic we’ll hopefully have some more announcements soon. Anyway, back to the topic in hand: The overwhelming result from the poll was that people wanted NVMe hardware supported, so that you can trivially update the firmware of your SSD. Firmware updates for SSDs are important, as most either address data consistency issues or provide nice performance fixes.
      • Gnome Shell Android Integration Extension GSConnect V12 Released
        GSConnect v12 was released yesterday with changes like more resilient sshfs connections (which should make browsing your Android device from the desktop more reliable), fixed extension icon alignment, along with other improvements.

        GSConnect is a Gnome Shell extension that integrates your Android device(s) with the desktop. The tool makes use of the KDE Connect protocol but without using any KDE dependencies, keeping your desktop clean of unwanted packages.


      • Linux Release Roundup: Communitheme, Cantata & VS Code
        GSconnect is a magical GNOME extension that lets your Android phone integrate with your Linux desktop. So good, in fact, that Ubuntu devs want to ship it as part of the upcoming Ubuntu 18.10 release (though last I heard it probably just end up in the repos instead).

        Anyway, a new version of GSconnect popped out this week. GSconnect v12 adds a nifty new features or two, as well as a few fixes here, and a few UI tweaks there.




  • Distributions



    • AryaLinux: A Distribution and a Platform
      I’ll be honest, if you’re just a standard desktop user, AryaLinux is not for you. Although you can certainly get right to work on the desktop, if you need anything outside of the default applications, you might find it a bit too much trouble to bother with. If, on the other hand, you’re a developer, AryaLinux might be a great platform for you. Or, if you just want to see what it’s like to build a Linux distribution from scratch, AryaLinux is a pretty easy route.

      Even with its quirks, AryaLinux holds a lot of promise as both a Linux distribution and platform. If the developers can see to it to build a GUI front-end for the alps package manager, AryaLinux could make some serious noise.


    • Reviews



      • GNU/Linux Review: Linux Mint 19 LTS Cinnamon Edition
        LMCE 19 has a new star for the future: Timeshift. It makes updating now less-worrisome and will encourage users to experiment more without afraid to break anything. We can revert back easily now! A method to make stable system more stable and to prevent broken system easier for end-user. This is a very good thing for both long-time and new users, even I hope this feature to be exist on other distros as well. Second star, it supports HiDPI better now, which means Linux Mint will embrace more users from Retina Display-alike computers and more! Other features, such as faster Nemo and more extensive Software Manager, will make you love Linux Mint even more. It's really quick to install (15 minutes or less) and brings complete set of apps (LibreOffice, Firefox, and so on). Finally, I recommend Mint users to upgrade to this version or at least try it on LiveCD session. Enjoy!




    • New Releases



      • Debian-Based Q4OS Linux Operating System for Raspberry Pi Goes Stable
        Q4OS emphasizes the Trinity Desktop Environment (TDE), which continues the legacy of the old KDE 3.5 desktop. The latest release, Q4OS 2.5, was available only for 64-bit (x86_64) and 32-bit (i686 PAE) hardware architectures, but now it can also be installed on ARM hardware like the Raspberry Pi, Pine64, and Pinebook.

        "Q4OS on Raspberry Pi performs at lightning speed due to its exceptionally low hardware requirements," say the devs in the announcement. "All the native Q4OS features, for example "Desktop profiler" and "Setup tool," are available and fully functional within the Raspberry Pi Q4OS edition."




    • Red Hat Family



      • Talking UX at DevConf.us 2018
        DevConf.us 2018 is the first annual, free, Red Hat sponsored technology conference in North America for contributors to free and open source projects. It follows on the success of DevConf.cz and DevConf.in, and will highlight emerging technologies like machine learning and artificial intelligence, serverless, containers and orchestration, as well as important foundational practices like quality engineering and user experience.

        We sat down with a few of the Red Hat speakers presenting on user experience (UX) in open source technologies to talk about user experience and how it impacts them in all of their different roles.


      • Visualizing a DevOps mindset


      • Red Hat Advances Container Storage


        Red Hat has moved to make storage a standard element of a container platform with the release of version 3.1 of Red Hat OpenShift Container Storage (OCS), previously known as Red Hat Container Native Storage.

        Irshad Raihan, senior manager for product marketing for Red Hat Storage, says Red Hat decided to rebrand its container storage offering to better reflect its tight integration with the Red Hat OpenShift platform. In addition, the term “container native” continues to lose relevance given all the different flavors of container storage that now exist, adds Raihan.

        The latest version of the container storage software from Red Hat adds arbiter volume support to enable high availability with efficient storage utilization and better performance, enhanced storage monitoring and configuration via the Red Hat implementation of the Prometheus container monitoring framework, and block-backed persistent volumes (PVs) that can be applied to both general application workloads and Red Hat OpenShift Container Platform (OCP) infrastructure workloads. Support for PVs is especially critical because to in the case of Red Hat OCS organizations can deploy more than 1,000 PVs per cluster, which helps to reduce cluster sprawl within the IT environment, says Raihan.


      • Finance



      • Fedora



        • Lennart Jern: How Do You Fedora?
          Lennart Jern is a Swedish-speaking Finn, who has been living in UmeÃ¥, Sweden, for about three years. He was born and raised in southern Finland where he obtained his master’s degree in applied mathematics. His time at university exposed Lennart’s true passion. “While at the university, I realized that computer science was really what I wanted to work with.” In order to follow his dream of working in computer science he moved to Sweden with his wife to pursue a master’s program in computer science. After a short while he had learned enough to land a job with a local startup. “I’m working with cloud/distributed systems, specifically with tools like kubernetes and OpenShift.”

          Lennart’s first contact with Linux was in 2006. Some of the computers in his high school were running OpenSuse. He installed Ubuntu’s Hardy Heron in 2008 and has been using Linux ever since.


        • FPgM report: 2018-33






    • Debian Family



      • Happy 25th Birthday, Debian!
        Today, August 16, 2018, the Debian Project celebrates its 25th anniversary since the late Ian Murdock announced the Debian Linux Release, which is now known as the Debian Project.

        It's been 25 years since the late Ian Murdock, the founder of the Debian project, send his famous email to the comp.os.linux.development mailing list announcing that he is working on a new release and was looking for suggestions. He called it the Debian Linux Release, which was put together from scratch by the Linux software developer, though it was inspired by Softlanding Linux System (SLS).


      • Debian: 25 years and counting
        The Debian project is celebrating the 25th anniversary of its founding by Ian Murdock on August 16, 1993. The "Bits from Debian" blog had this to say: "Today, the Debian project is a large and thriving organization with countless self-organized teams comprised of volunteers. While it often looks chaotic from the outside, the project is sustained by its two main organizational documents: the Debian Social Contract, which provides a vision of improving society, and the Debian Free Software Guidelines, which provide an indication of what software is considered usable. They are supplemented by the project's Constitution which lays down the project structure, and the Code of Conduct, which sets the tone for interactions within the project. Every day over the last 25 years, people have sent bug reports and patches, uploaded packages, updated translations, created artwork, organized events about Debian, updated the website, taught others how to use Debian, and created hundreds of derivatives." Happy birthday to the project from all of us here at LWN.


      • Mixed Emotions On Debian Anniversary
        When I woke up this morning, my first conscious thought was that today is the 25th anniversary of a project I myself have been dedicated to for nearly 24 years, the Debian GNU/Linux distribution. I knew it was coming, but beyond recognizing the day to family and friends, I hadn't really thought a lot about what I might do to mark the occasion.

        Before I even got out of bed, however, I learned of the passing of Aretha Franklin, the Queen of Soul. I suspect it would be difficult to be a caring human being, born in my country in my generation, and not feel at least some impact from her mere existence. Such a strong woman, with amazing talent, whose name comes up in the context of civil rights and women's rights beyond the incredible impact of her music. I know it's a corny thing to write, but after talking to my wife about it over coffee, Aretha really has been part of "the soundtrack of our lives". Clearly, others feel the same, because in her half-century-plus professional career, "Ms Franklin" won something like 18 Grammy awards, the Presidential Medal of Freedom, and other honors too numerous to list. She will be missed.


      • Steve McIntyre: 25 years...
        We had a small gathering in the Haymakers pub tonight to celebrate 25 years since Ian Murdock started the Debian project.


      • Happy 25th Birthday, Debian Linux!


        Debian is one of the most important open source projects ever. The Debian Linux operating system is extremely popular in its own right, but also, it is used as the base for countless other distributions. Ubuntu, for instance -- one of the most-used distros -- is Debian-based. Even Linux Mint, which is based on Ubuntu, also has a Debian edition. Not to mention, Raspbian -- the official Raspberry Pi OS -- which is based on Debian too.

        Today, Debian is celebrating a very important milestone -- a 25th birthday! Yes, it is seriously that old -- its development was announced on August 16, 1993. Hell, many of its current users weren't even born then!


      • Distro inferno: Debian's still rocking at 25
        Hot on the heels of Slackware's quarter century comes the 25th anniversary of the announcement that Debian was incoming.

        Unlike Slackware, however, the Debian flavour of Linux remains hugely popular and the platform can usually be found troubling the top five rankings on open source OS tracker DistroWatch.com.

        Announced by Ian Murdock on 16 August 1993 (the name "Debian" is a portmanteau of the name of Murdock's girlfriend Debra, and his own forename, Ian) the original announcement cites Murdock’s dissatisfaction with the de-facto distro of the day, SLS, and his desire to create something "sleeker and slimmer". It would, however, take until January 1994 before an open beta was unleashed on the public with v0.90.


      • Derivatives



        • Elive 3.0 to be released in a month
          For those of us who have been following this stunningly beautiful distro, the 8-year waiting seems to be finally coming to an end.


        • Canonical/Ubuntu



          • Mir Has Partial Support For The NVIDIA Proprietary Driver, X11 Support Remains WIP
            Canonical's team responsible for continuing to advance the Mir display server has been making good progress this summer on fleshing out some missing functionality.

            This week partial support for the NVIDIA proprietary driver was merged. In particular, the EGLStreams platform support. This is the initial bits for getting the NVIDIA proprietary driver to play along with Mir, but isn't yet the full implementation required to get OpenGL clients working on Mir with the NVIDIA driver. That work is still being pursued and is a work-in-progress. Mir's path for NVIDIA support is similar to that of the Wayland compositors with needing to implement EGLStreams and there not yet being any new Unix device memory allocation API that NVIDIA has been pushing for years to create the best of both worlds -- in terms of EGLStreams and GBM APIs for all driver vendors to agree upon.


          • Mir News: 17th August 2018


          • Flavours and Variants



            • Lubuntu Planning Switch To Wayland, Porting Openbox To Mir
              Ubuntu derivative Lubuntu that is now using the LXQt desktop environment has laid out more of their plans to switch over to Wayland rather than the existing X.Org based session.

              In order to achieve their Wayland support with the LXQt desktop, they intend to port the Openbox window manager to using the Mir display server and also leveraging QtLayerShell. Mir, of course, has been focused on Wayland compatibility the past year and is becoming quite solid as of late with its core Wayland protocol support.


            • Lubuntu Development Newsletter #9
              We’ve been polishing the desktop more, but work has been blocked by the still ongoing Qt transition.

              The 16.04 to 18.04 upgrade has now been enabled! Please do let us know if there’s any issues. Here’s a video we made when 17.04 went End of Life; the instructions are still current.

              Our main developer, Simon Quigley, became an Ubuntu Core Developer this past Monday! He now has access to the entire Ubuntu archive.












  • Devices/Embedded





Free Software/Open Source



  • Salesforce Open-Sourcing Machine Learning Software Behind Its 'Einstein' AI
    Salesforce is opening sourcing TransmogrifAI, key software behind Einstein, the AI that's strategic to the company's future in sales, customer services and more.

    TransmogrifAI helps build machine learning systems at enterprise scale. While consumer AI generally learns from a small number of well-understood use cases and datasets, enterprise scale AI requires a broad diversity of data and use cases, which makes building enterprise AI systems harder, according to a post Thursday on the Salesforce Engineering blog by Shubha Nabar, senior director of data science at Salesforce Einstein. A broad range of data is required to predict enterprise events such as customer churn, sales forecasts and lead conversions.
  • Salesforce plans to open-source the technology behind its Einstein machine-learning services
    Salesforce is open-sourcing the method it has developed for using machine-learning techniques at scale — without mixing valuable customer data — in hopes other companies struggling with data science problems can benefit from its work.

    The company plans to announce Thursday that TransmogrifAI, which is a key part of the Einstein machine-learning services that it believes are the future of its flagship Sales Cloud and related services, will be available for anyone to use in their software-as-a-service applications. Consisting of less than 10 lines of code written on top of the widely used Apache Spark open-source project, it is the result of years of work on training machine-learning models to predict customer behavior without dumping all of that data into a common training ground, said Shubha Nabar, senior director of data science for Salesforce Einstein.


  • Salesforce takes ML library behind Einstein to open-source
  • Salesforce Open-Sources Automated Machine-Learning Library Used To Build Einstein
  • Salesforce Einstein team open sources TransmogrifAI, their automated machine learning library


  • Salesforce open-sources TransmogrifAI, the machine learning library that powers Einstein
    Machine learning models — artificial intelligence (AI) that identifies relationships among hundreds, thousands, or even millions of data points — are rarely easy to architect. Data scientists spend weeks and months not only preprocessing the data on which the models are to be trained, but extracting useful features (i.e., the data types) from that data, narrowing down algorithms, and ultimately building (or attempting to build) a system that performs well not just within the confines of a lab, but in the real world.


  • Salesforce open-sources the tool it uses to build Einstein’s AI models
    A day after Oracle Corp. released the code for an internally developed tool designed to ease artificial intelligence projects, Salesforce.com Inc. is joining the fray too.

    Salesforce today open-sourced TransmogrifAI, a homegrown piece of software for automating AI initiatives. The tool addresses a different aspect of the task than Oracle’s tool. Whereas the database giant’s goal is to simplify the task of connecting models to applications, Salesforce is focusing on making it easier to build those models.


  • Cloudgizer: An introduction to a new open source web development tool
    Cloudgizer is a free open source tool for building web applications. It combines the ease of scripting languages with the performance of C, helping manage the development effort and run-time resources for cloud applications.

    Cloudgizer works on Red Hat/CentOS Linux with the Apache web server and MariaDB database. It is licensed under Apache License version 2.


  • Instaclustr grabs $15 mln from Level Equity
  • Open-source software services company Instaclustr lands $15M funding round
  • Open-Source Software Program Providers Firm Instaclustr Lands $15M


  • Open Source is Now a Big Data Service
    Open source technologies continue to make headway across a range of industries undergoing digital conversions. The big data sector has of course led the way with a growing list of Apache Foundation projects ranging from Hadoop to Spark that have made their way into data-centric enterprises coping with huge data volumes.

    Among the vendors seeking to make access to open source technologies a single-click service is the Silicon Valley startup Instaclustr, which touts its “Open Source-as-a-Service” platform as a way of hosting and managing big data technologies in their “100 percent open source form.”


  • Canberra big data start-up Instaclustr raises $20.6m led by NY fund Level Equity
    Canberra-based start-up Instaclustr has raised a $US15 million ($20.6 million) Series B funding round, led by a New York venture capital fund Level Equity as it looks to hire staff to grow its increasingly popular open source tech platform.

    The company, conceived in 2014 by Ben Bromhead and Adam Zegelin, has created a tech platform that customers pay a monthly fee to use, in order to hosts and support applications that run using myriad open source data technologies.



  • Infineon enables open source TSS ESAPI layer
    This is the first open source TPM middleware that complies with the Software Stack (TSS) Enhanced System API (ESAPI) specification of the Trusted Computing Group .

    “The ease of integration on Linux and other embedded platforms that comes with the release of the TPM 2.0 ESAPI stack speeds up the adoption of TPM 2.0 in embedded systems such as network equipment and industrial systems,” says Gordon Muehl, Global CTO Security at Huawei.


  • Open source RDBMS uses spurred by lower costs, cloud options
    As the volumes of data generated by organizations get larger and larger, data professionals face a dilemma: Must database bills get bigger in the process? And, increasingly, IT shops with an eye on costs are looking to open source RDBMS platforms as a potential alternative to proprietary relational database technologies.


  • Progress open sources ABL code in Spark Toolkit
    New England headquartered application development company Progress is flexing its programmer credentials this month.

    The Massachusetts-HQ’d firm has now come forward with its Progress Spark Toolkit… but what is it?

    The Progress Spark Toolkit is a set of open source ABL code combined with some recommended best-practices.


  • Mixing software development roles produces great results
    Most open source communities don’t have a lot of formal roles. There are certainly people who help with sysadmin tasks, testing, writing documentation, and translating or developing code. But people in open source communities typically move among different roles, often fulfilling several at once.

    In contrast, team members at most traditional companies have defined roles, working on documentation, support, QA, and in other areas.

    Why do open source communities take a shared-role approach, and more importantly, how does this way of collaborating affect products and customers?

    Nextcloud has adopted this community-style practice of mixing roles, and we see large benefits for our customers and our users.


  • FOSS Project Spotlight: SIT (Serverless Information Tracker)
    In the past decade or so, we've learned to equate the ability to collaborate with the need to be online. The advent of SaaS clearly marked the departure from a decentralized collaboration model to a heavily centralized one. While on the surface this is a very convenient delivery model, it simply doesn't fit a number of scenarios well.

    As somebody once said, "you can't FTP to Mars", but we don't need to go as far. There are plenty of use cases here on Earth that are less than perfectly suited for this "online world". Lower power chips and sensors, vessel/offshore collaboration, disaster recovery, remote areas, sporadically reshaping groups—all these make use of central online services a challenge.

    Another challenge with centralization is somewhat less thought of—building software that can handle a lot of concurrent users and that stores and processes a lot of information and never goes down is challenging and expensive, and we, as consumers, pay dearly for that effort.

    And not least important, software in the cloud removes our ability to adapt it perfectly for use cases beyond its owner's vision, scope and profitability considerations. Convenience isn't free, and this goes way beyond the price tag.


  • ProtonMail's open source encryption library, OpenPGPjs, passes independent audit
    ProtonMail, the secure email provider, has just had its credentials re-affirmed after its encryption library, OpenPGPjs, passed an independent security audit. The audit was carried out by the respected security firm, Cure53, after the developer community commissioned a review following the release of OpenPGPjs 3.0 back in March.


  • Uber Announces Open Source Fusion.js Framework
    Uber Announces Fusion.js, an open source "Plugin-based Universal Web Framework." In the announcement, Uber senior software engineer Leo Horie explains that Uber builds hundreds of web-based applications, and with web technologies changing quickly and best practices continually evolving, it is a challenge to have hundreds of web engineers leverage modern language features while staying current with the dynamic nature of the web platform. Fusion.js is Uber's solution to this problem.


  • Web Browsers



    • Mozilla



      • Mozilla Recommend a Privacy Extension That Is Tracking Your Web History
        Web Security, a Firefox extension with over 200,000 current users, tracks every website users visit and stores that information on a German web server.

        The extension was recommended by Mozilla in a blog post last week about add-ons that improve users’ privacy. Mozilla has since edited the post, removing Web Security.


      • ASAN And LSAN Work In rr
        AddressSanitizer has worked in rr for a while. I just found that LeakSanitizer wasn't working and landed a fix for that. This means you can record an ASAN build and if there's an ASAN error, or LSAN finds a leak, you can replay it in rr knowing the exact addresses of the data that leaked — along with the usual rr goodness of reverse execution, watchpoints, etc. Well, hopefully. Report an issue if you find more problems.






  • Oracle/Java/LibreOffice



    • Oracle Open-Sources GraphPipe to Support ML Development
      Oracle on Wednesday announced that it has open-sourced GraphPipe to enhance machine learning applications.

      The project's goal is to improve deployment results for machine learning models, noted Project Leader Vish Abrams. That process includes creating an open standard.

      The company has a questionable relationship with open source developers, so its decision to open-source GraphPipe might not receive a flood of interest.

      Oracle hopes developers will rally behind the project to simplify and standardize the deployment of machine learning models. GraphPipe consists of a set of libraries and tools for following a deployment standard.




  • Pseudo-Open Source (Openwashing)



  • Openness/Sharing/Collaboration



    • Open Access/Content



      • OERu makes a college education affordable
        Open, higher education courses are a boon to adults who don’t have the time, money, or confidence to enroll in traditional college courses but want to further their education for work or personal satisfaction. OERu is a great option for these learners. It allows people to take courses assembled by accredited colleges and universities for free, using open textbooks, and pay for assessment only when (and if) they want to apply for formal academic credit.

        I spoke with Dave Lane, open source technologist at the Open Education Resource Foundation, which is OERu’s parent organization, to learn more about the program. The OER Foundation is a nonprofit organization hosted by Otago Polytechnic in Dunedin, New Zealand. It partners with organizations around the globe to provide leadership, networking, and support to help advance open education principles.




    • Open Hardware/Modding



      • Tomu Is A Tiny, Open Source Computer That Easily Fits In Your USB Port
        There are a number of USB stick computers available in the market at varying prices. One of them that really stands out is Tomu — a teeny weeny ARM processor that can entirely fit inside your computer’s USB port.

        Tomu is based on Silicon Labs Happy Gecko EFM32HG309 Arm Cortex-M0+ microcontroller that runs at 25 MHz. It sports 8 kb of RAM and 60 kb of flash onboard. In spite of the small size, it supports two LEDs and two capacitance touch buttons.






  • Programming/Development



    • Garbage collection in Perl 6
      In the first article in this series on migrating Perl 5 code to Perl 6, we looked into some of the issues you might encounter when porting your code. In this second article, we’ll get into how garbage collection differs in Perl 6.

      There is no timely destruction of objects in Perl 6. This revelation usually comes as quite a shock to people used to the semantics of object destruction in Perl 5. But worry not, there are other ways in Perl 6 to get the same behavior, albeit requiring a little more thought by the developer. Let’s first examine a little background on the situation in Perl 5.


    • An introduction to the Django Python web app framework
      In the first three articles of this four-part series comparing different Python web frameworks, we covered the Pyramid, Flask, and Tornado web frameworks. We've built the same app three times and have finally made our way to Django. Django is, by and large, the major web framework for Python developers these days and it's not too hard to see why. It excels in hiding a lot of the configuration logic and letting you focus on being able to build big, quickly.

      That said, when it comes to small projects, like our To-Do List app, Django can be a bit like bringing a firehose to a water gun fight. Let's see how it all comes together.


    • Dirk Eddelbuettel: RcppArmadillo 0.9.100.5.0
      A new RcppArmadillo release 0.9.100.5.0, based on the new Armadillo release 9.100.5 from earlier today, is now on CRAN and in Debian.

      It once again follows our (and Conrad's) bi-monthly release schedule. Conrad started with a new 9.100.* series a few days ago. I ran reverse-depends checks and found an issue which he promptly addressed; CRAN found another which he also very promptly addressed. It remains a true pleasure to work with such experienced professionals as Conrad (with whom I finally had a beer around the recent useR! in his home town) and of course the CRAN team whose superb package repository truly is the bedrock of the R community.


    • RcppArmadillo 0.9.100.5.0
      A new RcppArmadillo release 0.9.100.5.0, based on the new Armadillo release 9.100.5 from earlier today, is now on CRAN and in Debian.

      It once again follows our (and Conrad's) bi-monthly release schedule. Conrad started with a new 9.100.* series a few days ago. I ran reverse-depends checks and found an issue which he promptly addressed; CRAN found another which he also very promptly addressed. It remains a true pleasure to work with such experienced professionals as Conrad (with whom I finally had a beer around the recent useR! in his home town) and of course the CRAN team whose superb package repository truly is the bedrock of the R community.
    • PHP version 7.1.21 and 7.2.9
      RPM of PHP version 7.2.9 are available in remi repository for Fedora 28 and in remi-php72 repository for Fedora 25-27 and Enterprise Linux ≥ 6 (RHEL, CentOS).

      RPM of PHP version 7.1.21 are available in remi repository for Fedora 26-27 and in remi-php71 repository for Fedora 25 and Enterprise Linux (RHEL, CentOS).






Leftovers



  • How the [I]nternet has changed dating

    Others talk of the exhaustion of trawling through endless matches, going on disappointing dates with some of them, then having to drag themselves back onto the net when it goes nowhere. There is a loneliness, too. The [I]nternet uncouples dating from other social activities which might comfort a shy or spurned heart in the offline world; love’s vicissitudes can be harder when taken away from the context of a club or church hall.



  • Twitter destroys outside apps again by killing the API most of them use
    Those who cannot remember the past are condemned to repeat it, the writer and philosopher George Santayana said. That’s what Twitter has just done with the outside app developers on the microblogging platform, making a familiar move that threatens to destroy them once again.

    Officially citing “technical and business constraints,” Twitter today said it has shut down an application programming interface used by most third-party Twitter apps for things such as push notifications and automatic timeline updates. It claimed that “we’re not changing our rules, or setting out to ‘kill’ 3rd party clients but we are killing, out of operational necessity, some of the legacy APIs that power some features of those clients.”

    Further trying to justify the move, Twitter said in an internal email that the API used by third-party clients relied on “legacy technology” that was still in a “beta state” after more than nine years, somehow trying to shift the blame onto others.

    Twitter built much of its business off third-party app support until it decided to try to kill off third-party app support in 2011 in an effort to force users to use Twitter’s own apps with the built-in advertising Twitter needed to make money. That move didn’t successfully kill off all third-party apps, with some surviving under strict rules.


  • Twitter shuts down 3rd party API
    But now, some developers will no longer have access to the Twitter API.



  • Here’s Why Your Third Party Twitter Client Broke Today
    Every major third party Twitter client basically broke today, with key features like realtime updates, push notifications, and stats no longer working. Twitter caused the change themselves by shutting down some key APIs.


  • Hardware

    • ARM challenges Intel in PCs with Deimos and Hercules chips
      With PC makers like Asus and HP beginning to design laptops and tablets around ARM chips, ARM itself has decided to emerge from the shadows and unroll its roadmap to challenge Intel through at least 2020.

      ARM’s now-public roadmap represents its first processors that are designed for the PC space. ARM, taking aim at the dominant player, claims its chips will equal and potentially even surpass Intel's in single-threaded performance.


    • ARMed PCs


      It will be interesting to see how Intel responds. They are locked into supporting a backwards architecture due to huge investments in software globally. I don’t care about that. I use GNU/Linux and FLOSS exclusively. My software will run natively on optimized hardware designed by ARM and associates. I do care about having real competition in the space.


    • ARM Aims To Deliver Core i5 Like Performance At Less Than 5 Watts
      ARM has made public an aggressive CPU forward-looking road-map and some performance expectations. ARM is hoping to deliver year-over-year performance improvements of more than 15% through 2020.




  • Health/Nutrition



    • California May Make Abortion Pill Available at All Public University Student Health Centers
      A bill in the California legislature would expand abortion access, as much of the rest of the country is restricting it.

      California, the nation’s most populous state and a national leader in protecting and advancing reproductive health, could become the first to ensure that medication abortion is available to college students in public universities.

      State Senator Connie M. Leyva has authored SB320 — a groundbreaking bill in California that would require that the abortion pill, a safe and effective method to end a pregnancy, be offered at student health centers in every University of California (UC) and California State University (CSU) campus in the state. The law would lift barriers currently faced by students who struggle to travel off-campus to obtain an abortion, which results in unnecessary hardship and delay. The bill passed the California Senate last year; the California Assembly will vote on it by the end of this month.

      California’s effort to improve access to abortion care is a bright point in a national landscape that has seen access to abortion decrease significantly. In just the first six months of 2018, 11 states enacted 22 new medically unnecessary restrictions on abortion. West Virginia and Oregon will have anti-abortion measures on the ballot this November. Numerous other states are considering anti-abortion restrictions and if the Senate confirms Brett Kavanaugh, President Trump’s nominee to the Supreme Court, the court may not uphold the right to abortion.

      Jessica R., a UC student, struggled with paying for care and dealing with the complexities of insurance plans when she needed an abortion. She had to go off-campus to an unfamiliar provider for two separate appointments, which took take time away from class, work, and other responsibilities. Jessica’s grades slipped as she tried to navigate the obstacles to getting an abortion. Such financial, logistical, and emotional tolls are completely unnecessary.


    • St. Luke’s Heart Transplant Program to Lose Medicare Funding Today
      The heart transplant program at Baylor St. Luke’s Medical Center is set to lose federal funding today, a serious blow to a Houston hospital long regarded as one of the nation’s best for cardiac surgery.

      The Centers for Medicare and Medicaid Services announced in June that it would cut off funding for heart transplants this month after concluding that the hospital had not done enough to correct issues that led to a high rate of patient deaths in recent years. The federal action came weeks after an investigation by ProPublica and the Houston Chronicle detailed the depth of the problems and revealed that several physicians had left the program in recent years after raising concerns.

      Barring a last-minute delay by the agency, which would be highly unusual, the hospital will no longer be allowed to bill Medicare and Medicaid for heart transplants, and experts say the termination could affect the hospital in more far-reaching ways.

      With the federal sanction looming, some patients awaiting heart transplants at St. Luke’s have transferred their care to neighboring Houston Methodist and Memorial Hermann hospitals, officials at both said; at least two patients have already received new hearts since switching to Methodist. Meanwhile, St. Luke’s spokeswoman Marilyn Gerry said in an email that the hospital “is continuing to communicate with CMS about possible options” to maintain federal approval.


    • “Do Something, Please,” Doctors Testify at DCFS Hearing
      I didn’t expect so many doctors. Usually, when I cover legislative hearings, a steady stream of state officials testify. But this was different because Illinois lawmakers wanted to hear from the doctors who had overseen the treatment of some of the children I’ve been writing about.

      Five of those doctors testified on Tuesday from behind the long witness table at the Senate Human Services Committee, and I was struck by a theme that emerged: Children in psychiatric hospitals who watch their discharge dates come and go suffer deeply as they wait to be released.

      State sen. Julie Morrison, a Democrat from north suburban Deerfield, called the hearing in response to a ProPublica Illinois investigation in June that found that hundreds of children in the care of the Illinois Department of Children and Family Services had spent weeks or even months at a time locked in psychiatric hospitals.

      Doctors — some of the very ones who testified Tuesday — had cleared the children for discharge, but DCFS had failed to find them appropriate homes.


    • Why were people thinner in the 1970s?
      As you can see, lively Twitter discussion ensued. Monbiot did some research into people's dietary and exercise habits, then and now. He found that people actually ate more in the 1970s than they do now. Manual laborers are heavier today than they were in the 1970s. Kids move around as much today as they did 50 years ago.




  • Security



    • The Problems and Promise of WebAssembly
      WebAssembly is a format that allows code written in assembly-like instructions to be run from JavaScript. It has recently been implemented in all four major browsers. We reviewed each browser’s WebAssembly implementation and found three vulnerabilities. This blog post gives an overview of the features and attack surface of WebAssembly, as well as the vulnerabilities we found.

      [...]

      Overall, the majority of the bugs we found in WebAssembly were related to the parsing of WebAssembly binaries, and this has been mirrored in vulnerabilities reported by other parties. Also, compared to other recent browser features, surprisingly few vulnerabilities have been reported in it. This is likely due to the simplicity of the current design, especially with regards to memory management.

      There are two emerging features of WebAssembly that are likely to have a security impact. One is threading. Currently, WebAssembly only supports concurrency via JavaScript workers, but this is likely to change. Since JavaScript is designed assuming that this is the only concurrency model, WebAssembly threading has the potential to require a lot of code to be thread safe that did not previously need to be, and this could lead to security problems.

      WebAssembly GC is another potential feature of WebAssembly that could lead to security problems. Currently, some uses of WebAssembly have performance problems due to the lack of higher-level memory management in WebAssembly. For example, it is difficult to implement a performant Java Virtual Machine in WebAssembly. If WebAssembly GC is implemented, it will increase the number of applications that WebAssembly can be used for, but it will also make it more likely that vulnerabilities related to memory management will occur in both WebAssembly engines and applications written in WebAssembly.


    • Detecting Bomb And Guns Using Normal WiFi: Researchers Find A New Way
      The test was able to give out accurate results on 15 different objects ranging in there different categories — Metal, liquid, and non-dangerous items.

      While it’s not clear whether the government will adopt and use the newly developed tracking method in public places, this certainly looks like the best way to stop guns and bombs get into school premises.


    • What OpenShift Online customers should know about L1TF OpenShift SRE Security
      On Aug. 14, 2018, information was released about another set of “speculative execution” issues with Intel microprocessor hardware known as “L1 Terminal Fault”. As with earlier issues like Spectre and Meltdown, this information was coordinated with the release of updated software solutions to help mitigate the issue.

      At the time the embargo was lifted, the OpenShift SRE team worked to begin remediation (detailed below) on all OpenShift Online clusters. All Pro clusters finished remediation shortly before 18h00 EDT August 14, 2018. All Starter clusters were patched as of 23h30 EDT August 14, 2018.
    • L1TF (AKA Foreshadow) Explained in 3 Minutes from Red Hat


    • Google bod wants cookies to crumble and be remade into something more secure
      A key member of the Google Chrome security team has proposed the death of cookies to be replaced with secure HTTP tokens.

      This week Mike West posted his "not-fully-baked" idea on GitHub and asked for comments. "This isn't a proposal that's well thought out, and stamped solidly with the Google Seal of Approval," he warns. "It's a collection of interesting ideas for discussion, nothing more, nothing less."

      So far, people are largely receptive to the idea while pointing to the complexities that exist in trying to replace something that has become an everyday part of online interaction.
    • The Internet of 200 Kilogram Things: Challenges of Managing a Fleet of Slot Machines
      In a previous post we talked about Finland's Linux powered slot machines. It was mentioned that there are about 20 000 of these machines in total. It turns out that managing and maintaining all those machines is a not as easy as it may first appear.

      In the modern time of The Cloud, 20 thousand machines might not seem like much. Basic cloud management software such as Kubernetes scales to hundreds of thousands, even millions of machines without even breaking a sweat. Having "only" 20 thousand machines may seem like a small and simple thing that can be managed by one intern in their spare time. In reality things get difficult as there are many unique challenges to managing slot machines as opposed to regular servers.

      [...]

      There are roughly two different ways of updating an operating system install: image based updates and package based updates. Neither of these works particularly well in slot machine usage. Games are big, so downloading full images is not feasible, especially for machines that have poor network connections. Package based updates have the major downside that they are not atomic. In desktop and server usage this is not really an issue because you can apply updates at a known good time. For remote devices this does not work because they can be powered off at any time without any warning. If this happens during an upgrade you have a broken machine requiring a physical visit from a maintenance person. As mentioned above this is slow and expensive.


    • Security updates for Friday


    • How to Crack WinRAR Password Protected Files In Simple Steps?


    • A 16-Year-Old Hacked Apple Servers And Stored Data In Folder Named ‘hacky hack hack’
      Apple’s tall claims of keeping your data secured were shown mirror by an Australian teenager when he repeatedly hacked Apple servers and downloaded 90 GB of ‘secure files.’

      As reported by The Age, the teenager hacked Apple’s mainframe multiple times from his home because he was a fan of the iPhone maker company and dreamed of working for Apple.


    • Melbourne teen hacked into Apple's secure computer network, court told


    • SEI CERT releases open-source Source Code Analysis Laboratory for pinpointing vulnerabilities
      The Software Engineering Institute’s (SEI) CERT Division at Carnegie Mellon University released an open-source static analysis aggregator/correlator this week. Source Code Analysis application (SCALe) is designed to find vulnerabilities in application source code via multiple, independent static analysis tools.


    • Two DDoS Friendly Bugs Fixed in Linux Kernel [Ed: It wasn’t even anything critical]
      Maintainers behind the Linux kernel have rolled out patches in the past weeks for two bugs that are just ideal for causing havoc via DDoS attacks.

      Both bugs affect the Linux kernel's TCP stack and are known to trigger excessive resource usage in Linux-based systems.




  • Transparency/Investigative Reporting



    • Paul suggests granting Assange immunity in exchange for congressional testimony: Report
      Julian Assange should be let off the hook for releasing stolen material through his WikiLeaks website if he agrees to testify in person before lawmakers investigating his publication of Democratic Party documents, Sen. Rand Paul said in an interview published Wednesday.

      “I think that he should be given immunity from prosecution in exchange for coming to the United States and testifying,” said Mr. Paul, Kentucky Republican.

      “I think he’s been someone who has released a lot of information, and you can debate whether or not any of that has caused harm, but I think really he has information that is probably pertinent to the hacking of the Democratic emails that would be nice to hear,” Mr. Paul told a writer for The Gateway Pundit site.


    • Assange should be given immunity if US wants him to testify – Rand Paul


    • Defending Julian Assange's leaks equals a free press


    • Corporate Media Join in Editorializing for Press Freedom…for Themselves
      Some 300 newspapers, large and small, joined today in publishing, often on their front pages, editorials defending the First Amendment’s freedom of the press, often making note of their own efforts to combat current threats to that freedom posed by President Trump’s attacks on journalists and the entire Fourth Estate, which Trump routinely denounces in tweets and at rallies as “enemies of the people.”

      However, missing from most of these full-throated editorials is any real defense of those who are in the trenches doing the hardest job of a free press, which is exposing the worst offenses of government: the war crimes, the craven systemic corruption of the political system, and the purveying of propaganda and disinformation in the furtherance of anti-democratic policies. (A good example would be the employment by most major news organizations of retired generals and colonels as war commentators without noting their roles on corporate boards of arms merchants that profit form war — a scandal that not one major news organization will expose.)

      Nowhere does one read, in these coordinated and seemingly impassioned editorial paeans to press freedom, a condemnation of the five-year torture and pursuit of journalist and Wikileaks founder Julian Assange, who has been holed up in the London embassy of Ecuador, hiding from a secret sealed indictment that since the days of the virulently anti-free-press Obama administration has been sitting in the Attorney General’s office waiting for his capture.

      Assange is trapped in the cramped Ecuadoran embassy by a complicit British government that has threatened to arrest him if he exits the building, claiming he is wanted for jumping bail in a court case that was already long-ago mooted by the expiration of Swedish arrest warrant that itself was based upon trumped-up charges of “rape” made against Assange by women who say they had not wanted those charges made in the first place. His real crime, and the thing the US wants to extradite him from Britain for, is publishing leaked Pentagon documents and videotapes proving a policy in the Iraq war of massive and deliberate war crimes.






  • Finance



    • We must come together to make the call for democracy loud and clear
      Does protesting change anything? Sometimes, yes. Marches and protest can and do bring rapid political change – there are no rules about that. The louder, the more insistent, the more compelling the argument, the more chance of it prevailing. More than anything, a march is a visible symbol and is hard to ignore. So it is with a final say on Brexit.

      That is why The Independent is joining forces with the People’s Vote March for the Future, taking place in London on Saturday 20 October. People’s Vote has similar objectives to The Independent’s Final Say campaign, which calls for a public vote on a Brexit deal. Many other organisations, such as trade unions, professional associations and others in civic society, share those goals. Today we report that Community, the union for steelworkers and other trades, supports a final say for the British people, joining bodies as diverse as the British Medical Association and the National Union of Students in this broad-based coalition.




  • AstroTurf/Lobbying/Politics



    • How to Beat a Manipulator
      Humans are hackable. Ask any conman. Our desire to think we have control over our lives often hides this from ourselves, but most of us are highly suggestible and hypnotizable. If you think you’re not, you’re in more danger of being hacked than someone who has humbled themselves enough to see how this works in them.

      There’s no need to be ashamed of being conned. Realizing that you’ve been, or are being, conned will naturally bring up feelings of embarrassment, but it’s never your fault that someone’s taken you for a ride. Get clear: conning someone is the crime; being conned is being a victim of that crime. That’s how the law sees it in fraud cases. Manipulators would love you to think that it’s your fault for allowing yourself to be manipulated, but that’s just another manipulation isn’t it?

      Manipulators use one of our most astounding, useful, and beautiful human characteristics when they con us—empathy. Our innately trusting nature is the reason why we’ve been able to collaborate on large scales to create and innovate in extraordinary ways unseen anywhere else in the animal kingdom. Because we learn by modeling, and we are shaped by the group we inhabit and our urge to create harmony will make life viscerally uncomfortable until we are back in alignment with our tribe. We are the peacemakers; we seek alignment, which is how we are paced by manipulators into aligning with their sick agendas. How gross is it then that our ability to empathize and relate to each other is one manipulators use to control us?

      Because of the reach of mass media, every single one of us is in an abusive relationship with plutocratic manipulators. Many of us are in personal relationships with manipulators too. Conveniently, the strategies for dealing with sociopathic manipulators are the exact same, from plutocrats to your live-in partner.




  • Censorship/Free Speech



  • Privacy/Surveillance



    • Google's Location Info Failure Might Interest The FTC
      It's entirely possible, if not likely, that the location history feature is completely disconnected from the location specific data within these other apps. But, still, the average consumer is not going to realize that. Indeed, the tech savvy consumer is mostly unlikely to understand that. And Google's new "clarification" isn't really going to do a very good job actually clarifying this for people either. Google certainly has done a better job than a lot of other companies both in providing transparency about what data it collects on you and giving you controls to see that data, and delete some of it. But this was still a boneheaded move, and it's simply ridiculous that someone at the company didn't spot this issue and do something about it sooner.

      As I've been pointing out for a while, a big part of why so many people are concerned about privacy on digital services is because those services have done a piss poor job of both informing users what's happening, and giving them more control over the usage of their data. This kind of situation is even worse, in that under the guise of giving users control (a good thing), Google appears to have muddied the waters over what information it was actually collecting.

      I also wonder if this will make the FTC's ears perk up. There is still an FTC consent decree that binds the company with regards to certain privacy practices, and that includes that the company "shall not misrepresent in any manner, expressly or by implication... the extent to which consumers may exercise control over the collection, use, or disclosure of covered information." And "covered information" includes "physical location."
    • NJ Courts Impose Ridiculous Password Policy 'To Comply With NIST' That Does Exactly What NIST Says Not To Do
      As a New Jersey native I know how tempting it is for people to gratuitously bash my home state. But, you know, sometimes it really does have it coming.

      In this case it's because of the recent announcement of a new password policy for all of the New Jersey courts' online systems – ranging from e-filing systems for the courts to the online attorney registration system – that will now require passwords to be changed every 90 days.


    • Yes, That Location History Button Is Useless, Confirms Google!
      Google updated a page titled ‘Manage or delete your location history’ in their support forum which states that “this setting [location history] does not affect other location services on your device. Some location data may be saved as part of your activity on other services, like Search and Maps.”




  • Civil Rights/Policing

    • Malala calls for rebuilding of torched schools in GB

      Nobel Peace Prize laureate Malala Yousafzai has called for the rebuilding of 13 schools torched by unidentified assailants in Gilgit Baltistan's (GB) Diamer district.



    • Number of schools torched in Diamer goes up to 13

      There are no Taliban militants in the area, however, extremists who oppose female education are present, Shah disclosed.



    • Jeff Sessions Slams the Door on Immigrants Desperate to Escape Domestic Violence
      The Trump Administration’s new asylum and deportation policies create illegal hurdles for women fleeing persecution.

      Last Thursday, U.S. District Judge Emmet Sullivan sharply criticized the government for deporting two ACLU clients — a woman and her child who had fled rape and other brutality by her husband and a gang in El Salvador — who are challenging the Trump administration’s draconian new policies applicable to the initial “credible fear” asylum screening system.

      “This is pretty outrageous,” Sullivan said. “Somebody in pursuit of justice who has alleged a credible fear in her mind and is seeking justice in a United States court is just spirited away?”

      Carmen (a pseudonym) and her young daughter were returned to the United States that same day after the judge threatened to hold Attorney General Jeff Sessions in contempt if they were not. But they are not alone in facing deportation while requesting protection from domestic violence. In its crackdown on immigrants at the border and in the United States, the Trump administration has endangered countless asylum seekers and immigrants pursuing justice under U.S. laws.


    • Border Officials Are Still Defending Family Separations
      Kevin McAleenan, the commissioner of Customs and Border Protection, recently gave The New York Times an interview. For those expecting some contrition from him for the lasting trauma inflicted by CBP on children taken away from their parents under the Trump administration’s family separation policy, or empathy for the hundreds of kids still without their parents, his answers project callous defensiveness and alarming inaccuracy.

      McAleenan’s Border Patrol agents are the ones who implemented family separation, so he has a responsibility to engage in straight talk about what happened and his views on the policy. Instead, however, McAleenan chose in the interview to be evasive and downright misleading, leaving a clear impression of CBP’s sole “lesson learned”: It’s the public reaction to this vile policy that went wrong — not the actual damage it caused.

      When asked, “Do you have any regrets about how [family separation] was implemented?” McAleenan replied: “I think we have a responsibility to protect families and children. Well-intended efforts to enforce the law are not going to succeed if they lose the public trust.” This echoes the words of an anonymous Border Patrol official, who recently stated, “We missed out on an opportunity to educate the public about the reality of the border. You have to think everything through before you move on something like this, and when the pushback hits, you have to weather the storm.”


    • Aretha Franklin—Musical Genius, Truth Teller, Freedom Fighter


    • New Bill Aims To Pierce The Darkness Surrounding California Police Officers' Disciplinary Records
      Cops in California have literally unbelievable protections. To ensure the "privacy" of government employees sworn to serve the public, the Cali legislature has kowtowed to state police unions to make disciplinary records all but impossible to obtain… by anyone.

      This has led to the expected results. Professional liars in cop uniforms offer unimpeached testimony filled with more lies as defense lawyers stand helplessly by, screwed out of offering effective counsel by state law. The law is so restrictive prosecutors are often unable to obtain these files. In the unlikely event a cop is being prosecuted, past misdeeds are hidden under a heavy layer of legislated opacity, hindering effectiveness on the other side.

      Sure, if you're the victim of police violence, your past is an open book. The cops will dump everything they have on you, from the shoplifting citation two decades ago to every charge ever brought (but ultimately dropped or dismissed) against you in your lifetime to smear your reputation and burnish their own. But if the court would be better served knowing the witness on the stand is an inveterate liar with a history of misconduct, justice will not only go blind but underserved under state law.



    • Free Expression Activist and Poet Birgitta Jónsdóttir Joins EFF’s Advisory Board
      EFF is thrilled to welcome Birgitta Jónsdóttir as a Technical Advisor on our Advisory Board. The founder of Iceland’s Pirate Party and a former member of Iceland’s Parliament, Birgitta is a poet, artist, and free expression and digital rights activist who is one of the world’s most inspiring voices for the possibility of the Internet as force for freedom.

      Birgitta’s activism has been an inspiration to many, including EFF. In 2010, she worked with WikiLeaks to release a video of a U.S. helicopter gunning down a group of civilians and journalists in Baghdad. That put her on the radar screen of U.S. Justice Department, which sought to obtain her Twitter account records in an investigation of Wikileaks.

      When Twitter notified Birgitta and others about the government request, EFF stepped in to ask a court to block the government from forcing Twitter to turn over Birgitta’s records. We sought to encourage other companies to follow Twitter and notify customers when law enforcement demands user data, which led to the creation of our annual “Who Has Your Back” report examining tech companys’ policies for protecting their users from the government.




  • Internet Policy/Net Neutrality

    • 'Oversight' Hearing Fails Utterly To Hold FCC Accountable For Lying To Congress About Fake DDOS Attack
      FCC "oversight" hearings continue to be comically lacking in the actual oversight department. As we noted previously, today was Congress' opportunity to hold the FCC and agency head Ajit Pai accountable for making up a DDOS attack and then lying (repeatedly) about it to the press, FBI investigators, and Congress. As we've previously stated, both e-mails obtained via FOIA and an FCC Inspector General report found that the FCC bizarrely made up a DDOS attack to try and explain away the fact that John Oliver viewers angry about the net neutrality repeal had organically crashed the agency's website.

      The IG's report and internal e-mails go to great lengths to point out that not only did FCC CIO make up a DDOS, but several FCC staffers then misled Congress repeatedly about the total lack of evidence supporting that claim. The false statements were bad enough to warrant them being forwarded to the DOJ, which refused to prosecute anyone. But the e-mails also highlight how the FCC's press office repeatedly misled numerous press outlets, and even went so far as to issue statements denigrating like Gizmodo's Dell Cameron for being "irresponsible" as they slowly uncovered the fake claims.

      In a functional democracy, this is the sort of thing that would be covered extensively at a hearing purportedly designed specifically to hold the FCC accountable to Congress and the public. In said fictional healthy democracy, Congress might even, you know, actually do something about it.


    • Brett Kavanaugh Chose Corporations Over the Public in a Major Net Neutrality Fight
      Senators must decide whether they support a Supreme Court justice who values the free speech rights of corporations over those of their constituents.

      Judge Brett Kavanaugh, President Trump’s nominee for the Supreme Court, will have his Senate confirmation hearings next month. An exacting look at his judicial record is crucial to understand where he stands on issues of critical importance to the American people.

      In one such case, United States Telecom Association. v. FCC, the D.C. Circuit Court of Appeals was called upon to review the constitutionality of the Federal Communications Commission’s net neutrality regulations from 2015. Kavanaugh’s dissenting opinion places a troublingly limited value on the free speech interests of the public relative to those of internet service providers.


    • Ajit Pai Opposes Effort To Update The Definition Of Broadband
      The Telecom Act of 1996 mandates that the FCC routinely assess whether broadband is "being deployed to all Americans in a reasonable and timely fashion," and do something about it if that's not the case. As part of that mission, the FCC also periodically takes a look at the way it defines broadband to ensure the current definition meets modern consumer expectations and technical advancements. That's why, much to the telecom industry's chagrin, the FCC in 2015 changed the definition of broadband from a fairly-pathetic 4 Mbps downstream and 1 Mbps upstream to the current standard of 25 Mbps downstream and 3 Mbps upstream.

      Telecom monopolies (and the lawmakers paid to love them) whined incessantly about the changes at the time. Why? Because the higher definition only highlights how there's virtually no competition at faster speeds in the U.S. It also highlights how because countless U.S. telcos have shifted their focus to more immediately-profitable ventures (like flinging video ads at Millennials), they've neglected network upgrades on a comical scale. As a result, most modern telcos fail to even technically sell "broadband" across vast swaths of America, giving cable giants like Comcast a bigger broadband monopoly than ever before.

      As such, you can kind of understand why, if you're a lumbering broadband monopoly, why you'd prefer the definition of broadband remain at ankle height.

      With the FCC preparing its latest assessment of the broadband broadband industry as required by law, the question over whether the broadband standard should again be lifted has again raised its ugly head. Especially given that in the age of symmetrical gigabit (1 Gbps) connections and cloud storage, that 3 Mbps upstream standard is looking a little lame. But in a Notice of Inquiry (pdf) published last week, Pai’s FCC proposed keeping the current 25/3 definition intact, something that apparently annoyed his fellow Commissioner Jessica Rosenworcel.




  • Intellectual Monopolies



    • Germany: Telekommunikationsnetzwerkdienste, Federal Court of Justice of Germany, X ZR 89/15, 16 January 2018
      Nullity Plaintiff still has a need for legal relief even after expiry of the patent as long as Patentee has not given up claims against customers of Plaintiff.


    • Unauthorized Amendment of Contentions Does Not Require Motion to Strike if the Issue is Clearly and Timely Raised by Letter
      The court denied as moot defendant's motion to strike plaintiff's supplemental infringement contentions after plaintiff conceded the contentions should be withdrawn.


    • Japanese local banks to increase chances to give a loan using IP information
      Recently, alternative lending has been attracting attention in Japan. Alternative lending is a business loan option that falls outside of a traditional bank loan. For example, a Japanese electronic commerce and Internet company Rakuten gives a loan to its online shopping site owners using daily accounting data, and an accounting software company Yayoi also provides a loan to the users based on accounting data stored in the cloud. The banks seem to be losing opportunities to make a loan. Considering such situation, some banks reportedly have started collaboration with IT companies to develop similar services.


    • Trademarks



      • 'In-N-Stout Beer' Spurs Punny Cease and Desist Letter From Burger Chain


      • In-N-Out Sends Punny Cease And Desist Over Fairly Clear Trademark Infringement
        You may have heard the general mantra that "puns are the lowest form of comedy." Heathens say that, because puns are great and, if I had my way, there would be a legal requirement to use at least one in every legal document this country produces. They can also be used to lighten up what would otherwise be heavy legal actions. Such is the case with In-N-Out Burger, which decided to respond to what is pretty likely trademark infringement with a pun-laden cease and desist.

        We'll start with the product that was likely infringing on In-N-Out's trademarks, which itself involves some punnery.


      • Comrade Brewing Registers ‘Superpower’ Following Legal Dispute with POM Wonderful
        On Thursday, August 2, the Trademark Trial and Appeal Board (TTAB) ruled that Comrade Brewing Co. LLC could register its “Superpower” as a trademark for beer, shooting down a challenge filed by the company behind POM Wonderful and Fiji Water. This came with the ruling that consumers will not confuse a juice called “Antioxidant Superpower” with a beer called “Superpower,” rejecting the argument that the two types of beverage were closely related for trademark purposes.

        [...]

        “Particularly in light of the differences between the goods but also because the two marks had key differences in appearance,” Cataldo wrote, “the board sided with Comrade Brewing.”

        “The result is what we expected and contended from the start,” explains Comrade Brewing owner David Lin. “We’re pleased with the result and appreciate the passion and efforts of our lawyers at beerattorney.com in defending this matter.”

        Comrade Brewing has filed for the ‘Superpower’ trademark with the United States Patent and Trademark Office and is currently waiting for approval.


      • Comrade Brewing Gets Its 'Superpower' Trademark After Nonsense Opposition From The Wonderful Company
        Between the explosion in the craft beer industry and our pernicious ownership culture, the beer industry has enough of a trademark problem to regularly appear in our posts. While many of the disputes in the industry are generated by once-small breweries that have grown up and shed their permissive attitudes towards branding, just as many trademark disputes result from entities outside the industry attempting to pretend that the alcohol industries, if not craft beer specifically, are not markets all to their own. This lack of nuance occasionally pervades even within the USPTO, unfortunately.

        But sometimes the TTAB gets it right. Such is the case with Comrade Brewing, makers of its 'Superpower IPA' brew, for which the TTAB refused the opposition of The Wonderful Company, which makes fruit juices. At issue was the slogan for POM Wonderful juices: "Antioxidant Superpower."








Recent Techrights' Posts

Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
 
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024
Gemini Links 16/12/2024: Invisibles and 20 Years of GNU/Linux on the Desktop
Links for the day
Microsoft's Windows Fell From 98% to Less Than 15% (in 15 Years in Africa)
Operating System Market Share Africa
Swaziland: GNU/Linux Leaps to 7.24%, Based on statCounter
Remember that Microsoft had many layoffs this year in Africa
A Birthday Wish
My birthday is a few hours away
[Meme] Definitely Not Your Role Models
Hypocrite Neckbeard Meme
Changes or Variation of Logo at the FSF as 40th Anniversary is Near (Months Away)
Next year the FSF turns 40
Mobile Usage Nearly 90% in Maharlika (Philippines)?
Microsoft has become just a footnote
Push Back and Become More Vocal for LLM Abuse and Misuse to Stop
We hope that more people out there (sites too) will call out the people who saturate particular topics on the Web with machine-generated junk
The Media Failed to Hold GAFAM Accountable (and Now It Suffers From It and For It)
This recognition of the problem emboldens us to carry on
Botswana: New Highs for GNU/Linux, All-Time Lows for Microsoft
No wonder Microsoft has so many layoffs in Africa this year
Links 16/12/2024: Skinnerboxes ("Smart" "Phones") and Control Social Media Blamed for Fights
Links for the day
Reminder: The Microsoft Person Who Used OpenAI for En Masse GPL Violations Told the Whistleblower to Kill Herself
The evidence (real message)
Links 16/12/2024: emacs, Drawabox, “You Should Have Your Own Website”
Links for the day
In Some Parts of the World, Like Central America and South America, Microsoft is Irrelevant on the Web
Nadella has bet the farm on a Ponzi scheme
[Meme] Microsoft is Not a Country
Reporting crimes is essential for democracy
There's Not Much Time Left for President Biden to Pardon Julian Assange and Signal to Journalists That Exposing States' Crimes or Rich People's Misbehaviour is Lawful
Apathy towards this is part of the problem
Image Fusion is Not 'AI' (LLMs Aren't Either)
Such fakes can (and always could) be done by a digital artist, it's just a little more expensive and time-consuming
GNU/Linux at New Highs in Bosnia And Herzegovina
Quite a few Balkan nations show high adoption rates for GNU/Linux
From Scientists to Pigeons: The EPO Has Turned Patent Examination Into a Process Made by Computers and Improperly Trained Staff Which Doesn't Meet the Requirements of the European Patent Convention (EPC)
Might as well abolish this entire system if this is the current trajectory
Razik Menidjel Will No Longer be Chief Operating Officer Operations at the EPO
What does the EPC say about slop and should it be updated to deal with trouble such as slop?
Underpaid and Inexperienced Workers Overwhelm the EPO, Granting Many Invalid Patents and Placing Pressure on Veteran Examiners
So-called "production" (giving monopolies) pressure is "compromising the quality of our products" [sic] according to a new report
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 15, 2024
IRC logs for Sunday, December 15, 2024
Links 15/12/2024: Social Control Media Disarray and Software Patent Eligibility Attempted by Litigation Maximalists
Links for the day
Links 15/12/2024: "Internet Era Might Be History's Least-Documented Period", Microsoft’s Telecom Biz Practically Dead
Links for the day
Links 15/12/2024: SQLite Bootstrap, More Terminals, Helix Themes
Links for the day
Two Laptops Up and Running (No Reboots) Since 2023
my main laptops, "vonick" and "bubi", haven't been rebooted since 2023
Links 14/12/2024: Yoon Impeached, "Intel's Death", and "Hey Hi" Hype Causes Warming and Pollution
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 14, 2024
IRC logs for Saturday, December 14, 2024