Now, this is not a reactionary decision. It is one based on curiosity. I am not trying to wean myself off the evil corporations or anything of that sort. I am quite happy using Windows and Linux in parallel, but then, I also want to see the Linux desktop succeed, in a real-life, pragmatic sort of way, without compromising or any sweet illusions. So I am now going to take my Linux experience to another level, and that means using a Linux machine for some really really serious stuff. After me.
So, as a cost-conscious consumer, I’m pleased to see Dell introduce a newer, lower-priced Dell XPS 13 model that, on paper, sounds like a great all round machine.
Unveiled at IFA 2018, a tech show taking place in Berlin, Germany, the cheaper Dell XPS 13 9370 starts at under $899, which makes it one of the lowest priced XPS models released to date.
Naturally there are some compromises, specifically in the processor.
Google helped to create the Linux Foundation's Cloud Native Computing Foundation in July 2015 with the contribution of the Kubernetes container orchestration system. Although Google contributed Kubernetes, it was still running the core infrastructure for building, developing and testing Kubernetes—until now.
On Aug. 29 at the Linux Foundation's Open Source Summit here, the CNCF and Google announced that Kubernetes development will be moving to the CNCF's control in an effort to further enable multicloud development. Alongside the move, Google announced that it is donating $9 million in Google Cloud Platform credits to enable the CNCF to run Kubernetes developments for the next three years.
On reflection, I suspect their chances would be better if they were serious about interoperating with Swift. The performance gains that they demonstrated were quite impressive. But their paymasters at RAX weren't into this community development and open-source toys (not that RAX went through the change of ownership while Hummingbird was going on).
Science fiction writer William Gibson once said, “The future is already here -- it’s just not evenly distributed.” He was explaining that things we once thought of as futuristic already were a reality for some people, but not everyone.
He may as well have been talking about adoption of Linux containers within the federal government.
While evidence suggests that the public sector’s interest in Linux containers continues to grow, many agencies remain on the fence. Whether due to budget, lack of information or other constraints, government adoption of Linux containers has been slower than it has been in the commercial space. Many agencies continue to view containers as exclusively for the cool kids in Silicon Valley.
Use of Linux on battery-powered systems continues to grow, and general energy-efficiency concerns are not going away any time soon. The Power Management and Energy-awareness micro-conference therefore continues a Linux Plumbers Conference tradition of looking into ways to improve energy efficiency.
In spite of significant progress made over the last year on multiple fronts, including but not limited to the enhancements of the scheduler’s load-tracking facility with an improved awareness of the amount of time taken by realtime processes, deadline processes, and interrupt handling in order to improve CPU performance scaling, the work on implementing energy-aware scheduling on asymmetric systems in the kernel (https://lwn.net/Articles/749900/), and the process utilization clamping patch series (https://lwn.net/Articles/762043/), there still are open issues to be discussed and new ideas to consider. This year, the focus is on energy-optimized task scheduling, user space interfaces for passing power/performance hints to the kernel, platform power management mechanisms and power management frameworks.
The soon-to-be-released Linux 4.18.6 stable kernel will correctly report the CPU core temperatures of the new AMD Threadripper 2950X and 2990WX processors.
With the new high-core-count AMD processors that launched earlier this month, the 16-core / 32-thread Threadripper 2950X and 32-core / 64-thread Threadripper 2990WX, the only real Linux shortcoming to report had been the lack of correct temperature reporting on the stock Linux kernel at the time... With the kernels up to this point, the reported CPU core temperature on these Threadripper 2 CPUs has been +27 degrees (Celsius) higher than it should be due to a missing Tctl offset.
As of this writing, Linus Torvalds has pulled just over 7,600 non-merge changesets into the mainline repository for the 4.19 development cycle. 4.19 thus seems to be off to a faster-than-usual start, perhaps because the one-week delay in the opening of the merge window gave subsystem maintainers a bit more time to get ready. There is, as usual, a lot of interesting new code finding its way into the kernel, along with the usual stream of fixes and cleanups.
It has been understood for years that kernel performance can be improved by doing things in batches. Whether the task is freeing memory pages, initializing data structures, or performing I/O, things go faster if the work is done on many objects at once; many kernel subsystems have been reworked to take advantage of the efficiency of batching. It turns out, though, that there was a piece of relatively low-hanging fruit at the core of the kernel's network stack. The 4.19 kernel will feature some work increasing the batching of packet processing, resulting in some impressive performance improvements.
Once upon a time, network interfaces would interrupt the processor every time a packet was received. That may have worked well with the kind of network interfaces we had in the 1990s, but an interface that worked that way now would be generating many thousands of interrupts per second. That, in turn, would swamp the CPU and prevent any work from getting done. The response to this problem in network circles was the adoption of an API called "NAPI" (for "new API") during the long 2.5 development series.
Side-channel attacks are a reasonably well-known technique to exfiltrate information across security boundaries. Until relatively recently, concerns about these types of attacks were mostly confined to cryptographic operations, where the target was to extract secrets by observing some side channel. But with the advent of Spectre, speculative execution provides a new way to exploit side channels. A new Linux Security Module (LSM) is meant to help determine where a side channel might provide secrets to an attacker, so that a speculative-execution barrier operation can be performed.
In current kernels, a context switch from one process to another often necessitates a flush of the translation lookaside buffer (TLB) contents, which is done in switch_mm_irqs_off(). For x86, after the Spectre v2 mitigations, that function calls indirect_branch_prediction_barrier() when switching away from a process that is not allowed to core dump (i.e. does not have SUID_DUMP_USER set). The barrier (which is known as IBPB) is an expensive operation, so it is only done for "sensitive" processes that have turned off core dumps (e.g. GPG). Core dumps of a process can contain secrets of various sorts, such as keys or passwords.
As we near the release of the Linux 4.18.6 stable kernel, more goodies just keep coming for Linux users – its now been reported that the Linux 4.18.6 stable kernel will be able to properly report CPU core temperatures of the new AMD Threadripper 2950X and AMD Threadripper 2990WX processors –
With the support of its members, The Linux Foundation hosts open source projects across technologies including networking, security, cloud, blockchain, and more. This collaborative development model is helping technology advance at a rapid pace in a way that benefits individuals and organizations around the world.
Leading Enterprise Blockchain Company Will Participate in the EdgeX Foundry and Linux Foundation Networking Communities
At the Linux Foundation's Open Source Summit in Vancouver, Storj Labs a decentralized cloud storage company, announced a partnership that will enable open-source projects to generate revenue when their users store data in the cloud: The Open Source Partner Program.
Why? Ben Golub, Storj's executive chairman and long time open-source executive, explained there's a "major economic disconnect between the 24-million total open-source developers and the $180 billion cloud market." That's why, for example, Redis Labs recently added the controversial Commons Clause license to its Redis program.
Google today announced that it is providing the Cloud Native Computing Foundation (CNCF) with $9 million in Google Cloud credits to help further its work on the Kubernetes container orchestrator and that it is handing over operational control of the project to the community. These credits will be split over three years and are meant to cover the infrastructure costs of building, testing and distributing the Kubernetes software.
Kubernetes, a system designed to assist developers with management of containerized applications, including deployment, scaling, and updating, was developed originally by Google. Kubernetes is written in the Go programming language, another Google product, and was made open source in 2014.
Open Source Summit North America – The Cloud Native Computing Foundation€® (CNCF€®), which sustains and integrates open source technologies like Kubernetes€® and Prometheusââ¢, today announced that 38 new members have joined the Foundation – growing from 28 members at the Foundation's launch in 2015 to 284 today.
The work done by Valve open-source Linux GPU driver Timothy Arceri to implement OpenGL 4.5 compatibility profile has been merged into Git master for next quarter's Mesa 18.3 release.
As of Mesa 18.3 tonight in Git, the RadeonSI Gallium3D driver is able to expose OpenGL 4.5 under the compatibility context rather than GL 4.4. Even that GL 4.4 level for the compatibility profile is a big milestone with just in the past few months having gone from OpenGL 3.2 compatibility support, thanks to the work done by AMD and Valve, which we now know is part of their Steam Play for Windows games on Linux. That OpenGL 4.4 compatibility profile support is just squared away for the Mesa 18.2.0 release happening in the next few days.
Announced last October was a 24-core ARM developer box being worked on by Linaro/96Boards, Socionext, and Gigabyte. The specifications are appealing with twenty-four ARM 64-bit cores with the SoC on a micro-ATX sized motherboard, support for a PCI Express graphics slot, and onboard Gigabit Ethernet. Here are our first benchmarks of this Socionext 96Boards Developerbox.
Word this week of the NVIDIA Jetson Xavier Development Kit being up for pre-order reminded me of some benchmarks I had been meaning to do of seeing how the NVIDIA Jetson TX2 developer kit's performance has evolved since its launch a year and a half ago. There's actually a quite measurable improvement in performance with the latest software/drivers compared to it was at launch.
A couple of years of using various Linux distros have shown me a lot of new stuff. Some interesting user interfaces, some new package managers but one place where I haven’t seen many inventions is the terminal. It has always been the same old shell that comes by default. Even though it is one of the most used things, I haven’t seen much of a variation with it.ââ¬â¹ But recently I came across Terminus - A terminal for the modern age. So I decided to give it a try. First of all, let us look at its installation and availability on various systems.
The issue of security of correspondence and the personal data protection has always been relevant, attracting more and more groups of people from a wide range of different IT activities. In order to create the highest possible level of security, they make a variety of solutions for products offering the most interesting options for protection.
One of such unusual examples can serve the ADAMANT Messenger, the team of which involved Blockchain technology for the transmission of messages. It is an anonymous, open source and secure Blockchain-based Messenger. The main purpose of the ADAMANT Messenger is to provide anonymity, privacy and security. As you may know already, many instant free messaging applications (like WhatsApp, Telegram, Viber) requires some form of verification (usually a phone number or email address), but ADAMANT requires none. No emails, no phone numbers and no need to register or enter any information about you.
Thanks to Google Summer of Code 2018, student developer Danil Iashchenko devoted the past several months to writing more filters within FFmpeg's Libavfilter library in OpenCL.
Iashchenko spent the summer writing more libavfilter coverage for OpenCL to allow more of these video operations to be offloaded to the GPU and thereby freeing up more CPU resources.
From the press email we got sent (thanks Xpander) Linux is a confirmed platform for the game.
The addictive game Rocket League that has you sat in rocket-powered cars smashing balls around a court has been updated with some fun goodies. In addition to the patch, they've announced their "Rocket Pass" is going to go live next week, which has a free and paid option to allow you several ways to earn new content.
You will be forgiven for not knowing about BlazeRush, since it's an oldie released back in 2014. Taking another look at it recently with the help of my trusty side-kick I've found it to be an exceptionally fun co-op experience on Linux.
It's an action-racing game filled with ridiculous power-ups like boosters, rockets, chainguns and so on which makes it so ridiculous. It's basically Micro Machines covered in awesome sauce. For those who don't have people to play with locally, it also has online play and some pretty menacing bots that will waste no time in completely annihilating you off the track.
Battle Chef Brigade is a rather good mix of cooking and hunting which just got upgraded to a Deluxe edition. You can see my original thoughts on it here. Honestly, the game really is surprisingly good and it's fantastic to see such a massive update out for free.
Note: It doesn't advertise Linux support on Steam, but it does have a Linux version. The developers said it's simply because they haven't tested it enough. It does list Linux support on GOG.
The team behind the Linux-powered games console, the Atari VCS, recently had a three-day session together to go over the progress and it seems quite interesting. It's not exactly going to into a huge amount of depth, really most of it sounds like the obvious things they would be working on but it's still good to see it progress forward after their successful IndieGoGo campaign.
Valve seem to be moving pretty quickly with Steam Play, as a new stable Steam Client is out which includes preliminary support for the new Steam Play Beta.
SCUM [Steam], an open world survival game from developer Gamepires (produced by Croteam and published by Devolver Digital) is shaping up to be one of the most exciting releases this year and it seems Linux is in their plans.
At this week's Open-Source Summit in Vancouver is a presentation by an Activision developer talking about Call of Duty performance but sadly it's not what may come to mind.
Activision sadly isn't doing a native Linux port of their popular Call of Duty game series but rather is talking about it at the Open-Source Summit in regards to building extendable data pipelines. Yeah, I got excited too when seeing "Activision" and "Call of Duty" at this week's Linux Foundation event but it's just in regards to their back-end infrastructure.
During this year's Akademy conference, Lays Rodrigues introduced Atelier, a cross-platform, open-source system that allows users to control their 3D printers. As she stated in her talk abstract, it is "a project with a goal to make the 3D printing world a better place". Akademy is the KDE community's annual conference. This year it took place in Vienna and the program included a number of hardware-related talks as part of the conference portion held during the weekend of August 11 and 12.
[...]
The AtCore library's function is to provide an abstraction for the serial communication with the printer and control of it. It provides a generic layer that is independent from the user interface. AtCore can thus work with any interface, "including QML", she added. AtCore uses pure C++ with Qt for performance reasons. Rodrigues gave memory usage when printing as an example: Atelier requires 200MB of memory while other, similar programs may require 2GB. AtCore supports most open-source 3D-printer firmware using a plugin architecture to handle differences between different firmware implementations. Rodrigues showed at one point the list of the supported printer firmware, which corresponds to the list of supported printer models.
The second part of the team's work is the "test client": Atelier. However, it is a full 3D host system, not just a test program. It uses the KDE libraries in addition to Qt — and the AtCore library, of course. Rodrigues ran a demonstration of a number of Atelier features. The configuration she used included a laptop running Atelier and a small embedded system with the printer firmware. The demo included all stages of the printing process.
Akademy 2018 was hosted in TU WEIN university, Vienna from 11th to 17th August, 2018.Being part of this Akadmey gave me a chance and opportunity to meet all the fellow KDE contributors in person and socialize with them.
First two days some contributors gave presentations on their respective projects. Rest of the week was BoF (Bird of Feather) sessions, BoF sessions are great way to discuss things with other community members and gather feedback. There were also workshop sessions organized by KDE e.V. for community members.
macOS is a Unix-like Operating System so many of the features in Linux distros are similar to those that it offers. That notwithstanding, because it is Unix-like does not mean that it is Linux and for one reason or the other you may want to run a full-fledged OS.
The cloud computing company Red Hat wants to tap into blockchain for a system to track software usage, according to a recent patent filing.
The way Red Hat sees it, new marketing models for selling software on a cloud platform require new methods of tracking usage, and a blockchain may be able to efficiently store this information, Coindesk reports. The filing outlines how blockchain would track transactions across a given platform where each transaction represents an instance of a customer using the company’s products. Read more here.
Red Hat Enterprise Linux (RHEL) 7.6 Beta was released a few days ago and one of the first new features I noticed is Podman. Podman complements Buildah and Skopeo by offering an experience similar to the Docker command line: allowing users to run standalone (non-orchestrated) containers. And Podman doesn’t require a daemon to run containers and pods, so we can easily say goodbye to big fat daemons.
Podman implements almost all the Docker CLI commands (apart from the ones related to Docker Swarm, of course). For container orchestration, I suggest you take a look at Kubernetes and Red Hat OpenShift.
Cryptojacking attacks have been increasingly prevalent in 2018, even finding their way into the Ubuntu Linux software center. Mark Shuttleworth, the founder of Canonical and Ubuntu Linux, isn't too worried, though, as he has multiple technologies in place to mitigate risk.
In a video interview with eWEEK, Shuttleworth provides insight into the technologies that Ubuntu uses to help secure applications and users from multiple risks, including cryptojacking. In a recent cryptojacking attack in Ubuntu, applications were found to be conducting unauthorized cryptocurrency mining on user desktops. The issue was quickly resolved, serving as a proof point for the resilience of Ubuntu's Snap application packaging system for helping to keep systems updated.
"In the architecture of Snaps themselves we put a lot of work into being able to shape the container and define what the container is allowed to do," Shuttleworth said. "Any application that comes into the Snap Store has to be very explicit about all the things it wants to do."
The opportunity to capitalise on the internet of things is significant for many companies, but that doesn’t mean that it is a straightforward journey to success. Companies need to analyse their current business practices and evaluate where benefits can be gained – and for some this could be changing their business model in its entirety.
Device manufacturers are a prime example of this. With hardware commoditisation forcing their margins downwards and low-cost competitors applying increasing pressure, manufacturers need to build a sustainable business that brings in continuous revenue beyond the initial device sale. By devising a software-led strategy, device manufacturers can transition to new business models underpinned by IoT app stores and ecosystems of 3rd party ISVs (independent software vendors).
DFI’s Pico-ITX-based, DIN-rail mountable “EC900-FS6” mini-PC runs Linux or Android on an i.MX6 DualLite, and offers 2x GbE, 2x USB, 2x serial, mini-PCIe, and extensive ruggedization features.
A reader recently noted our excessive use of the term “rugged,” which is fair enough. In our defense, embedded gear is increasingly tolerant of wide temperature ranges, and to a lesser extent, excessive shock, vibration, and dust and water ingress. From now on, we will no longer use “rugged” to describe a system that has a wide temperature range without also offering other protections. We will, however, continue to apply it to systems like DFI’s i.MX6-based EC900-FS6 mini-PC, which is not only rugged, but quite compact at 143 x 96.4 x 34mm.
The VMC touch-panel PCs are designed for in-vehicle use in warehouses, ports, and other logistic and material applications. The systems support -30 to 60€°C temperatures with ambient air flow and offer 10% to 90% (non-condensing) humidity tolerance. Vibration resistance is rated at MIL-STD-810G, 514.6 Procedure 1, Category 4, and shock resistance complies with MIL-STD-810G, Method 516.6, Procedure I and V (crash hazard), says Nexcom.
Today we provide a technical update and demonstration of SMS and end-to-end encrypted XMPP messages on the chat application we’re developing, Chatty. But first, a bit of historical context…
Purism shared today about the work they are engaged in on supporting SMS messaging with their in-development Librem 5 smartphone.
For handling SMS messaging, Purism is developing an application they -- at least for now -- are calling Chatty. This Chatty code will effectively serve as a plug-in for libpurple (of Pidgin instant messaging fame) that interfaces with ModemManager. Libpurple of course supports many different messaging platforms/protocols and is most often associated with Pidgin but could be adapted by other clients.
The International Consumer Electronics Show (CES), which usually takes places in Las Vegas, is a place that many tech companies showcase their upcoming consumer electronics technologies. Tech breakthroughs have been experienced there since June 1967 (wow). This year at CES 2018, Skagen announced their first smartwatch – called the Falster. It was an admirable watch but did have some drawbacks, such as the poor battery life and some missing features. Now, several months later, the company is in the process of already releasing the Falster 2 and it starts shipping on September 12th. You can expect it soon.
[...]
Although this all may sound great, the Falster 2 is still powered by the quite old Snapdragon Wear 2100 chip and will become outdated pretty soon. If you’re still interested in buying the watch regardless, you can buy it at Skagen’s very own site. The silicone and leather band types cost $275 while the steel-mesh ones cost that little more at $295.
Red Hat and SUSE have withdrawn their support for OpenLDAP in their Enterprise Linux offers, which will be replaced by Red Hat’s own 389 Directory Server.
The openldap-server packages were deprecated starting from Red Hat Enterprise Linux (RHEL) 7.4, and will not be included in any future major release of RHEL. SUSE, in their release notes, have mentioned that the OpenLDAP server is still available on the Legacy Module for migration purposes, but it will not be maintained for the entire SUSE Linux Enterprise Server (SLE) 15 lifecycle.
Global ag-tech innovator Autogrow has unveiled an open-source root zone monitor as part of an "open-collaboration" platform.
“OpenMinder is a product that someone can build themselves, but more than that it represents where this industry is going with open-collaboration, APIs and a focus on water sustainability,” explains CEO Darryn Keiller.
“Governments and local legislators around the world are tightening the rules for growers when it comes to water usage and run-off. Growers need to use any and all tools at their disposal to ensure they are not only growing sustainably but have the data to back it up.”
OpenMinder is an open-source DIY project from Autogrow targeted to technology developers and for application with small growers. Released under a Creative Commons BY-NC-SA license, OpenMinder provides an open-source API used in conjunction with a Raspberry Pi HAT.
A recent tweet shared by Brave Software has uncovered yet another milestone the firm has attained. Since the launch of Brave, a total of 10 million downloads have been made through Google Play. This particular browser is unique as it not only focuses on one’s web surfing experience, but also prevents advertisements from further ruining it. Most importantly, content creators and regular users get compensated for their contributions (i.e. through Basic Attention Token or BAT).
The user-privacy oriented web browser has passed ten million downloads, a huge milestone for both Brave and the BAT team
You should likely be familiar with WebAssembly as the binary format for executing code within web pages that can be nearly as fast as running native machine code -- and certainly much faster than JavaScript. A new research project has been exploring running WebAssembly in the CPU's Ring 0 -- yes, the highest privileged state of the processor -- in the name of better performance.
In this series we are covering projects that explore what is possible when the web becomes decentralized or distributed. These projects aren’t affiliated with Mozilla, and some of them rewrite the rules of how we think about a web browser. What they have in common: These projects are open source, and open for participation, and share Mozilla’s mission to keep the web open and accessible for all.
[...]
We’re a team of people all over the world working on IPFS, an implementation of the distributed web that seeks to replace HTTP with a new protocol that is powered by individuals on the internet. The goal of IPFS is to “re-decentralize” the web by replacing the location-oriented HTTP with a content-oriented protocol that does not require trust of third parties. This allows for websites and web apps to be “served” by any computer on the internet with IPFS support, without requiring servers to be run by the original content creator. IPFS and the distributed web unmoor information from physical location and singular distribution, ultimately creating a more affordable, equal, available, faster, and less censorable web.
IPFS aims for a “distributed” or “logically decentralized” design. IPFS consists of a network of nodes, which help each other find data using a content hash via a Distributed Hash Table (DHT). The result is that all nodes help find and serve web sites, and even if the original provider of the site goes down, you can still load it as long as one other computer in the network has a copy of it. The web becomes empowered by individuals, rather than depending on the large organizations that can afford to build large content delivery networks and serve a lot of traffic.
These cars all count if you’re interested in usage. It’s all well and good to know the number of cars using your parking lot right now… but is it lower on weekends? Holidays? Are you measuring on a rainy day when fewer people take bicycles, or in the Summer when more people are on vacation? Do you need better signs or more amenities to get more drivers to stop? Are you going to have expand capacity this year, or next?
Yesterday we released the Firefox Public Data Report. Go take a look! It is the culmination of months of work of many mozillians (not me, I only contributed some early bug reports). In it you can find out how many users Firefox has, the most popular addons, and how quickly Firefox users update to the latest version. And you can choose whether to look at how these plots look for the worldwide user base or for one of the top ten (by number of Firefox users) countries individually.
It’s really cool.
The first two plots are a little strange, though. They count the number of Firefox users over time… and they don’t agree. They don’t even come close!
I didn’t want to write one of those “all@” goodbye emails. At best, they generate ambivalence, maybe some sadness. And maybe they generate clutter in the inboxes of people who prefer to their inboxes uncluttered. The point is, they don’t seem to improve things. I’m not sending one.
But I have taken the decision to leave Mozilla as a full-time employee. I’m leaving the industry, in fact. For the last 10 years, for everything I’ve learned, for the many opportunities and for the shared achievements, I’ve got nothing but gratitude towards my friends and colleagues. I cannot imagine I’ll work anywhere quite like this again.
Long before I joined Mozilla, it was the organisation that had restored my optimism about the future of tech. From the dark days of the dot-com crash and the failure of platform-independent client-side internet applications to live up to their initial promise (I’m looking at you, Java applets), Firefox showed the world that openness wins. Working here was always more than a job. It has been a privilege.
Siggen (sig-gen) is a Socorro-style signature generator extracted from Socorro and packaged with pretty bows and wrapping paper in a Python library. Siggen generates Socorro-style signatures from your crash data making it easier for you to bucket your crash data using the same buckets that Socorro uses.
Standup is a system for capturing standup-style posts from individuals making it easier to see what's going on for teams and projects. It has an associated IRC bot standups for posting messages from IRC.
This post is the final part of a three-part miniseries that looks at how we improved join performance in the CrateDB 3.0 release.
In part one of this miniseries, I went over the reasons we chose to implement the hash join algorithm as an alternative to the nested loop algorithm. With that initial set of changes in place, we were able to make joins up to two thousand times faster.
In part two, I explained how we addressed the memory limitations of the basic hash join algorithm with a switch to block-based processing. That is, dividing a large dataset up into smaller blocks that can be worked on separately. This change improved our performance gains by another 50%.
This brings us to the final set of changes.
IBM with its partners, Rocket Software and CA Technologies, have announced the launch of Zowe at the ongoing Open Source Summit in Vancouver, Canada. It is the first z/OS open source project, which is part of the Linux Foundation’s Open Mainframe Project community.
The "Commons Clause", which is a condition that can be added to an open-source license, has been around for a few months, but its adoption by Redis Labs has some parts of the community in something of an uproar. At its core, using the clause is meant to ensure that those who are "selling" Redis modules (or simply selling access to them in the cloud) are prohibited from doing so—at least without a separate, presumably costly, license from Redis Labs. The clause effectively tries to implement a "no commercial use" restriction, though it is a bit more complicated than that. No commercial use licenses are not new—the "open core" business model is a more recent cousin, for example—but they have generally run aground on a simple question: "what is commercial use?"
Redis is a popular in-memory database cache that is often used by web applications. Various pieces of it are licensed differently; the "Redis core" is under the BSD license, some modules are under either Apache v2.0 or MIT, and a handful of modules that Redis Labs created are under Apache v2.0, now with Commons Clause attached. Cloud services (e.g. Amazon AWS, Microsoft Azure, Google Compute Engine, and other smaller players) provide Redis and its modules to their customers and, naturally, charge for doing so. The "charge" part is what the adoption of the clause is trying to stamp out—at least without paying Redis Labs.
Our guests for this week’s Hack Chat will be Derek Kozel and Nate Temple, officers of the GNU Radio project. They’re also organizers of this year’s GNU Radio Conference. Also joining in on the Hack Chat will be Martin Braun, community manager, PyBOMBS maintainer, and GNU Radio Foundation officer.
We have had a few discussions about the RISC-V development (at the BozemanLUG meetings). Some Fedora folks have gotten Linux working on some of the RISC-V development boards. There appear to be several layers to the overall design from the low-end moving up. Can RISC-V ever become a viable, mainstream alternative? Time will tell... but at the very least, seeing such developments gives me some hope. Here's a somewhat mainstream "youtuber" talking about RISC-V and given the number of views so far, maybe the word / information will break through.
With all these shortcomings, the company has struggled under the father of Android, Andy Rubin. Sales estimations of the PH-1 have come in well below 200,000 units. Subsequently, the rumors have been rampant that the company is up for sale to get out from under its debts. Another struggle has been its proprietary accessory system. That’s the topic I’d like to take on in this post. Essential should open source its plans for mods.
If you follow 3D printing at all, and even if you don't, you've likely seen some of the recent controversy surrounding Defense Distributed and its 3D-printed firearm designs. If you haven't, here's a brief summary: Defense Distributed has created 3D firearm models and initially published them for free on its DEFCAD website a number of years ago. Some of those 3D models were designed to be printed with a traditional home hobbyist 3D printer (at least in theory), and other designs were for Defense Distributed's "Ghost Gunner"—a computer-controlled CNC mill aimed at milling firearm parts out of metal stock. The controversy that ensued was tied up in the general public debate about firearms, but in particular, a few models got the most attention: a model of an AR-15 lower receiver (the part of the rifle that carries the serial number) and "the Liberator", which was a fully 3D-printed handgun designed to fire a single bullet. The end result was that the DEFCAD site was forced to go offline (but as with all website take-downs, it was mirrored a million times first), and Defense Distributed has since been fighting the order in court.
The political issues raised in this debate are complicated, controversial and have very little to do with Linux outside the "information wants to be free" ethos in the community, so I leave those debates for the many other articles on this issue that already have been published. Instead, in this article, I want to use my background as a hobbyist 3D printer and combine it with my background in security to build a basic risk assessment that cuts through a lot of the hype and political arguments on all sides. I want to consider the real, practical risks with the 3D models and the current Ghost Gunner CNC mill that Defense Distributed provides today. I focus my risk assessment on three main items: the 3D-printed AR-15 lower receiver, the Liberator 3D-printed handgun and the Ghost Gunner CNC mill.
HHVM 3.28 is released! This release contains new language features, bugfixes, performance improvements, and improvements to the debugger and editor/IDE support.
HHVM 3.28 was released yesterday. This new release of the open-source virtual machine for executing programs written in Hack and PHP "contains new language features, bugfixes, performance improvements, and improvements to the debugger and editor/IDE support."
Facebook developers maintaining the HHVM interpreter for running PHP and Hack code have announced the HHVM 3.28.0 update.
HHVM 3.28 continues their theme of introducing minor language additions, various performance improvements, better debugging support, and different bug-fixes.
The MIT-developed programming language, Julia 1.0 has been officially released to the public. Julia has been in development by MIT for almost a decade and made its official public debut during JuliaCon, an annual conference of Julia users.
Julia 1.0 is a free open source programming language available worldwide. “Julia has been revolutionizing scientific and technical computing since 2009,” says MIT Professor Alan Edelman.
So rlife is a life library written in Rust. It aims at allowing to do manipulations on cellular automata, like computing the next generation of a CA, loading/saving a CA from/to a file, do various analysis on it (like locating the coordinates of a pattern, counting the number of living cells) and other manipulations. The main object of this library is the Gridthat represents the grid of the CA and it also stores all its properties (the file format used, the rulesets, the current size of the grid, etc…). This library could allow some developers to use CAs with a high level of abstraction and have the possibility to do many (in the future…) operations on it.
I’m happy to announce version 1.1.2 of cmocka, a unit testing framework for C with mocking support.
Steve Jobs and Steve Wozniak produced about 200 Apple-1 computers in the mid-1970s and around 60 of those are known to still exist today. Every so often one pops up at auction and manages to sell for a price that could easily purchase a home in most locations.
An original Apple 1, hand-built by Steve Wozniak in 1976, is up for auction in September. It’s expected to sell for $300,000 or more.
Steve Jobs and Wozniak only made 200 Apple 1 devices, making this an extremely rare piece of computer history. It was one of the first home computers that didn’t require soldering.
Dear developers of password managers, we communicate quite regularly, typically within the context of security bug bounty programs. Don’t get me wrong, I don’t mind being paid for finding vulnerabilities in your products. But shouldn’t you do your homework before setting up a bug bounty program? Why is it the same basic mistakes that I find in almost all password managers? Why is it that so few password managers get AutoFill functionality right?
Of course you want AutoFill to be part of your product, because from the user’s point of view it’s the single most important feature of a password manager. Take it away and users will consider your product unusable. But from the security point of view, filling in passwords on the wrong website is almost the worst thing that could happen. So why isn’t this part getting more scrutiny? There is a lot you can do, here are seven recommendations for you.
Kali Linux recently announced its third release of 2018. Version 2018.3 features several new tools: idb, an iOS research/penetration-testing tool; gdb-peda, Python Exploit Development Assistance for GDB; datasploit, OSINT Framework to perform various recon techniques; and kerberoast, Kerberos assessment tools. See the Change Log for more information on all the changes, and download Kali from here.
A deep dive into the unique requirements and ideal use cases of three important prevention and analysis technologies.
Networks, cyberattacks, and the strategies used to stop them are continuously evolving. Security deception is an emerging cyber-defense tactic that allows researchers and information security professionals to observe the behavior of attackers once they've gained access to what they think is a business network.
The term "security deception" only came into wide usage in the last year, so it can be difficult to tell how exactly these solutions are different from other tools that try to trick attackers, such as sandboxing and honeypots. Like these other tactics, security deception fools attackers and malicious applications into revealing themselves so that researchers can devise effective defenses against them, but it relies more on automation and scale, and requires less expertise to set up and manage. Each of these technologies has unique requirements and ideal use cases. To understand what those are, we'll need to look at each of them in more detail.
A zero-day flaw has been revealed by a Twitter user SandboxEscaper, for the Windows Task Scheduler in 64-bit Windows 10 and Windows Server 2016 systems. Apparently, this vulnerability is out in the wild, and there are no known patches or specific workarounds at present.
US-CERT has confirmed that the exploit works on 64-bit Windows 10 and Windows Server 2016 systems and is rooted in the Windows task scheduler.
Yesterday SandboxEscaper tweeted an local privilege escalation exploit for Windows, which currently has no patch. It’s a really neat flaw, in particular how it is exploited.
Security researchers from Qualys discovered a new username enumeration problem in the latest version of OpenSSH. It allows an attacker to try out various usernames on the server and determine which ones are valid. The vulnerability received tracking number CVE-2018-15919.
AT commands, originally designed in the early 80s for controlling modems, are still in use in most modern smartphones to support telephony functions. The role of AT commands in these devices has vastly expanded through vendor-specific customizations, yet the extent of their functionality is unclear and poorly documented. In this paper, we systematically retrieve and extract 3,500 AT commands from over 2,000 Android smartphone firmware images across 11 vendors. We methodically test our corpus of AT commands against eight Android devices from four different vendors through their USB interface and characterize the powerful functionality exposed, including the ability to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, and inject touch events solely through the use of AT commands. We demonstrate that the AT command interface contains an alarming amount of unconstrained functionality and represents a broad attack surface on Android devices.
According to a research, millions of Android devices from 11 OEMs are vulnerable to attacks from simple AT commands.
These AT commands or Attention commands are a short collection of strings which were designed to transmit via phone line and modems, back in the 1980s. Earlier, these commands were used for a modem dial-up, hang up, and change specific connection settings.
The Slackware Linux Project team has just released kernel updates for its Slackware version 14.2 which was initially released on the first of July this year. According to the advisory released with the updates, the new kernel packages made available are specifically drafted to mitigate several imminent and emerging security concerns in the operating system.
The American intelligence service, which claimed to have informants in Russia was bluffing, RIA “Novosti” the statement of former CIA officer, Executive Director of the American Council for the national interest Philip Giraldi.
“Senior intelligence officials never so simple and openly admit that they have sources rank high in the Kremlin,” said Giraldi.
War in the Middle East is every U.S. president’s own ice cream challenge. It seems as if they all declare at the outset of their term that they want to focus on a domestic agenda to grow economic prosperity at home. Americans and much of the world breathe a sigh of relief over the idea of break from war. Unfortunately, it never pans out because some kind of pretext for re-engagement inevitably materializes.
But what if an American president decided that even if the freezer conked out, melting all the ice cream, he still wasn’t going to rationalize the need to touch it?
No recent president has been able to do that. Instead, the melted ice cream — now basically a milkshake — beckons to them. Suddenly, they’re having nightmares about another country stealing and drinking their disgustingly warm milkshake, so they raid the broken freezer and gorge themselves.
Soon they discover that they’re in too deep and will never purge all those calories at the gym, so they double down by camping out in case more freezer items just happen to end up defrosting. Camp Leatherneck in Afghanistan’s Helmand Province didn’t come about much differently than Camp Busted Freezer.
The Washington Post (8/27/18) published an op-ed by conservative staff opinion columnist Jennifer Rubin praising the late Sen. John McCain for his supposed commitment to “human rights.”
Rubin waxed poetic on the ostensible “lost champion” of human rights, who “model[ed] for others the behavior of a free society.” She declared, quite paradoxically, “With the possible exception of the US military…no group was more indebted to Sen. John McCain (R-Ariz.) than the human rights community.”
There was an, er, optical problem, however: For the header image on this column, the Washington Post used a photo of McCain speaking next to the notorious Ukrainian neo-Nazi leader Oleh Tyahnybok.
Tyahnybok, a longtime fascist, has called for a war on the so-called “Muscovite-Jewish mafia” (BBC, 12/26/12). The far-right leader has attacked the role of “Jews-Bolsheviks” in his country’s history, and claims that there is still today a cabal of “Jewish oligarchs who control Ukraine” (JTA, 3/25/09).
John McCain met with Tyahnybok and stood next to him as the senator gave a speech in Ukraine in late 2013, as Business Insider (12/16/13) reported at the time. The Washington Post indicated in the caption on its header image that McCain was “wav[ing] to protesters during a mass rally of the opposition in Kiev, Ukraine, on December 15, 2013.” But it failed to identify the man standing next to the Arizona senator—or his extremist politics, which are the antithesis of human rights.
McCain was in the Eastern European nation—along with Democratic Senator Chris Murphy — to cheer on the ongoing right-wing protest movement. In February 2014, this movement was successful: Ukraine’s democratically elected, pro-Russian government was overthrown in a coup, in which fascist forces played a significant role (FAIR.org, 3/7/14).
[...]
Tyahnybok is far from a minor player in Ukraine. And since the US-backed coup, he has become increasingly influential.
Tyahnybok has been the leader of the fascist, ultra-nationalist Ukrainian political party Svoboda since its founding in 2004. Svoboda has its origins in the explicitly neo-Nazi Social-National Party of Ukraine, which proclaimed, “We are the last hope of the white race, of humankind as such.”
There is a long tradition in conservative politics for blaming video games whenever a mass shooting is carried out by a relatively young person. It's a monumentally stupid argument, given the complicated and twisted nature of mass shootings and the motivations behind them. But, since policy and politics are now offered merely in soundbite formats, the end result of a mass shooting is for every person to retreat to their familiar corners and make lots of noises that ultimately accomplish nothing but stagnation.
The mass shooting that happened in Florida recently could have been a different story. While it indeed happened at a video game tournament, the gamers involved were playing Madden, not some violent shoot 'em up. If playing a football video game makes people angry enough to shoot people, just wait until those decrying video game violence turn on their TVs on Sunday and realize that there are actual people playing the same game for real. There was no indication anywhere that this shooting was carried out by anything other than an individual that likely had some severe mental problems and access to weapons. And, yet, somehow Florida Attorney General Pam Bondi addressed this latest shooting by pivoting directly to the dangers of kids playing video games and the predators that will harm them.
After a mass shooting, pro-gun activists often reach for ways to explain how it could have happened yet again that isn’t “there too many people have guns and they’re too easy to get.” This weekend’s shooting in Jacksonville, FL, at a Madden video game tournament has proved to be no exception, with Florida Attorney General Pam Bondi supplying the obvious alternate explanation—it’s about video games—but with a fascinating twist.
For Julian Assange, the world’s most famous whistleblower, freedom could be dangerous.
As his residency at the Ecuadorian Embassy in London enters its seventh year, the self-styled cyber revolutionary – WikiLeaks’ founder and controversial publisher of some of the world’s most closely guarded official secrets – is facing a pair of converging crises that have left his allies fearing for his wellbeing and his safety.
Inside the embassy, he is living an increasingly secluded existence, having been stripped of his phones, computers and visitor privileges after running afoul of the very government that gave him asylum. Outside the embassy, he is embroiled in the global political scandal surrounding Russian efforts to interfere in the 2016 election, with questions about his role in that drama being raised by friends and foes alike.
The New Zealand opposition has called for US whistleblower Chelsea Manning to be banned from visiting the country to give a series of talks in September.
Manning was released from prison in May 2017 after being sentenced in 2013 in violation of the US Espionage Act for disclosing classified government documents to WikiLeaks.
She requires a special direction visa to visit New Zealand, and is subject to character provisions in section 15 of the Immigration Act 2009.
The National Party's call to shun Chelsea Manning is particularly callous, given the charges laid against her were all about speaking out, and she has paid a high price for doing so.
The former United States army intelligence analyst spoke, and continues to speak, backed by proof, about serious crimes committed by those in power.
What's more, she has already served seven incredibly hard years, at times in solitary confinement, in prison for this.
A new Department of Energy order that could be used to withhold information from a federal nuclear safety board and prevent the board from overseeing worker safety at nuclear facilities appears to violate longstanding provisions in the U.S. Atomic Energy Act, the board’s members said Tuesday.
Members of the Defense Nuclear Facilities Safety Board, both Democrats and Republicans, were united in their criticism of the Energy Department’s order, published in mid-May. It prevents the board from accessing sensitive information, imposes additional legal hurdles on board staff, and mandates that Energy Department officials speak “with one voice” when communicating with the board.
The Santa Fe New Mexican and ProPublica first reported on the order’s existence in July but the board called for a special hearing, saying its members had no formal input before the document was finalized.
At that hearing in Washington, D.C., Tuesday morning, the first of three on the topic, officials from the Energy Department and its National Nuclear Security Administration, which oversees the nation’s nuclear stockpile, said the changes were largely innocuous and were necessary to update a 17-year-old guidance manual.
Google Tez has been revamped, and its updates were announced at today’s ‘Google for India 2018’ event being held in New Delhi. Among other things, Tez has been renamed Google Pay, and users will also be able to pay instant loans through the service. As part of this service, Google will partner with leading banks.
Those who support progressive reform have the biggest stake in cleaning the stables, cracking down on the corruption, and making Washington accountable.
Sit back and relax! Because it seems like Trump vs. Google clash is going to continue a little longer.
Two days ago, we saw USA President Donald Trump accusing tech giant Google of promoting “bad news” against him in the search results; calling it “RIGGED.”
On Wednesday, Donald Trump escalated his war with major U.S. tech companies he and other prominent conservatives have been baselessly accusing of censoring right-wingers. In a video with an ominous soundtrack posted to his Twitter account, the president’s team accused search giant Google of featuring links to live streams of former President Barack Obama’s State of the Union addresses but not his.
Facebook users are complaining the company has removed the cross-posted tweets they had published to their profiles as Facebook updates. The posts’ removal took place following the recent API change that prevented Twitter users from continuing to automatically publish their tweets to Facebook. According to the affected parties, both the Facebook posts themselves, as well as the conversation around those posts that had taken place directly on Facebook, are now gone. Reached for comment, Facebook says it’s aware of the issue and is looking into it.
The changes went into effect starting August 1st. But it now appears that not only did Facebook disable the ability to use cross-posting between Twitter and its own social network on that date, but it also forcibly removed all the posts users had made using that feature. For users that may have been deleting their tweets but keeping a repository of the information on Facebook, where it’s more easily kept hidden from the public, it would seem the posts are gone for good.
The proposed law inserts Section 295AA to the IPC to provide: "whoever causes injury, damage or sacrilege to Sri Guru Granth Sahib, Srimad Bhagwad Geeta, Holy Quran and Holy Bible with the intention to hurt the religious feelings of the people, shall be punished with imprisonment for life." For the past few centuries, there has been a movement of ideas worldwide to separate religion from the state. Chief Minister Amarinder is seeking to revert this process of enlightenment.
[...]
In India, there has been a long tradition of free speech, which is now under attack from a range of forces who have roots in religion and institutions of the government in India. In 2017, a group of University of Lucknow students, including girls, spent three weeks in jail for showing black flags to Chief Minister Yogi Adityanath. Indian youths are being imprisonment for posting political comments on Facebook and other social media. This is an attack on our democratic tenets.
In a wide-ranging interview on The Vergecast this week, Microsoft president and chief legal officer Brad Smith expanded on why the company nearly shut down Gab.ai, the “free-speech” absolutist platform that’s become an alt-right favorite.
Earlier this month, Microsoft sent a notice to Gab threatening to end the company’s Azure cloud service if it did not remove two anti-Semitic hate speech posts within 48 hours. The notice, which Gab said would cause the social network to “go down for weeks/months,” sent the social network’s operators into a frenzy. But Smith said Microsoft headquarters in Redmond, Washington, was asleep when the notice was sent.
[...]
The posts, which advocated for genocidal violence against Jewish people, were removed by the poster before Microsoft’s takedown deadline. “Whoever made that call while we were sleeping made the right call,” Smith said.
WhatsApp had recently announced that Android users will be able to store their chats on Google Drive starting from November 12, 2018.
Those backups won’t be counted towards Google Drive’s storage quota. But WhatsApp has warned that the free backup service offered by Google will no longer be protected with end-to-end encryption.
On Monday, the Second Circuit Court of Appeals in New York held argument in United States v. Hasbajrami, an important case involving surveillance under Section 702 of the FISA Amendments Act. It is only the second time a federal appeals court has been asked to rule on whether the government can collect countless numbers of electronic communications—including those of Americans—and use these communications in criminal investigations, all without a warrant. In a lengthy and engaged argument [.mp3], a three-judge panel of the Second Circuit heard from lawyers for the United States and the defendant Agron Hasbajrami, as well as from ACLU attorney Patrick Toomey representing ACLU and EFF, which filed a joint amicus brief in support of the defendant. As we explained to the court in our amicus brief and at the argument, this surveillance violates Americans' Fourth Amendment rights on a massive scale.
Hasbajrami is a U.S. resident who was arrested at JFK airport in 2011 on his way to Pakistan and charged with providing material support to terrorists. Only after his conviction did the government explain that its case was premised in part on emails between Hasbajrami and an unnamed “Individual #1”—a foreigner associated with terrorist groups—obtained using PRISM, one of the government’s Section 702 programs.
Under Section 702, the government is authorized to warrantlessly intercept private online communications of foreigners located outside the U.S., an authority that the government claims extends to conversations between foreigners and Americans, so long as it doesn’t intentionally target specific Americans.
The Federal Cartel Office objects in particular to how Facebook acquires data on people from third-party apps - including its own WhatsApp and Instagram services - and its online tracking of people who aren’t even members.
Birts pays $30 per day – that’s $840 per month – for the privilege of wearing the bulky device. It sucks up all his income, leaving him homeless and sleeping in his Ford Escape in Oakland.
[...]
Edwards is using the legal system to fight back. He is part of a class-action lawsuit against LCA and Alameda county, filed in early August, which accuses the county of allowing a private company to make profit-driven decisions about people’s freedoms, denying them due process. It accuses LCA of extorting fees from people through the threat of incarceration, in violation of federal racketeering laws.
Passwords and PINs still beat fingerprints when it comes to the Fifth Amendment. But just barely. Nothing about the issue is settled, but far more cases have been handed down declaring fingerprints to be non-testimonial. Fingerprints are obtained during the booking process -- a physical, traceable representation of the suspect. If they can be obtained during booking, they can certainly be obtained again to unlock a device. A physical aspect of a human being can't be considered "testimonial" as far as courts have interpreted the Fifth Amendment.
Passwords are a different story, but not by much. In a handful of cases, courts have said the compelled production of passwords and PINs has no Fifth Amendment implications. Defendants, conversely, have argued compelled password production forces them to testify against themselves by facilitating the production of evidence to be used against them.
This argument hasn't had much success. Judges have frequently found password production to be just as non-testimonial as a person's fingerprint. The argument here is that all law enforcement wants is a password, not the production of evidence. Under the "foregone conclusion" theory, all the government has to prove is that the person being asked to unlock a device can unlock the device.
This decouples password production from its consequences: the production of evidence by defendants that the government will use against them in court. When this theory is applied, the Fifth Amendment is sidelined and replaced with the ultra-low bar of foregone conclusion.
However, the company has now confirmed that the act of encrypting the data between WhatsApp and Google is not part of the end-to-end encryption that the company offers for its conversations.
The criminal case arose from Ceglia’s conduct related to a2010 civil lawsuit he had filed against Zuckerberg.
Ceglia claimed that Zuckerberg had, while a student at Harvard University, signed a 2003 contract giving him half of a planned social networking website that later became Facebook.
In a new court filing submitted last week, federal prosecutors said that a criminal defendant accused of attempting to extort Facebook itself has now been arrested in Ecuador.
€That man, Paul Ceglia, has been a fugitive since 2015. At that time, he cut off his ankle monitor and fled with his wife, kids, and dog. The American government is now trying to extradite Ceglia.
Your phone is training you to be its servant. Here’s how to fight back.
In her keynote "Blessed by the algorithm - the computer says no!" Lorena detailed the intersection of ethics and technology when it comes to automated decision making systems. As much as humans with a technical training shy away from questions related to ethics, humans trained in ethics often shy away from topics that involve a technical layer. However as technology becomes more and more ingrained in everyday life we need people who understand both - tech and ethical questions.
Lorena started her talk detailing how one typical property of human decision making involves inconsistency, otherwise known as noise: Where machine made decisions can be either accurate and consistent or biased and consistent, human decisions are either inconsistent but more or less accurate or inconsistent and biased. Experiments that showed this level of inconsistency are plenty, ranging from time estimates for tasks being different depending on weather, mood, time of day, being hungry or not up to judges being influenced by similar factors in court.
Here’s a speech I gave for the Ron Paul Institute Peace and Prosperity Conference titled “How To Win A Grassroots Media Rebellion“. The audio feed for this recording doesn’t pick up the audience, so when you see me pausing with a delighted look on my face it’s because people are applauding, not because I’m having a stroke.
One of the primary differences between this year’s prison strike for basic human rights and dignity and the one that took place in 2016 is the level of media attention it has attracted.
Far more journalists are paying attention this year, but rather than examine the message of the strike seriously, several outlets—especially those claiming to specialize in these issues—are more concerned with interrogating the messengers. It is as if the prison strike might be a stunt by conniving prisoners and backed by clueless activists—both which want to see their names splashed all over the internet.
A quintessential example of this came from the Marshall Project, a nonprofit news organization that was founded by former hedge fund manager Neil Barsky in 2014. The organization prides itself on being a credible and reliable source of information on everything from prisons to police and the courts. According to their website, they “[seek] to create and sustain a sense of national urgency about the U.S. criminal justice system.”
The Marshall Project managed to get out in front of other mainstream reporting on the prison strike, establishing themselves as an expert source for interviews and insights on the action. Reporting fellow, Nicole Lewis, was invited on popular national media platforms to discuss her piece, “What’s Really Happening With The Prison Strike?”
But Lewis’s article is littered with prejudice and innuendo that casts doubt on the legitimacy and trustworthiness of strikers and their outside supporters. It includes the perspectives of activists, but plays into biases against incarcerated people by suggesting they might not be telling the truth about their struggle for human rights.
The article from the Marshall Project appears to be a fact check of the prison strike. “Some outlets simply reported unchecked information put out by the outside strike organizers,” Lewis writes, without naming any particular outlets. But the only “unchecked information” Lewis seems to highlight is the number of prisons participating.
Lewis clearly believes organizers are exaggerating the extent of the strike. Yet, by focusing on this aspect, she ignores the demands and the conditions that fueled the latest round of resistance.
Trump’s pick for the Supreme Court has a record of extreme deference to the executive on national security cases, including unlawful detention.
A week before his confirmation hearing, the public record on Judge Brett Kavanaugh’s possible involvement in some of the Bush administration’s most abusive policies and programs is woefully incomplete.
Kavanaugh, President Trump’s nominee for the Supreme Court, served in the White House soon after 9/11 when the Bush administration launched many of its most infamous programs in the name of national security. Leading senators have said that, during his 2006 confirmation hearing for the D.C. Circuit Court of Appeals, Kavanaugh may have provided misleading or inaccurate information about his involvement in developing those policies. Senators have rightly called for access to and public release of all documents from his White House stint, so we know any role he might have played in developing or reviewing the Bush administration’s torture, detention, and surveillance programs.
But despite these holes, Kavanaugh does have a well-developed record in cases involving national security, civil liberties, and human rights from his time on the D.C. Circuit. That record shows extreme deference to presidential claims to act unchecked in the name of war or national security. It also demonstrates hostility to international law as a constraint on government action as well as an unwillingness to hold the government to account when it violates the constitutional and human rights of U.S. citizens and noncitizens.
For several years now, there have been a parade of articles examining the "churn and burn" culture at Amazon. For example a 2015 New York Times piece profiled the "bruising" culture at the company while noting that employees weeping at their desk was not an uncommon sight. And while the profile was contested by some employees at the company, a substantial number of different reports have also highlighted the poor working conditions in Amazon distribution warehouses, including employees having to pee in garbage cans for fear of missing targets by going to a proper restroom.
Hoping to correct the "public perception" of poor working conditions at the company's warehouses, Amazon executives have crafted a new "solution" to the problem. They've started paying some warehouse employees to create Twitter accounts and speak positively of not only their working experiences, but CEO Jeff Bezos.
The new tariff, announced last week, will be collected through mobile phone companies and [I]nternet service providers. The fee will be charged at a daily rate at 30 ngwee (3c) per day, irrespective of how many [I]nternet calls are made, explained minister of information and broadcasting Dora Siliya.
Internet has become important for civil society in Zambia, and activists worry the tax will curtail freedom of expression.
€"We have noted that it’s part of the systematic attempt by the state to stifle freedom of expression online. This is an assault to freedom of expression and association," said Richard Mulonga, head of the online rights group Bloggers of Zambia.
CJAC’s robocalls ares not the only campaign spreading scary claims about soaring cell phone bills: ads on Facebook and Twitter, as well as physical flyers opposing the net neutrality bill and paid for by AT&T-backed advocacy group CALInnovates have been reported across California.
With the bipartisan majority of Americans supporting net neutrality, the broadband industry often has to resort to outright falsehoods to try and make its case that we don't need net neutrality rules (or any meaningful oversight of natural telecom monopolies). From paying civil rights groups to parrot industry positions to hiring fake journalists to deny the obvious, the broadband industry has a long, proud, multi-decade history of using outright bullshit to scare the public, press and regulators away from the idea of net neutrality.
The latest case in point: after AT&T lobbyists successfully sabotaged initial efforts to pass new net neutrality rules in California, the state this week revisited the effort with a new vote on the state assembly floor. In a bid to try and scuttle the effort, an AT&T-linked group by the name of Civil Justice Association of California (CJAC) has been robocalling senior citizens in the state, informing them that their cell phone bill will jump $30 if the new rules pass.
My broader point, then, is that how we consider the effect of data driven works will depend a lot on how we view creativity.
[...]
To be clear, Raustiala and Sprigman don't say anything that contradicts my intuitions here. They make clear that creativity is on a continuum, and that data merely slides to one side. But they do question how viewers will perceive works, and it is there that I disagree with them. I suppose that we could hit that limit where everything is automated, but my gut says that despite having preferences for particular story aspects, viewers will always be able to separate the wheat from the chaff (though not the way I would - as just about every American Idol vote shows) and thus will always look for something new and different within their preferences. At least, I sure hope so.
Mexico’s industrial property law has been amended to include more types of trade marks. It also introduces some small changes that bring Mexico’s trade mark system more in line with the US and beyond
We have talked in recent years how the scourge of copyright trolling has hit the nation of Denmark particularly hard. While trolling operations started off about the same as they do elsewhere in the world, their requests to unmask ISP customers soon ramped up to enormous levels. It was enough to turn two ISP rivals into allies, with Telenor and Telia fighting in court for their respective customers' privacy rights. After an initial loss, the companies appealed up the legal chain and managed to get a win with the court siding with the ISPs' privacy concerns over the copyright trolls' nefarious business model. After that, one of the copyright trolls appealed to Denmark's Supreme Court, hoping to reverse the decision once again.
Earlier this week, we wrote about how the USTR itself appeared to be totally confused about its own NAFTA-replacement agreement with Mexico in the "Intellectual Property" section, in that it was reporting that the agreement included copyright in some works for "75 years" in places and "life + 75 years" in other places, and acted as though they were the same thing. The USTR seemed legitimately confused over this issue, which did not give people much confidence that it knew what it was doing in these negotiations on the intellectual property questions. However, since that issue appeared to be one of pure confusion, which should be easily fixed in the final text, we should put our attention more towards the actual problems with what the USTR appears to be doing here.
We don't yet have the full text -- though that should be available soon -- but from the USTR's fact sheet there are many reasons to be concerned that this agreement is a massive handout to Hollywood and patent trolls, and against innovation.
The owner of an adult foster care home who operated an open WiFi network has booked a big win against a copyright troll. Thomas Gonzales was accused of downloading the Adam Sandler movie The Cobbler but won $17k last year after being wrongfully targeted. The case went to appeal and in a ruling handed down yesterday by the Ninth Circuit Court of Appeals, Gonzales emerged victorious again.
The case involved well known copyright trolling lawyer Carl Crowell representing Cobbler Nevada LLC. As we discussed in our article on the district court decision, the actions in this case were particularly nefarious. Crowell quickly learned that the IP address in question belonged to an adult foster care home, but decided to go after the operator, Thomas Gonzales, even though he was aware that any of the many residents or staff may have actually been responsible for the infringement. Gonzales (reasonably) refused to just cough up the names and details of residents and staff without a court order, and Crowell's response was just to go after Gonzales directly. But the facts of this case made it especially easy for the lower court to highlight how a mere IP address is not nearly enough to allege infringement.
Over eight years of feuding between Oracle and Google over the use of Java code in Android may be nearing its end following a Tuesday court ruling.
The US Federal Circuit Court of Appeals has declined [PDF] to re-hear the case in which it found Google to be in violation of Oracle’s copyright on Android API code. The Chocolate Factory faces a demand from Oracle for $8.8bn in damages.
Tuesday’s ruling means that the only remaining hope for Google to avoid a massive payout to Oracle is a hearing and decision from the US Supreme Court, something Google said it will pursue after today's verdict.
"We are disappointed that the Federal Circuit overturned the jury finding that Java is open and free for everyone," Google told The Register.
Google has already said it will appeal to the Supreme Court in the latest development in the dispute over unauthorised use of 37 packages of Oracle’s Java application programming interface
While most of the attention on the upcoming votes around the EU Copyright Directive is on the mandatory filters found in Article 13, we should be just as concerned about the link tax in Article 11. European publishers have been flat out lying about the proposal, which is little more than an attempt to just demand cash from Google and Facebook.
We've already explained why this is a bad idea. And it's not a theoretical issue either. This very same proposal has been tried in Germany and Spain and it failed miserably in both places, to the point of doing serious damage to traffic to news sites, without increasing revenue.
Unfortunately, it appears that at least some journalists don't want to hear about the facts. AFP's Baghdad Bureau Chief, Sammy Ketz has pieces in the Guardian and La Stampa (and possibly elsewhere) making an impassioned -- if somewhat confused -- plea in support of Article 11.
The reasoning is fuzzy, because there is no legitimate basis for Article 11, but Ketz basically says "there are fewer reporters these days, because news orgs are failing, but Google and Facebook have lots of money, so Article 11 is important, because they'll give us money." Really.