Bonum Certa Men Certa

Links 10/10/2018: Unreal Engine 4.21 Preview, Red Hat Openshift Container Platform 3.11

GNOME bluefish



  • Linux-Based Airtame 2 Offers an Enterprise Alternative to Chromecast
    One category that often gets overlooked in the discussion of Linux computers is the market for HDMI dongle devices that plug into your TV to stream, mirror, or cast content from your laptop or mobile device. Yesterday, Google announced an extensively leaked third-gen version of its market-leading, Linux-powered Chromecast device. The latest Chromecast upgrades the WiFi radio to 5GHz and adds 2.4GHz Bluetooth while also overhauling the physical design.

    Here, we look at a similar Linux-based HDMI dongle device that launched this morning with a somewhat different feature set and market focus. The Airtame 2 is the first hardware overhaul since the original Airtame generated $1.3 million on Indiegogo in 2013. The new version doubles the RAM, improves the Debian Linux firmware, and advances to dual-band 802.11a/b/g/n/ac, which is now known as WiFi 5 in the new Wi-Fi Alliance naming scheme that accompanied its recent WiFi 6 (ax) announcement.

  • Desktop

    • Microsoft Explains Why Windows 10’s October 2018 Update Was Deleting People’s Files
      Microsoft halted the Windows 10 October 2018 Update because it was deleting some people’s files. Now, Microsoft has fixed the problem and explained what happened.

      As Microsoft’s John Cable explains in a post on Microsoft’s Windows Blog, the problem was with the “Known Folder Redirection” feature. This is the feature that lets you move a known folder like C:\Users\Name\Downloads to D:\Downloads, for example. Other folders you can move include Desktop, Documents, Pictures, and Videos.

      After the April 2018 Update, some people who had previously used this feature reported an extra empty copy of the original folder. For example, an empty copy of the original C:\Users\Name\Downloads folder appeared. So, to solve the problem, Microsoft introduced code that would delete those old, empty folders.

  • Server

    • 5 alerting and visualization tools for sysadmins
      You probably know (or can guess) what alerting and visualization tools are used for. Why would we discuss them as observability tools, especially since some systems include visualization as a feature?

      Observability comes from control theory and describes our ability to understand a system based on its inputs and outputs. This article focuses on the output component of observability.

      Alerting and visualization tools analyze the outputs of other systems and provide structured representations of these outputs. Alerts are basically a synthesized understanding of negative system outputs, and visualizations are disambiguated structured representations that facilitate user comprehension.

    • Add It Up: FaaS ≠ Serverless

      Using FaaS for isolated use cases or playing with it test environments does not require an organization to rethink the way it writes code or manages infrastructure. But, without re-factoring an application, FaaS can easily increase computing costs when scaled for production use. With many other challenges arising when FaaS moves into production, it is not surprising that almost all organizations with broad deployments are using unique architectures for serverless applications.

  • Kernel Space

    • Linus' Behavior and the Kernel Development Community

      On September 16, 2018, Linus Torvalds released the 4.19-rc4 version of the kernel, and he also announced he was taking a break from Linux development in order to consider his own behavior and to come up with a better approach to kernel development. This was partly inspired by his realization that he wasn't looking forward to the Kernel Summit event, and he said that "it wasn't actually funny or a good sign that I was hoping to just skip the yearly kernel summit entirely."

    • bpftrace, a DTrace like tool for Linux now open source
      bpftrace is a DTrace like tool for troubleshooting kernel problems. It was created about a year ago by Alastair Robertson and the GitHub repository was made public recently. It has plenty of features to relate it to DTrace 2.0.
    • Linux 4.18.13
    • Linux 4.14.75
    • Linux 4.9.132
    • Linux 4.4.160

    • A Look At Linux Application Scaling Up To 128 Threads
      Arriving last week in our Linux benchmarking lab was a dual EPYC server -- this Dell PowerEdge R7425 is a beast of a system with two AMD EPYC 7601 processors yielding a combined 64 cores / 128 threads, 512GB of RAM (16 x 32GB DDR4), and 20 x 500GB Samsung 860 EVO SSDs. There will be many interesting benchmarks from this server in the days and weeks ahead. For some initial measurements during the first few days of stress testing this 2U rack server, here is a look at how well various benchmarks/applications are scaling from two to 128 threads.
    • Linux Kernel Patches Posted For Streebog - Crypto From Russia's FSB
      Just months after the controversial Speck crypto code was added to the Linux kernel that raised various concerns due to its development by the NSA and potential backdoors, which was then removed from the kernel tree, there is now Russia's Streebog that could be mainlined.

      The Streebog cryptographic hash was developed by Russia's controversial FSB federal security service and other Russian organizations. Streebog is a Russian national standard and a replacement to their GOST hash function. Streebog doesn't have as much controversy as NSA's Speck, but then again it's not as well known but there is are some hypothetical attacks and some papers have questioned some elements of the design. Streebog is considered to be a competitor to the SHA-3 standard from the NIST.

    • The Linux Kernel In 2018 Finally Deems USB 3.0 Ubiquitous Rather Than An Oddity
      The latest news in the "it's about darn time" section is the Linux kernel's default i386/x86_64 kernel configurations will finally ship with USB 3.0 support enabled, a.k.a. CONFIG_USB_XHCI_HCD.

      For many years now pretty much all Linux distribution vendor kernels have been shipping with CONFIG_USB_XHCI_HCD enabled either built-in or as a module... But built-in is pretty much the best to avoid potential issues at start-up time. As of this week, CONFIG_USB_XHCI_HCD=y is finally set for the default configurations on the x86/x86_64-based kernel builds should you be spinning up a defconfig kernel.

    • "Thermal Pressure" Kernel Feature Would Help Linux Performance When Running Hot
      Linaro engineer Thara Gopinath sent out an experimental set of kernel patches today that introduces the concept of "thermal pressure" to the Linux kernel for helping assist Linux performance when the processor cores are running hot.

      While the Linux CPU frequency scaling code already deals with the event of CPU core(s) overheating as to downclock/limit the frequency, the kernel's scheduler isn't currently aware of the CPU capacity restrictions put in place due to that thermal event.

    • Containers are Linux
      Linux is the core of today’s operating system open source software development, and containers are a core feature of Linux. Linux containers and the Kubernetes community supporting them enable agencies to quickly stand up, distribute and scale applications in the hybrid clouds supporting the IT architecture of today’s digitally transformed government.

      But agencies need more than the speed and flexibility of containers and the power of Kubernetes to take full advantage of today’s hybrid cloud environment. They need open source enterprise software with full lifecycle support and a full complement of hardware certifications to ensure portability across platforms.

    • Linux Foundation

      • ​Cloud Foundry embraces Kubernetes
        Cloud Foundry, a prominent open-source Platform-as-a-Service (PaaS) cloud, isn't giving up on BOSH its tool chain for release engineering, deployment, and life-cycle management of large scale distributed services. But Cloud Foundry is making it easier to use Kubernetes both independently and as part of BOSH.

        The Cloud Foundry Foundation is doing this by accepting two new projects: Eirini and CF Containerization. This comes after last year's adoption of Cloud Foundry Container Runtime (CFCR), which started Cloud Foundry's integration of Kubernetes. CRCR makes it possible to deploy and manage Kubernetes clusters using the BOSH release engineering tool chain.

      • The Linux Foundation – Open Networking Summit Europe: Integrate | Automate | Accelerate
        The first Linux Foundation’s Open Networking Summit Europe 2018 was recently held in the Amsterdam RAI Convention Centre. This modern venue was just 10 minutes by train from Schiphol Airport with excellent transport links to the city center via a conveniently located newly opened metro station, as well as frequent buses and trams.

    • Graphics Stack

  • Applications

    • UberWriter – A Feature-Rich GTK+ Markdown Editor

      One of the reasons Markdown is a very popular language is its flexibility. It is used by people from different walks of life including lecturers, research scientists, web developers, bloggers, and technical writers and developers are doing a good job of making various app choices available to the public.

      Today, we’re adding yet another Markdown editor to our list and it is one we suggest that you check out.

      UberWriter is free, open-source, GTK-based, and filled with tons of features that make writing, especially in Markdown, a stress-free experience. It was developed by one who enjoys writing in Markdown and decided to create an app that will make the experience enjoyable for others.

      UberWriter features a clean, modern, minimalist UI with a hamburger menu in its toolbar. In the bottom bar, it displays the word and character count on the right, and its screen modes on the left, Focus Mode, Fullscreen, and Preview.

    • Excellent Free DICOM Viewers – Medical Imaging Software
      DICOM (an acronym for Digital Imaging and Communications in Medicine) is a worldwide standard in Health IT and is provided by the National Electrical Manufacturers Assocation (NEMA). It’s the standard open image format used to handle, store, print and transmit information in medical imaging. This standard specifies the way medical images and metadata like study or patient related data are stored and communicated over different digital medias.

      DICOM is a binary protocol and data format. The binary protocol specifies a set of networking protocols, the syntax and specification of commands that can be exchanged with these protocols, and a set of media storage services. It’s an entire specification of the elements required to achieve a practical level of automatic interoperability between biomedical imaging computer systems—from application layer to bit-stream encoding.

      DICOM files can be exchanged between two entities that are capable of receiving image and patient data in DICOM format.

    • Encrypted Evernote Alternative Turtl v0.7 Includes Rewritten Server, New Spaces Feature
      Turtl was updated to version 0.7 yesterday, the new release shipping with a rewritten server, among other changes. I'll cover the new version in the second part of this article, after an introduction to Turtl.

      Turtl is a "secure, encrypted Evernote alternative". The free and open source tool, which is considered beta software, can be used to take notes, save bookmarks, store documents and images, and anything else you may need, in a safe place.

      There are Turtl applications available for Linux, Windows, macOS and Android, while an iOS application should also be available in the future. Chrome and Firefox extensions are available to easily bookmark the page you're on, great for quickly saving sites for later.

      The Turtl developers offer the service (hosted server) for free, but a premium service is planned for the future. However, the Turtl server is free and open source software, so you can install and use your own instance.

    • Weblate 3.2.1
      Weblate 3.2.1 has been released today. It's a bugfix release for 3.2 fixing several minor issues which appeared in the release.

    • Instructionals/Technical

    • Games

      • RocketWerkz have confirmed their plans to do a Linux version of Stationeers
        A good bit of news to wake up to today! Stationeers a space station construction and management game from developer RocketWerkz should be coming to Linux.

        In their official FAQ on Steam, the developer noted that if it sold at least 300K copies a Linux version would be considered. Someone then made a post on Steam last year, full of users requesting a Linux version of Stationeers. Six pages of replies later, the developer replied a few hours ago with a link to this new post (also added to their FAQ now) confirming their intent to make a Linux version now.

      • Between the Stars looks like an incredible spaceship action game, coming to Linux
        Between the Stars, a spaceship action game with 'traces of RPG, management and roguelike elements' looks set to come to Linux.

      • Off Grid gives you data as your weapon in this stealth hacking game, now crowfunding with Linux support

        I covered this before briefly back in April, as the developer seemed committed to providing a Linux version. Sadly, the demo is currently only on Windows and Mac but I did speak to the developer today where they told me a Linux demo is now a priority with the Kickstarter being live. They've unfortunately had some last minute issues they're trying to solve, so hopefully it won't be long. Update: As the developer noted in our comments, the demo is now on

      • Mark of the Ninja: Remastered is out on Steam with Linux support
        Mark of the Ninja: Remastered, the relatively small upgrade over the original is now out with Linux support on Steam.

        Unlike a lot of remasters, Mark of the Ninja: Remastered isn't actually that big of an upgrade overall. It does include enhanced visuals that are no longer compressed down to 720p as it supports up to 4K now. It also has improved character and background art proving some clearer details along with remastered cinematics. On top of that, there's also 5.1 audio support and the Special Edition DLC is also now included as standard.

      • Timespinner, the fun metroidvania is now available on GOG with a Linux build
        After the release on Steam late last month, Timespinner is now available DRM free on GOG for more of you to go exploring. They have the latest patch build too with a couple of bug fixes. Note: Key provided by GOG.

      • XCOM 2: War of the Chosen - Tactical Legacy Pack DLC Out Now for Linux and macOS
        As promised, UK-based video games publisher Feral Interactive released today the Linux and macOS port of the XCOM 2: War of the Chosen - Tactical Legacy Pack DLC on Steam.

        The XCOM 2: War of the Chosen - Tactical Legacy Pack is a massive downloadable content (DLC) for the XCOM 2: War of the Chosen expansion pack for the XCOM 2 turn-based tactics video game. It brings two new gameplay modes, Legacy Ops and Skirmish Mode, as well as an Offline Challenge Mode.

      • XCOM 2: War of the Chosen - Tactical Legacy Pack out now and with Linux support right away
        It seems Feral had a bit of a surprise in store for us, as XCOM 2: War of the Chosen - Tactical Legacy Pack has released today and the Linux version is out.

        When it was announced, Feral Interactive said it would be available "shortly after the Windows release" and they certainly weren't kidding as it only released for Windows today too! Seriously good stuff from Feral, this is the way it should be with no waiting around. Really pleased they were able to do this for Linux gamers!

      • The Humble Discovery Pack is out with three nice Linux native games
        Another week, another bundle of games for you! The Humble Discovery Pack is now live with three nice Linux native games.

      • According to Kotaku, Microsoft is close to buying Obsidian
        In what could be a blow to Linux gamers who are fans of Obsidian RPGs, Microsoft is apparently close to acquiring the studio.


        Naturally, this will be a worry to Linux gamers since this could mean future Obsidian titles may not arrive on Linux like they have before. Obsidian has given Linux fans Pillars of Eternity, Pillars of Eternity II and Tyranny recently so it would be a huge shame not to have their next story-driven RPG land on Linux.

        Microsoft acquiring anyone always makes me feel quite uneasy, since they could end up requiring future games they publish to be exclusive to their own store therefore locking out Steam. At least if they stayed on Steam and didn't do a Linux version (for whatever reason) of their next set of games, we would have Steam Play's Proton so it wouldn't be such a major issue.

      • Sources: Microsoft Is Close To Buying Obsidian
        “We do not comment on rumors or speculation,” said a Microsoft spokesperson.

      • Unreal Engine 4.21 Preview Brings Some Linux Improvements
        Epic Games announced the debut today of the Unreal Engine 4.21 public preview.

        Unreal Engine 4.21 has been working on improvements around animation compression, a variety of audio updates, improved performance in the Unreal asset cooking process, various framework updates, improved IPv6 support, DDoS detection/mitigation for game servers, and finally there is support for shader pipeline caching. For those interested in VR, Unreal Engine 4.21 also has experimental support for the SteamVR Input subsystem.

      • Unreal Engine 4.21 Preview
        Preview 1 of the upcoming 4.21 release is available now on the Launcher and GitHub. We are making this Preview available so that our developer community can try our new features and help us catch issues before the final release. As fixes are implemented, we will release updated previews throughout the development cycle.

  • Desktop Environments/WMs

    • K Desktop Environment/KDE SC/Qt

      • KDE Plasma 5.14 Released: What’s New In The Popular Linux Desktop
        Plasma is one of the most popular Linux desktop environments around; it’s loved by new open source enthusiasts and veterans alike. To bring a fresh and updated experience to the users, the KDE Project keeps bringing newer versions of the Plasma desktop from time to time.

        The latest Plasma release 5.14.0 has just been pushed and it brings obvious bug fixes and new features. So, let’s tell you about them in brief.

        For Plasma 5.14, the developers have worked a lot to improve Discover — Plasma’s software manager and add-on installer. With the new fwupd support, you can now use it to update your PC’s firmware.

      • Cleaning up the Cruft in KDE’s Bugzilla
        We know this is a problem, and some steps have been taken recently to attempt to reduce this. Not long ago, Nate Graham proposed a cleanup of our plasma4 product, which closed 4,000+ bugs. Most of the bugs there were very old and no longer relevant, due to the introduction of Plasma 5 four years ago. While that was a good step in the right direction, we have many, many more products.

    • GNOME Desktop/GTK

      • GNOME Plans to Retire Application Menus from the GNOME 3.32 Desktop Environment
        With the recent release of the GNOME 3.30 "Almería" desktop environment, which already got its first point release and hit the stable repositories of some of the major GNU/Linux distributions, GNOME 3.32 "Taipei" has now entered development and the first milestone should hit the testing channels later this week.

        We don't know much about the new features and improvements coming to the GNOME 3.32 desktop environment, due for release next year on March 13, 2019, but it looks like one existing feature won't be available anymore in this upcoming release, as developer Allan Day announced the deprecation of application menus.
      • GNOME 3.32 Planning To Retire Application Menus

      • Usability testing with Outreachy
        I've volunteered with Allan and Jakub to mentor more GNOME usability testing in the next cycle of Outreachy, from December 4, 2018 to March 4, 2019. Outreachy expressly invites applicants from around the world who are women (both cis and trans), trans men, and genderqueer people.

        Interns will work with the GNOME team and mentor(s) to do usability testing on GNOME. The goal is to perform several cycles of usability testing on prototypes of new designs, and provide usability testing results and feedback to the GNOME team so a new iterative design can be updated based on those results. We would like to use a "test what you've got" approach where we set up a testing schedule, and the intern tests whatever prototype or model is ready at that time. So if "test day" is Thursday, we could nail down what to test by Monday, and have the intern post results on Friday or the weekend.

  • Distributions

    • Arch Family

      • New Manjaro Beta Builds a Better Arch
        Regardless of which desktop you select, the welcome screen introduces Manjaro tools and get-acquainted details such as documentation, support tips, and links to the project site.

        You can get a full experience in using the live session ISOs without making any changes to the computer's hard drive. That is another advantage to running Manjaro Linux over a true Arch distro. Arch distros usually do not provide live session environments. Most that do lack any automatic installation launcher from within the live session.

        Caution: When you attempt to run the boot menu from the Manjaro DVD, pay attention to the startup menu. It is a bit confusing. To start the live session, go halfway down the list of loading choices to select the Boot Manjaro option. The other menu options let you configure non-default choices for keyboard, language, etc.

        After the live medium loads the Manjaro live session, browse the categories in the welcome window. You can click the Launch Installer button in the welcome window or launch it after experiencing the live session by clicking on the desktop install icon or running the installation program from the main menu.

        Installation is a simple and straightforward process. The Calamares installer allows newcomers to easily set up the distro. It gives advanced users lots of customization options.

    • Red Hat Family

      • Committed to open source game development
        This is the third post in our series on open source game development. For posts one and two, I sat down with Red Hat’s Michael Clayton and Jared Sprague to talk about how the second season of Command Line Heroes relates to their work on Command Line Heroes: The Game, and their own efforts as open source game developers.

        Today, we’re talking about the trials and tribulations of contributing to open source projects and communities. In episode 3, “Ready to Commit,” we learn how host Saron Yitbarek got her start with open source software, and also how large projects like Fedora maintain a healthy and thriving community. As every command line hero has an origin story (or two), I figured we’d start by asking Jared and Michael about their first “commits.”

      • The evolution of open source contributors: from hobbyists to professionals
        The most recent episode of Command Line Heroes is all about the process of contributing to open source, from the point of view of a contributor and a maintainer. It's a great episode - don't just take my word for it, you can listen here - but you can only tackle so much in one episode! One thing that the episode sparked for me is just how much the nature of open source contribution has changed since Netscape first took the plunge with Mozilla in 1998.

        In the past 20 years, we've seen a strong shift away from a culture of hobbyist developers tinkering with projects as they find time, to folks doing open source contribution as part of their day job. Whether that’s folks paid to work on open source full time, or people who contribute to open source as part of their day job because the project is relevant to their other work.

        As open source has become more of a mainstay of just about every business, more businesses started hiring developers to ensure the success of those projects. Or they turned to companies (like, yes, Red Hat) that could support their use of open source by maintaining, improving, and even creating new projects to address business needs.

      • Transforming the Red Hat partner journey
        Red Hat is committed to optimizing the way we work with and through our entire partner ecosystem to support our customers.

        Before I get into what that commitment looks like for our partners, let me start by saying that working together already “works.” How do we know? The numbers tell the story: Red Hat’s growth has been fueled by partners, who globally contribute to 75+ percent of our revenue. Partners open more doors for open source than Red Hat can do alone. We create better solutions and solve customer challenges more quickly and creatively when we work together.

      • Announcing Red Hat Developer Studio 12.9.0.GA and JBoss Tools 4.9.0.Final for Eclipse 2018-09
        Attention desktop IDE users: Red Hat Developer Studio 12.9 and the community edition, JBoss Tools 4.9.0 for Eclipse Photon, are now available. You can download the Developer Studio bundled installer, which installs Eclipse 4.9 with all of the JBoss Tools already configured. Or, if you have an existing Eclipse 4.9 (2018-09) installation, you can download the JBoss Tools package.

        This article highlights some of the new features in both JBoss Tools and Eclipse Photon, covering WildFly, Spring Boot, Camel, Maven, and many Java-related improvements—including full Java 10 support.

        Developer Studio/JBoss Tools provides a desktop IDE with a broad set of tooling covering multiple programming models and frameworks. If you are doing container/cloud development, there is integrated functionality for working with Red Hat OpenShift, Kubernetes, Red Hat Container Development Kit, and Red Hat OpenShift Application Runtimes. For integration projects, there is tooling covering Camel and Red Hat Fuse that can be used in both local and cloud deployments.

      • Red Hat Container Development Kit 3.6 now available
        We are pleased to announce the availability of Red Hat Container Development Kit (CDK) 3.6. CDK 3.6 is based on Minishift 1.24.0, a command-line tool to quickly provision an OpenShift and Kubernetes cluster on your local machine for developing cloud- and container-based applications. You can run CDK/Minishift on Windows, macOS, or Linux.

        Today, we are also announcing the availability of Red Hat Developer Studio 12.9 and JBoss Tools 4.9 for Eclipse 2018-09. You can develop cloud/container-based applications with a familiar desktop IDE that has integrated tooling for CDK/Minishift.

      • Red Hat Extends Cybersecurity Automation Ambitions

        Red Hat has announced it plans to extend the open source Ansible framework for automating IT operations into the realm of cybersecurity.

        Announced this month at the AnsibleFest 2018 conference, Red Hat showcased a preview of a declarative approach to automating IT that is used widely within IT organizations to include support for enterprise firewalls, intrusion detection systems (IDS) and security information and event management (SIEM) platforms.

      • CentOS 6 and RHEL 6 Get Important Kernel Security Update for FragmentSmack Flaw
        According to the RHSA-2018:2846 and CESA-2018:2846 security advisories, the new kernel security update is marked as "Important" by Red Hat's security team as it patches two security vulnerabilities (CVE-2018-5391 and CVE-2018-14634) discovered in the Linux kernel packages for the Red Hat Enterprise Linux 6 and CentOS Linux 6 operating system series.

        The first security flaw addressed in this important kernel update is CVE-2018-5391, a security vulnerability known as FragmentSmack and discovered in the way Linux kernel handled reassembly of fragmented IPv6 and IPv4 packets, which could allow a remote attacker to cause a denial of service on the vulnerable systems by sending specially crafted packets, leading to a CPU saturation.

      • Red Hat Converges CoreOS Features In OpenShift Container Platform 3.11
        Red Hat announced the general availability of its OpenShift Container Platform 3.11 release on Oct. 10, providing organizations with new capabilities for managing cloud native Kubernetes deployments.

        Among the key highlights of the OpenShift Container Platform 3.11 release are multiple components that have been integrated from the CoreOS Tectonic distribution of Kubernetes, including a new cluster administrator console. Red Hat has also integrated CoreOS' Operator concept into OpenShift making it easier for organizations to deploy cloud native applications.

        "This is the initial release for us to deliver on our converged roadmap that we announced at Red Hat Summit earlier this year," Brian Gracely, director, Product Strategy, OpenShift, at Red Hat, told eWEEK. "There are three primary feature sets that come into OpenShift 3.11 from the CoreOS acquisition."

      • Red Hat Openshift Container Platform 3.11 is Now Generally Available
      • Red Hat Expands Scope of OpenShift Platforms Based on Kubernetes
      • Red Hat OpenShift Update Is Heavy on Integration of CoreOS Features

      • Introducing Red Hat OpenShift Container Engine

        Today, Red Hat released the latest version of our enterprise Kubernetes platform, OpenShift Container Platform 3.11. In OpenShift Container Platform, we’ve built a comprehensive, enterprise-ready platform to unite developers and IT operations teams to more securely, quickly, and reliably deliver containerized applications across enterprise infrastructures.

        To help teams meet their goals, OpenShift Container Platform extends Kubernetes with advanced features. We’ve kept the platform pluggable to enable integration with third-party services to give our customers choice throughout the container stack. OpenShift is validated to work with hundreds of technologies, so our customers can take advantage of optimized container solutions from both Red Hat and our growing ecosystem of ISV partners.

      • Generally Available today: Red Hat OpenShift Container Platform 3.11 is ready to power enterprise Kubernetes deployments
        Today, Red Hat OpenShift Container Platform 3.11, a comprehensive, leading enterprise Kubernetes platform, is generally available and ready for download (see the release notes and download OpenShift here). OpenShift Container Platform 3.11 ships with Kubernetes 1.11, along with several notable features to better streamline Day 2 cluster and application operations. In short, we’ve made central administration for your clusters, environments, and users easier, while providing expanded Prometheus capabilities for gathering Kubernetes-native metrics.

      • How to deploy multiple versions of an API using paths on OpenShift
        How to deploy multiple versions of an API using paths on OpenShift

        Let’s say you’d like to test or deploy a new version of an API, without having to point users at a new hostname or abandoning the old version of the API. In this post, I’m going to show you how you can do just that using paths on Red Hat OpenShift.

        OpenShift routes connect users from the real world to an application running in an Red Hat OpenShift cluster. A route has two faces. A unique hostname, like myapp.apps.openshift.local, is seen by the outside world. Inside the cluster, the route connects to a service. The service is provided by one or more Pods running application code.

      • CO.LAB goes on the road again to share new paper circuitry curriculum with students
        In 2017, Red Hat launched CO.LAB, presented by Open Source Stories, in Boston. Since then, we have shared the principles of open source and collaboration with more than one hundred middle school female students in five locations. These students built digital cameras out of Raspberry Pi computers and took photographs to visualize a poem. The result was a collaborative work of art.
      • Use Groovy to customize the Maven build process

      • Finance

      • Fedora

        • NeuroFedora SIG: Call For Participation

          The (current) goal of the NeuroFedora SIG is to make Fedora an easy to use platform for neuroscientists.

          Neuroscience is an extremely multidisciplinary field. It brings together mathematicians, chemists, biologists, physicists, psychologists, engineers (electrical and others) computer scientists and more.

        • Fedora at LinuxDays 2018 in Prague
          LinuxDays, the biggest Linux event in the Czech Republic, took place at the Faculty of Information Technology of Czech Technical University in Prague. The number of registered attendees was a bit lower this year, it could be caused by municipality and senate elections happening on Fri and Sat, but the number got almost to the 1300 mark anyway.

          Besides a busy schedule of talks and workshops the conference also has a pretty large booth area and as every year I organized the Fedora one. I drove by car to Prague with Carlos Soriano and Felipe Borges from the Red Hat desktop team on Saturday morning and we were joined by František Zatloukal (Fedora QA) at the booth.

        • Bodhi 3.10.1 released
        • Building Fedora Vagrant boxes for VirtualBox using Packer

        • Design faster web pages, part 1: Image compression
          Lots of web developers want to achieve fast loading web pages. As more page views come from mobile devices, making websites look better on smaller screens using responsive design is just one side of the coin. Browser Calories can make the difference in loading times, which satisfies not just the user but search engines that rank on loading speed. This article series covers how to slim down your web pages with tools Fedora offers.

        • Fedora 28 : Testing Blender 2.80 .

    • Debian Family

      • Debian GNU/Linux 9 "Stretch" Gets New Kernel Patch to Fix Two Security Flaws
        Coming just a week after the latest major kernel security update for Debian GNU/Linux 9 "Stretch," the new Linux kernel security patch is here to address a flaw (CVE-2018-15471) discovered by Google Project Zero's Felix Wilhelm in the hash handling of Linux kernel's xen-netback module, which could result in information leaks, privilege escalation, as well as denial of service.

        "Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module. A malicious or buggy frontend may cause the (usually privileged) backend to make out of bounds memory accesses, potentially resulting in privilege escalation, denial of service, or information leaks," reads the security advisory published by Salvatore Bonaccorso.

      • Derivatives

        • Canonical/Ubuntu

          • Do You Plan to Upgrade to Ubuntu 18.10?
            Such closeness means — shock — it’s almost-very-nearly upgrade decision time for many of us!

            The question is are you the sort of Linux user who likes to run the latest and greatest that open source software has to offer? Or do you prefer to play it safe on the stable foundation of an LTS? Perhaps you’re entirely uncertain?!

          • Ubuntu 18.10 Adds Gallium Nine Support, Latest Mesa 18.2.2
            A couple of graphic-related tidbits ahead of next week’s Ubuntu 18.10 release that some of you might be interested to know about.

            First up, Mesa.

            A feature freeze exception was granted to allow Mesa 18.2.x series in to the Ubuntu 18.10 archives, with Mesa 18.2.2 specifically (i.e the latest update) now ready in the archives.

          • Digital signage: the face of the smart city revolution

            Crucially, this means selecting an operating system and a digital signage solution with strong safety capabilities. Ubuntu is a strong choice for a secure OS, in large part because it restricts outside access to key system files better than most competitors. This makes it more difficult for malware to access a system. Meanwhile, in the signage software space, Broadsign is the clear winner thanks to SOC II and ISAE3402 audits that guarantee stronger SaaS security than what is standard for online banking.

          • Snapistics – Snaps in numbers
            Actions speak louder than words. So do numbers. When we talk about snaps, we often focus on the application packages, and talk about their individual merits. However, a no less important – and interesting – facet is the collective numbers behind the scenes. They tell a compelling story for developers and users alike. They allow us to look back and piece together a puzzle of perception and adoption, and map them onto underlying factors, like the introduction of the new Ubuntu LTS release, the availability of popular software, and deliberate changes introduced to make snaps more robust and accessible.

            Indeed, how do people perceive snaps? How well accepted are snaps in software development circles? Today, we’d like to share some of these figures.

  • Devices/Embedded

Free Software/Open Source

  • Renewed push for adoption of ODF document standard

    The Document Foundation, the organisation supporting the development of LibreOffice, is calling for supporters to promote the use of Open Document Format (ODF). Standardisation organisation OASIS would welcome and assist renewed marketing efforts, as would the Open Source Initiative, says OSI director Italo Vignoli.

  • Microsoft and Telekom no longer offer cloud storage under German jurisdiction
    Nextcloud is an open source, self-hosted file share and communication platform. Access & sync your files, contacts, calendars & communicate and collaborate across your devices. You decide what happens with your data, where it is and who can access it!

  • POA Network launches BlockScout, an open-source Ethereum block explorer
    POA Network, the Ethereum-based platform offering an open-source framework for smart contracts, has unveiled BlockScout, a full-featured block explorer tool for the Ethereum ecosystem. BlockScout is an easy-to-use and secure tool that lets users search and explore transactions, addresses, and balances on the Ethereum, Ethereum Classic, and POA Network blockchains.

  • BlockScout is a New Ethereum Blockchain Explorer Tool by POA Network
    The Ethereum based platform, the POA Network that is offering an open-source platform for smart contracts has established a block explorer that is fully futured called BlockScout for the Ethereum ecosystem. BlockScout is a secure tool that is easy to use allowing users to explore and search transaction, balances and addresses on the Ethereum, POA Network and Ethereum Classic blockchains.

  • POA Network launches open-source Ethereum block explorer tool
    POA Network, the Ethereum-based platform offering an open-source framework for smart contracts, has just announced that it has unveiled BlockScout, the first full featured open-source block explorer tool for the Ethereum ecosystem. BlockScout is a secure tool that lets users search and explore transactions, addresses, and balances on the Ethereum, Ethereum Classic, and POA Network blockchains.

  • BlockScout: The first full-featured open-source Ethereum blockchain explorer

  • Ethereum Based POA Network Launches Open-Source Block Explorer for ETH, ETC and POA
    The team at the POA Network have unveiled the first full featured open-source block explorer tool for the Ethereum ecosystem. This new block explorer is called BlockScout. It is an easy-to-use and secure tool that allows users to search and explore transactions, addresses, and balances on the three blockchains of Ethereum (ETH), Ethereum Classic (ETC) and POA Network.

  • Asterisk 16.0.0 Now Available

  • Asterisk 16.0 VoIP / PSTN PBX Open-Source Software Released
    Version 16.0 of the long-standing, open-source Asterisk VoIP/PSTN telephony software is now available for voice communication deployments.

    Asterisk 16.0 brings improved media playback via reading the file type from the HTTP header, support for systemd socket activation, and fixes ten security issues ranging from Asterisk crashes to possible DoS vulnerabilities and stack corruption.

  • Sangoma Reaffirms Open Source Communications Commitment and Leadership at AstriCon
    Sangoma Technologies Corporation (TSX VENTURE: STC), a trusted leader in value-based Unified Communications (UC) and UC as a Service (UCaaS) solutions and the world's largest provider of open source communications solutions, today at the annual AstriCon users and developers conference, announced Asterisk 16 and FreePBX 15, the next major releases of the world's two most popular open source communications projects.

  • 5 Tips for Deploying Open-Source Software
    While the democratic ideals and distributed development model of open source are appealing to developers, some elements of that model are less attractive in production systems. The biggest drawback is that community control means distributed responsibility. Implementing pure open source can create problems and burdens that are less likely with systems have professional sales and service organizations behind them.

    In short, with an open-source system, there is no throat to choke and IT professionals can be left with only community support when something goes awry.

    That doesn’t mean that implementing open-source software is a bad idea. Doing so just requires taking a different approach to planning than you would with a proprietary software roll out. To help alleviate some of the problems, here are five things to remember when implementing open-source software.

  • Industry Voices—Doyle: The promise of open source and the current state of telecom adoption
    The adoption of open source software for NFV deployments by CSPs has largely failed to live up to industry expectations.

    Open source software has been installed in communication service providers' IT departments, some tactical parts of the network and is being widely tested in the labs of the leading CSPs. Despite the hype around “cloud-native” advancements, open source is unlikely to “bend the cost curve” of deploying new network elements – at least not in the next several years.

  • Web Browsers

    • Mozilla

      • Delaying Further Symantec TLS Certificate Distrust
        Due to a long list of documented issues, Mozilla previously announced our intent to distrust TLS certificates issued by the Symantec Certification Authority, which is now a part of DigiCert. On August 13th, the next phase of distrust was enabled in Firefox Nightly. In this phase, all TLS certificates issued by Symantec (including their GeoTrust, RapidSSL, and Thawte brands) are no longer trusted by Firefox (with a few small exceptions).

        In my previous update, I pointed out that many popular sites are still using these certificates. They are apparently unaware of the planned distrust despite DigiCert’s outreach, or are waiting until the release date that was communicated in the consensus plan to finally replace their Symantec certificates. While the situation has been improving steadily, our latest data shows well over 1% of the top 1-million websites are still using a Symantec certificate that will be distrusted.

      • Taming triage: Partnering with Topcoder to harness the power of the crowd
        We are excited to announce the launch of the Bugzilla Automatic Bug Triaging Challenge, a crowdsourcing competition sponsored by Mozilla and hosted by Topcoder, the world’s largest network of software designers, developers, testers, and data scientists. The goal of the competition is to automate triaging (categorization by products and software components) of new bugs submitted to Bugzilla, Mozilla’s web-based bug tracking system. By cooperating with Topcoder, Mozilla is expanding its open innovation capabilities to include specialized crowdsourcing communities and competition mechanisms.

        Mozilla’s Open Innovation strategy is guided by the principle of being Open by Design derived from a comprehensive 2017 review of how Mozilla works with open communities. The strategy sets forth a direction of expanding the organisation’s external outreach beyond its traditional base of core contributors: open source software developers, lead users, and Mozilla volunteers. Our cooperation with Topcoder is an example of reaching out to a global community of data scientists.

      • Firefox Nightly: These Weeks in Firefox: Issue 47

      • Community Coordinator role
        The Reps program is evolving in order to be aligned with Mozilla’s changes on how we perceive communities. Part of those changes is the Mission Driven Mozillians project, where the Reps are involved.

      • Announcing a Competition for Ethics in Computer Science, with up to $3.5 Million in Prizes

        Today, computer scientists wield tremendous power. The code they write can be used by billions of people, and influence everything from what news stories we read, to what personal data companies collect, to who gets parole, insurance or housing loans

        Software can empower democracy, heighten opportunity, and connect people continents away. But when it isn’t coupled with responsibility, the results can be drastic. In recent years, we’ve watched biased algorithms and broken recommendation engines radicalize users, promote racism, and spread misinformation.

  • CMS

    • I have resigned as the WordPress accessibility team lead. Here is why.

      After several years of working on WordPress and accessibility and being part of the accessibility team, I have taken the very difficult decision to leave the WordPress accessibility team. I owe it to the team to explain why I have made this decision and how I hope things can improve for the future.

  • BSD

    • AMDGPU Developer Proposes Array Register Files For LLVM - Would Help Performance
      One of the areas within the open-source AMD Linux graphics driver stack that could benefit from some additional improvements/optimizations is the AMDGPU LLVM compiler back-end. One of the easy ways to see that the AMDGPU LLVM code could be improved upon are the Vulkan benchmarks when compared to AMD's proprietary compiler and there still being some significant wins with that more mature but closed-source shader compilation code. Fortunately, some improvements may be on the way.

      At least one of the areas to be explored by AMD developers that could help with the AMDGPU LLVM back-end is in a new concept called Array Register Files. Longtime open-source AMD developer Nicolai Hähnle who often focuses on the LLVM compute stack has proposed this infrastructure addition to the LLVM stack that would help this back-end.

    • LLVM Lands Support For ARMv8.5's Branch Target Identification (BTI)
      A bulk of the Linux/open-source enablement we have seen taking place for ARM's new ARMv8.5 architecture revision is around its new Spectre defenses to help SoCs that will begin shipping later in 2019.

      Back in September the first of the ARMv8.5 support began landing in the LLVM/Clang compiler and it's work to battle Spectre-style vulnerabilities. That work included speculation restriction system registers, a new speculation barrier, prediction invalidation instructions, and SSBB/PSSBB speculation barriers. ARMv8.5 also brings some additions outside of the Spectre/security space like new persistent memory instructions and random number instructions.


    • GNU Guix: A packaging tutorial for Guix
      GNU Guix stands out as the hackable package manager, mostly because it uses GNU Guile, a powerful high-level programming language, one of the Scheme dialects from the Lisp family.

      Package definitions are also written in Scheme, which empowers Guix in some very unique ways, unlike most other package managers that use shell scripts or simple languages.

    • GNU Guile 2.9.1 (beta) released
      We are delighted to announce GNU Guile 2.9.1, the first beta release in preparation for the upcoming 3.0 stable series.

      This release adds support for just-in-time (JIT) native code generation, speeding up all Guile programs. Currently support is limited to x86-64 platforms, but will expand to all architectures supported by GNU Lightning.

    • Parabola GNU/Linux-libre: Important notice for OpenRC users on i686

      To avoid any trouble, you should explicitly install the 'audit' package before attempting to upgrade the system. If you upgrade without first installing the 'audit' package, then you will need to chroot into the system and install it.

    • GCC: Optimizing Linux, the Internet, and Everything
      Software is useless if computers can't run it. Even the most talented developer is at the mercy of the compiler when it comes to run-time performance - if you don’t have a reliable compiler toolchain you can’t build anything serious. The GNU Compiler Collection (GCC) provides a robust, mature and high performance partner to help you get the most out of your software. With decades of development by thousands of people GCC is one of the most respected compilers in the world. If you are building applications and not using GCC, you are missing out on the best possible solution.

      GCC is the “de facto-standard open source compiler today” [1] according to and the foundation used to build complete systems - from the kernel upwards. GCC supports over 60 hardware platforms, including ARM, Intel, AMD, IBM POWER, SPARC, HP PA-RISC, and IBM Z, as well as a variety of operating environments, including GNU, Linux, Windows, macOS, FreeBSD, NetBSD, OpenBSD, DragonFly BSD, Solaris, AIX, HP-UX, and RTEMS. It offers highly compliant C/C++ compilers and support for popular C libraries, such as GNU C Library (glibc), Newlib, musl, and the C libraries included with various BSD operating systems, as well as front-ends for Fortran, Ada, and GO languages. GCC also functions as a cross compiler, creating executable code for a platform other than the one on which the compiler is running. GCC is the core component of the tightly integrated GNU toolchain, produced by the GNU Project, that includes glibc, Binutils, and the GNU Debugger (GDB).

  • Licensing/Legal

    • New Open-Source GoodFORM Project, Made by Google 2018 Event Today, Asus Chromebook C423, HP Chromebook x360 14 and KDE Launches Plasma 5.14

      Redis labs recently added the Commons Clause on top of the Redis open-source, in-memory data structure store, and now open-source developers are forking the code in a new project called GoodFORM. ZDNet quotes Debian project leader Chris Lamb and Fedora developer Nathan Scott's explanation for the need to fork the code: "With the recent licensing changes to several Redis Labs modules making them no longer free and open source, GNU/Linux distributions such as Debian and Fedora are no longer able to ship Redis Labs' versions of the affected modules to their users."

    • Redis Labs and the "Common Clause"
      So, the short version is that with the recent licensing changes to several Redis Labs modules making them no longer free and open source, GNU/Linux distributions, such as Debian and Fedora, are no longer able to ship Redis Labs' versions of the affected modules to their users.

      As a result, we have begun working together to create a set of module repositories forked from prior to the license change. We will maintain changes to these modules under their original open source licenses, applying only free and open fixes and updates.

  • Programming/Development

    • This Week in Rust 255

    • Code Quality & Formatting for Python

      black, the uncompromising Python code formatter, has arrived in Debian unstable and testing.

      black is being adopted by the LAVA Software Community Project in a gradual way and the new CI will be checking that files which have been formatted by black stay formatted by black in merge requests.

      There are endless ways to format Python code and pycodestyle and pylint are often too noisy to use without long lists of ignored errors and warnings.


  • NHL Team Institutes 'No Video Game' Policy For Players Due To Fortnite 'Addiction'

    The tie-in for gaming addition here is that last year the Canucks claimed that a young un-named player was inactive and seeking counseling for video game addiction. Whether this player-led ban on gaming is a direct result of that incident, or simply a scapegoat for the Canucks being fairly bad at professional hockey as of late, is unknown. What is known is that this ban pretty squarely centers around Fortnite, which is amazing advertising for just how fun and enjoyable that game is.

    More interesting to me is how the team appears to be taking the blunt-tool approach that mirrors what many parents do in fear of video game addiction. These kinds of blanket bans, taking into consideration nothing about how individual players, or children, can handle gaming appropriately, is almost certainly a mistake. Even if video game addiction is indeed a thing, it must be true that it's a thing that will afflict a minority of the population. That makes these blanket bans massive overkill.

  • What we lose when we move from social to market exchange
    Couchsurfing and Airbnb are websites that connect people with an extra guest room or couch with random strangers on the Internet who are looking for a place to stay. Although Couchsurfing predates Airbnb by about five years, the two sites are designed to help people do the same basic thing and they work in extremely similar ways. They differ, however, in one crucial respect. On Couchsurfing, the exchange of money in return for hosting is explicitly banned. In other words, couchsurfing only supports the social exchange of hospitality. On Airbnb, users must use money: the website is a market on which people can buy and sell hospitality.


    In a follow-up quantitative analysis we conducted of the profile text from hosts on the two websites with a commonly-used system for text analysis called LIWC, we found that, compared to Couchsurfing, a lower proportion of words in Airbnb profiles were classified as being about people while a larger proportion of words were classified as being about places.

    Finally, our research suggested that although hosts are the powerful parties in exchange on Couchsurfing, social power shifts from hosts to guests on Airbnb.

  • Talk over text: Conversational interface design and usability
    Conversational interfaces are unique among the screen-based and physically manipulated user interfaces that characterize the range of digital experiences we encounter on a daily basis. As Conversational Design author Erika Hall eloquently writes, "Conversation is not a new interface. It's the oldest interface." And the conversation, the most human interaction of all, lies at the nexus of the aural and verbal rather than the visual and physical. This makes it particularly challenging for machines to meet the high expectations we tend to have when it comes to typical human conversations.

    How do we design for conversational interfaces, which run the gamut from omnichannel chatbots on our websites and mobile apps to mono-channel voice assistants on physical devices such as the Amazon Echo and Google Home? What recommendations do other experts on conversational design and usability have when it comes to crafting the most robust chatbot or voice interface possible? In this overview, we focus on three areas: information architecture, design, and usability testing.

  • Qualcomm to invest $400 million in Hyderabad for largest foreign campus
    After US biggies like Google, Amazon, Apple, Facebook and Uber, it’s now the turn of semiconductors and telecom behemoth Qualcomm to come calling on Hyderabad.

    In what is being touted as the biggest investment by a marquee company after the formation of Telangana, Qualcomm will be investing $400 million (Rs 3,000 crore) in setting up its largest campus outside its San Diego headquarters in Hyderabad, IT minister KT Rama Rao’s office said on Saturday.

    Qualcomm — which has a presence in India through its centres in Hyderabad, Bengaluru and Chennai — is expected to kick off work on its Hyderabad campus in 2019. The first phase of the project is slated to include a built-up space of 1.7 million sqft, housing about 10,000 employees, KTR said after a meeting with senior Qualcomm officials here.

  • China's Huawei Takes Aim at Qualcomm, Nvidia With New AI Chips
    Huawei Technologies Co. has overtaken Apple Inc. in smartphones. Now it wants to take on some of America’s largest technology companies in semiconductors.

    Chinese’s largest telecommunications gear and mobile phone maker on Wednesday unveiled its latest Ascend series chips, machine-learning capable workhorses that it says can go toe-to-toe with designs from Qualcomm Inc. and Nvidia Corp. It’s also introducing cloud computing services and dedicated data centers for autonomous vehicles that will run off those chips, delving deeper into territory staked out by Inc., Microsoft Corp. and homegrown rival Alibaba Group Holding Ltd.

  • Using Open Source and Zebra Printers For Printing Your Barcode Thermal Labels

    The roll-label printer (like the kind Zebra Technologies makes for the desktop) and rolled labels for direct thermal printing which does not require a ribbon, toner or ink (as sold here on, shine for short-run projects where there’s enough fulfillment work to make efficiency important, but not enough to justify mass production. These desktop printers use direct thermal labels on 1" core rolls and no ribbon. For large scale volume thermal printing of labels, Zebra has an extensive line of industrial printers which use either direct thermal or thermal transfer printing on a 3" core or fanfold stacks.

    Roll-labels can be printed one at a time or in large batches, with no waste, and they give you the flexibility to include or change customer-specific or product-specific information. You can keep this specific information separate from creating the product itself and don’t lose anything if these details have to be changed. They’re also great if you are assembling elements from different suppliers (say disks and disk packaging) and need to label the result. It keeps you in control of the final product.

  • Science

    • Chinese Firms Now Hold Stakes In Over A Dozen European Ports
    • The Battery Boom Has Created a New Lithium Superpower in China

      The jump in lithium output has swelled Ganfeng’s earnings -- forecast to rise about a third this year -- and catapulted the company ahead of established industry leaders such as FMC Corp. in terms of volumes. It’s on course to surpass the second-largest, Chile’s Sociedad Quimica y Minera de Chile SA, this year, according to consultant CRU Group, and is seen eventually challenging the No. 1, Albemarle Corp.

    • Tech Addiction Makes Us Less Happy. That’s a Market Opportunity.

      Think about this: our distractions are getting bad enough that a venture capital firm thinks there’s money in trying to help. You can expect to see all kinds of products on the market trying to solve this problem. That e-ink typewriter that was in the news last week is a good example—a $600 laptop where the main selling point is the lack of a web browser. It raised $310,000 in crowdfunding money.

      There’s going to be a flood of software, hardware, books, and conventions about this in the years to come. As with diet and exercise, some of these tools will be useful and some of them won’t, but none of them will do you any good if you don’t make the mental decision to change. You need to make the choice to notice what you pay attention to, and then try to direct your attention to what matters. If you don’t make that decision no software or experience is going to help.

    • Why People Are Putting Fitness Trackers on Toilet Paper in China
      It all started with a mystery: Why would a fitness tracker detect a beating heart on a roll of toilet paper?

      As Chinese tech site Abacus reports, toilet paper is having a bit of a viral moment in China after fitness tracker owners discovered the Xiaomi Mi Band 3 would display a heart rate when attached to a roll. Users of the social media platform Weibo posted numerous images documenting the phenomenon. They also tested other cylindrical objects, such as bottles, cans, and even the appendage of a stuffed animal—all of which showed the mysterious phantom heart rate.

    • Toilet Paper Has a Pulse, According to Fitness Trackers

  • Security

    • Pete Zaitcev: Ding-dong, the witch is dead

      One thing that comes across very strongly is how reluctant people are to run their own infrastructure. For one thing, the danger of a devastating DDoS is absolutely real. And then you have to deal with spam. Those who do not have the experience also tend to over-estimate the amount of effort you have to put into running "dnf update" once in a while.

      Personally, I think that although of course it's annoying, the time wasted on the infra is not that great, or at least it wasn't for me. The spam can be kept under control with a minimal effort. Or, could be addressed in drastic ways. For example, my anime blog simply does not have comments at all. As far as DoS goes, yes, it's a lottery. But then the silo platform can easily die (like G+), or ban you. This actually happens a lot more than those hiding their heads in the sand like to admit. And you don't need to go as far as to admit to your support of President Trump in order to get banned. Anything can trigger it, and the same crazies that DoS you will also try to deplatform you.

    • (SSH) Keys to Unix Security
      Root accounts are the keys to powerful IT systems, the backbone of your entire infrastructure. They use privileged credentials to control shell access, file transfers, or batch jobs that communicate with other computers or apps, often accessed remotely, with local configuration. They can be the trickiest of all types of privileged accounts to secure, particularly if they are based on Unix or Linux.

    • Cyber Tests Showed 'Nearly All' New Pentagon Weapons Vulnerable To Attack, GAO Says [iophk: "Windows TCO"]

      Still, the tests cited in the report found "widespread examples of weaknesses in each of the four security objectives that cybersecurity tests normally examine: protect, detect, respond, and recover."


      In several instances, simply scanning the weapons' computer systems caused parts of them to shut down.


      When problems were identified, they were often left unresolved. The GAO cites a test report in which only one of 20 vulnerabilities that were previously found had been addressed. When asked why all of the problems had not been fixed, "program officials said they had identified a solution, but for some reason it had not been implemented. They attributed it to contractor error," the GAO says.

    • Flatpak - a security nightmare
      Let's hope not! Sadly, it's obvious Red Hat developers working on flatpak do not care about security, yet the self-proclaimed goal is to replace desktop application distribution - a cornerstone of linux security.

      And it's not only about these security problems. Running KDE apps in fakepak? Forget about desktop integration (not even font size). Need to input Chinese/Japanese/Korean characters? Forget about that too - fcitx has been broken since flatpak 1.0, never fixed since.

      The way we package and distribute desktop applications on Linux surely needs to be rethinked, sadly flatpak is introducing more problems than it is solving.

    • Encryption bill will hit family violence victims: claim

      In a submission to the public consolation on the draft bill, Carolyn Worth, the manager of SECASA, said the broadening of the Telecommunications (Interception and Access) Act 1979 was unwarranted and would be detrimental to all citizens, especially those with a background of family violence and/or sexual assault.

      The period for public comment on the bill, which is officially known as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, ended on 10 September after the draft was released on 14 August.

    • Bloomberg says big US telco hit by hardware tampering

      Apparently undeterred by strong criticism of a supply chain attack story it published last week, Bloomberg has put out another yarn, dealing with a similar theme, this time about a "major US telecommunications company" that allegedly encountered doctored hardware made by the US company Supermicro Computer.

    • RiskIQ Detects and Mitigates New Magecart Supply Chain Attack

      "If you own an e-commerce company, it's best to remove the third-party code from your checkout pages whenever possible," said Yonathan Klijnsma, Head Researcher at RiskIQ. "Many payment service providers have already taken this approach by prohibiting third-party code from running on pages where customers enter their payment information."

    • New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom

      Three security experts who have analyzed foreign hardware implants for the U.S. Department of Defense confirmed that the way Sepio's software detected the implant is sound. One of the few ways to identify suspicious hardware is by looking at the lowest levels of network traffic. Those include not only normal network transmissions, but also analog signals -- such as power consumption -- that can indicate the presence of a covert piece of hardware.

    • Security updates for Wednesday

    • Hackers Can Take Control Of Your WhatsApp Just With A Video Call: Update Now
      Natalie Silvanovich, a Google Project Zero security researcher, has uncovered a critical security flaw in WhatsApp. The flaw could allow a notorious actor to make a video call and take complete control of your messaging application.

    • Just Answering A Video Call Could Compromise Your WhatsApp Account

    • New Website Claims Flatpak is a “Security Nightmare”
      A newly launched website is warning users about Flatpak, branding the tech a “security nightmare”.

      The ‘’ web page takes aim at a number of security claims routinely associated with the fledgling Flatpak app packaging and distribution format.

    • DNS Security Still an Issue
      DNS security is a decades-old issue that shows no signs of being fully resolved. Here's a quick overview of some of the problems with proposed solutions and the best way to move forward.

      ...After many years of availability, DNSSEC has yet to attain significant adoption, even though any security expert you might ask recognizes its value. As with any public key infrastructure, DNSSEC is complicated. You must follow a lot of rules carefully, although some network services providers are trying to make things easier.

      But DNSSEC does not encrypt the communications between the DNS client and server. Using the information in your DNS requests, an attacker between you and your DNS server could determine which sites you are attempting to communicate with just by reading packets on the network.

      So despite best efforts of various Internet groups, DNS remains insecure. Too many roadblocks exist that prevent the Internet-wide adoption of a DNS security solution. But it is time to revisit the concerns.

  • Finance

    • Nobel Econ Award Goes To Two Economists Who Have Greatly Shaped My Thinking On Economics Of Innovation
      Let's get this out of the way upfront: if you're one of those people who pedantically feels the need to sneeringly point out that the economics Nobel is "not a real Nobel Prize," shut up: no one cares.

      Now, let's get on to the point: for basically the last decade, I've been specifically waiting for Paul Romer to finally win this prize and each year I've been disappointed when someone else did. Finally, this year he won it and did so with William Nordhous, which is even better, as I'll explain shortly. Both Romer and Nordhous have greatly influenced my thinking on many of the things I write about here at Techdirt, specifically when it comes to the economics of innovation, and, more specifically, the economics of information and so-called "non-rivalrous" goods (I prefer to call them "infinite goods"). I've reference Romer multiple times in the past, specifically in discussing how innovation creates economic growth in powerful ways.
    • King regrets Brexit and backs Barnier ahead of state visit
      King Willem-Alexander has voiced his concerns and regrets about Britain’s impending departure from the European Union ahead of his state visit to the UK later this month.

      The king told British reporters at his palace in The Hague that Brexit would have an impact on trade between the two nations, the Guardian reported on Monday.

      He added he had seen no evidence that the British government had had any success in appealing to individual member states over the heads of the EU negotiators. The Netherlands, a founder member of the EU, has been one of the UK’s closest allies during its 45-year membership, which will end next March.

    • Swiss court clears ex-banker who gave secrets to WikiLeaks
      Switzerland's high court has upheld the acquittal of a former bank accountant who handed over confidential client information to WikiLeaks, ruling Wednesday he wasn't bound by the country's strict banking secrecy laws at the time.

      The Federal Tribunal validated a ruling by Zurich's regional supreme court in the case of Rudolf Elmer, a former top accountant at a Cayman Islands affiliate of Swiss bank Julius Baer who was fired in 2002.

      The tribunal agreed that because Elmer had been an employee of the affiliate, he wasn't bound by Swiss banking secrecy laws when he gave the information to WikiLeaks in 2008.

    • Episode 2: Privacy and the Consumer
      Katherine Druckman talks to Doc Searls about consumer privacy, Main Street, and heart attacks at Walmart.

  • AstroTurf/Lobbying/Politics

    • Pirates Seek to Plant a Flag in Prague

      A student-driven grassroots movement founded in 2009 by dreadlocked psychedelic-trance disc jockey Ivan Bartos, the Czech Pirates has campaigned on issues such as political transparency, civil rights and direct democracy to become the second most popular party in the country. Now, they are on the verge of winning their biggest prize yet – the mayor's seat in Prague, according to recent polls.

    • ODS wins but Pirates likely to rule Prague

      But the other parties who gained seats seem reluctant to cooperate in a coalition with him. A more likely outcome will be Pirates in conjunction with Praha SobÄ› and the TOP 09-STAN grouping, which would have 39 of the 65 seats in the Municipal Assembly.

      The leader of the Pirates for the municipal election, Zdeněk Hřib, said that working with ODS or ANO would be difficult based on those parties' past opposition to transparency, which is a key Pirate goal.

    • Theresa May and John Constantine
      In this tale the dying Constantine stays alive by the simple and sensible expedient of promising his soul to three separate demons of Hell.

      This means that the three demons then have to strive officiously to keep him alive, so as to avoid a civil war in Hell if Constantine dies.
    • Coming Thursday: How an Acclaimed American Charity Failed Some of the World’s Most Vulnerable Girls
      Her charity was created to save these vulnerable girls from sexual exploitation. But from the very beginning, girls were being raped by a man Meyler trusted. He was a former child soldier, the charity’s first staff member and, at one point, Meyler’s lover. After a yearlong ProPublica investigation, reporter Finlay Young delves into the question of who is responsible when those who help also cause enduring and irreversible harm.
    • Nikki Haley Was Never the Adult in the Room
      This political opportunist made herself an ally, an apologist, and an acolyte of a man she once recognized as “irresponsible.”
    • Trump’s Patron-in-Chief: Casino Magnate Sheldon Adelson
      Late on a Thursday evening in February 2017, Japanese Prime Minister Shinzo Abe’s plane landed at Andrews Air Force Base in Maryland for his first visit with President Donald Trump. A few hours earlier, the casino magnate Sheldon Adelson’s Boeing 737, which is so large it can seat 149 people, touched down at Reagan National Airport after a flight from Las Vegas.

      Adelson dined that night at the White House with Trump, Jared Kushner and Secretary of State Rex Tillerson. Adelson and his wife, Miriam, were among Trump’s biggest benefactors, writing checks for $20 million in the campaign and pitching in an additional $5 million for the inaugural festivities.


      Adelson has told his shareholders to expect good news. On a recent earnings call, Adelson cited unnamed insiders as saying Sands’ efforts to win a place in the Japanese market will pay off. “The estimates by people who know, say they know, whom we believe they know, say that we’re in the No. 1 pole position,” he said.

      After decades as a major Republican donor, Adelson is known as an ideological figure, motivated by his desire to influence U.S. policy to help Israel. “I’m a one-issue person. That issue is Israel,” he said last year. On that issue — Israel — Trump has delivered. The administration has slashed funding for aid to Palestinian refugees and scrapped the Iran nuclear deal. Attending the recent opening of the U.S. embassy in Jerusalem, Adelson seemed to almost weep with joy, according to an attendee.

      But his reputation as an Israel advocate has obscured a through-line in his career: He has used his political access to push his financial self-interest. Not only has Trump touted Sands’ interests in Japan, but his administration also installed an executive from the casino industry in a top position in the U.S. embassy in Tokyo. Adelson’s influence reverberates through this administration. Cabinet-level officials jump when he calls. One who displeased him was replaced. He has helped a friend’s company get a research deal with the Environmental Protection Agency. And Adelson has already received a windfall from Trump’s new tax law, which particularly favored companies like Las Vegas Sands. The company estimated the benefit of the law at $1.2 billion.

    • Another West Virginia Supreme Court Justice Declines to Step Aside in Another Natural Gas Case
      In another recusal controversy involving the West Virginia Supreme Court and the natural gas industry, a newly appointed justice declined to step aside from hearing a case on Tuesday, despite the fact that he was personally represented by a lawyer now representing a company involved in the proceeding.

      Former U.S. Rep. Evan Jenkins hired Huntington lawyer Ancil Ramey, a former court clerk who often appears before the justices, to appear on his behalf last month when two lawyers tried to block Jenkins’ appointment to the court by arguing that he didn’t meet state constitutional requirements for the post.

      Ramey won that case, and Jenkins was sworn in on Oct. 1.

      Tuesday was the first day Jenkins was scheduled to hear oral arguments, and the second case on the docket was a major lawsuit filed by a group of Harrison County residents against Antero, West Virginia’s largest natural gas producer, alleging that the company is making life in their community unbearable.

      Among the attorneys representing Antero: Ancil Ramey.

  • Censorship/Free Speech

    • BREAKING: Woodhull Freedom Foundation Appeals FOSTA Ruling

      Today, attorneys for the Woodhull Freedom Foundation, and other Plaintiffs appealed the ruling issued by the District Court, for the District of Columbia, dismissing the FOSTA case for lack of standing. Joining in the appeal are The Internet Archive, Human Rights Watch, Jesse Maley, and Eric Koszyk. The case will now be considered by the D.C. Circuit Court of Appeal.

      Woodhull challenged the constitutionality of FOSTA as a violation of the First Amendment, and an instrument of government censorship. The law prohibits online speech that promotes or facilitates prostitution and rolls back legal protections for online intermediaries relating to sex trafficking.

    • The Top 25 Most Censored Stories
      Mickey Huff and Chase Palmieri are joined by several of the contributors to “Censored 2019,” the latest edition, just-published, of Project Censored’s annual compilations of censored stories and media analysis. They discuss some of the “Top 25” censored stories, as well as new developments in media.

    • Stupid Law Firm Decides To Threaten Something Awful Over Hot-Linked Hitler Picture
      A stupid law firm supposedly specializing in IP rights enforcement has decided (again!) to jam its dangling appendages into one of the internet's more ferocious hornets' nests. When you're in the business of threatening litigation over hot-linked images (yep), you probably don't pay much attention to the URLs you target.

      The law firm of Higbee & Associates should know better than to go to this well twice. But it doesn't. Due diligence doesn't seem to be a priority. If it was, some of its "pre-litigation" specialists might have noticed the firm went after Something Awful in 2015 for using an image from Under the Skin in its review of the movie. Obviously, this was fair use and a little bit of web searching turns up multiple uses of the same image, suggesting it had been made available by the studio for promotional purposes.

      You'd think one failure to turn Something Awful (SA) into an ATM would have been enough for Higbee & Associates. Apparently not. Richard "Lowtax" Kyanka -- having taken over SA's legal department after the departure of Leonard "J" Crabs -- received a demand letter from the law firm over the supposedly unauthorized use of a picture of (go figure) Hitler.
    • EU Internet Censorship Will Censor the Whole World's Internet
      As the EU advances the new Copyright Directive towards becoming law in its 28 member-states, it's important to realise that the EU's plan will end up censoring the Internet for everyone, not just Europeans.

      A quick refresher: Under Article 13 of the new Copyright Directive, anyone who operates a (sufficiently large) platform where people can post works that might be copyrighted (like text, pictures, videos, code, games, audio etc) will have to crowdsource a database of "copyrighted works" that users aren't allowed to post, and block anything that seems to match one of the database entries.

      These blacklist databases will be open to all comers (after all, anyone can create a copyrighted work): that means that billions of people around the world will be able to submit anything to the blacklists, without having to prove that they hold the copyright to their submissions (or, for that matter, that their submissions are copyrighted). The Directive does not specify any punishment for making false claims to a copyright, and a platform that decided to block someone for making repeated fake claims would run the risk of being liable to the abuser if a user posts a work to which the abuser does own the rights.

      The major targets of this censorship plan are the social media platforms, and it's the "social" that should give us all pause.

      That's because the currency of social media is social interaction between users. I post something, you reply, a third person chimes in, I reply again, and so on.

      Now, let's take a hypothetical Twitter discussion between three users: Alice (an American), Bob (a Bulgarian) and Carol (a Canadian).

      Alice posts a picture of a political march: thousands of protesters and counterprotesters, waving signs. As is common around the world, these signs include copyrighted images, whose use is permitted under US "fair use" rules that permit parody. Because Twitter enables users to communicate significant amounts of user-generated content, they’ll fall within the ambit of Article 13.

    • Bing Is Suggesting the Worst Things You Can Imagine
      If you use Bing’s image search, you’re going to see the worst filth you can imagine. Bing suggests racist terms and shows horrifying images. Bing will even suggest you search for exploited children if you have SafeSearch disabled.

      We’ve contacted Microsoft for comment but, as of publishing time, they had not immediately responded. We will update the story when they do.

  • Privacy/Surveillance

    • Chicago Should Reject a Proposal for Private-Sector Face Surveillance
      A proposed amendment to the Chicago municipal code would allow businesses to use face surveillance systems that could invade biometric and location privacy, and violate a pioneering state privacy law adopted by Illinois a decade ago. EFF joined a letter with several allied privacy organizations explaining our concerns, which include issues with both the proposed law and the invasive technology it would irresponsibly expand.

      At its core, facial recognition technology is an extraordinary menace to our digital liberties.

      At its core, facial recognition technology is an extraordinary menace to our digital liberties. Unchecked, the expanding proliferation of surveillance cameras, coupled with constant improvements in facial recognition technology, can create a surveillance infrastructure that the government and big companies can use to track everywhere we go in public places, including who we are with and what we are doing.

      This system will deter law-abiding people from exercising their First Amendment rights in public places. Given continued inaccuracies in facial recognition systems, many people will be falsely identified as dangerous or wanted on warrants, which will subject them to unwanted—and often dangerous—interactions with law enforcement. This system will disparately burden people of color, who suffer a higher “false positive” rate due to additional flaws in these emerging systems.

      In short, police should not be using facial recognition technology at all. Nor should businesses that wire their surveillance cameras into police spying networks.

  • Civil Rights/Policing

    • President Trump, Stop and Frisk Is Both Unconstitutional and Ineffective
      Whether in Chicago, New York, or any city, indiscriminate stop and frisk is riddled with racial disparities and is unconstitutional.

      On Monday, President Trump gave a speech to the nation’s police chiefs. Like so many of his “law and order” speeches, it was fueled by bravado and falsehoods.

      In the speech, Trump defended stop-and-frisk policies that have been ruled unconstitutional and rejected by communities in numerous cities. He also urged the city of Chicago to “try to change the terrible deal the city of Chicago entered into with ACLU” on tracking the use of stop and frisk. Trump railed against “efforts from politicians to shackle local police departments” by limiting their cooperation with ICE, and he touted his record of providing surplus military equipment to local police departments.

    • George Soros Hired Me As A Paid Protester, But I’m Still Waiting For My Money
      More than a year and a half ago, I demanded that George Soros pay me the money I was owed for fomenting protests around President Donald Trump’s election. I still have yet to see a single dime for my services as a professional anarchist.

      The sugar daddy of the Democratic Party promised me $2,000/week. I was promised health insurance—not the American kind but a plan imported from Scandinavia. I was even told I would get a retirement account as well as a sizable bonus at the end of 2017. Quickly, I realized this was one massive con job.

      But I am afraid I must admit the conservative media and the hetero Nazis who spread so much propaganda are correct. Soros and his vast network spent the past couple of years pioneering a jobs program for left-wing activists to topple Trump.

      The problem is Papa Soros, as his grassroots army call him, only pays ten percent of the people employed. He believes he only needs to pay a small faction. Angry liberals will cycle in and out rapidly, and he can dispose of them like he disposed of me.

      I keep moving from hostel to hostel hoping I’ll get the money I was promised. One staff member even claimed I was never employed, which is a bald faced fucking lie since I signed a non-disclosure agreement!

      I’m going to remain a thorn in his side. Following Brett Kavanaugh’s confirmation to the Supreme Court, conservative media is foaming at the mouth for reporting on paid protesters.

      Antifa comrades on the inside tell me the courtiers working for Soros, who still let him believe he can have global domination, developed a policy to scrap all salaries and go to a freelance model. This will make it harder to uncover who is and is not a paid protester.

    • Protest Song Of The Week: ‘In Your Face’ By Cat Power

      Lack of empathy allows these elite individuals to go on not feeling so they never think twice about their actions. And when made to do so, they become red-faced. Having to defend what they do offends them.

      Cat Power’s lush stripped-down rhythm brilliantly interrogates the present. At the same time, it drips with contempt shared by so many citizens, who feel less secure the more it becomes clear that those ruling over them do not care about their well-being.

    • Trump Administration Seeks to Stifle Protests Near White House and on National Mall
      A government proposal mirrors Trump’s hostility to the First Amendment.

      President Trump has a record of attacking the rights of protesters, from suggesting that protest be illegal to praising dictators who crush any kind of dissent.

      Now, the Trump administration proposes to dramatically limit the right to demonstrate near the White House and on the National Mall, including in ways that would violate court orders that have stood for decades. The proposal would close 80 percent of the White House sidewalk, put new limits on spontaneous demonstrations, and open the door to charging fees for protesting.

      Fee requirements could make mass protests like Martin Luther King Jr.’s historic 1963 March on Washington and its “I have a dream” speech too expensive to happen.

      The public has until October 15 to comment on the plans, and on Monday, we submitted our formal written comment explaining why the planned changes are unconstitutional.

      In 1967, in the middle of the Vietnam War, the federal government tried to impose severe limits on protests near the White House. The ACLU of the District of Columbia sued, and after years of litigation, the courts rebuffed the government’s effort and reminded the National Park Service, which administers these areas, that Lafayette Park is not Yellowstone and that the White House area and the National Mall “constitute a unique [site] for the exercise of First Amendment rights.” Under court orders, the park service issued regulations allowing large demonstrations, guaranteeing quick action on applications for permits, and accommodating spontaneous protests as much as possible.

    • ‘With Kavanaugh on the Court, Checking and Balancing Is Not Going to Happen’
      Donald Trump’s public mockery of Christine Blasey Ford, the woman who testified she was assaulted by Supreme Court nominee Brett Kavanaugh, was an acutely despicable spectacle in an administration that is no shirker when it comes to despicable spectacle. But the Kavanaugh hearings, the FBI “investigation” into allegations against him, the whole process, seemed to indicate more serious failures than Trump’s vindictive creepiness. What is going on here, and what might it mean for the Supreme Court going forward?

      Marjorie Cohn is professor emerita at Thomas Jefferson School of Law, former president of the National Lawyers Guild, and deputy secretary general of the International Association of Democratic Lawyers. She joins us now by phone from San Diego. Welcome back to CounterSpin, Marjorie Cohn.

    • Government Moves To Seize All Backpage Assets Prior To Securing Convictions
      The DOJ rounded up the cast and crew from Backpage and threw a 93-count indictment at them. It did this prior to FOSTA's passage -- legislation portrayed as the only way the government could take sites like Backpage down. History is being rewritten to give FOSTA the credit for the Backpage takedown, but the truth is the government didn't need the legislation to target the site. Of course, for all the talk of sex trafficking, sex trafficking is not among the 93 charges the government brought against the site's personnel.

      Now that it has Backpage execs facing criminal charges, the government is doing what it can to make sure they can't mount a solid defense. The government is coming after their money via civil asset forfeiture, hoping to lock up their property even if it can't lock up the Backpage site runners.

      The complaint [PDF] -- titled "United States of America v. Various Internet Domain Names" -- claims everything the site's personnel owned was obtained through illegal activity, even if it's likely at least some of the assets are completely unrelated to Backpage's income. It also must be noted these assertions are being made prior to anything being proven in the DOJ's prosecution, but will receive far less scrutiny from the judge making the determination on the ultimate ownership of the property.

      The complaint also contains a large amount of "surrendered" property, which was apparently handed over voluntarily after the arrest of Backpage execs. This list includes internet detritus such as domain names and bitcoin. There are millions of dollars at stake, scattered across multiple banks located around the world. The DOJ is busy consolidating its purloined fortune in advance of convictions.

      This is a bullshit, but completely legal, tactic. In addition to depriving the accused of the finances needed to secure solid legal representation, it also forces them to fight a legal battle on two fronts. The money the defendants no longer have access to won't help them find top lawyers willing to take on the government in both criminal and civil actions.

  • Internet Policy/Net Neutrality

    • Why we need the distributed web
      The distributed web seeks to make peer-to-peer content distribution the new default. This should help make the web topology more democratic and resilient to nature and political whims.

      Lately, I’ve been taken in by the concept of the distributed web and the InterPlanetary File System (IPFS) in particular. On the distributed web, every client is also a server that serves copies of everything the client has recently downloaded. If you think this sounds a lot like how peer-to-peer file transfer protocols like BitTorrent works, then you’re absolutely right. It’s the same principle and IPFS shares a lot of the same technology and goals.

      The web has grown increasingly centralized and initiatives like Google’s Accelerated Mobile Pages (AMP) outright seeks to move formerly independent websites onto Google’s own servers. The distributed web seeks to go in the opposite direction and make every client participate in content distribution.

      Content on IPFS is addressed by cryptographic hashes of the content itself. You query the IPFS’ Distributed Hash Table (DHT) network to discover who else claims to have the file you want, connect to them and request the file. Upon arrival your IPFS client can recalculate the cryptographic hash of the file and thus confirm they sent the right file. This ensures the integrity of the files you access and prevents man-in-the-middle (MITM) attackers from modifying the pages you want to access.

    • Broadcasters Eager For Global Signal Protection; Others Warn Of Major Players Sneaking In
      The so-called broadcasting treaty being negotiated at the World Intellectual Property Organization is supported by broadcasters’ organisations in the hope that it will stanch signal piracy. Some voices however, warn about creating a right that might be captured by large internet corporations such as Facebook, Google and Netflix, which can be a stone’s throw away from acquiring radio or television channels to qualify for the protection of the potential treaty. They also challenge the duration and scope of the protection. A seminar gathering stakeholders last week looked at implications of the treaty.

    • California's War On 'Bots' Could Be A Steep Uphill Climb
      While California's new net neutrality law grabbed the lion's share of press headlines, the state last week also passed legislation attempting to fix an equally complicated problem: bots. The rise of bots has played a major role in not only helping companies and politicians covertly advertise products or positions, but they've also played a starring role in Russia's disinformation efforts. That in turn has fueled what's often not-entirely-productive paranoia, as users online accuse those they disagree with of being bots, instead of, say, just genuinely terrible but real human beings.


      That's not to say that "bots" aren't a problem. A disclosure from Twitter back in June noted that the company had "identified and challenged" more than 9.9 million accounts each week last May for being "potentially spammy or automated accounts." Those numbers were up dramatically from the 6.4 million per week in December 2017, and the 3.2 million million per week in September. Initially, fear of hampering ad impression metrics likely hindered many companies' interest in addressing this problem, but the exposure of Russia's online gamesmanship seems to have shifted that thinking dramatically.

      California's efforts on this front were born from genuine annoyance at the problem. State Senator Robert M. Hertzberg, the bill's author, ran into the problem face first when numerous fake Facebook and Twitter accounts began berating him for a bail reform bill he proposed earlier this year. In a report in the New York Times last July, he found himself inundated with bogus attacks by bots, who did everything they could do to scuttle his proposal (note how he didn't clarify how he differentiated between bots or just terrible people).

    • New Verizon Ad Hopes To Make You Forget It Throttled Firefighters For No Reason
      A few weeks back we noted how Verizon found itself in hot water for throttling the cellular connections of California firefighters as they battled one of the state's biggest wildfires on record. There was nothing surprising about the story, which again highlighted how cellular carriers advertise their connections as "unlimited," then impose all manner of arbitrary and confusing restrictions. Quite often, the restrictions are imposed simply to help Verizon make even more money (like when Verizon effectively banned HD video on its network, then hit its "unlimited" users with charges if they wanted the videos to display as the origin source intended).

      In the case of the California firefighters, Verizon repeatedly throttled the connection being used by firefighters mobile command center for seemingly no reason and in violation of Verizon's first responder policies. When the firefighters complained to Verizon, the company's first reaction wasn't to immediately understand the gravity of the situation and fix it -- it was to try to upsell them to a more expensive plan during an emergency. As you might expect, Verizon's friends at the FCC saw absolutely no problem with any of this.

  • Intellectual Monopolies

    • Hold on to your licences – IP exemptions in Australia’s Competition Act set to be repealed

      The Government accepts that the costs and benefits of removing the exemption are “finely balanced”. Of immediate concern is that organisations and individuals are left in a precarious position of knowing that limitations will be placed on their IP rights, with little guidance on the extent of the limitations.

      For example, the EM suggests that a benefit of the repeal would be an increase in licensing and cross-licensing in the pharmaceutical and communications markets. However, the repeal could also have a chilling effect on such activity if it does not pass the tests in Part IV that IP licences will soon be subject to. For example, the Commission’s report noted that “patent thickets” generated by large-scale cross-licensing of innovation patents can inhibit market entry. Rights holders therefore have to operate within a threshold, the parameters of which are currently unclear.

      Proactive guidance from the regulator would be a good first step to overcoming such issues. Indeed recommendation 15.1 stated that the Australian Competition and Consumer Commission (ACCC) should issue guidance on the application of Part IV of the CCA to IP rights. This would greatly assist rights holders and, hopefully, the ACCC takes up this recommendation sooner rather than later.

    • WIPO’s Coordination Committee Seats And The Election For Next Director General
      Developing country members are asking to have more representation in the World Intellectual Property Organization governing bodies, and the issue is taking on increased importance as one of the committees will play a key role in the election of the next WIPO director general in 2020.

    • Do Patent Laws Affect the Location of R&D?
      One of the common complaints about weakening patent protection is that it causes reduced R&D in the country with weakened protection. I've always been skeptical of this claim in the modern era, because one can develop anywhere and import into a location with better protection. As a result, one would expect that patent protection is unrelated to R&D offshoring.


      That said, the article performs a regression on R&D and several variables that might affect R&D like tax rates and human capital density, and finds that costs of defense and damages awards are negatively correlated with R&D, while strength of enforcement is positively correlated. This is all reasonable enough, but I'm concerned that the empirical model is incomplete. Though the word "cost" appears dozens of times in the article, not once is it mentioned with respect to the cost of R&D. Might the reason R&D gets offshored be that it's cheaper? And could cheaper R&D also correlate with lower enforcement of IP? My guess is yes, based on the studies I've read over the years. I would have liked to have seen some analysis and discussion of this point.

      While I think this is an interesting paper, I think that the model is underdeveloped in two ways. The first is the focus on costs in only half of the equation. The second is the neglect of trade secret enforcement. Unlike patent law, trade secret laws can affect R&D in the country in which the R&D takes place because the developer can lose value without ever selling into that country. Studies by Lippoldt and Schultz and also by Png demonstrate this pretty well.

    • Copyrights

      • Congratulations to the Graduates of our July 2018 Certificate Courses!
        From July 16-September 23, Creative Commons hosted two Educator Certificate courses and two Librarian Certificate Courses. Participants from Bangladesh, Canada, China, Great Britain, Netherlands, Romania, Sweden, and the US engaged in rigorous readings, assignments, discussions and quizzes. See examples of the assignments that participants participants’ assignments they’ve publicly shared under CC licenses. With the course now complete, we are thrilled to announce 83 new graduates.

      • Sky Will Implement “Three Strikes” Scheme to Disconnect Pirates

        Sony Music, Warner Music, Universal Music, and ISP Sky Ireland will implement a "three-strikes" anti-piracy scheme. Sky subscribers who are caught pirating music online will now receive two warnings but on the third, their details will be handed to the labels. The music companies will then be able to take legal action to have infringers disconnected.

      • Share With Care: Danish ISP Blocks Point ‘Pirates’ to Legal Alternatives

        In Denmark, prominent Internet providers are blocking access to hundreds of pirate sites. With an updated blocking page that launched today, ISPs, rightsholders, and the authorities hope to convert more pirates to legal consumers. The "Share With Care" campaign now adds a dedicated film search engine, pointing visitors to legal sources.

Recent Techrights' Posts

On Wednesday IBM Announces 'Results' (Partial; Bad Parts Offloaded Later) and Red Hat Has Layoffs Anniversary
There's still expectation that Red Hat will make more staff cuts
[Video] Inauthentic Sites and Our Upcoming Publications
In the future, at least in the short term, we'll continue to highlight Debian issues
List of Debian Suicides & Accidents
Reprinted with permission from
Jens Schmalzing & Debian: rooftop fall, inaccurately described as accident
Reprinted with permission from
[Teaser] EPO Leaks About EPO Leaks
Yo dawg!
IBM: We Are No Longer Pro-Nazi (Not Anymore)
Historically, IBM has had a nazi problem
Bad faith: attacking a volunteer at a time of grief, disrespect for the sanctity of human life
Reprinted with permission from Daniel Pocock
Bad faith: how many Debian Developers really committed suicide?
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, April 21, 2024
IRC logs for Sunday, April 21, 2024
A History of Frivolous Filings and Heavy Drug Use
So the militant was psychotic due to copious amounts of marijuana
Bad faith: suicide, stigma and tarnishing
Reprinted with permission from Daniel Pocock
UDRP Legitimate interests: EU whistleblower directive, workplace health & safety concerns
Reprinted with permission from Daniel Pocock
Links 21/04/2024: Earth Day Coming, Day of Rest, Excess Deaths Hidden by Manipulation
Links for the day
Bad faith: no communication before opening WIPO UDRP case
Reprinted with permission from Daniel Pocock
Bad faith: real origins of harassment and evidence
Reprinted with permission from Daniel Pocock
Links 21/04/2024: Censorship Abundant, More Decisions to Quit Social Control Media
Links for the day
Bad faith: Debian Community domain used for harassment after WIPO seizure
Reprinted with permission from Daniel Pocock
If Red Hat/IBM Was a Restaurant...
Two hours ago in
Why We Republish Articles From Debian Disguised.Work (Formerly Debian.Community)
articles at aren't easy to find
Google: We Run and Fund Diversity Programs, Please Ignore How Our Own Staff Behaves
censorship is done by the recipients of the grants
Paul Tagliamonte & Debian Outreachy OPW dating
Reprinted with permission from
Disguised.Work unmasked, Debian-private fresh leaks
Reprinted with permission from
[Meme] Fake European Patents Helped Fund the War on Ukraine
The European Patent Office (EPO) does not serve the interests of Europe
European Patent Office (EPO) Has Serious Safety Issues, This New Report Highlights Some of Them
9-page document that was released to staff a couple of days ago
IRC Proceedings: Saturday, April 20, 2024
IRC logs for Saturday, April 20, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Microsoft-Run FUD Machine Wants Nobody to Pay Attention to Microsoft Getting Cracked All the Time
Fear, Uncertainty, Doubt (FUD) is the business model of "modern" media
Torvalds Fed Up With "AI" Passing Fad, Calls It "Autocorrect on Steroids."
and Microsoft pretends that it is speaking for Linux
Gemini Links 21/04/2024: Minecraft Ruined
Links for the day
Links 20/04/2024: Apple is Censoring China’s App Store for the Communist Party of China
Links for the day
Links 20/04/2024: Accessibility in Gemini and Focus Time
Links for the day
Congratulations to Debian Project Leader (DPL) Andreas Tille
It would not be insincere to say that Debian has issues and those issues need to be tackled, eventually
20 April: Hitler's Birthday, Debian Project Leader Election Results
Reprinted with permission from Daniel Pocock
September 11: Axel Beckert (ETH Zurich) attacks American freedoms
Reprinted with permission from Daniel Pocock
20,000 victims of unauthorized Swiss legal insurance scheme
Reprinted with permission from Daniel Pocock
Matthew Garrett, Cambridge & Debian: female colleague was afraid
Reprinted with permission from
David Graeber, village wives & Debian Outreachy internships
Reprinted with permission from
Neil McGovern & Ruby Central part ways
Reprinted with permission from
Links 20/04/2024: Chinese Diplomacy and 'Dangerous New Course on BGP Security'
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, April 19, 2024
IRC logs for Friday, April 19, 2024
The Latest Wave of Microsoft Crime, Bribes, and Fraud
Microsoft is still an evil, highly corrupt company