Bonum Certa Men Certa

Links 19/12/2018: VirtualBox 6.0, RawTherapee 5.5, Mir 1.1.0, LibreOffice 6.1.4 Released





GNOME bluefish

Contents





GNU/Linux



Free Software/Open Source



  • Events



    • Event Report: g0v Summit 2018 — Taipei
      Gov zero summit is a decentralized, grass-roots civic tech community based in Taiwan. Built on the spirits of open source and activism, g0v aims to use technology in the interest of the public good, advocate information transparency and build tech solutions to promote civic engagement. I was lucky my talk got selected and got an opportunity to speak at the event.




  • Web Browsers



    • Mozilla



      • BBN challenge resolution: Getting the flag from a browser extension
        My so far last BugBountyNotes challenge is called Can you get the flag from this browser extension?. Unlike the previous one, this isn’t about exploiting logical errors but the more straightforward Remote Code Execution. The goal is running your code in the context of the extension’s background page in order to extract the flag variable stored there.

        If you haven’t looked at this challenge yet, feel free to stop reading at this point and go try it out. Mind you, this one is hard and only two people managed to solve it so far. Note also that I won’t look at any answers submitted at this point any more. Of course, you can also participate in any of the ongoing challenges as well.




  • LibreOffice



    • LibreOffice 6.1.4 Office Suite Released with More Than 125 Bug Fixes, Update Now
      LibreOffice 6.1.4 comes one and a half months after version 6.1.3 with yet another layer of bug fixes across all the components of the office suite, including Writer, Calc, Draw, Impress, Base, and Math. However, it remains the choice of bleeding-edge users and early adopters until the LibreOffice 6.1 series matures enough to be offered to enterprises. A total of 126 changes are included, as detailed here and here.



    • LibreOffice 6.1.4 announced
      The Document Foundation announces LibreOffice 6.1.4, the 4th minor release of the LibreOffice 6.1 family, targeted at tech savvy individuals: early adopters, technology enthusiasts and power users.




  • Openness/Sharing/Collaboration



    • Open Hardware/Modding



      • MIPS Processor ISA To Be Open-Sourced In 2019
        Months after MIPS Technologies was acquired by Wave Computing, the company announced it's working on open-sourcing the MIPS processor instruction set architecture.

        The MIPS ISA will be open-sourced with both the 32-bit and 64-bit versions opening up and will be free of any licensing or royalty fees as well as access to existing MIPS patents.






  • Programming/Development





Leftovers



  • Security



    • How Shopify Avoided a Data Breach, Thanks to a Bug Bounty
      At KubeCon + CloudNativeCon NA 2018, Shopify and Google detail a Kubernetes security incident reported by a bug bounty security researcher that was quickly remediated before any harm was done.



    • Logitech Options App Plagued By PID Exploit, Security Vulnerability Fixed With New Update
      Logitech Options is an app that controls all of Logitech’s mice and keyboards. It offers several different configurations like Changing function key shortcuts, Customizing mouse buttons, Adjusting point and scroll behavior and etc. This app contained a huge security flaw that was discovered by Tavis Ormandy who is a Google security researcher. It was found that Logitech Options was opening a WebSocket server on each individual computer Logitech Options was run on. This WebSocket server would open on port 10134 on which any website could connect and send several various commands which would be JSON-encoded.



    • pwnedkeys: who has the keys to *your* kingdom?
      I am extremely pleased to announce the public release of pwnedkeys.com – a database of compromised asymmetric encryption keys. I hope this will become the go-to resource for anyone interested in avoiding the re-use of known-insecure keys. If you have a need, or a desire, to check whether a key you’re using, or being asked to accept, is potentially in the hands of an adversary, I would encourage you to take a look.



    • “123456” Tops The List Of Worst Passwords For 5th Consecutive Year




  • Defence/Aggression



    • Peoples Vote in Danger of Becoming War Criminal Rehabilitation
      Regular readers know I have largely steered clear of discussing Brexit for the three years its possibility then prospect has dominated the UK political agenda. I used to be enthusiastically pro-EU, as part of my general outlook of supporting international law and organisations. I was however shocked, deeply, by the enthusiastic support of all three institutional strands – council, commission and parliament – for the appalling Francoist paramilitary violence in Catalonia, and decided that the EU is no longer an institution I can support.

      The increasingly illiberal developments of the EU’s Third Pillar – including the abuse of arrest warrant procedure against Julian Assange and the internationalising of “Prevent” style Islamophobia – had already increasingly been worrying me. My reservations about the EU are therefore different to those of many. I particularly bemoan the loss of Freedom of Movement which I believe to have been one of the greatest achievements of civilisation in my lifetime. I remain incensed at the success of the elite in conning the deprived that their poverty is caused by immigrants, whereas it is caused by massive inequality of wealth.

      So I am conflicted on Brexit, but on balance would prefer to leave but stay part of the single market, thus retaining freedom of movement. My personal preferences aside, there is plainly a huge majority against leaving the EU in Scotland, so for Scotland to leave the EU at all at present would be wrong. It is my profound hope that the SNP will find the courage shortly to move on towards Independence.



    • No One’s Asking the Right Questions About Police Drones
      Police drones are expanding, but are the media asking questions?

      The NYPD, the nation’s largest police force, announced this week that they had purchased over a dozen flying robots to fly over Gotham, while promising that the new technology wouldn’t be used for any of the illegal spying shenanigans the police department has been caught up in time and time again. The announcement, however, was awkwardly timed, as the police department had already purchased drones—last December.

      Instead of asking the kinds of questions one might expect for a scandal-plagued agency obtaining expansive new surveillance powers—Why did you wait a year to announce the move? Was the public consulted? Are there oversight mechanisms to guard against misuse?—most media outlets questioned nothing, quoted generously from police officials and (at best) sprinkled in few concerns from legal organizations.


    • He Said He’d Be Murdered If Deported. He Was.
      Nearly a year after a judge rejected Santos Chirino’s case for asylum, his 18-year-old daughter and 19-year-old son returned to the very same courtroom to plead their own.

      “Your honor, this is a difficult case,” their father’s lawyer, Benjamin Osorio, told Judge John Bryant. “I represented their father, Santos Chirino Cruz. … I lost the case in this courtroom. … He was murdered in April.”

      As Maria Sacchetti described for The Washington Post, “Osorio paused, and the judge blanched and stammered.”

      “You said their father’s case — did I understand I heard [it]?” Bryant asked, eyes wide.

      “No,” Osorio said. “In this court. Not before your honor.”

      “Well good, because — all right, my blood pressure can go down now,” Bryant said. “Yeah. I mean. Okay.”




  • Transparency/Investigative Reporting



    • Everyone hates Julian Assange, except for when you used to love him
      It’s not hard to find people in Washington with strong opinions about Wikileaks and its founder, Julian Assange. But good luck finding someone with an opinion about Assange that hasn’t flipped 180 degrees (and maybe back again) over the past ten years. Assange has managed the rare feat of becoming a pariah to both the left and the right, politicians and the press, “the masses” and their elected leaders. Foreign and domestic, coastal and “flyover,” red and blue—everyone seems to hate Assange (except for that time when they used to love him). As a result, Assange has become a poster boy for the importance of First Amendment protections. At its core, the First Amendment is an expression of “anti-majoritarian” rights—it is meant to protect social pariahs from persecution by political majorities. Popular people and popular ideas generally don’t need constitutional protection. Haters and lunatics and radicals? Their speech needs protection for the very reason that strong majorities reject it—it is so far outside the norm that ordinary politics will almost certainly persecute it.


    • Roger Stone says he pushed false statements on Infowars


    • Twenty-One Thoughts On The Persecution Of Julian Assange
      1. I write a lot about the plight of Julian Assange for the same reason I write a lot about the Iraq invasion: his persecution, when sincerely examined, exposes undeniable proof that we are ruled by a transnational power establishment which is immoral and dishonest to its core.

      2. Assange started a leak outlet on the premise that corrupt and unaccountable power is a problem in our world, and that the problem can be fought with the light of truth. Corrupt and unaccountable power has responded by detaining, silencing and smearing him. The persecution of Assange has proved his thesis about the world absolutely correct.

      3. Anyone who offends the US-centralized empire will find themselves subject to a trial by media, and the media are owned by the same plutocratic class which owns the empire. To believe what mass media news outlets tell you about those who stand up to imperial power is to ignore reality.

      4. Corrupt and unaccountable power uses its political and media influence to smear Assange because, as far as the interests of corrupt and unaccountable power are concerned, killing his reputation is as good as killing him. If everyone can be paced into viewing him with hatred and revulsion, they’ll be far less likely to take WikiLeaks publications seriously, and they’ll be far more likely to consent to Assange’s silencing and imprisonment. Someone can be speaking 100 percent truth to you, but if you’re suspicious of him you won’t believe anything he’s saying. If they can manufacture that suspicion with total or near-total credence, then as far as our rulers are concerned it’s as good as putting a bullet in his head.




  • Privacy/Surveillance



    • PSA: Fake App Store Receipts Are Tricking People Into Providing All Their Personal Details
      A fascinating new phishing attempt it making the rounds disguising itself as a receipt from the App Store, tricking unsuspecting users into coughing up all of their personal details. Here’s what you need to know and how to stay safe.



    • At The CIA, A Fix To Communications System That Left Trail Of Dead Agents Remains Elusive
      Between around 2009 and 2013, the CIA’s online method of communicating with its human sources on the ground all over the world was tragically compromised — leading to the exfiltration, imprisonment or death of dozens of people spying for the agency, according to a November investigation by Yahoo News.

      The failure started when Iranian officials used a double agent to trace back a series of websites the CIA was using to communicate with its sources. Iran then located, detained and in some instances executed CIA sources it identified using this system. The problem then spread to China, where roughly 30 CIA sources were eventually executed. Once Iran and China were able to locate users of these covert CIA platforms in their own countries, sources told Yahoo News, they were very likely able to discover a large number of CIA sources using similar systems worldwide.

      But the fallout from that disaster, including internal battles at the CIA and struggles to replace and fix a complex web of interlocking technical systems, continues to rage on to this day, according to five former intelligence community sources familiar with the matter.




  • Civil Rights/Policing



    • No State Accountability for North Carolina Contractor Who Helped CIA Torture
      On December 9, 2014, the Senate Intelligence Committee released a 500-page executive summary of its 6,000-page report on the history of the CIA’s detention and interrogation program. The report exposed just how brutal and ineffective the torture was, and the lengths to which the CIA went to hide that truth from the public.

      Four years have passed since the report was released—yet only three copies of the full report exist outside Senate Intelligence Committee’s vault, and what is available for public scrutiny is less than 10 percent of the report. The Committee voted only to release a heavily redacted executive summary and, since then, the CIA and its allies in Congress have sought to limit who has access to the report and who can read it in its entirety. The U.S. public, in other words, is still in the dark when it comes to this crucial chapter of its own recent history.

      To be sure, the ACLU has been doing heroic work filing Freedom of Information Act requests. And citizen-led groups—like my own organization, the North Carolina Commission of Inquiry on Torture—work hard to use what’s available in the public record to piece together details on the CIA’s rendition, detention, and interrogation program and inform the public. Nonetheless, the vast majority of what the Senate Intelligence Committee discovered in their investigation remains shielded from public inquiry.



    • CIA created ‘remote controlled dogs’ using brain surgery in secret experiments
      America's Central Intelligence Agency conducted grisly experiments to create 'remote controlled dogs', with electrodes planted in their brains to 'receive orders'.


    • GEORGE H.W. BUSH (1924-2018), AMERICAN WAR CRIMINAL
      THE UNITED STATES is now in the midst of a grotesque canonization of one of its imperial saints, George Herbert Walker Bush. This week on Intercepted: an honest memorial service for an unrepentant warmonger who dedicated his life to militarism, war, coups, regime change, and the lies of “American exceptionalism.” Jeremy Scahill details the crimes of Bush, the sick propaganda of the corporate media memorials, and the trail of blood, death, and tears Bush leaves behind. Independent journalist Arun Gupta covers decades of Bush, from his time at the helm of the CIA to the presidency. Gupta discusses Bush’s support for Manuel Noriega and his eventual invasion of Panama, the pardoning of Iran-Contra criminals, the dirty wars in Central America, the support for Saddam Hussein, and the launch of the Gulf War. Acclaimed Iraqi poet and scholar Sinan Antoon describes his life under the U.S.-backed dictatorship of Saddam, the horrors of the Gulf War, and how Bush’s destruction of Iraqi civilian society led to the rise of ISIS.

    • George H.W. Bush, the CIA and a Case of State-Sponsored Terrorism
      In early fall of 1976, after a Chilean government assassin had killed a Chilean dissident and an American woman with a car bomb in Washington, D.C., George H.W. Bush’s CIA leaked a false report clearing Chile’s military dictatorship and pointing the FBI in the wrong direction.

      The bogus CIA assessment, spread through Newsweek magazine and other U.S. media outlets, was planted despite CIA’s now admitted awareness at the time that Chile was participating in Operation Condor, a cross-border campaign targeting political dissidents, and the CIA’s own suspicions that the Chilean junta was behind the terrorist bombing in Washington.

      In a 21-page report to Congress on Sept. 18, 2000, the CIA officially acknowledged for the first time that the mastermind of the terrorist attack, Chilean intelligence chief Manuel Contreras, was a paid asset of the CIA.

      The CIA report was issued almost 24 years to the day after the murders of former Chilean diplomat Orlando Letelier and American co-worker Ronni Moffitt, who died on Sept. 21, 1976, when a remote-controlled bomb ripped apart Letelier’s car as they drove down Massachusetts Avenue, a stately section of Washington known as Embassy Row.



    • CIA used mind control experiments on dogs and humans during the 1960s


    • CIA once secretly implanted mind-control devices in dogs’ brains
      The CIA created remote-controlled dogs by operating on their brains during a bizarre mind-control experiment, according to freshly declassified documents.

      During the top-secret 1963 project, researchers implanted a device inside six canines’ skulls and guided them through an open field, according to documents posted on The Black Vault, a website specializing in declassified government records.


    • Trailer for 'Drugs as Weapons Against Us' Doc About CIA's Experiments
      "Much of it remains classified for 'national security' reasons." Gravitas Ventures has released a trailer for an indie documentary titled Drugs as Weapons Against Us, made by first-time filmmaker John Potash. The full title is actually Drugs as Weapons Against Us: The CIA War on Musicians and Activists, and it's an examination of the CIA's nefarious past when they manipulated musicians & activists to promote drugs for social control, particularly with the Civil Rights and anti-war movements. Some musicians that resisted these manipulations were killed. We've all heard these stories, and while some of it is true, some of it seems like they are drifting into conspiracy theory territory. Based on Potash's book "Drugs as Weapons Against Us", the film looks at evidence that the CIA targeted SDS, Black Panthers, Hendrix, Lennon, Cobain, Tupac, and other leftists. The footage in this trailer isn't that impressive, I wish it looked better than it does.





  • Intellectual Monopolies



    • Patent case: Sprint Communications Co., L.P. v. Time Warner Cable, Inc., USA
      The U.S. Court of Appeals for the Federal Circuit has affirmed a $139.8 million jury verdict in favor of Sprint Communications against Time Warner for infringement of five Sprint patents related to VoIP technology. The appeals court concluded that the district properly admitted evidence relating to the jury verdict in an earlier, related case brought by Sprint against Vonage, another carrier offering VoIP service.








Recent Techrights' Posts

Apple is the Company of Dictators and Worse
Apple is just another greedy corporation in search of sweatshops and even pedophiles (especially the high-profile ones)
Counting Unhatched Eggs Is Not Counting Chickens
Everything here will persist as normal
The "Infinite Bread"
The biblical story of Jesus feeding the 5,000 has software parallels
In Many Cases and in Many Different Ways, Technology Became Less Durable and Less Reliable Over Time
The "modern" things are more complex. And complexity is a foe or reliability and repair-ability.
Microsoft's LinkedIn is Losing Money, Traffic, and Hope; Now It Wants to Sell Its Users' Lifeblood (and Data)
Let this be a reminder of what social control media really is about
Microsoft Lunduke: Freedom of Speech Means Spreading What I Have to Say and Banning People I Disagree With
4Chan is one he aims for and he is siccing 4Chan trolls at people he doesn't like
Richard Stallman Back at the "Rudolf-Diesel" Hörsal "MW 2001" in About 40 Hours
He spoke there before; there's a very high seating capacity there
 
Richard Stallman to Give Another Talk Today in Bavaria (Bavarian Academy of Science)
Tomorrow at 6 PM he speaks in Munich
Barry Kauler Explains That Puppy Linux and EasyOS Exclude Systemd to Keep Things Simple
Barry Kauler's Puppy Linux is in the community's hands. He now focuses on EasyOS and more.
Half a Year After Brian Fagioli Got Kicked Out of BetaNews for Slop He's Still Doing LLM Slop and Slop Images Targeting 'Linux' (Plagiarising Original Works)
If the Web gets polluted or flooded by slopfarms such as these, and Slashdot then sends traffic so these slopfarms (Slashdot probably doesn't do this intentionally), then real writers with real knowledge of GNU/Linux will lose the spark for publishing
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 19, 2025
IRC logs for Sunday, October 19, 2025
Campaign of FUD Against Framework Laptops and GNU/Linux (Using Microsoft's Attack on Linux, 'Secure Boot')
Ritual Defamation Cult has turned its attention over to Framework
Liberation From 'The Feed'
They rank things based on the editor's choice/ideology (he or she knows the sponsors, hence the masters)
Microsoft's Killing of Vista 10 Seems to Have Resulted in More Articles About GNU/Linux (But Also FUD)
We not only saw a rise in traffic, we also saw a remarkable rise in the number of articles
Today (a Day Before Richard Stallman Talk at TUM) There's a Patent Propaganda Event at TUM
Perhaps an opportunity for Dr. Stallman to rebut this "invention to patent" nonsense/fantasy (conflating monopolies with innovation)
OpenSource or "Open Source" as a Brand is Dying, Let's Get Back to Talking About Software Freedom
Those of us who actually want to reform the industry and put users in control of their systems/devices will recognise that "Open Source" was selling a lie or got-co-opted by liars
19 Years in Numbers: Techrights' Anniversary Countdown and Retrospective
In 2019 we began improving our workflows and, accordingly/predictably, we became a lot more productive
Slop Turns People Off (LLMs Lack Intelligence, They're Just Plagiarism Powerhouses That Fail to Deliver Any Real, Measurable Value)
"More" (or "MOAR") isn't always better
IBM Red Hat Has Re-calibrated or Adjusted to Bubble Economics, False Promises, and Slop/Plagiarism
This won't end well
Fake Numbers, Fake Claims, Fake Economy, and Media Grifters That Prop Up Fraud
Grifters like The Register MS won't be looked upon kindly after the bubble implodes
For Some, the GNU Web Site is Not Accessible This Week
They seem to have gone into some kind of lock-down mode
Symptoms of Upcoming Microsoft Layoffs in XBox
A crashing franchise
Psychiatrist confession: Germanwings crash & Debian toxic culture recognized before suicides
Reprinted with permission from Daniel Pocock
Gemini Links 19/10/2025: Scentjacking 101, Slop Hype Boosters, and Steam Next Fest
Links for the day
Slopwatch: The Serial Slopper, LinuxSecurity, and Google News
Let's hope slopfarms die as soon as possible
Links 19/10/2025: Cambodia Scam Centres, Slop Hurting Wikipedia Traffic
Links for the day
As Economies Crumble Free as in Beer Will Matter, Not Just Free as in Freedom/Libre (Libertad)
French regions choosing to embrace Software Freedom
25 Years Ago, an Explanation of How Reducing Free Software to 'Apps' Would Interfere With Freedom Goals
there's nothing unreasonable about it
A List of 63 Known Gemini Clients (Software to Browse Geminispace Content With Gemini Protocol)
Not counting browser plugins for Web browsers
Gemini Links 19/10/2025: "Firma Odin Is Transforming" and Bot Attacks While "AFK"
Links for the day
US Government: 6.1% of Site Visitors Use GNU/Linux
GNU/Linux has a considerable share and it is growing
LLM Slop Could Not Rise to Prominence Without Media Complicity and Artificial Hype
Inane garbage disguised as "journalism"
Why the FSF No Longer Recommends Debian, as Explained by Richard Stallman This Month
some weeks ago
All the Latest Half Dozen Articles by Mehedi Hasan (UbuntuPIT) Only Admit at the End That He's Using LLM Slop
Disclosure is OK, but the practice of using slop is not
The 'Modern' Web of Fake Security and Easy Censorship of Whole Domains
Each year it gets worse
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, October 18, 2025
IRC logs for Saturday, October 18, 2025
The Term "AI" is Not New and What Today's Media Calls "AI" Isn't Even AI
Only the hype was new... and totally artificial
Gemini Links 18/10/2025: "Planetary Rings", Steam, and PSU Replacement
Links for the day
Defeating LLM Abuse (State-of-the-Art Plagiarism) in the Area of Linux and GNU, Free Software, BSD, Security and So On
The aim is to get them to stop using LLMs to rip off other people's work
Links 18/10/2025: Russell Vought in Charge, US Government Leans to Russia Again
Links for the day
Credit Where It's Due: LinuxConfig.org Quit Doing LLM Slop, Back to Original and Real Articles
We waited for a while to say this, now it seems conclusive
Of Note: UbuntuPIT Aware of Critics of Slop, Adds Disclosure of Use of LLMs
We appreciate the honesty
Links 18/10/2025: Madagascar's President Flees and ICE Arrests Protest Comedian Robby Roadsteamer
Links for the day
Richard Stallman Near the European Patent Office (EPO) in 3 Days From Now
It'll be a good opportunity for patent examiners to listen, ask questions, and maybe greet him in person
From Scholar to Booster of Slop (and Even Slop in His Own Blog)
We're going to keep an eye on future posts of his
End of Vista 10 Also Good News for the BSDs
There are many news sites that recommend trying GNU/Linux this month
What's Wrong With Liking Parrots or Birds as Pets?
They'd demonise people for speaking about freedom, no matter what they say or do
Digital Sanitation Good Practices
leave behind Microsoftism
10 Days Ago Richard Stallman Gave a Long Interview in French (linuxfr.org)
English translation
Science, Not Fast Food/Junk Food
The commercial exploitation of users won't stop until users exercise full control over their software or - more broadly - their computing (including data)
The Free Software Foundation, Which Has Appointed a 43-Year-Old President, is Looking to Add Another Board Member (or Treasurer)
expect the FSF to add more people
Richard Stallman Confirms Next Week's Talk at Technical University of Munich, We Urge EPO Staff to Attend
That's probably late enough for EPO staff to attend after work
Gemini Links 18/10/2025: Notifications and Geminaut
Links for the day
Many Red Hat People Are Leaving, But It'll Be Framed Publicly as Leaving IBM
Similarly, IBM layoffs (or "RAs" as they're called) include Red Hat layoffs
Expect More Waves of Microsoft Layoffs This Month (at Least Two Rounds Confirmed Already)
From what we can gather, assuming the recent rumours about XBox are true, there will be at least 3 waves of Microsoft layoffs this month alone
Security Issues in Cisco and Jenkins Passed Off as "Linux" Problems
Fear, Uncertainty, Doubt (FUD) tactics
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 17, 2025
IRC logs for Friday, October 17, 2025