Bonum Certa Men Certa

Links 19/12/2018: VirtualBox 6.0, RawTherapee 5.5, Mir 1.1.0, LibreOffice 6.1.4 Released





GNOME bluefish

Contents





GNU/Linux



Free Software/Open Source



  • Events



    • Event Report: g0v Summit 2018 — Taipei
      Gov zero summit is a decentralized, grass-roots civic tech community based in Taiwan. Built on the spirits of open source and activism, g0v aims to use technology in the interest of the public good, advocate information transparency and build tech solutions to promote civic engagement. I was lucky my talk got selected and got an opportunity to speak at the event.




  • Web Browsers



    • Mozilla



      • BBN challenge resolution: Getting the flag from a browser extension
        My so far last BugBountyNotes challenge is called Can you get the flag from this browser extension?. Unlike the previous one, this isn’t about exploiting logical errors but the more straightforward Remote Code Execution. The goal is running your code in the context of the extension’s background page in order to extract the flag variable stored there.

        If you haven’t looked at this challenge yet, feel free to stop reading at this point and go try it out. Mind you, this one is hard and only two people managed to solve it so far. Note also that I won’t look at any answers submitted at this point any more. Of course, you can also participate in any of the ongoing challenges as well.




  • LibreOffice



    • LibreOffice 6.1.4 Office Suite Released with More Than 125 Bug Fixes, Update Now
      LibreOffice 6.1.4 comes one and a half months after version 6.1.3 with yet another layer of bug fixes across all the components of the office suite, including Writer, Calc, Draw, Impress, Base, and Math. However, it remains the choice of bleeding-edge users and early adopters until the LibreOffice 6.1 series matures enough to be offered to enterprises. A total of 126 changes are included, as detailed here and here.



    • LibreOffice 6.1.4 announced
      The Document Foundation announces LibreOffice 6.1.4, the 4th minor release of the LibreOffice 6.1 family, targeted at tech savvy individuals: early adopters, technology enthusiasts and power users.




  • Openness/Sharing/Collaboration



    • Open Hardware/Modding



      • MIPS Processor ISA To Be Open-Sourced In 2019
        Months after MIPS Technologies was acquired by Wave Computing, the company announced it's working on open-sourcing the MIPS processor instruction set architecture.

        The MIPS ISA will be open-sourced with both the 32-bit and 64-bit versions opening up and will be free of any licensing or royalty fees as well as access to existing MIPS patents.






  • Programming/Development





Leftovers



  • Security



    • How Shopify Avoided a Data Breach, Thanks to a Bug Bounty
      At KubeCon + CloudNativeCon NA 2018, Shopify and Google detail a Kubernetes security incident reported by a bug bounty security researcher that was quickly remediated before any harm was done.



    • Logitech Options App Plagued By PID Exploit, Security Vulnerability Fixed With New Update
      Logitech Options is an app that controls all of Logitech’s mice and keyboards. It offers several different configurations like Changing function key shortcuts, Customizing mouse buttons, Adjusting point and scroll behavior and etc. This app contained a huge security flaw that was discovered by Tavis Ormandy who is a Google security researcher. It was found that Logitech Options was opening a WebSocket server on each individual computer Logitech Options was run on. This WebSocket server would open on port 10134 on which any website could connect and send several various commands which would be JSON-encoded.



    • pwnedkeys: who has the keys to *your* kingdom?
      I am extremely pleased to announce the public release of pwnedkeys.com – a database of compromised asymmetric encryption keys. I hope this will become the go-to resource for anyone interested in avoiding the re-use of known-insecure keys. If you have a need, or a desire, to check whether a key you’re using, or being asked to accept, is potentially in the hands of an adversary, I would encourage you to take a look.



    • “123456” Tops The List Of Worst Passwords For 5th Consecutive Year




  • Defence/Aggression



    • Peoples Vote in Danger of Becoming War Criminal Rehabilitation
      Regular readers know I have largely steered clear of discussing Brexit for the three years its possibility then prospect has dominated the UK political agenda. I used to be enthusiastically pro-EU, as part of my general outlook of supporting international law and organisations. I was however shocked, deeply, by the enthusiastic support of all three institutional strands – council, commission and parliament – for the appalling Francoist paramilitary violence in Catalonia, and decided that the EU is no longer an institution I can support.

      The increasingly illiberal developments of the EU’s Third Pillar – including the abuse of arrest warrant procedure against Julian Assange and the internationalising of “Prevent” style Islamophobia – had already increasingly been worrying me. My reservations about the EU are therefore different to those of many. I particularly bemoan the loss of Freedom of Movement which I believe to have been one of the greatest achievements of civilisation in my lifetime. I remain incensed at the success of the elite in conning the deprived that their poverty is caused by immigrants, whereas it is caused by massive inequality of wealth.

      So I am conflicted on Brexit, but on balance would prefer to leave but stay part of the single market, thus retaining freedom of movement. My personal preferences aside, there is plainly a huge majority against leaving the EU in Scotland, so for Scotland to leave the EU at all at present would be wrong. It is my profound hope that the SNP will find the courage shortly to move on towards Independence.



    • No One’s Asking the Right Questions About Police Drones
      Police drones are expanding, but are the media asking questions?

      The NYPD, the nation’s largest police force, announced this week that they had purchased over a dozen flying robots to fly over Gotham, while promising that the new technology wouldn’t be used for any of the illegal spying shenanigans the police department has been caught up in time and time again. The announcement, however, was awkwardly timed, as the police department had already purchased drones—last December.

      Instead of asking the kinds of questions one might expect for a scandal-plagued agency obtaining expansive new surveillance powers—Why did you wait a year to announce the move? Was the public consulted? Are there oversight mechanisms to guard against misuse?—most media outlets questioned nothing, quoted generously from police officials and (at best) sprinkled in few concerns from legal organizations.


    • He Said He’d Be Murdered If Deported. He Was.
      Nearly a year after a judge rejected Santos Chirino’s case for asylum, his 18-year-old daughter and 19-year-old son returned to the very same courtroom to plead their own.

      “Your honor, this is a difficult case,” their father’s lawyer, Benjamin Osorio, told Judge John Bryant. “I represented their father, Santos Chirino Cruz. … I lost the case in this courtroom. … He was murdered in April.”

      As Maria Sacchetti described for The Washington Post, “Osorio paused, and the judge blanched and stammered.”

      “You said their father’s case — did I understand I heard [it]?” Bryant asked, eyes wide.

      “No,” Osorio said. “In this court. Not before your honor.”

      “Well good, because — all right, my blood pressure can go down now,” Bryant said. “Yeah. I mean. Okay.”




  • Transparency/Investigative Reporting



    • Everyone hates Julian Assange, except for when you used to love him
      It’s not hard to find people in Washington with strong opinions about Wikileaks and its founder, Julian Assange. But good luck finding someone with an opinion about Assange that hasn’t flipped 180 degrees (and maybe back again) over the past ten years. Assange has managed the rare feat of becoming a pariah to both the left and the right, politicians and the press, “the masses” and their elected leaders. Foreign and domestic, coastal and “flyover,” red and blue—everyone seems to hate Assange (except for that time when they used to love him). As a result, Assange has become a poster boy for the importance of First Amendment protections. At its core, the First Amendment is an expression of “anti-majoritarian” rights—it is meant to protect social pariahs from persecution by political majorities. Popular people and popular ideas generally don’t need constitutional protection. Haters and lunatics and radicals? Their speech needs protection for the very reason that strong majorities reject it—it is so far outside the norm that ordinary politics will almost certainly persecute it.


    • Roger Stone says he pushed false statements on Infowars


    • Twenty-One Thoughts On The Persecution Of Julian Assange
      1. I write a lot about the plight of Julian Assange for the same reason I write a lot about the Iraq invasion: his persecution, when sincerely examined, exposes undeniable proof that we are ruled by a transnational power establishment which is immoral and dishonest to its core.

      2. Assange started a leak outlet on the premise that corrupt and unaccountable power is a problem in our world, and that the problem can be fought with the light of truth. Corrupt and unaccountable power has responded by detaining, silencing and smearing him. The persecution of Assange has proved his thesis about the world absolutely correct.

      3. Anyone who offends the US-centralized empire will find themselves subject to a trial by media, and the media are owned by the same plutocratic class which owns the empire. To believe what mass media news outlets tell you about those who stand up to imperial power is to ignore reality.

      4. Corrupt and unaccountable power uses its political and media influence to smear Assange because, as far as the interests of corrupt and unaccountable power are concerned, killing his reputation is as good as killing him. If everyone can be paced into viewing him with hatred and revulsion, they’ll be far less likely to take WikiLeaks publications seriously, and they’ll be far more likely to consent to Assange’s silencing and imprisonment. Someone can be speaking 100 percent truth to you, but if you’re suspicious of him you won’t believe anything he’s saying. If they can manufacture that suspicion with total or near-total credence, then as far as our rulers are concerned it’s as good as putting a bullet in his head.




  • Privacy/Surveillance



    • PSA: Fake App Store Receipts Are Tricking People Into Providing All Their Personal Details
      A fascinating new phishing attempt it making the rounds disguising itself as a receipt from the App Store, tricking unsuspecting users into coughing up all of their personal details. Here’s what you need to know and how to stay safe.



    • At The CIA, A Fix To Communications System That Left Trail Of Dead Agents Remains Elusive
      Between around 2009 and 2013, the CIA’s online method of communicating with its human sources on the ground all over the world was tragically compromised — leading to the exfiltration, imprisonment or death of dozens of people spying for the agency, according to a November investigation by Yahoo News.

      The failure started when Iranian officials used a double agent to trace back a series of websites the CIA was using to communicate with its sources. Iran then located, detained and in some instances executed CIA sources it identified using this system. The problem then spread to China, where roughly 30 CIA sources were eventually executed. Once Iran and China were able to locate users of these covert CIA platforms in their own countries, sources told Yahoo News, they were very likely able to discover a large number of CIA sources using similar systems worldwide.

      But the fallout from that disaster, including internal battles at the CIA and struggles to replace and fix a complex web of interlocking technical systems, continues to rage on to this day, according to five former intelligence community sources familiar with the matter.




  • Civil Rights/Policing



    • No State Accountability for North Carolina Contractor Who Helped CIA Torture
      On December 9, 2014, the Senate Intelligence Committee released a 500-page executive summary of its 6,000-page report on the history of the CIA’s detention and interrogation program. The report exposed just how brutal and ineffective the torture was, and the lengths to which the CIA went to hide that truth from the public.

      Four years have passed since the report was released—yet only three copies of the full report exist outside Senate Intelligence Committee’s vault, and what is available for public scrutiny is less than 10 percent of the report. The Committee voted only to release a heavily redacted executive summary and, since then, the CIA and its allies in Congress have sought to limit who has access to the report and who can read it in its entirety. The U.S. public, in other words, is still in the dark when it comes to this crucial chapter of its own recent history.

      To be sure, the ACLU has been doing heroic work filing Freedom of Information Act requests. And citizen-led groups—like my own organization, the North Carolina Commission of Inquiry on Torture—work hard to use what’s available in the public record to piece together details on the CIA’s rendition, detention, and interrogation program and inform the public. Nonetheless, the vast majority of what the Senate Intelligence Committee discovered in their investigation remains shielded from public inquiry.



    • CIA created ‘remote controlled dogs’ using brain surgery in secret experiments
      America's Central Intelligence Agency conducted grisly experiments to create 'remote controlled dogs', with electrodes planted in their brains to 'receive orders'.


    • GEORGE H.W. BUSH (1924-2018), AMERICAN WAR CRIMINAL
      THE UNITED STATES is now in the midst of a grotesque canonization of one of its imperial saints, George Herbert Walker Bush. This week on Intercepted: an honest memorial service for an unrepentant warmonger who dedicated his life to militarism, war, coups, regime change, and the lies of “American exceptionalism.” Jeremy Scahill details the crimes of Bush, the sick propaganda of the corporate media memorials, and the trail of blood, death, and tears Bush leaves behind. Independent journalist Arun Gupta covers decades of Bush, from his time at the helm of the CIA to the presidency. Gupta discusses Bush’s support for Manuel Noriega and his eventual invasion of Panama, the pardoning of Iran-Contra criminals, the dirty wars in Central America, the support for Saddam Hussein, and the launch of the Gulf War. Acclaimed Iraqi poet and scholar Sinan Antoon describes his life under the U.S.-backed dictatorship of Saddam, the horrors of the Gulf War, and how Bush’s destruction of Iraqi civilian society led to the rise of ISIS.

    • George H.W. Bush, the CIA and a Case of State-Sponsored Terrorism
      In early fall of 1976, after a Chilean government assassin had killed a Chilean dissident and an American woman with a car bomb in Washington, D.C., George H.W. Bush’s CIA leaked a false report clearing Chile’s military dictatorship and pointing the FBI in the wrong direction.

      The bogus CIA assessment, spread through Newsweek magazine and other U.S. media outlets, was planted despite CIA’s now admitted awareness at the time that Chile was participating in Operation Condor, a cross-border campaign targeting political dissidents, and the CIA’s own suspicions that the Chilean junta was behind the terrorist bombing in Washington.

      In a 21-page report to Congress on Sept. 18, 2000, the CIA officially acknowledged for the first time that the mastermind of the terrorist attack, Chilean intelligence chief Manuel Contreras, was a paid asset of the CIA.

      The CIA report was issued almost 24 years to the day after the murders of former Chilean diplomat Orlando Letelier and American co-worker Ronni Moffitt, who died on Sept. 21, 1976, when a remote-controlled bomb ripped apart Letelier’s car as they drove down Massachusetts Avenue, a stately section of Washington known as Embassy Row.



    • CIA used mind control experiments on dogs and humans during the 1960s


    • CIA once secretly implanted mind-control devices in dogs’ brains
      The CIA created remote-controlled dogs by operating on their brains during a bizarre mind-control experiment, according to freshly declassified documents.

      During the top-secret 1963 project, researchers implanted a device inside six canines’ skulls and guided them through an open field, according to documents posted on The Black Vault, a website specializing in declassified government records.


    • Trailer for 'Drugs as Weapons Against Us' Doc About CIA's Experiments
      "Much of it remains classified for 'national security' reasons." Gravitas Ventures has released a trailer for an indie documentary titled Drugs as Weapons Against Us, made by first-time filmmaker John Potash. The full title is actually Drugs as Weapons Against Us: The CIA War on Musicians and Activists, and it's an examination of the CIA's nefarious past when they manipulated musicians & activists to promote drugs for social control, particularly with the Civil Rights and anti-war movements. Some musicians that resisted these manipulations were killed. We've all heard these stories, and while some of it is true, some of it seems like they are drifting into conspiracy theory territory. Based on Potash's book "Drugs as Weapons Against Us", the film looks at evidence that the CIA targeted SDS, Black Panthers, Hendrix, Lennon, Cobain, Tupac, and other leftists. The footage in this trailer isn't that impressive, I wish it looked better than it does.





  • Intellectual Monopolies



    • Patent case: Sprint Communications Co., L.P. v. Time Warner Cable, Inc., USA
      The U.S. Court of Appeals for the Federal Circuit has affirmed a $139.8 million jury verdict in favor of Sprint Communications against Time Warner for infringement of five Sprint patents related to VoIP technology. The appeals court concluded that the district properly admitted evidence relating to the jury verdict in an earlier, related case brought by Sprint against Vonage, another carrier offering VoIP service.








Recent Techrights' Posts

Slop Nihilism is Funded by Big Oil
Eventually human civilisation will destroy itself
Professor Eben Moglen Recovering From Open Heart Surgery
From his public pages (this is not secret)
There Are Red Hat (IBM) Layoffs, But Google News is Infested With Slopfarms
It contributes a lot to misinformation and it encourages plagiarism
USA Not a Place for Free Speech
In America, as in the US, the attacks seem more enhanced or advanced these days
 
The True Cost of 'Generative Models'
Funded and promoted by the companies that profit from the waste
'Big Slop' Attacks Contemporary Information/Knowledge and Creative Works, 'Big Copyright' (Cartel) Attacks the Old
Someone at IA will hopefully "blow the whistle" on what they actually agreed
Why We Find It Difficult to Trust Rust
A comparison between C/C++ and Rust
Watching the OSI: Our Series Will Carry on Irrespective of the Chief's 'Resignation'
the OSI isn't even the real guardian of the term "Open Source"
Just What LibreOffice Needs? Another Language? (Rust)
what's all this concern about memory safety?
Many Microsoft Managers Are Leaving
"Hey hi" chaff or chaff about "hey hi" cannot eternally distract from the difficulties inside the company
Tomorrow, Microsoft's Tim Anderson's 'The Register MS' Offshoot Will Have Been Inactive for 2 Months (There's Also a Slop Problem)
We've already caught The Register MS using LLM slop for articles
Microsoft's Chief Legal Officer Leaves Microsoft After Nearly 30 Years
And not retiring
Even Windows Users Are Having Problems With "Secure Boot"
When it comes to security - Microsoft strives for the very opposite
Another Competition Crime of Microsoft, Long Facilitated and Advocated by a Bad Actor, Who is Funded by a Third Party to Commit Extortion Against People Who Have Correctly and Repeatedly Warned About It for Over 13 Year
We must always go back to the core issues
3 More Reasons to Replace Mozilla Firefox With LibreWolf
Thankfully there are de-enshittified versions of Firefox
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 16, 2025
IRC logs for Tuesday, September 16, 2025
Links 17/09/2025: Google Layoffs in "Hey Hi" (AI), Perplexity Hit With More "Hey Hi" (Plagiarism) Lawsuits
Links for the day
Gemini Links 17/09/2025: Reclaiming Things in a Digital Age and Moon Phases in CGI
Links for the day
Slopwatch: Google News is Slop, Google News is Plagiarism, Google News is Dying
Google is off the rails
Links 16/09/2025: "The Censorship Alarm Is Ringing in the Wrong Direction" and ASRock Does Microsoft E.E.E. on GNU/Linux
Links for the day
Serious "Breach of Confidentiality of Personal Data" in Europe's Second-Largest Institution, the EPO
Yes, the same EPO that routinely uses "data protection" and "GDPR" as a pretext for hiding or covering up its corruption and white-collar crimes (it even uses that as an excuse for refusing to obey courts' orders)
Adrienne Rockenhaus Says Her Husband Was Arrested for Running Tor and Denied Basic Rights in the United States
the US seems to be getting "russified" in its approach towards Tor
This is What Happens When Microsoft Canonical Lets Decisions on Ubuntu be Made by a Youngster From the British Army (Where He Did Mass Surveillance)
"Is Ubuntu Compromised?"
Back Doored Windows Giving GNU/Linux a Hard Time (Under the Guise of 'Security')
Is this complication intentional? Most likely, yes
Links 16/09/2025: Science, Security, and Conflicts
Links for the day
Gemini Links 16/09/2025: Command-line Options in POSIX Shell and Introducing Acre 0.9
Links for the day
Microsoft 'Secure' Boot Versus Dual Boot With GNU/Linux
they're meant to assume everything is OK
Links 16/09/2025: While Oracle Pretends to be Rich It's Firing About 70 MySQL Workers, "Oracle's Revenge" (Faking Demand With "AI")
Links for the day
Microsoft Has Just Published a New Web Page About "Secure Boot Update Process" (Microsoft Also Admits Issues; PCs Can Stop Booting)
Why was this page issued and published only hours ago?
Microsoft Lunduke: I Spread Hate and Then I Receive Hate
Cry us a river, Microsoft Lunduke
"Use Wayland" Isn't a Bugfix for X (X11 is Still Necessary)
They tell us X is "dead" and we must all be herded into Wayland ASAP
"Disable Secure Boot and Fast Boot. Wipe and Start Over."
At least they didn't say, buy a new computer...
The Oracle Ponzi Scheme
Oracle isn't doing well, but it's nowadays fashionable to say "clown" and "hey hi" to prop up one's stock, even based on nothing at all
The New Head of OSI is an "Hey Hi" (AI) Obsessed Person
when Bryant says "AI" that doesn't mean AI
Taking Out the Battery, Opening Up Your Computer, Just Like a "Normie" Would
At this stage, any person who still says "enable Secure Boot" is misguided or persuaded by companies that sell rootkits
Slopwatch: Serial Sloppers and Slopfarms Still Infesting Google News (Fake 'Articles' About "Linux" Spreading FUD)
searching for "Linux" today yields a lot of FUD
"Governments, local authorities, schools and hospitals can lead by example by procuring only Free Software"
Crossposted from Tux Machines
Cindy Cohn Leaving the Electronic Frontier Foundation While Its Co-founder John Gilmore, Whom She Apparently Helped Oust, Will Celebrate 40 Years of the Free Software Foundation, Inc.
EFF has been busy hoarding GAFAM money, whereas the latter is where all the real activism is done
The Reach of Techrights Has Broadened
We nowadays cover a broader range of issues
"Google is Googlebombing KDE's Project Banana"
So is Google googlebombing KDE's Project Banana? You decide.
Complicating Things for No Actual Benefit, Just Added Risk and More Difficulties Adding GNU/Linux and BSDs
Watch what it's like for people who wish to use BSDs
Some Very Large IRC Networks Are Growing
IRC will turn 38 next year
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 15, 2025
IRC logs for Monday, September 15, 2025
Links 16/09/2025: Autumn Party, RPG Planet, and Optical ROOPHLOCH
Links for the day
Geminispace Growing at Pace of Over 10% Per Year
Contrary to what some pessimists try to claim
Linux Mint Forums Today: Disable 'Secure Boot', It Doesn't Improve Security, It's Just a Microsoft Obstacle to GNU/Linux Users
They also mention MOK
What Ruben Amorim and Stefano Maffulli Have in Common
Censors Wikipedia and Social Control Media
Microsoft Won't Cooperate in Trying to Tackle EPO Corruption (Microsoft Profits From This Corruption)
Use something like BigBlueButton, Jami, Ring, and Jitsi instead
Solved Less Than an Hour Ago: Trying to Escape Windows, 'Secure Boot' Gets in the Way
'Secure Boot' wasn't meant to even exist in the first place
Stefano Maffulli, Executive Director of the Open Source Initiative, Resigns or Gets Removed (We'll Continue Covering OSI Scandals)
A dozen mentions of "AI", not much about "Open Source"
Andy Has Just Nailed It (Regarding Complexity and Failure, a la UEFI)
The users no longer own or control what they buy
Compatibility Support Module (CSM) Versus GNU/Linux Simplicity
what Andy recently called "solutionism"
Links 15/09/2025: "Postal Traffic to US Down by Over 80%" and 'Smart' Spinozacampus Laundry Room Goes AWOL
Links for the day
Gemini Links 15/09/2025: Dungeon Hustle and Deleting Oneself From the Net
Links for the day
Breach of EPO's Duty of Care or Cigna Reimbursement Issues
This is the sort of thing that motivated Luigi Mangione to assassinate a CEO
Ask Ubuntu About "Secure Boot" Violation and Laptops That Don't Boot GNU/Linux
Does anyone still believe that "Secure Boot" has anything at all to do with security?
We Are Sad to Hear the Story of Jonathan Riddell, Champion of KDE and GNU/Linux on Desktops/Laptops
I have enormous respect for Jonathan and everything he has done
Talking About the Problem vs Talking to the Problem
Wanting an audience is never a good excuse for compromising one's values and principles
Focusing on Patents
The reason we cover the EPO so much is that it's close to home
"Secure Boot Violation": The 'Joys' of Fake Security Gone Wrong
Not everyone reboots every day
Links 15/09/2025: Russia Invades Romanian Airspace, Penske Media Sues Google Over LLM Slop
Links for the day
Links 15/09/2025: Bitcoin ATMs Scam and "Conservative Cryptography" (Backdoors Fantasies)
Links for the day
EPO Imitates Microsoft: "Three Days or More Per Week" Inside the Office to Get a Desk to Work on; "the Office Breaches Its Promise Towards Staff and Acts in Breach of Its Duty of Care"
The EPO serves no actual function in Europe
Links 15/09/2025: Political Affairs, Censorship, and Copyrights
Links for the day
Gemini Links 15/09/2025: Music Genres, Invisible Networks, and Akademy 2025
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 14, 2025
IRC logs for Sunday, September 14, 2025