Bonum Certa Men Certa

Links 5/7/2019: MX Linux Reviewed, PyCharm 2019.2 Beta

  • GNU/Linux

    • Desktop

      • Ubuntu 18.10 (Cosmic Cuttlefish) Will Reach End of Life on July 18th, 2019

        Canonical announced today that the Ubuntu 18.10 (Cosmic Cuttlefish) operating system is approaching end of life later this month, urging users to upgrade to a newer release. Released last year on October 18th, Ubuntu 18.10 was dubbed as Cosmic Cuttlefish by Canonical's CEO Mark Shuttleworth. It shipped with the GNOME 3.30 desktop environment and the Linux 4.18 kernel series, and featured a fresh new look based on the in-house developed Yaru theme, formerly Communitheme.

        Ubuntu 18.10 also brought support for unlocking your PC with your fingerprint, mobile phone integration, as well as support for managing Thunderbolt devices. However, being supported for only nine months, Ubuntu 18.10 will reach end of life on July 18th, 2019, which means it will no longer receive security or software updates.

      • Linux Mint-powered MintBox3 to be the most powerful MintBox ever made

        The Linux Mint Blog has announced in the June 2019 edition of their monthly news article that the MintBox3 will be the best MintBox yet.

        MintBox is a series of computers based on Linux Mint that is developed by CompuLab in collaboration with the Mint team. The development company mainly deals with fanless PCs, and they have implemented the same approach in the MintBox computers.

        It should be noted that the previous MintBox systems have not been that powerful. With that being said, the upcoming MintBox is expected to accompany pretty high-end specs and that too without a fan.

      • Linux Mint 32-bit edition axed starting from Linux Mint 20 onwards

        As per the expectations, the Mint team has confirmed that Linux Mint 20 and later versions won’t support 32-bit architecture.

        Recently, Canonical made a massive announcement that the new Ubuntu won’t be available for 32-bit architecture. Because of this, there were a lot of speculations in the air about the release of the latest version of Linux Mint, most of which said that Linux Mint would make the same move. Proving these speculations true was the most recent announcement by Clem Lefebvre, the Project Founder and Lead Developer of Linux Mint, himself.

    • Server

      • IBM

        • Red Hat Helps Pave Road to Open Hybrid Cloud for APAC Enterprises

          Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced the Red Hat Hybrid Cloud Series, an event for open hybrid cloud strategists and practitioners taking place across Asia Pacific. The event will travel to 11 countries covering major cities, including Beijing, Bangkok, Hong Kong, Jakarta, Kuala Lumpur, Mumbai, Manila, Seoul, Singapore, Taipei and Tokyo.

        • Red Hat’s hybrid cloud role expected to expand after acquisition by IBM

          When IBM Corp. went looking for an acquisition that would complement its longstanding presence in the data center, it clearly wanted to build a new strength in the hybrid cloud. With that kind of mission, it was no wonder it found Red Hat Inc. and paid an attention-grabbing $34 billion for it in the process.

          “The whole adoption around hybrid cloud really speaks to all of the things that we’re doing and initiatives that we’re leading at Red Hat,” said Michael St-Jean (pictured), principal product marketing manager of storage at Red Hat. “It’s a great validation of all of the things that we’ve been working on for the past 10 to 20 years.”

    • Kernel Space

      • Graphics Stack

        • AMD posts Linux kernel patches for Navi 14 GPUs, Navi 10 will see only OpenGL benchmarks on launch day

          While RDNA-based Navi 10 GPUs such as the Radeon RX 5700 and 5700 XT are all set for an official launch on July 7, we do know that more Navi GPUs are in the offing suited for different price tiers. We've been hearing about Navi 12, Navi 14, and Navi 21 along with their Lite variants for quite some time and now, AMD seems to have posted Linux kernel driver patches for Navi 14 and Mesa updates for Navi 10.

    • Applications

      • Release of the Open Build Service, Version 2.10 - Open Build Service
      • Petter Reinholdtsen: Jami/Ring, finally functioning peer to peer communication client

        Some years ago, in 2016, I wrote for the first time about the Ring peer to peer messaging system. It would provide messaging without any central server coordinating the system and without requiring all users to register a phone number or own a mobile phone. Back then, I could not get it to work, and put it aside until it had seen more development. A few days ago I decided to give it another try, and am happy to report that this time I am able to not only send and receive messages, but also place audio and video calls. But only if UDP is not blocked into your network.

        The Ring system changed name earlier this year to Jami. I tried doing web search for 'ring' when I discovered it for the first time, and can only applaud this change as it is impossible to find something called Ring among the noise of other uses of that word. Now you can search for 'jami' and this client and the Jami system is the first hit at least on duckduckgo.

        Jami will by default encrypt messages as well as audio and video calls, and try to send them directly between the communicating parties if possible. If this proves impossible (for example if both ends are behind NAT), it will use a central SIP TURN server maintained by the Jami project. Jami can also be a normal SIP client. If the SIP server is unencrypted, the audio and video calls will also be unencrypted. This is as far as I know the only case where Jami will do anything without encryption.

      • Notepads is an open-source text editor with a fluent design

        Do note (pun intended), that the app is still in beta, but it's stable, and it just works. Sadly, since it is a UWP app, it offers very limited in terms of functionality. Despite that it supports a lot of document formats, I counted over 40 supported formats including TXT, HTML, XML, CSS, to name a few. There are a few features which impressed me.

    • Instructionals/Technical

    • Games

      • Ninslash – a great fun open source 2D platform game needs YOU!

        We’ve received tons of feedback asking for more exposure to Linux’s open source gaming scene. We’re always wanting to make Linux more glamorous, sexy, and attractive. Or it could be that we’re wanting to chill out and fancy playing a fast-paced multiplayer game. Whatever the motives, Ninslash caught our attention.

        Ninslash is a free multiplayer 2D survival shooter based on another game called Teeworlds, a highly revered retro multiplayer shooter. Ninslash saw its first release in August 2016.

        Like Teeworlds, Ninslash falls under the genre of a frenetic multiplayer survival game. You can either join a public server, or run your own LAN server. There’s a couple of public servers set up for ‘invasion mode’, although there’s other game modes available (more on that later).

      • 10 years ago GamingOnLinux was created, what a ride it’s been

        Today, GamingOnLinux (the website) officially turns 10 years old, this is madness and here’s some thoughts and history on it all.

        July is a bit of a special double-event for me, as not only does July 5th mark the birth of GamingOnLinux, July 30th is also my birthday!

        What started as a curiosity after my first proper computer came with Linux instead of Windows, has blossomed into a love of all things Linux. I still remember booting it up for the first time, having no idea what was about to happen. Good old Mandrake 9.2, you were my first taste of what was to come. In the years following, I remember trying out all sorts of different Linux distributions from Fedora Core (as it was called back then) to SUSE and eventually Ubuntu came along which really did help me stick with Linux.

      • A Short Hike, a very sweet looking casual adventure game will be coming to Linux

        Developed by adamgryu as a Humble Original for a Humble Monthly, A Short Hike is released outside of Humble later this Summer.

      • VR rhythm game "Groove Gunner" looks insane and it's coming to Linux

        Think you have some sick moves? Own a VR system? You're going to want to keep an eye on Groove Gunner as it looks absolutely insane (in a nice way) and it might make you sweat a bit.

        Groove Gunner won't just test your own rhythm with the music, it will also test your reflexes. Not only will you be blasting targets to the beats, you will also be blocking bullets as they come flying at you, while playing through songs from a variety of musical artists and genres.

      • Valve may be working on a new version of the Steam Controller

        Speculation time: As someone who makes heavy use of their Steam Controller, I will admit that the possibility of a proper second generation has me quite excited.

        PCGamesN recently wrote about it, which included a video from the YouTube channel Critical Input. The video goes over a Patent published in December last year, which shows it has a slightly different design with batteries that possibly go into the middle (hooray!), along with the back paddles being split into two on each side. That's pretty interesting but what's more exciting, is that it seems Valve may have already been testing it, as references were found in the Steamworks SDK for it.

        Oh, on top of that it seems the Patent also mentions multiple "force sensitive resistors", which has "an electrical resistance" so it can detect how much pressure you're applying on it. Something similar is used the Valve Index Controllers (previously known as the Knuckles Controller).

    • Distributions

      • Reviews

        • MX Linux Review: A Popular, Simple and Stable Linux Distro

          If you’re a Linux newbie, you might be confused by the sheer number of distributions on offer. One relatively new entry to the market is MX Linux. It’s a Debian-based distro with a lot of support that has topped Distrowatch’s popularity list for the last six months.

          But why is MX Linux proving to be so popular? Let’s find out.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • OpenHMD 0.3.0-rc2 Released For This Open-Source API/Drivers For VR/AR Hardware

        Issued today was the second release candidate for OpenHMD 0.3.0, the open-source project providing a common API and different drivers for VR/AR hardware.

        OpenHMD 0.3.0-rc2 continues with supporting the 3Glasses D3, Oculus CV1, Windows Mixed Reality HMD, NOLO, HTC Vive, HTC Vive Pro, Deepoon E2, and GearVR Gen1. The PlayStation PSVR support did end up getting disabled in this release, however.

      • Web Browsers

        • Mozilla

          • Mozilla Localization (L10N): L10n report: July edition

            Since our last report, we’ve shipped the first release of Firefox Preview (Fenix) in 11 languages (including en-US). The next upcoming step will be to open up the project to more locales. If you are interested, make sure to follow closely the dev.l10n mailing list this week. And congratulations to the teams that helped make this a successful localized first release!

      • Databases

        • YottaDB r1.26 Released

          YottaDB r1.26 is a major release on our roadmap to world domination (we may never get to our destination, but we will have fun – and release great software – along the way!).

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 6.2.5 Open-Source Office Suite Released with More Than 115 Bug Fixes

          Coming one and a half months after the previous point release, LibreOffice 6.2.5 is now available as yet another maintenance update to the LibreOffice 6.2 office suite series, adding a total of 118 bug fixes across many of its core components, to ensure LibreOffice 6.2 becomes as stable and reliable as possible for enterprise deployments.

          The Document Foundation still recommends the LibreOffice 6.2 office suite series to tech-savvy users, including power users, technology enthusiasts, and early adopters, for evaluation. However, they are also inviting enterprise users to give LibreOffice 6.2.5 a try as it will become replace the LibreOffice 6.1.6 release in August 2019.

      • BSD

        • FreeBSD Enterprise 1 PB Storage

          From all the possible setups with 90 disks of 12 TB capacity I have chosen to go the RAID60 way – its ZFS equivalent of course. With 12 disks in each RAID6 (raidz2) group – there will be 7 such groups – we will have 84 used for the ZFS pool with 6 drives left as SPARE disks – that plays well for me. The disks distribution will look more or less like that.

      • Licensing/Legal

      • Programming/Development

        • 2019 Plasma and Usability & Productivity sprint

          It was a great opportunity to meet old and new friends, drink beer and sangria on the rooftop and of course do some hacking.

          First we discussed about the future development of Plasma, especially the Wayland experience. I was particularly interested in how we can solve the two missing pieces in KDE Connect on Wayland, Keyboard input and clipboard synchronization.

        • Dirk Eddelbuettel: digest 0.6.20

          This morning, digest version 0.6.20 went to CRAN, and I will send a package to Debian shortly as well.

          digest creates hash digests of arbitrary R objects (using the md5, sha-1, sha-256, sha-512, crc32, xxhash32, xxhash64, murmur32, and spookyhash algorithms) permitting easy comparison of R language objects.

        • Python Dictionary Comprehension with Examples

          In this tutorial, we will cover how dictionary comprehension works in Python. It includes various examples which would help you to learn the concept of dictionary comprehension and how it is used in real-world scenarios.

        • PyCharm 2019.2 goes Beta

          Today we’re happy to share with you PyCharm 2019.2 Beta, a feature-complete preview of the upcoming release. Be the first one to try all the new functionality – download your PyCharm 2019.2 Beta build from our website.

        • Python Anywhere: System update on 26 June

          Right now we're working on making sure that our billing system supports the Strong Customer Authentication (SCA) regulations that will come into force for all payments from European credit/debit cards this September; hopefully we can make this as seamless as possible for you.

        • Python Insider: Python 3.8.0b2 is now available for testing

          This release is the second of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to support the new feature release. The next pre-release of Python 3.8 will be 3.8.0b3, currently scheduled for 2019-07-29.

        • Return of the mojibake detective

          Last year in BASHing data I gave an example of mojibake detective work. A UTF-8 dataset I was auditing ("ver3") had the name "Séchier" in it. Somehow the "e" with an acute accent had disappeared and become 4 other characters in my UTF-8 locale, namely Ã, the invisible control character "no break here",

        • Python Lists And Tuples

          Python Lists and Tuples are collections of elements that are ordered and indexed. They are very similar to an array. However, there is one stark difference between the two. Lists can be modified, new elements can be added and existing elements can be removed.

          But in case of a tuple, modification is not possible. Tuples are permanents since their existence.

        • Evennia 0.9 released

          The main feature of Evennia 0.9 is that we have finally made the move to Python3. And we burn the bridges behind us; as announced in previous posts we completely drop Python2 support and move exclusively to only support the latest Python3.7.

          Overall the move to Python3 was not too bloody (and much work towards a never published py2+3 version was already done by Evennia contributors in a separate branch earlier). The main issues I ran into were mainly in the changes in how Python3 separates strings from bytes. This became crticial since Evennia implements several connection protocols; there were a lot of edge cases and weird errors appearing where data went to and from the wire.

          A regular user has it a lot easier though. So far people have not had too much trouble converting their games from 2.7 to 3.7. The biggest Linux distros don't all have Py3.7 out of the box though, so that may be a concern for some, we'll see.

          ... but Py3 is nowhere all there is to find in this release though! There are a plethora of more features in the latest Evennia, all to make it easier to make the text-based multiplayer game of your dreams.

        • 404 Found

          It demonstrates the difficulties in making computer and human communication meaningful to both. A lot like programming, in fact. There’s code, which the computer sees, and a comment explaining the code, which the human sees. What happens when they disagree?

          We have introduced many layers of abstract friendliness, that even when something goes wrong, we fail to recognize it and treat it like a perfectly normal result. If browsers failed harder, 404 errors would be less friendly, but links like this would fail to propagate. The error would be noticed and corrected.

      • Standards/Consortia

        • Addressing Web Bloat for WebDevs

          3. Avoid JavaScript

          This has already been my most controversial prescription, but for the sake of privacy, security, and accessibility (discussed later) I stand by it.

          It seems clear that no new JavaScript engine can hope to catch up to the mainstream ones in terms of performance or API support, as such we should not expect them to. We should instead see how well recent web standards allow us to do without JavaScript, and failing that we should discuss how new web standards can help us move further away from JavaScript. Along that line I encourage you to check out Intercooler.js.

        • [Older] A JavaScript-Free Frontend

          The Website Obesity Problem is not getting any better for the web at large. I'm tired of slow-to-load webapps that are not very reliable. Has anyone tried modifying the description of a card in Asana lately? It's freaking slow! The UI lags for no good reason as you type. First, I live in a rural area with only 2 Mbit/s down Internet connection. With a warm cache it takes 14 seconds for the Asana UI to become usable. Second, you can see below that the app is comprised of over 10MB of uncompressed JavaScript. That is a huge amount of code to execute. How is this acceptable?

  • Leftovers

    • Hardware

      • Apple is reportedly giving up on its controversial MacBook keyboard

        Despite tweaking the design of its butterfly keyboards with each subsequent MacBook, Apple has struggled to overcome the keyboard’s problems, which can see keys act erratically or completely stop working as dust and other particles find their way into the mechanism. The company apologized for the keyboard’s reliability issues earlier this year, when it admitted that a “small number” of users were experiencing issues with the keyboard, then in its third generation, and the company has also launched an extended repairs program for earlier versions of the keyboard.

    • Security

      • 9 Open Source Password Managers to Secure Yourself With

        People use password managers so that they don’t have to remember all the usernames/passwords of the websites they visit. Instead, they can just remember 1 password, and then access all the other passwords whenever they need. In addition to that, this allows you as a user to increase the length and the complexity of the passwords you use, because now, you no longer have to remember them, so you can make your Facebook’s password something like 21#^#Y3#^2h281+_0H^I@F!##YU&^ with no problem.

        Also, some password managers offer other features that you can use. E.g: Auto-fill (automatically fill the passwords when you open the URL in your browser), synchronization between devices, team storage (sharing passwords between multiple people), smartphone integration, various types & tools of encryption, emergency codes.. And so on.

        Traditionally, there are many closed-source proprietary password managers, and there are those which are open source. In today’s article, we’ll see 9 open source password managers that you can use to secure yourself.

      • IPFire Open-Source Linux Firewall Now Patched Against SACK Panic Vulnerabilities

        IPFire 2.23 Core Update 134 is here to address the recently discovered SACK Panic (CVE-2019-11477 and CVE-2019-11478) security vulnerabilities, affecting Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. These are serious flaws and could allow remote attackers to cause a so-called SACK Panic attack (denial of service).

        "The Linux kernel was vulnerable for two DoS attacks against its TCP stack. The first one made it possible for a remote attacker to panic the kernel and a second one could trick the system into transmitting very small packets so that a data transfer would have used the whole bandwidth but filled mainly with packet overhead," said Michael Tremer in the release announcement.

      • MichaÅ‚ Górny: SKS poisoning, / Hagrid and other non-solutions

        The recent key poisoning attack on SKS keyservers shook the world of OpenPGP. While this isn’t a new problem, it has not been exploited on this scale before. The attackers have proved how easy it is to poison commonly used keys on the keyservers and effectively render GnuPG unusably slow. A renewed discussion on improving keyservers has started as a result. It also forced Gentoo to employ countermeasures. You can read more on them in the ‘Impact of SKS keyserver poisoning on Gentoo’ news item.

        Coicidentally, the attack happened shortly after the launch of, that advertises itself as both poisoning-resistant and GDPR-friendly keyserver. Naturally, many users see it as the ultimate solution to the issues with SKS. I’m afraid I have to disagree — in my opinion, this keyserver does not solve any problems, it merely cripples OpenPGP in order to avoid being affected by them, and harms its security in the process.

        In this article, I’d like to shortly explain what the problem is, and which of the different solutions proposed so far to it (e.g. on gnupg-users mailing list) make sense, and which make things even worse. Naturally, I will also cover the new Hagrid keyserver as one of the glorified non-solutions.

      • Daniel Kahn Gillmor: WKD for

        By default, this will show you any matching certificate that you already have in your GnuPG local keyring. But if you don't have a matching certificate already, it will fall back to using WKD.

        These certificates are extracted from the debian keyring and published at, as defined in the WKD spec. We intend to keep them up-to-date when ever the keyring-maint team publishes a new batch of certificates. Our tooling uses some repeated invocations of gpg to extract and build the published tree of files.

        Debian is current not implementing the Web Key Directory Update Protocol (and we have no plans to do so). If you are a Debian developer and you want your OpenPGP certificate updated in WKD, please follow the normal procedures for Debian keyring maintenance like you always have.

      • Someone Is Spamming and Breaking a Core Component of PGP’s Ecosystem

        Last week, contributors to the PGP protocol GnuPG noticed that someone was “poisoning” or “flooding” their certificates. In this case, poisoning refers to an attack where someone spams a certificate with a large number of signatures or certifications. This makes it impossible for the the PGP software that people use to verify its authenticity, which can make the software unusable or break. In practice, according to one of the GnuPG developers targeted by this attack, the hackers could make it impossible for people using Linux to download updates, which are verified via PGP.

        It’s unclear who’s behind these attacks, but the targets are Robert J. Hansen and Daniel Kahn Gillmor, both OpenPGP protocol developers.

        “We've known for a decade this attack is possible. It's now here and it's devastating,” Hansen wrote in his attack post-mortem.

      • Certificates Issued to Huawei Subsidiary Found in Cisco Switches

        Researchers noticed that the firmware for some Cisco switches contains X.509 certificates and associated private keys issued to a US-based subsidiary of Huawei. An investigation by the networking giant revealed that it was an oversight related to the use of an open-source third-party component.


        In an informational advisory published on Wednesday, Cisco says its FindIT development team uses OpenDaylight for testing purposes and the certificates should not have been included in production firmware.

      • St John Ambulance becomes latest casualty of a ransomware attack [iophk: those signing off on Windows deployments need to see real jail time]

        Though it's "confident" that data has not been shared outside St John Ambulance, it fessed that the data of everyone who has opened an account, booked or attended a training course until February 2019 was affected.

        This data includes names, courses, contact details, costs, invoicing details and, in some cases, driving licence data. No passwords or credit card details were taken, and no records have been doctored.

      • Magento Patches Flaws Leading to Site Takeover

        Because at one point in the sanitization process sanitized links are injected back into the string via vsprintf(), an additional double quote is injected into the tag, which allows for an attribute injection.

        “This allows an attacker to inject arbitrary HTML attributes into the resulting string. By injecting a malicious onmouseover event handler and a style attribute to make the link an invisible overlay over the entire page, the XSS payload triggers as soon as a victim visits a page that contains such an XSS payload and moves his mouse,” the security firm says.

        Because the method is used to sanitize order cancellation notes, an attacker could exploit the vulnerability to inject arbitrary JavaScript that is triggered when an employee reviews the cancelled order.

      • Server image mystery in Georgia election security case

        The FBI data could reveal whether [attackers] tampered with elections in Georgia because the server in question had a gaping security hole that went unpatched for more than six months before being publicly exposed. Data on the server included passwords used by county officials to access elections management files.

        Technicians at the Center for Elections Systems at Kennesaw State University, which then ran the state’s election system, erased the server’s data on July 7, 2017, less than a week after the voting integrity suit was filed. After the AP reported on it three months later, Kemp denied ordering the data destruction or knowing about it in advance and called it reckless, inexcusable and inept.

        But the FBI had a forensic backup, which it made in March 2017 when it investigated the security hole. The FBI has not responded to repeated requests by the AP to confirm that it continues to possess the data. FBI Atlanta spokeswoman Jenna Sellitto wouldn’t say whether the FBI has examined the data on that image to determine whether any tampering or other malicious activity occurred.

      • Georgia Failed to Subpoena Image of Wiped Elections Server

        Marilyn Marks of the Coalition for Good Governance, a plaintiff in the case, said that if the state failed to secure the data from the FBI — despite informing U.S. District Judge Amy Totenberg in October 2017 of its intent to do so with the subpoena — it clearly has something to hide.

        "If they have destroyed records then it can be presumed that those records would have shown our allegations to be true," Marks said.

        Neither the Secretary of State's office nor an attorney representing it in the case, Josh Belinfante, would say why the subpoena was never filed. Nor would they say whether they had obtained the data through other means for secure safekeeping. The FBI in Atlanta also wouldn't say whether it has provided the state with a copy.

      • Antivirus firms start flagging spyware installed by Chinese border control

        It recently came to light that the border control authority in China's Xinjiang region was installing surveillance software on the phones of tourists without their knowledge or consent. The software apparently kept an eye out for terms that related to Islamic extremism and literature by the Dalai Lama.

    • Defence/Aggression

      • The Command (Kursk): A dramatization of the 2000 Russian nuclear submarine disaster

        The Kursk’s sinking was bound up with both the decay of the Russian military and the catastrophic impact of Russian capitalism. One hundred eighteen sailors died—85 instantly and 23 slowly and painfully—due to the neglect and incompetence of the Putin administration.

        The Vinterberg movie is a humanized account of the episode, and clearly takes the side of the population against the military and governmental brass. As the movie gets underway, angry sailors, led by Navy captain-lieutenant Mikhail Averin (Matthias Schoenaerts) on the Vidyaevo Naval Base, are demanding back pay: “Sorry gentlemen, we have received nothing from Moscow,” is the answer. “So what are we supposed to live on?,” ask the seamen. “If I knew that, I would be living on it too. At least you have a deployment coming, you will get a sea bonus.” “Which will not be paid,” is the retort.

    • Environment

      • Young volunteers in Helsinki aim for 130 km of trash-free coastline

        Eeva Puustjärvi is the coordinator of an effort dubbed Satakolkyt (roughly "One hundred thirty"), which aims to rid the city shoreline of all trash, and encourages residents to join in to help.

      • CO2 emissions are on track to take us beyond 1.5 degrees of global warming

        The world’s existing power plants, industrial equipment, vehicles and other COâ‚‚-emitters are on track to pump out enough carbon dioxide to blow past that target by midcentury, researchers report July 1 in Nature. Add in future power plants that are already planned, permitted or under construction, and we could emit enough by 2033 to raise average global atmospheric temperatures by 1.5 degrees, the researchers say.

        If we want to limit warming to 1.5 degrees, then “we cannot invest more in fossil fuel power or infrastructure,” says Thorsten Mauritsen, a physical climate scientist at Stockholm University who was not involved with the work. “Everything we do from now has to change direction and not use fossil fuels.”

      • Amid mounting opposition, former Michigan Governor Snyder withdraws from Harvard fellowship [iophk: "tweets in place of official statements :("]

        On Wednesday, just days after Harvard University announced that former Michigan Governor Rick Snyder had accepted its offer of a senior research fellowship at Harvard Kennedy School’s Taubman Center for State and Local Government, Snyder announced on Twitter that he was withdrawing from the position.

        The decision came in the face of widespread opposition on the Harvard campus in Cambridge, Massachusetts; in Flint, Michigan, where tens of thousands of residents suffered lead poisoning as a result of his administration’s decision to switch the city’s water supply; and nationally. In less than three days, more than 7,000 people signed an online petition that urged the rescinding of the fellowship. Thousands more expressed opposition to the appointment on social media.

      • Opposition to oil sponsorships in the arts spreads in London

        The action was the latest in growing pressure against oil sponsorship in the U.K. Activists want art and cultural institutions, like the Royal Opera House, to stop accepting sponsorship money from BP because of its environmental impact.

        BP, formerly known as British Petroleum, is one of the U.K.'s largest oil and gas companies. It made headlines around the world for the Deepwater Horizon disaster in 2010, when more than three million barrels of oil spilled into the Gulf of Mexico.

      • 16 Companies Rethinking Packaging

        The U.S. generates almost 80 million tons of packaging waste each year, according to the U.S. Environmental Protection Agency. When landfilled or incinerated, this waste pollutes the environment and poses health risks to humans and wildlife. Packaging is also the main source of the plastic pollution that is clogging the ocean and expected to exceed the weight of all fish by 2050 at current rates. The food industry is largely responsible for this growing packaging problem.

        About half of the packaging waste in the U.S. comes from food and beverage products. And studies suggest that large food corporations like Nestle and Uniliver generate the majority of the plastic waste

        Recognizing this issue, and under pressure from consumers, several of these very same corporations have recently pledged to reduce the environmental impact of their packaging. Many smaller companies in the food and beverage and industry are doing the same, and some of them have been on the forefront of packaging innovations for years. Food Tank highlights 16 food and beverage companies to exhibit the industry's various approaches to sustainable packaging.

      • Energy

        • Russia and Saudi Arabia Hold 'Catholic Marriage' with Poem and Badges, Form Enormous Oil Cartel

          According to Bloomberg, the nations have been coordinating for more than two years, battling the falling price of oil and grappling with the U.S.' recent ascension of the top of the oil-producing charts. OPEC+ nations will now account for almost half of all oil production globally.

          Though initially considered a temporary alliance, OPEC Secretary General Mohammad Barkindo declared Tuesday that the pact was now like a "Catholic marriage" and would last for "eternity."

        • Saudi-Russian Oil Fling Becomes a Marriage to Last an ‘Eternity’

          For Saudi Arabia, turning what had been an ad hoc coalition into a formal group provides a hedge against future oil-market turbulence. The kingdom can now lean on a group representing almost half of global oil output for support.

    • Finance

      • While Trump Isolates the U.S., It’s ‘Let’s Make a Deal’ for the Rest of the World

        America’s sudden retreat into old-fashioned protectionism, and Washington’s frontal assault on the World Trade Organization and the decades-old rules that have upheld the world trading order, has fueled fears that globalization is dead. In reality, outside of the United States, most other countries are racing to tear down barriers and embrace free trade with an urgency not seen in decades.

      • Swedish ‘neobank’ P.F.C. picks up €5M backing from Nordic banking giant Nordea

        Described as a personal finance app and accompanying debit card, P.F.C. is regulated under a payments institution license rather than being a fully-licensed bank. It’s the same lighter touch model that Revolut and a plethora of other banking apps choose, before in some instances applying for a bank license so they can begin doing more risky regulated activities: namely lending out deposits in the form of overdrafts and loans.

        P.F.C.’s features include being able to instantly top up your account/card using Swish (a mobile payment technology provided by a group of Swedish banks), the ability to set a weekly budget, and automatic transaction categorisation.

      • West African countries choose new 'ECO' single trade currency

        Six member countries, including Nigeria, Liberia, and Ghana, could be swapping their currencies for a new one - the ECO. Eight ECOWAS countries (Benin, Burkina Faso, Guinea-Bissau, Ivory Coast, Mali, Niger, Senegal, and Togo) currently jointly use the CFA franc. Originally intended to be launched in 2000, the ECO has been postponed multiple times, and the newest target date is 2020.

    • AstroTurf/Lobbying/Politics

      • France is luring game devs who don't fancy their post-Brexit chances

        Developers taking the France French Euro will be offered help to relocate, as well as subsidies, tax breaks, capital loans, and, in fact, everything you need to move your base from Future Little England to the continent.

        Games developed in French France will get 30 per cent tax breaks on production costs, worth up to €£5.4m and funds for 'technically ambitious' projects of up to €£1.8m repayable when the company is big enough to afford it.

      • Michigan Rep. Justin Amash quitting Republican Party

        Rep. Justin Amash of Michigan, the only Republican in Congress to call for impeachment proceedings against President Donald Trump...

    • Censorship/Free Speech

      • The APPG’s definition of ‘Islamophobia’ is a triumph for fundamentalists

        The All-Party Parliamentary Group (APPG) on British Muslims’ definition of Islamophobia has mainly been framed as a free speech issue. The definition adopted by some parties and councils will certainly limit criticism of Islam and Islamism even further than it already is currently. To say it will not is dishonest at best. This has already been the case for a long time now. For those of us who have fled Iran, it has been so since the expropriation of the Iranian revolution by the Islamists; in Britain, at least since the Rushdie affair.

        Examples abound. The Council of Ex-Muslims of Britain, of which I am a Spokesperson, was placed under investigation for eight months by Pride in London because of the accusation of Islamophobia levelled against us by the East London Mosque and Mend. I myself have been barred from Warwick University, harassed by Islamic Society students at Goldsmiths, and had my talk cancelled at Trinity College over the same accusations. I haven’t had issues for a while now – but that is only because I am hardly invited to speak at universities any more. It is just too much trouble. The accusations stick; uncomfortably so.

        Whilst this is a free speech issue (blasphemy is clearly not racism), what I find even more disturbing about this definition is the Parliamentary Group’s open promulgation of the idea that there is something that can be called ‘expressions of Muslimness.’ It is absurd to assume that this is the case, any more than one can speak of expressions of Christianness or Jewishness or Hinduness. This is no different from saying there are ‘expressions of Britishness’; something that the far-Right – and increasingly, mainstream politicians – imply in order to exclude migrants and minorities.

      • Never Mind the Body Fluids: Twitter's New TOS Ramp Up All-Around Porn Censorship

        While the adult community on Twitter continues focusing on specific items in Twitter’s latest revision to their Terms of Service (TOS) concerning what the company calls “sensitive material,” a careful reading of the new policy unveiled in March 2019 reveals a deliberate ramping up of porn censorship across the platform.

        The section concerning sexual content is called “Sensitive Media Policy.” We have edited out with […] most of the sections concerning violent and hateful content, which Twitter for some reason consistently lumps with “adult content” (i.e. sexual content of any kind, policed entirely at their discretion).


        Update, 7/3/2019, 10:20 a.m.: Ralf Kappe and the Sharesome team have dug up the old Twitter TOS, before the new, explicitly anti-porn version was quietly unveiled in March. It confirms that a major change of policy regarding adult content took place at Twitter HQ. Read the pre-March TOS here.

      • Sheffield University student wins Facebook post appeal

        Felix Ngole, 39, was removed from a postgraduate social work course at the University of Sheffield in 2016 after posting the Facebook comment.


        Some months later, he was anonymously reported to the university and was disciplined in a fitness to practice (FtP) hearing.

    • Privacy/Surveillance

      • Everything you need to know about the invisible e-mail tool that tracks you [iophk: "that's not e-mail, that's an HTML document"]

        You know how every image on the internet is stored on a server, and your computer automatically downloads them as you browse? Years ago, some genius figured out that your computer’s image requests can let those same servers track your activity across the web — and when it comes to email, they can let the sender see when you’ve opened a given message just by sneaking in an image.

        It’s remarkably simple: when you open the email, you automatically download that image, and that image request immediately lets the server know that you’ve opened it.

      • The big Facebook outage offers a behind-the-scenes look at how the social network's AI 'sees' your photos and interprets them for blind users

        Facebook automatically scans all photos on the social network with facial- and image-recognition software powered by AI to detect who or what is being pictured.

      • EU worries over the possibility of losing wiretapping powers

        5G telecoms networks could render obsolete the “lawful interception” techniques that police is traditionally using, unless the European Union and national governments take action. This was revealed in internal EU documents obtained by EDRi member Statewatch, that has published a new analysis explaining the issues and calling for a public debate.

      • Amazon responds to a US senator’s inquiry, confirms Alexa voice records are kept indefinitely

        Amazon has responded to a letter of inquiry it received from U.S. Senator Chris Coons (D-DE) that asks the company to detail what happens to customers’ Alexa voice records and data after they speak to their virtual assistant. The Senator’s letter was prompted by a CNET investigation in May, which found that Amazon keeps voice records unless users manually delete them — and that it may keep text transcripts of those voice recordings indefinitely.


        However, the original CNET report claimed text transcripts of the voice records were still maintained on Amazon’s servers even after users deleted their recordings, with “no option for you to delete them.” As CNET explained, Amazon would delete the text log from Alexa’s “main system,” but not remaining subsystems.

      • ‘Fingerprinting’ to Track Us Online Is on the Rise. Here’s What to Do.

        If there’s one lesson to learn about digital privacy, it’s that we can never grow complacent. Even if we secure our data so we are not tracked online, the ad tech industry will find ways to monitor our digital activities.

        And so it is with the rise of so-called fingerprinting, which security researchers are calling a next-generation tracking technology.

      • Petter Reinholdtsen: Teach kids to protect their privacy - the EDRi way

        Childs [sic] need to learn how to guard their privacy too. To help them, European Digital Rights (EDRi) created a colorful booklet providing information on several privacy related topics, and tips on how to protect ones privacy in the digital age.

        The 24 page booklet titled Digital Defenders is available in several languages. Thanks to the valuable contributions from members of the Electronic Foundation Norway (EFN) and others, it is also available in Norwegian Bokmål. If you would like to have it available in your language too, contribute via Weblate and get in touch.

    • Freedom of Information/Freedom of the Press

      • France wants to fine Facebook over hate speech

        The measure would force companies to remove content within 24 hours, and was approved by the lower house of the French Parliament Thursday

      • China is ramping up its media abroad – and not just in Chinese

        The campaign involves not just promoting pro-Beijing information, but discouraging negative reports. Censorship extends into social media, and is strengthened by Chinese platforms’ suppression of content that authorities deem negative. For example, some U.S. citizens have recently had messages or entire accounts censored on the popular Chinese messaging app WeChat, owned by the firm Tencent.

        “It’s quite shocking to me that China’s Great Firewall is coming to the U.S. in digital form,” says George Shen, a technology consultant from Newton, Mass., who had his WeChat accounts banned last month. “It’s a very stealthy, sophisticated censorship. … They are filtering out your messages without even telling you,” he says.

      • Cameroonian president’s bodyguards attack reporter outside Geneva hotel

        Adrien Krause, a reporter for Radio Télévision Suisse (RTS), was covering a protest by Biya opponents outside the Intercontinental Hotel on 26 June when several of the president’s bodyguards attacked him.

        Krause, who has filed a complaint, said he was “roughed up.” Some of his equipment and his mobile phone were also seized. They were returned several hours later after the Swiss federal foreign ministry intervened.

      • Video: Watch the Sydney Free Assange rally

        The demonstration was attended by around 200 workers, students and young people. It was addressed by leading members of the SEP, along with filmmaker James Ricketson and Emeritus Professor Stuart Rees. Details of the Brisbane and Melbourne rallies can be found here.

      • Cartoonist set to replace de Adder quits, says he 'wouldn't wish this on anyone'

        In a statement to CBC News, Greg Perry said the social media backlash after BNI parted ways with de Adder, then used his name in statements about the decision, has taken a toll.

        "I don't use social media, but person/persons who do have used it to essentially destroy my character and my cartoon work.

        "All this over a job that pays the same per month as a job at a grocery chain. I wouldn't wish this on anyone."

        The Halifax-based de Adder was let go last week, just days after his cartoon depicting U.S. President Donald Trump playing golf next to the bodies of two dead migrants went viral.

    • Civil Rights/Policing

      • Arrests of Algeria protesters show desire to ‘strangle’ popular movement

        Thirty-four protesters have been arrested in Algeria since June 21 for carrying the Berber flag during demonstrations – a crackdown which has further inflamed the popular movement’s antagonism towards the government.

      • Must take an unequivocal stand against all forms of hate

        “No religion promotes an inclusive society. Religion is an exclusive club that sees its set of beliefs as superior to other sets of beliefs,” she said. “Inequality is a pillar of Sharia courts but this is not just the case for Sharia courts,” she added.

        In this interview I have communicated with her on life in Iran, consequences of Sharia and religious courts, Easter Sunday’s bombings in Sri Lanka, and her readings on terrorism and radicalisation.

        Following are excerpts from the interview: [...]

      • Much Ado About Iboga

        Two professors at Miami University are suddenly at risk of losing their jobs over a plant that has been in their collection for over a decade.

        A third, nontenured Miami employee says he was forced to resign over the iboga shrub, which can be used to make the psychoactive drug ibogaine.

        Advocates for the faculty members say that the university’s response to an apparent oversight by their colleagues is heavy-handed and chilling to research of all kinds.

      • Islamic Imperialism and Christian Genocide

        When Muhammad was born, in 570, ‘a large area in northern Arabia was fully Christianised, and there were also a number of Christian towns in the south (modern Yemen)’.[5] Thus, following his conversion, Paul devolved his initial missionary efforts to Arabia, and not Europe (Gal. 1:17). As for North Africa, by the year 300 that region was the most Christianised of the Western Roman Empire, and home to such great early leaders as Tertulian, Cyprian, and St Augustine.[6] By 325, more than half of all Christians lived in the East and North Africa. In those days, Christianity existed primarily in Syria, Persia, Armenia, North Africa, and considerable parts of Arabia.

        As can be seen, Christianity did not start as a Western movement. Prior to the advent of Islam, it was predominantly a Middle Eastern religion. Christianity became a predominantly European faith only when it was destroyed by the Muslims in the Middle East and North Africa. Christianity became a “Western faith” simply because Europe was the only continent where it was not destroyed. [...]

      • Islam’s War on Christianity – Part II

        The severe persecution of Christians in the Islamic world is an urgent human rights issue that rarely gets much attention in the Western Media. Even a considerable number of church leaders in the West have miserably betrayed their fellow believers in the Islamic world by turning a blind eye to the gross violation of human rights. As Britain’s former chief rabbi, Jonathan Sacks, told the British House of Lords recently: ‘The persecution of Christians throughout much of the Middle East, sub-Saharan Africa and Asia, and elsewhere is one of the crimes against humanity of our time and I’m appalled at the lack of protest it has evoked’.[6]

        Let’s take a few examples.

      • Did Zaira Wasim quit Bollywood due to pressure on her parents? Latest tape suggests so

        According to Times Now, a short tape has come out in which one cleric shamed Zaira and an eight or nine year old Kick-boxing champion Tajamul from Kashmir, saying that the two youngsters are a shame for Kashmiri people for allegedly going beyond the lines of Islam.

        The report stated that the cleric in the video said that young Kashmiri people should not go into Bollywood or such entertainment industries. The cleric even criticised Zaira and Tajamul's family members for allowing them to do what they are doing.

      • The widening health gap between America's rich and poor is the result of worse health for the poor, not better health for the rich

        Well, in health, the argument is settled. For years, statisticians and public health experts have noticed a widening health gap that tracked to the widening wealth gap. In the right's framing, this gap would be the result of everyone being healthier, with rich people being healthier poor people. The rising tide would be lifting all boats, but the people responsible for those tides -- the wealthy -- were rising higher than the rest of us.

        But that's not what's happening. According to a study in JAMA Network Open published last month that analyzed longitudinal survey data collected by the CDC since 1993, the health of wealthy people is stagnant, while the health of poor people is declining, and this trend is now a quarter-century old.

      • The Gap Between Rich And Poor Americans' Health Is Widening

        What they found: Across all groups, Americans' self-reported health has declined since 1993. And race, gender and income play a bigger role in predicting health outcomes now than they did in 1993. Overall, white men in the highest income bracket were the healthiest group.

      • The feds can’t find some of its own investigative records about the hateful neo-Nazi haven.

        According to MuckRock, which broke the news, Best asked for all investigative records on the infamous forum that the FBI had in its possession. Instead, the bureau provided her with 104-pages of pre-processed records and admitted, “there were additional records potentially responsive for your Freedom of Information/Privacy Acts (FOIPA) request.”

        The FBI then explained it lost those records.

    • Monopolies

      • Patents and Software Patents

        • Food Marketing Institute v. Argus Leader Media (2019)

          Despite the clarity of the dictionary definitions, the majority felt the need to address the National Parks test. It found no basis for the requirement that a disclosure result in "substantial competitive harm" in the statutory language, early case law, or any "other usual source." The D.C. Circuit had cited legislative history for FOIA in support of the test, but Justice Gorsuch referred to that as a "selective tour through the legislative history." But the plain language of the statute itself had been sufficient to allow interpretation of Exemption 4. And there was no good reason for applying the National Parks test when the information was required to be provided to the government, but not when the information was provided voluntarily (as the D.C. Circuit had subsequently found in Critical Mass Energy Project v. NRC, 975 F.2d 871 (D.C. Cir. 1992)). Thus, the majority rejected the D.C. Circuit's National Parks decision in favor of the plain language of Exemption 4.

          Justice Breyer, joined by Justices Ginsburg and Sotomayor, dissented from the decision based primarily on both the uniformity of decisions below and policy issues. While the courts below had adopted different tests for Exemption 4, they had all required some showing of competitive harm for the exemption to apply. Thus, the majority's decision allowed Exemption 4 to shield far more than any circuit would have otherwise. And that was a substantial concern for the dissenting Justices: that Exemption 4 might swallow FOIA whole. That is, the goal of FOIA has always been disclosure of information to increase the transparency of government (at least as balanced against certain specific, narrow policy exceptions). But if the questions are just whether the parties providing information and the government agency working with those parties -- which is often subject to "capture" by the parties -- want to keep the information secret, they may be able to shield it from disclosure under FOIA. Thus, the dissenting Justices fear that the decision will substantially narrow the effect of FOIA.

          The Food Marketing Institute case reflects a sea change in the application of FOIA to confidential information. Previously, even trade secrets (as defined by the traditional definition under the Uniform Trade Secrets Act or Defend Trade Secrets Act) could be subject to disclosure under FOIA if the trade secret owner cannot prove that the disclosure would cause it substantial competitive harm. Now, Exemption 4 covers not only traditional trade secrets, but also merely confidential business information that has been shared with the government under an expectation of secrecy. Thus, in many cases, information that would have been disclosed under FOIA can now be withheld under Exemption 4.

        • Should We Abolish Billionaires?

          [...] Consumers have few alternatives.

          Nor do many suppliers who sell through Amazon; for the first 25 years of its existence, Amazon wouldn’t let them sell at a lower price anywhere else. And Amazon’s business is protected by patents granted Amazon by the U.S. government and enforced by government.

          If we had tough anti-monopoly laws, and if the government didn’t grant Amazon so many patents and trademarks, Bezos would be worth far less.

      • Trademarks

        • USPTO releases new rules for non-US domiciled TM applicants

          The new rules were announced on July 2 and will come into force on August 3.

          According to the USPTO, the rules will help safeguard the "accuracy and integrity" of its trademark register.

          It also pointed out that other trademark offices require foreign-domiciled applicants to use local representation for filing.

          “Many other countries worldwide have had this requirement for decades,” said USPTO commissioner for trademarks, Mary Boney Denison, in a press release.

          The office has published guidance notes on who will be classed as 'foreign-domiciled', the information a US attorney/lawyer must provide to satisfy the new rules, and the position of Canadian patent and trademark attorneys/agents. The guidance notes and likely questions concerning the rules can be found here.

      • Copyrights

        • Pirate Party MEP Elected Vice-President of EU Parliament

          The Pirate Party political movement owes its early success to sticking up for The Pirate Bay, following a raid in Sweden. Since then, it has come a long way. In recent years Pirates have delivered many excellent politicians and Marcel Kolaja, one of the new MEPs, has just been elected as a Vice-President of the EU Parliament.

Recent Techrights' Posts

GNU/Linux Adoption in Africa, a Passageway Towards Freedom From Neo-Colonialism
Digi(tal)-Colonialism and/or Techolonialism are a thing. Can Africa flee the trap?
CNN Contributes to Demolition of the Open Web
Reprinted with permission from Ryan Farmer
Eben Moglen on Encryption and Anonymity
The alternate net we need, and how we can build it ourselves
Yet More Microsofters Inside the Board of Mozilla (Which Has Just Outsourced Firefox Development to Microsoft's Proprietary Prison)
Do you want a browser controlled (and spied on) by such a company?
IRC Proceedings: Monday, December 04, 2023
IRC logs for Monday, December 04, 2023
GNU/Linux Now Exceeds 3.6% Market Share on Desktops/Laptops, According to statCounter
things have changed for Windows in China
Over at Tux Machines...
GNU/Linux news
Links 05/12/2023: Debt Brake in Germany and Layoffs at Condé Nast (Reddit, Wired, Ars Technica and More)
Links for the day
[Meme] Social Control Media Giants Shaping Debates on BSDs and GNU/Linux
listening to random people in Social Control Media
Reddit (Condé Nast), Which Has Another Round of Layoffs This Month, Incited People Against GNU/Linux Users (Divide and Rule, It's 2003 All Over Again!)
Does somebody (perhaps a third party) fan the flames?
Who Will Hold the Open Source Initiative (OSI) Accountable for Taking Bribes From Microsoft and Selling Out to Enable/Endorse Massive Copyright Infringement?
it does Microsoft advocacy
Using Gemini to Moan About Linux and Spread .NET
Toxic, acidic post in Gemini
Web Monopolist, Google, 'Pulls a Microsoft' by Hijacking/Overriding the Name of Competitor and Alternative to the Web
Gulag 'hijacking' 'Gemini'
Links 04/12/2023: Mass Layoffs at Spotify (Debt, Losses, Bubble) Once Again
Links for the day
ChatGPT Hype/Vapourware (and 'Bing') Has Failed, Google Maintains Dominance in Search
a growing mountain of debt and crises
[Meme] Every Real Paralegal Knows This
how copyright law works
Forging IRC Logs and Impersonating Professors: the Lengths to Which Anti-Free Software Militants Would Go
Impersonating people in IRC, too
IRC Proceedings: Sunday, December 03, 2023
IRC logs for Sunday, December 03, 2023
GNU/Linux Popularity Surging, So Why Did MakeUseOf Quit Covering It About 10 Days Ago?
It's particularly sad because some of the best articles about GNU/Linux came from that site, both technical articles and advocacy-centric pieces
Links 04/12/2023: COVID-19 Data Misused Again, Anti-Consumerism Activism
Links for the day
GNOME Foundation is in Reliable Hands (Executive Director)
Growing some good in one's garden
Links 03/12/2023: New 'Hey Hi' (AI) Vapouware and Palantir/NHS Collusion to Spy on Patients Comes Under Legal Challenge
Links for the day
'Confidential Computing'? More Like a Giant Back Door.
CacheWarp AMD CPU Attack Grants Root Access in Linux VMs
IRC Proceedings: Saturday, December 02, 2023
IRC logs for Saturday, December 02, 2023
Links 03/12/2023: CRISPR as Patented Minefield, Lots of Greenwashing Abound
Links for the day