Bonum Certa Men Certa

Links 4/9/2019: Red Hat Summit 2020 and Cockpit 202



  • GNU/Linux

    • Server

      • Linux And Kubernetes Support The Intelligent Enterprise

        The concept of the intelligent enterprise has arrived in SAP user companies. Now, they need intelligent infrastructures. Linux and Kubernetes can help. SAP has been focusing a lot of its efforts on introducing the intelligent enterprise to its customers – and it has succeeded. Many user companies are currently trying to become intelligent.

        The concept of the intelligent enterprise serves as an aspiration, a favorable goal on their digitalization path. Various SAP solutions promise to get them there: S/4, in-memory database Hana, SAP Cloud Platform (SCP), C/4 Hana, SAP Cloud Analytics, SAP Data Hub, cloud solutions like Qualtrics or SuccessFactors, or Leonardo.

      • A guide to human communication for sysadmins

        Not too long ago, I spoke at a tech event in the Netherlands to an audience mostly made up of sysadmins. One of my topics was how sysadmins can increase the value they deliver to the organization they work for. I believe that among the most important factors for delivering value is for everyone to know the overall organization's priorities and goals, as well as the priorities and goals of the organization's development teams.

        This all sounds obvious, but in many organizations, silos almost completely block the inter-team communication needed to understand each other's priorities. Even in large organizations that pat themselves on the back for having gone full DevOps (or aspire to go full DevOps), knowledge of the priorities and goals of other teams is not ubiquitous. When I asked the couple hundred people in my audience whether they knew their development teams and what drives those teams, very few hands came up.

      • IBM

        • Cloud-native messaging on Red Hat OpenShift with Quarkus and AMQ Online

          Quarkus is a Kubernetes-native Java stack tailored for GraalVM and OpenJDK HotSpot, crafted from the best of breed Java libraries and standards, according to the project website. Starting with the 0.17.0 release, Quarkus supports using the Advanced Message Queuing Protocol (AMQP), which is an open standard for passing business messages between applications or organizations.

          Red Hat AMQ Online is a Red Hat OpenShift-based mechanism for delivering messaging as a managed service. Previously, we have seen how to use AMQ Online to provision messaging. In this article, we will combine AMQ Online and Quarkus to show how you can create a modern messaging setup on OpenShift using two new technologies from the messaging space.

          The guide assumes you have an installation of AMQ Online on OpenShift. Read the installation guide for more information. AMQ Online is based on the EnMasse open source project.

        • Red Hat sets new performance records on AMD ROME processors

          As x86_64 hardware sees improvements in the area of CPU die size reduction, Red Hat has continued to work with our partners to better enable world class performance. Recently, AMD released its ROME line of processors, known as the AMD Epyc 7002 Series. With a die size of 7nm, AMD has achieved several new performance world records and many of these results have been with workloads running on Red Hat Enterprise Linux (RHEL) 7 and RHEL 8.

          Leaning on our long history of collaboration, Red Hat and AMD have worked together to deliver enhanced performance to enterprise data centers and beyond. Red Hat’s development and performance engineering teams have been working on hardware enablement and validation of these ROME processors for more than a year, resulting in several benchmark publications using RHELx.

        • Red Hat Summit 2020: Call for Proposals for new developer track

          Red Hat Developer invites you to share your expertise at Red Hat Summit 2020, April 27-29th in San Francisco California. Submit a proposal now to lead a conference session and share your development story.

          Every year, thousands of developers attend Red Hat Summit. New for 2020, you will be able to attend a new track created specifically for application developers. This track will focus on the latest application development technologies, and we need your help.

          Red Hat Summit attendees want to hear your stories of success and failure, your best techniques, how your work is changing, architecture tips, DevOps, and what’s new. Please submit your session ideas based on real-world examples and hands-on instruction. Below are some ideas to help you get started.

    • Audio/Video

      • Stop video autoplay with Firefox

        You know that thing where you go to a website and a video starts playing automatically? Sometimes it’s a video created by the site, and sometimes it’s an ad. That video is doing its level best to get your attention, which is very distracting when that’s not what you’re looking for. If you find autoplay videos annoying, Firefox can help return some peace to your life by blocking them. Here’s how to stop video autoplay.

      • A Chat with Drew DeVore | Jupiter Extras 10

        Brent sits down with Drew DeVore, Jupiter Broadcasting's latest addition to the Audio Editing Engineer team and cohost of Choose Linux. We chat shoes, his love for linux, adventures in audio, and why JB feels like home.

    • Kernel Space

      • Eventually "Schedutil" Could Replace Linux's Existing CPU Scaling Governors

        The Schedutil CPU frequency scaling governor has been around for a few years and has gotten better over time but in our own tests we still find it frequently not being as competitive to the "performance" governor and others. However, in the future Schedutil might become the default and perhaps only governor.

        Following the brief tests of the new AMD CPUFreq CPPC solution, which isn't mainlined, a Phoronix reader pointed out a recent kernel mailing list discussion that went under our radar.

        Upstream kernel developer Peter Zijlstra was critiquing several points of the proposed AMD CPPC code that AMD developers have been working on for Collaborative Processor Performance Control support with their new Zen 2 processors. Zijlstra rejected various elements of the AMD code proposal, including the calling it a "huge mistake" for exposing a lot of the data to user-space due to complicating future kernel efforts. He also rejected the idea of AMD creating a Linux user-space tool for generating CPPC profiles for target user workloads.

      • ASpeed AST2600 Support Coming To The Linux 5.4 Kernel

        While not officially released yet, support for the ASpeed AST2600 is coming to the Linux 5.4 kernel.

        The ASpeed AST2500 server management processor / BMC has been very common to servers over the years but will soon be succeeded by the AST2600. There previously has been rumors the AST2600 is coming with 2020 server motherboards and that looks like it may pan out with the Linux 5.4 kernel set to debut with initial support for this ASpeed controller.

        The dual-core A7 while old is a big upgrade over the single-core ARM11 800MHz CPU found within the AST2500. Earlier rumors have suggested the AST2600 to be fabbed on a TSMC 28nm process.

      • Graphics Stack

        • NVIDIA Lands Another New OpenGL Extension In 2019 Around Multi-GPU/SLI

          While most games/engines and software in general are moving from OpenGL to Vulkan, NVIDIA is still investing in their OpenGL driver stack and even adding new multi-GPU/SLI functionality to their driver and as part of that introducing new extensions.

          Back in July I wrote about new OpenGL extensions for multi-GPU rendering that at the time were about exposing explicit controls over multi-cast rendering, the progress fence extension for coordinating operations between multiple GPU command streams, and a WGL-catered extension for creating contexts in a multi-GPU environment.

        • X.Org's Modesetting Driver Flips Off Atomic By Default

          While atomic mode-setting has been around for several years now and to provide a modern mode-setting interface that can test modes prior to the actual operation and reduce possible flickering during mode-setting events and also being faster, the common xf86-video-modesetting driver has at least temporarily disabled the support by default.

          Within the latest X.Org Server 1.21 Git and requested for back-porting to X.Org Server 1.20 is disabling atomic support by default. This stems from a black screen when doing rotation on a different CRTC and other problems along the atomic code-path for this in-tree driver. So by default the generic modesetting driver will use the legacy code-path by default to avoid messing up existing users.

        • Mesa's Gallium3D LLVMpipe Driver Adds Compute Shader Support

          Red Hat's David Airlie has been refocusing efforts recently on improving the state of the LLVMpipe driver that implements OpenGL / OpenGL ES on top of CPUs using LLVM. In the past few weeks he's been wiring up more GL4 / GLES 3.1 extensions and this morning the latest achievement is supporting OpenGL compute shaders!

          Following a long series of patches, Airlie has OpenGL compute shader support working for LLVMpipe in tandem with various LLVM/Gallivm changes.

    • Benchmarks

      • NAS Parallel Benchmarks: EPYC 7601 vs. EPYC 7742 vs. Xeon Platinum 8280

        Not included as part of our original EPYC 7742 / EPYC 7002 "Rome" Linux benchmarks was the NAS Parallel Benchmarks (NPB) developed by NASA. While an MPI testing favorite, there were build issues with the older version of NPB packaged by the Phoronix Test Suite. But with recently having updated that test profile against the latest NPB upstream, here are some results for the EPYC 7742 2P, EPYC 7601 2P, and dual Xeon Platinum 8280 benchmark results. Separately, there's also results now for NeatBench 5 with this video editing plug-in test case now part of the Phoronix Test Suite.

      • AMD Ryzen 9 3900X Linux CPU Frequency Scaling Governor Benchmarks

        Given the recent talk about the Schedutil CPU frequency scaling governor and its future along with CPU frequency scaling behavior in general on AMD Zen 2 processors, here are some benchmarks of the Ryzen 9 3900X when tested with the different Linux "CPUFreq" governor options.

        This round of testing is just for reference purposes in looking at how these different CPU frequency scaling governor tunables compare. The power consumption between the modes weren't compared due to the WattsUp Pro meters being busy on other systems and this testing was done prior to the recent Windows/Linux power discoveries; in fact, this testing was from back in July albeit slipped under the radar for publishing these figures.

        From the Linux 5.3 Git kernel as of the end of July while running Ubuntu 18.04 LTS, the CPUFreq governor options of ondemand, performance, powersave, and schedutil were tested. For most Linux distributions, "ondemand" is the default governor while "performance" is known for some workloads to deliver better performance when the CPUFreq driver doesn't respond fast enough for ramping up the CPU clock frequencies. Schedutil meanwhile is the newest governor and makes use of the kernel's scheduler utilization data to try to make more informed decisions about what to do with the CPU frequencies. Schedutil has an interesting future ahead, but as we've shown several times, there generally are shortcomings still compared to the likes of Schedutil. The powersave governor, lastly, keeps the clocks at a minimum and really isn't useful for a desktop unless really trying to conserve power. But for this article we're just looking at the performance difference on the Ryzen 9 3900X for easily changing this Linux kernel tunable.

    • Applications

      • Cockpit 202

        Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 202.

      • Daniel Stenberg: FIPS ready with curl

        It should show that it uses wolfSSL and that all the protocols and features you want are enabled and present. If not, iterate until it does!

      • Peter Czanik: Handling lists in syslog-ng: the in-list() filter

        Recently, a number of quite complex configurations came up while syslog-ng users were asking for advice. Some of these configurations were even pushing the limits of syslog-ng (regarding the maximum number of configuration objects). As it turned out, these configurations could be significantly simplified using the in-list() filter, one of syslog-ng’s lesser known features.

        First, a bit of history. The idea of the in-list() filter came to me while I was listening to Xavier Mertens at a Libre Software Meeting conference talk in France. In his talk, he described how to check log messages for suspicious IP addresses. He used free IP address lists from the Internet (spammer IP addresses, malware command and control IP addresses, etc.) and, using a batch process, he kept checking if any of those were present in the log messages on a nightly basis.

        It occurred to me that all of the above could be done in real-time. Namely, several different parsers capable of extracting IP addresses and other important information from log messages as they arrive are already available in syslog-ng. All that was missing was a tool that could compare the extracted value with a list of values coming from a file. This tool was implemented quickly as a ‘spare time project’ by one of my colleagues. This is how the in-list() filter was born.

    • Instructionals/Technical

    • Games

      • Haunted maze game Phantom 3D has been released

        Graverobber Foundation, developer of cyberpunk dungeon crawler Das Geisterschiff is back with a new game called Phantom 3D.

      • Fluid Simulation is one of the most mesmerising things I've seen in a while

        Fluid Simulation is something you all need to try out for a few minutes to de-stress. A nice casual experience for a tired mind perhaps.

        Appearing in my Twitter feed recently was a tweet from developer Pavel Dobryakov, which said "fucking hell I have managed it" with a link to a WebGL Fluid Simulation to try in a web browser. I was completely captivated by it, throwing my mouse around making shapes and adjusting all the settings. A good 30 minutes passed before I realised how the outside world faded away for a time.

      • The Dragon Clan have entered Armello with a new DLC

        The cast of Armello has grown bigger with the newly released The Dragon Clan DLC adding in four new characters.

        Not played Armello before? It's a grim fairy-tale board game, where one player will attempt to become King or Queen. Game of Thrones with an animal cast is a pretty reasonable description. It can be a huge amount of fun if you don't mind the RNG, playing it with friends is an absolute blast. Lots of interesting game mechanics, allowing you to really mess with other players.

      • Doom 4 Vanilla is the latest crazy Doom game pack inspired by 2016's DOOM

        This is quite amazing. I never grow tired of seeing what people in the Doom modding community are able to achieve.

        Doom 4 Vanilla recently showed up, what the developer describes as "Doom 2016 the Way 1993 Did It" and it really does look like a huge amount of fun. It's not the work of a single person though, as it does pull in mods and resources from others all under one roof.

      • Adventure and strategy RPG Pathway is getting a big free update, some of it has been teased

        Pathway released back in April and it's a lot of fun but one thing was certain after playing it for a lot longer, it did get repetitive. A big free update is coming soon and it's sounding good.

        We already knew it was getting an update, since they did previously confirm it but they didn't say what it would include. At least now, we have some details on it as they announced in a post on Steam. For starters, it's getting both a Japanese and Chinese localization to bring in more players. To do so, they said they had to rewrite a lot of the UI code. Always nice to see more games available across different languages!

      • Colourful retro arcade inspired shoot 'em up Laservasion is out now

        Red Phoenix Studios recently released Laservasion, a retro inspired arcade styled shoot 'em up with Linux support. It's pretty darn colourful once you get into it.

      • Jupiter Hell continues advancing as a seriously fun action-packed roguelike

        ChaosForge are truly onto something special with Jupiter Hell, a roguelike that doesn't really feel like one and each update just makes it even more awesome to play.

        They continue to push out regular updates, with another released this week. The first big addition of the latest update is the inclusion of more levels and secrets, as the second Io branch - CRI Laboratories is now in. This includes its own special level the "CRI Armory".

        Also in this release are the new Medical and Technical stations. Medical will allow you to do things like heal up or extract a health pack, while Technical will let you control your mod supply or perhaps repair some armour. The point of these stations is to "allow for some control over your run".

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Akademy App now with BoF info + more

          If you already downloaded the app, please open it and refresh to get the new info!

          Also I would like to thank Ben for setting up Sitter’s project on our beloved Binary Factory!

    • Distributions

      • openSUSE Is A Community Of Communities: Gerald Pfeifer

        Gerald Pfeifer, a seasoned open source developer and CTO of SUSE EMEA, has been appointed the new chair of the openSUSE board. We talked to Pfeifer to better understand the role of the openSUSE board, the relationship between the company and the community, and the status of the openSUSE Foundation.

      • Screenshots/Screencasts

      • Fedora Family

      • Debian Family

        • The New Kali Linux Is Here

          Offensive Security has announced the release of Kali Linux 2019.2. Kali Linux is one of the most popular and widely used penetration testing Linux distributions.

          The release is based on Linux kernel 5.2.9, and “includes various new features across the board with NetHunter, ARM, and packages (plus the normal bugs fixes and updates),” according to the project’s announcement page.

        • Candy Tsai: Beyond Outreachy: Final Interviews and Internship Review

          The last few weeks (week 11 – week 13) of Outreachy were probably the hardest weeks. I had to do 3 informational interviews with the goal of getting a better picture of the open source/free software industry.

          The thought of talking to someone I don’t even know just overwhelms me. So this assignment just leaves me scared to death. Pressing that “Send Email” button to these interviewees required me to summon up all of my courage but it was totally worth it. I really appreciate their time for chatting with me.

          On the other hand, it’s hard to believe the internship is coming to an end! Good news is that I will be sticking around Debci after this.

          [...]

          Last but not least, here’s a wrap-up of my internship in QA format. Hope that this helps anyone that wants to participate in future rounds get a better picture of how the Outreachy Internship was with Debian Debci.

      • Canonical/Ubuntu Family

        • Ubuntu Dock Might Start Showing Trash and Removable Device Icons

          Developers working on the dependable desktop dock bar are adding the ability to display icons for attached devices, such as USB thumb drives, external monitors, SD cards, and MP3 players, just like the Unity Launcher does.

          Code to support the presence of these items is currently pending upstream (hence it’s not available to try yet). That said, there is no major reason why the code can’t land ahead of Ubuntu 19.10, due next month.

          Icons for removable devices and peripherals would house unmount and eject actions (where appropriate) in their respective icon’s right click menu.

        • Upgrade from Windows 7 to Ubuntu Part 3: Applications

          After talked about intro and releases, now I will talk about applications on Ubuntu GNU/Linux that are replacements to ones on Windows. You need to know this information in order to switch as the most important thing you really use is the application. For example, if previously you are accustomed to Microsoft Office, MATLAB, and Adobe Reader, on Ubuntu you will use LibreOffice, Octave, and Evince, respectively. More fortunately, just as I said on Part 2, all applications are available for you in the central Ubuntu repository, you do not need to manually search different places anymore. I hope this will be useful for you. Happy reading!

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Principles

        In an internal conversation about some community pushback on something we did, I linked to islinuxaboutchoice.com - people often think that 'just' because a product is open source, it can't advertise to them, it has to be chock full of options, it has to be made by volunteers, it can't cost money and so on...

        But if you want to build a successful product and change the world, you have to be different. You have to keep an eye on usability. You have to promote what you do - nobody sees the great work that isn't talked about. You have to try and build a business so you can pay people for their work and speed up development. Or at least make sure that people can build businesses around your project to push it forward.

        I personally think this is a major difference between KDE and GNOME, with the former being far less friendly to 'business' and thus most entrepreneurial folks and the resources they bring go into GNOME. And I've had beers with people discussing SUSE's business and its relationship with openSUSE - just like Fedora folks must think about how they work with Red Hat, all the time. I think the openSUSE foundation is a good idea (I've pushed for it when I was community manager), but going forward I think the board should have a keen eye on how they can enable and support commercial efforts around openSUSE. In my humble opinion the KDE board has been far to little focused on that (I've ran for the board on this platform) and you also see the LibreOffice's Document Foundation having trouble in this area. To help the projects be successful, the boards on these organizations need to have people on them who understand business and its needs, just like they need to have community members who understand the needs of open source contributors.

        But companies bring lots of complications to open source. When they compete (as in the LibreOffice ecosystem), when they advertise, when they push for changes in release cycles... Remember Mark Shuttleworth arguing KDE should adopt a 6-month release cycle? In hindsight, I think we should have!

      • Web Browsers

        • Mozilla

          • Today in tortured tech analogies: Mozilla lets Firefox loose in the hen house, and by hen house, we mean the tracking cookie jar, er...

            Mozilla has declared that its latest Firefox browser will no longer allow third-party tracking cookies by default, pushing an existing limited-audience feature to all users.

            The so-called Enhanced Tracking Protection feature is being built into version 69 of the browser. It more or less implements an age-old feature of browser privacy add-ons, like Adblock Plus, and builds it into the core product.

            Mozilla aims to not only block tracking cookies, but beef up Firefox's existing Facebook Container anti-social-network feature, detect and block cryptomining malware, and stop browser fingerprinting scripts.

            Browser fingerprinting scripts, as the name suggests, take a snapshot of your browser, its customisation options and installed plugins, with a view to uniquely fingerprinting your device so your browsing habits can be profiled, tracked and ultimately turned into ad companies’ revenues.

            On top of that the browser will also let users block all autoplay videos – as opposed to just the noisy ones, as it does now.

          • This Week In Rust: This Week in Rust 302

            This Week in Rust is openly developed on GitHub. If you find any errors in this week's issue, please submit a PR.

          • Firefox 69.0 Released with Enhanced Tracking Protection Enabled

            Mozilla Firefox 69.0 was released today. The new release rolls out stronger privacy protections by enabling Enhanced Tracking Protection (ETP) by default.

            Enhanced Tracking Protection blocks third-party sites from tracking cookies and cryptominers. There’s also optional strict setting blocks fingerprinters as well as the items blocked in the default standard setting.

          • Debugging WebAssembly Outside of the Browser

            WebAssembly has begun to establish itself outside of the browser via dedicated runtimes like Mozilla’s Wasmtime and Fastly’s Lucet. While the promise of a new, universal format for programs is appealing, it also comes with new challenges. For instance, how do you debug .wasm binaries?

            At Mozilla, we’ve been prototyping ways to enable source-level debugging of .wasm files using traditional tools like GDB and LLDB.

            The screencast below shows an example debugging session. Specifically, it demonstrates using Wasmtime and LLDB to inspect a program originally written in Rust, but compiled to WebAssembly.

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice developers team up to improve PPT/PPTX (PowerPoint) file support

          Good news for all users of high quality presentation software: a dedicated team has been formed within the LibreOffice community with the aim of further improving PPT/PPTX (PowerPoint) file format support.

          [...]

          LibreOffice’s Quality Assurance team is currently going through the collections of PPT and PPTX issues and carefully re-analysing and prioritising them. The QA team will continue to provide support in the form of patch testing and verification.

      • Pseudo-Open Source (Openwashing)

        • The Four “Os” of Open Banking [Ed: Red Hat openwashing of banks (some of its biggest -- in revenue terms -- clients)]

          While I was studying computer science, the notion of open source was much argued over. Our university professors found the idea playful but approached it from an old-school way where they could not fully grasp how it would fit into a business landscape. We students, on the other hand, found the open source movement empowering. Not only did it provide us with reliable and free tools, it also gave us the chance of contributing to a global community from our small classroom in Algeria.

          Those heated open source debates are not very different from the Open Banking discussions which I have today in Europe and globally.And, just as open source has become commonplace, I’m convinced that Open Banking will become ubiquitous in the financial services sector in the future.

      • Programming/Development

        • How I Followed my Heart, Conquered Fear and Became a Public Speaker

          In this guest post Mridu shares with us how she got into public speaking, conquering fear and imposter syndrome. What did she learn? And what does she recommend for people starting out? Let's hear from Mridu!

          I am everyday thankful for having crossed paths with individuals who are passionate to share their experience with others. Inspiration came from a teacher who loves to teach with energy and enthusiasm, making sure the student actually learned. Oftentimes I felt our teacher's enthusiasm was more than the collective enthusiasm of our batch of 200 students.

        • Using Python to Build a Web Scrawler Step by Step

          Start writing here...The need for extracting data from websites is increasing. When we are conducting data related projects such as price monitoring, business analytics or news aggregator, we would always need to record the data from websites. However, copying and pasting data line by line has been outdated. In this article, we would teach you how to become an “insider” in extracting data from websites, which is to do web scraping with python.

        • GCC 10 Compiler Drops IBM Cell Broadband Engine SPU Support

          Next year's GNU Compiler Collection 10 (GCC 10) compiler release is doing away with support for IBM's Cell Broadband Engine SPU support.

          There hasn't been much (anything?) happening on the IBM Cell processor front in about one decade and the GNU toolchain folks are ready to drop the Cell Broadband Engine SPU support with that compiler target previously being maintained by Sony.

        • Real Python: Python args and kwargs: Demystified

          Sometimes, when you look at a function definition in Python, you might see that it takes two strange arguments: *args and **kwargs. If you’ve ever wondered what these peculiar variables are, or why your IDE defines them in main(), then this article is for you. You’ll learn how to use args and kwargs in Python to add more flexibility to your functions.

        • EuroPython 2019 - Videos for Wednesday available

          We are pleased to announce the first batch of cut videos from EuroPython 2019 in Basel, Switzerland.

        • Combining Coverage-Guided and Generation-Based Fuzzing

          Coverage-guided fuzzing and generation-based fuzzing are two powerful approaches to fuzzing. It can be tempting to think that you must either use one approach or the other at a time, and that they can’t be combined. However, this is not the case. In this blog post I’ll describe a method for combining coverage-guided fuzzing with structure-aware generators that I’ve found to be both effective and practical.

        • Mike Driscoll: Lucid Programming Podcast – Writing Books About Python

          I was recently interviewed on the Lucid Programming Podcast by Vincent Russo about writing books about Python.

        • New Book Excerpt: On Coupling and Abstractions
  • Leftovers

    • Security (Confidentiality/Integrity/Availability)

      • The ‘weaponisation’ of vulnerabilities

        Jett says the ‘weaponisation’ of vulnerabilities means that cyber criminals are exploiting them to launch highly co-ordinated attacks against individuals, businesses and specific groups by using a combination of technical and non-technical tools. He adds that, in most cases, these vulnerabilities are targeted in automated exploit kits, which are developed by criminal groups and monetised in various online forums.

        [..].

        "Let’s use the example of attacks on specific individuals. By scouring various channels – both legitimate and illicit – attackers are able to amass sufficient information about their targets to build a comprehensive profile about them. Gradually, they gather enough material to determine what’s going to be the most effective method(s) of attack and they’ll typically utilise multiple attack surfaces to pursue their targets."

      • Security updates for Wednesday

        Security updates have been issued by Arch Linux (grafana, irssi, and jenkins), Debian (freetype, samba, and varnish), Fedora (community-mysql, kernel, kernel-headers, kernel-tools, and python-mitogen), openSUSE (postgresql10 and python-SQLAlchemy), Oracle (kdelibs and kde-settings and squid:4), Red Hat (kdelibs and kde-settings, kernel, kernel-rt, openstack-nova, qemu-kvm, and redis), Scientific Linux (kdelibs and kde-settings, kernel, and qemu-kvm), SUSE (ansible, java-1_7_1-ibm, libosinfo, php53, and qemu), and Ubuntu (irssi, samba, and systemd).

    • Defence/Aggression

    • Transparency/Investigative Reporting

    • Environment

      • Bahamians begin rescues as Dorian moves on toward US coast
      • Fighting Water Privatization with ‘Blue Communities’

        That year Barlow helped found the Council of Canadians, a nonprofit focused on democracy, trade and environmental issues, and jumped headlong into a global battle to protect public control of water resources — a fight in which she’s been a leading voice ever since.

        Among her accomplishments, Barlow was instrumental in the United Nations’ decision to declare access to clean water a human right in 2010. She’s also received accolades for her efforts including the Right Livelihood Award and the Lannan Cultural Freedom Fellowship Award. She’s currently the honorary chair of the Council of Canadians, chair of the board of Food and Water Watch and a councilor with the Hamburg-based World Future Council.

        In Whose Water Is It, Anyway? she writes not just about the hazards of water privatization but about proactive efforts that communities are taking to protect water resources, including the Blue Communities Project, which started in Canada in 2009 and has spread to cities, universities, unions and faith-based organizations around the world. Blue Communities commit to defending water as a human right, protecting water resources for the public trust and banning bottled water from municipal facilities and events.

        We spoke to Barlow about the different forms that water privatization can take, the solutions offered by Blue Communities and our biggest water threat.

      • Egyptian theatre aids climate change fight

        To help to alert people to the hotter future ahead, an Egyptian theatre troupe is taking the climate message to villages to enlist farmers.

    • Finance

      • Everything You Need to Play Baseball Is Made in China — and Getting Hit by Trump’s Tariffs

        Since 1983, Kim Karsh has helped baseball teams deal with an inconvenient fact of the modern economy: Almost everything you need to play America’s homegrown sport is now made in China, from cleats to batting helmets.

        Lately, supplying the game’s amateurs and fans has gotten more difficult. Karsh owns California Pro Sports in Harbor City, California, where invoices for big customers now include a caveat: Prices are up due to the Trump administration’s tariffs on Chinese imports, and they could rise further on short notice.

      • California City Experiments With Universal Income

        Democratic presidential candidate Andrew Yang€ wants to give cash to every American each month.

    • Censorship/Free Speech

    • Civil Rights/Policing

      • Maryland Appeals Court Says Sexting Teen Is A Child Pornographer

        Far too many prosecutors in far too many states have trouble reading child porn statutes. Instead of reading them how they're intended to be read -- to punish adults who victimize minors -- they read them to include the criminalization of minors participating in sexting. When these pictures and videos are shared, these justice system components become contortionists in order to treat subjects of recordings as their own child pornographers.

      • Lungu Calls For Urgent Measures To End S.A Xenophobia

        President Edgar Lungu has condemned the ongoing xenophobic attacks in South Africa in all its forms and manifestations.

        President Lungu has said attacks of this nature targeted at foreigners call for urgent concerted measures by the South African Government and the regional bodies.

      • Xenophobia hub: Tiwa Savage, Burna Boy ditch SA; Lagos reprisals, Zambia prez prays

        Players in Nigeria’s entertainment industry have severally been reacting to the violence in South Africa with two of Nigeria’s biggest acts announcing that they have ditched trips to South Africa.

      • Violence is not the answer

        Resurgent attacks - including physical brutality, looting and intimidation - by xenophobic and criminal elements against fellow Africans are appalling and heartbreaking.

        The violence pitting blacks against each other is needless, and does all of us collectively as Africans no good.

    • Internet Policy/Net Neutrality

      • California Has No Broadband Plan for the Future While The World Marches Ahead

        The world’s largest economies are aggressively modernizing their Internet infrastructure with universal fiber to-the-home plans or have already achieved that metric—with the exception of the United States. EFF noted that there is a desperate need for a federal “Fiber for All” plan that tackles this national problem. But the same can be said about the state of California, the country’s largest state economy, which ranks on its own as the fifth largest economy of the world.

        In fact, as of 2012, the California legislature decided to eliminate the authority of its own telecom regulator, the California Public Utilities Commission (CPUC) through the end of 2019—on the promise that such a move would produce an affordable, widely available, high-speed broadband networks.

  • Monopolies

    • Patents and Software Patents

      • The big elephant in the FTC v. Qualcomm antitrust room: compulsory licensing of standard-essential patents

        Even I as an outspoken critic of Qualcomm's business model don't doubt for a second that Qualcomm's pre-Quanta agreements with competing cellular baseband chipset makers weren't intended to be exhaustive. But does that make them involuntary? Qualcomm can't claim that it signed those agreements at gunpoint or to comply with regulations. The Supreme Court didn't say in Quanta that it overruled, or expanded, an older doctrine. Instead, the highest court in the land said that this had been the law for 150 years, and even the (relatively speaking) more recent case that governed Quanta is from the 1940s, long before there was such a company as Qualcomm. I readily believe Qualcomm that they had misinterpreted the law, but does that make the agreements they signed until then involuntary?

        Additionally or alternatively, one can hold against Qualcomm that it entered into FRAND licensing declarations such as the two with respect to which Judge Koh entered summary judgment that they undoubtedly required Qualcomm to extend FRAND licenses to rival chipset makers. Again, Qualcomm's self-delusionary opinion might have been that it could circumvent that obligation, but we're talking about a voluntary course of dealing. (To be clear, I'm not saying that breach of contract is an antitrust violation.)

      • Continental withdraws U.S. antisuit injunction motion against Nokia only in part--potential for enforcement dispute

        Continental's filing states that they are now opposing this injunction in Munich. Technically, this means the Munich I Regional Court would have to hold another hearing with respect to the U.S. entity, but given how the last hearing went, it would either take a surprising change of mind on the German court's part or a new and winning argument on Continental's part to get a different outcome. Then the matter will go up to the Munich Higher Regional Court, to which I assume Continental is already appealing--or about to appeal any moment--Friday's injunction against the German parent company. The appeals court may very well overrule the lower court, and Continental's notice makes clear that they may revive the withdrawn parts of the motion in the event the Munich AAII is lifted.

        Nokia had asked the German court to obligate Continental to withdraw its motion within 24 hours of service, but the court instead granted the injunction only on the basis of requiring a withdrawal "without undue delay." Therefore, the fact that Continental needed a few days (not even counting the long Labor Day weekend in between) shouldn't matter.

        But it's only a partial withdrawal. The notice clarifies that Continental's withdrawal relates only to ten specified Nokia v. Daimler cases pending in Dusseldorf, Mannheim, and Munich, and only with respect to three Nokia legal entities, but the Daimler supplier "is not withdrawing its motion for anti-suit injunction in any other respect, i.e., insofar as it seeks an order enjoining the other defendants in this proceeding, as well as Nokia, from pursuing or instituting against Continental or any of its customers (or their subsidiaries or affiliates) any other action alleging infringement of their global 2G, 3G and 4G SEPs during the pendency of the FRAND proceeding in this Court, or from acting in concert with anyone to pursue or institute such an action."

    • Copyrights

      • Sony Is Feverishly Battling Vita Tinkerers Despite Vita Being Discontinued

        If ever there were a poster child for this strange new culture in which we don't actually own what we buy, there is a strong argument for making Sony the number one pick. Beyond all of Sony's day-to-day anti-consumer practices disguised as anti-piracy efforts, the company is also rather infamous for the Playstation 3 debacle, in which the console was rolled out with a feature that allowed buyers to install other operating systems on it, and then subsequently removed that feature via a firmware update. That Sony wasn't fully trashed in the legal and public opinions courts for doing so basically set the tone for the subsequent decade, where now this sort of bullshit is common practice.



Recent Techrights' Posts

"Many Applications Labelled as "Cybersecurity" and Given a Veneer of Legitimacy Are Really "Weaponised" and Abusive Code"
New from Dr. Andy Farnell
Security Advisory: Debian falls for social engineering hacks
Reprinted with permission from Daniel Pocock
 
Plagiarism by Bots: Guardian Digital, Inc (linuxsecurity.com) Still Creates Fake Articles About "Linux"
100% fake
[Teaser] [Meme] New Ways to Impoverish Patent Examiners (Entrusted to Block Unjust Monopolies or Monopoly Applications)
Coming tomorrow!
Apple Tax funds: railways, defective concrete blocks in Ireland's North and West
Reprinted with permission from Daniel Pocock
Daniel Pocock, Nomination for Ireland, Dublin Bay South, General Election 2024
Reprinted with permission from Daniel Pocock
Links 08/11/2024: TikTok Bans and Clownflare Issues/Perils
Links for the day
Gemini Links 08/11/2024: RPS, O.D.I.N., and RSS in Yahoo News
Links for the day
Donald Trump as Censor in Chief Can Now Leverage Censorship Companies and Fake Protection Disguised as 'Security'
Centralised CAs were trouble all along
Technology: rights or responsibilities? - Part VI
By Dr. Andy Farnell
A Death of a News Industry
A theme we explored thrice today
Deciphering Centralised CAs and Why Their Demise Should be a Goal
Encryption in transmission is good; but who controls the key exchange and certification/authentication/validation?
Links 08/11/2024: Strikes, Recessions, and Slowdowns
Links for the day
[Teaster] [Meme] New Ways of Wrecking (NWoW)
The EPO
Gateway for News and Blogs
In the long run, this site and its sister site (less overlap between them now) should hopefully become a popular destination for people who look for information, not chaff
Going Even Faster
We hope the site will be faster soon
Psychopaths Who Reaffirm Our Work's Value
Psychopaths and sociopaths lack empathy, so they're willing to go very far and stoop as low as they deem necessary
[Meme] How Low Can You Go at the European Patent Office?
Not just in terms of patent quality
More Cuts/End to Benefits for EPO Workers (Europe's Working Conditions Incompatible With the European Patent Convention)
"The Office is now reviving it but plans to introduce new cuts on benefits"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 07, 2024
IRC logs for Thursday, November 07, 2024
Gemini Links 08/11/2024: US Election, RetroChallenge 2024, and More
Links for the day
[Meme] Questioning Proprietary Software? Not OK...
A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry
Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table
Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI
They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day
They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code
proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory
Time to get back to paper? Or read an old paper?
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More
Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding
Links for the day
[Meme] Election Day at the European Patent Office
Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today
In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out
many leaks received today
Today We Got an Early Birthday Gift
Exciting times
[Meme] Going Too Far to the Left Can Breed Militant Ideology
Some people can never be appeased because they prefer not to be appeased
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed
In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did)
Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
A President Trump is Excellent News to Microsoft
His racist policies gave lots of contracts to Microsoft
Who Next on the Linux Foundation's 'Kill List'?
Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
Links 07/11/2024: Facebook Scams, Journalists on Strike
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024
IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor"
"The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!
Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues
Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Would You Trust a Liar?
Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day