Bonum Certa Men Certa

Links 10/12/2019: Kubernetes 1.17, Debian Init Systems GR



  • GNU/Linux

    • Desktop/Laptop

      • China Says No Mo Windows or PCs Starting 2022

        Here’s one to remember and keep track of. According to the Australian Financial Review, as reported at MSPowerUser.com: “The Chinese Communist Party Central Office has ordered all government services to replace all computers running non-Chinese software and operating systems within the next 3 years.” By 2022, that is. That’s why I entitled this blog post “China says no mo Windows or PCs starting 2022.”

        Apparently, this comes in response to the US Government’s decision to add Huawei to the “entity list.” That list is a compilation of companies with which it will not do business. (Nor may its contractors do likewise, for any systems that touch or interact with US Government systems.) I’m wondering if the Chinese Communist Party has the oomph to pull this off. It certainly adds impetus for Huawei to keep working on its Hongmeng/Harmony/Ark OS alternative (I wrote about this back in June of this year for Win10.Guru). Here’s a Huawei Central blog post from August, 2019, that provides something close to an “official line” (it’s probably in need of updating, though): HarmonyOS/Hongmeng OS: Here’s everything you need to know about this new Operating System.

      • China to ditch all Windows PCs by 2022 – could this be Linux’s time to shine?

        In a major blow to Microsoft, the Chinese government will be replacing all PCs that run Windows by 2022, and could instead use a Chinese-created Linux distro, such as Kylin Linux.

        The order comes from the Chinese Communist Party Central Office, and is part of a drive to replace any computer that runs non-Chinese software, partly in response to the US government’s blacklisting of Chinese hardware.

        Microsoft gave a recent Windows 10 update to the wrong users These are the best Windows 10 laptops out there And the best Windows 10 antivirus apps of 2019

        Chinese government services have been ordered to replace 30% of Windows PCs by the end of 2020, a further 50% in 2021 and the final 20% by the end of 2022.

      • 10 Best Cheap Linux Laptops to Buy on a Budget

        In comparison to other operating systems, Linux offers a dedicated environment for programmers that is free and more dedicated to user’s privacy and security. This is why Linux’s popularity has increased drastically over the years. Whether you’re looking at buy a laptop with pre-installed Linux or want to run it on parallel with a Windows operating system, you’ve come to the right place. Read on below to find out some interesting specifications of the top ten Linux laptops you can buy at the most affordable prices.

      • Ampere's Arm-based eMAG CPU is now available in a workstation

        Avantek offers the workstation with a few graphics cards options including the AMD FirePro W2100 2GB, a Radeon Pro WX 5100 8GB, and the Nvidia Quadro GV100 32GB. The workstation is only offered running Linux with a few different flavors including Ubuntu, centOS and Linux SUSE / openSUSE.

    • Server

      • Kubernetes 1.17: Stability

        We’re pleased to announce the delivery of Kubernetes 1.17, our fourth and final release of 2019! Kubernetes v1.17 consists of 22 enhancements: 14 enhancements have graduated to stable, 4 enhancements are moving to beta, and 4 enhancements are entering alpha.

      • Kubernetes 1.17 Feature: Kubernetes Volume Snapshot Moves to Beta

        The Kubernetes Volume Snapshot feature is now beta in Kubernetes v1.17. It was introduced as alpha in Kubernetes v1.12, with a second alpha with breaking changes in Kubernetes v1.13. This post summarizes the changes in the beta release.

      • Kubernetes 1.17 Feature: Kubernetes In-Tree to CSI Volume Migration Moves to Beta

        The Kubernetes in-tree storage plugin to Container Storage Interface (CSI) migration infrastructure is now beta in Kubernetes v1.17. CSI migration was introduced as alpha in Kubernetes v1.14.

        Kubernetes features are generally introduced as alpha and moved to beta (and eventually to stable/GA) over subsequent Kubernetes releases. This process allows Kubernetes developers to get feedback, discover and fix issues, iterate on the designs, and deliver high quality, production grade features.

      • IBM

        • LoRaWAN setup at the EclipseCon IoT playground

          At the recent EclipseCon Europe in Ludwigsburg, Germany, we had a big dashboard in the IoT playground area showing graphs of the number of WiFi devices, the temperature, and air quality, all transmitted via LoRaWAN. We worked on this project during the community day and kept the setup throughout the conference, where we showed it and played with it even further. This article describes the architecture of the setup and gives pointers to replicate it.

        • Italian job: Translating our mission statement in the open

          A few months ago, I noticed a post on our company's internal collaboration platform that seemed to be calling my name. Colleagues from around the world were leaving comments on translated versions of one particular (and very important) corporate message: the company's mission statement. And they had questions about the Italian translation.

          So I joined the conversation with no hesitation, assuming I'd engage in a quick exchange of opinions and reach a conclusion about the best way to translate Red Hat's mission statement:

          To be the catalyst in communities of customers, contributors, and partners creating better technology the open source way.

          That's a single sentence consisting of less than 20 words. Translating it into another language should be a no-brainer, right? If anything, the work should take no longer than a few minutes: Read it out loud, spot room for improvement, swap a word for a more effective synonym, maybe rephrase a bit, and you're done!

          As a matter of fact, that's not always the case.

          Translations of the mission statement in a few languages were already available, but comments from colleagues reflected a need for some review. And as more Red Hatters from different parts of the globe joined the discussion and shared their perspectives, I began to see many possibilities for solving this translation problem—and the challenges that come with this abundance of ideas.

        • Explore Kubernetes with OpenShift in a workshop near you

          The Kubernetes with OpenShift World Tour is a series of in-person workshops around the globe that help you build the skills you need to quickly modernize your applications. This World Tour provides a hands-on experience and teaches the basics of working with the hybrid-cloud, enterprise container platform Red Hat€® OpenShift€® on IBM Cloudâ„¢. You learn coding skills in the world of containerized, cloud-native development with expert developer advocates, who have deep technical experience building cloud microservices and applications with Red Hat OpenShift.

    • Audiocasts/Shows

      • Episode 89 | This Week in Linux

        01:32 = Sponsored by Digital Ocean €· [link] 02:30 = elementary OS 5.1 “Hera” Released €· [elementary.io] 07:15 = Ubuntu 20.04 LTS Pre-release Survey €· [ubuntu.com] 09:36 = Ubuntu Cinnamon – First Release €· [Links: ubuntu.com, 13:35 = Tails 4.1 Released €· [tails.boum.org] 16:39 = Kali Linux 2019.4 Released €· [kali.org] 19:49 = CAINE 11.0 Released €· [caine-live.net] 21:13 = DLN + FreeGeek = DLN Charity Drive €· link coming soon 23:19 = Firefox 71 Released €· [mozilla.org] 25:17 = Timekpr-nExT (Parental Controls) €· [launchpad.net/timekpr-next] 29:24 = TWinL Housekeeping 33:21 = KDE Improvements for Plasma 5.18 €· [Links: pointieststick.com 36:40 = Lutris 0.5.4 Released €· [Links: lutris.net, 39:02 = Humble Choice Replaces Humble Monthly €· [tuxdigital.com/go/humble-choice] 41:45 = Indie Hits Sale on Humble Store €· [tuxdigital.com/go/humble-indie-hits-sale] 42:13 = Humble Sonic Bundle 2019 €· [tuxdigital.com/go/humble-sonic-bundle-2019] 43:27 = Data Science Book Bundle €· [tuxdigital.com/go/ 43:56 = Yogscast Jingle Jam €· [humblebundle.com] 45:14 = Outro

      • 2019-12-09 | Linux Headlines 64

        The Raspberry Pi 4 Ubuntu bugs get sorted out, and Canonical reaffirms its commitment to the platform and all future devices. Plus an approachable way to give back to KDE, and more.

      • LHS Episode #316: GridTracker Deep Dive Part 2

        Welcome to the 316th installment of Linux in the Ham Shack. In this episode, we have Stephen "Tag" Loomis, N0TTL, back for a second episode on GridTracker. In this episode, the hosts discuss updates, additions and bug fixes to the application since the last time and then dive into its most complex and powerful feature, the Callable Roster. Then there is information about the myriad updates to statistical analysis that will be available in the next release. Thank you for listening and we hope you enjoy this episode and your time using GridTracker.

    • Kernel Space

      • At long last, WireGuard VPN is on its way into Linux

        How much are people looking forward to WireGuard, the new in-kernel Linux virtual private network (VPN)? Well, Linus Torvalds said, "Can I just once again state my love for it and hope it gets merged soon? Maybe the code isn't perfect, but I've skimmed it, and compared to the horrors that are OpenVPN and IPSec, it's a work of art."

        If that sounds like damning with faint praise, you don't know Torvalds. For him, this is high praise. WireGuard has now been committed to the mainline Linux kernel. While there are still tests to be made and hoops to be jumped through, it should be released in the next major Linux kernel release, 5.6, in the first or second quarter of 2020.

      • WireGuard VPN Is On Its Way To Linux

        WireGuard has now been committed to the mainline Linux kernel. "While there are still tests to be made and hoops to be jumped through, it should be released in the next major Linux kernel release, 5.6, in the first or second quarter of 2020," reports ZDNet

      • Managing the Linux kernel at AWS: 'A large team of security experts' dealing with fallout from Spectre, Meltdown flaws

        Schlaeger told us he's responsible "for the lowest layer of the software stack that runs on almost all the servers. We work on things like the Linux kernel, various hypervisors, Xen, KVM, Firecracker if you want to include the VMM [Virtual Machine Manager] as well. And we are heavily involved in the definition of the EC2 [Elastic Compute Cloud] instance types, especially for the accelerated platform."

        A couple of months ago, Linux kernel maintainer Greg Kroah-Hartman told us that the infamous Spectre, Meltdown and other MDS (Microarchitectural Data Sampling) bugs would be "with us for a long time," as "more and more of the same types of problems" are discovered.

      • Graphics Stack

        • Upstream Graphics: Too Little, Too Late

          Unlike the tradition of my past few talks at Linux Plumbers or Kernel conferences, this time around in Lisboa I did not start out with a rant proposing to change everything. Instead I celebrated roughly 10 years of upstream graphics progress and finally achieving paradise. But that was all just prelude to a few bait-and-switches later fulfill expectations on what’s broken this time around in upstream, totally, and what needs to be fixed and changed, maybe.

          The LPC video recording is now released, slides are uploaded. If neither of that is to your taste, read below the break for the written summary.

          Mission Accomplished

          10 or so years ago upstream graphics was essentially a proof of concept for the promised to come. Kernel display modeset just landed, finally bringing a somewhat modern display driver userspace API to linux. And GEM, the graphics execution manager landed, bringing proper GPU memory management and multi client rendering. Realistically a lot needed to be done still, from rendering drivers for all the various SoC, to an atomic display API that can expose all the features, not just what was needed to light up a linux desktop back in the days. And lots of work to improve the codebase and make it much easier and quicker to write drivers.

          There’s obviously still a lot to do, but I think we’ve achieved that - for full details, check out my ELCE talk about everything great for upstream graphics.

          [...]

          Also, there just isn’t a single LTS kernel. Even upstream has multiple, plus every distro has their own flavour, plus customers love to grow their own variety trees too. Often they’re not even coordinated on the same upstream release. Cheapest way to support this entire madness is to completely ignore upstream and just write your own subsystem. Or at least not use any of the helper libraries provided by kernel subsystems, completely defeating the supposed benefit of upstreaming code.

          No matter the strategy, they all boil down to paying twice - if you want to upstream your code. And there’s no added return for the doubled bill. In conclusion, upstream first needs a business case, like the open source graphics stack in general. And that business case is very much real, except for upstreaming, it’s only real in userspace.

          In the kernel, “upstream first” is a sham, at least for graphics drivers.

          Thanks to Alex Deucher for reading and commenting on drafts of this text.

        • The Open-Source Qualcomm "TURNIP" Vulkan Driver Adds Important Performance Feature

          The TURNIP Mesa Vulkan driver providing support for recent Qualcomm Adreno graphics processors and akin to the Freedreno Gallium3D driver has added an important performance-boosting feature.

          Thanks to Jonathan Marek who has been driving much of the TURNIP driver advancements in recent time is now hardware binning support. The nearly 400 lines of code implement hardware binning as an important performance sensitive feature.

        • ChamferWM Still Appears To Be The Most Capable Vulkan-Powered X11 Tiling Window Manager

          While we are approaching 2020 and the four year anniversary since the Vulkan 1.0 launch, one aspect that has been a bit disappointing has been the lack of not seeing quicker uptake by various Linux window managers / compositors in at least offering a Vulkan code path. One of the best examples of a Vulkan-powered compositor with that has been the independent ChamferWM.

        • Intel Jasper Lake Support Added To Mesa 20.0 OpenGL / Vulkan Drivers

          With Intel Jasper Lake graphics support making it as one of the prominent hardware support additions for Linux 5.5, the user-space OpenGL/Vulkan driver support is now found within Mesa 20.0-devel.

          Commits today added the Intel Jasper Lake support for Mesa 20.0. Though with Jasper Lake being "Gen 11" graphics like existing Ice Lake as well as Elkhart Lake, the Jasper Lake addition primarily comes down to adding the new PCI IDs and then following the same driver code paths as Elkhart Lake.

    • Applications

      • Daniel Stenberg: Mr Robot curls

        Vasilis Lourdas reported that he did a “curl sighting” in the show and very well I took a closer peek and what do we see some 37 minutes 36 seconds into episode 8 season 4…

        (I haven’t followed the show since at some point in season two so I cannot speak for what actually has happened in the plot up to this point. I’m only looking at and talking about what’s on the screenshots here.)

        Elliot writes Python. In this Python program, we can see two curl invokes, both unfortunately a blurry on the right side so it’s hard to see them exactly (the blur is really there in the source and I couldn’t see/catch a single frame without it). Fortunately, I think we get some additional clues later on in episode 10, see below.

        He invokes curl with -i to see the response header coming back but then he makes some questionable choices. The -k option is the short version of --insecure. It truly makes a HTTPS connection insecure since it completely switches off the CA cert verification. We all know no serious hacker would do that in a real world use.

        Perhaps the biggest problem for me is however the following -X POST. In itself it doesn’t have to be bad, but when taking the second shot from episode 10 into account we see that he really does combine this with the use of -d and thus the -X is totally superfluous or perhaps even wrong. The show technician who wrote this copied a bad example…

    • Instructionals/Technical

    • Games

      • The Indie Hits Sale over on Humble Store went live with some great Linux deals

        Humble are now celebrating Indie games, with a big sale going on some really great Indie games and a lot of good deals for Linux gamers on the lookout for something new.

        We're certainly not short on indie games, something Linux has thankfully done reasonably well with getting ports and official support from developers. Some of my all time favourite games are indie too, the variation you can find even in a single genre is often amazing.

      • Chooseco are getting indie games using 'choose your own adventure' taken down on itch.io

        The creator of indie store itch.io has issued a warning to game developers, as Chooseco appear to be trying to take down anything using the 'choose your own adventure' phrase.

        Not surprising it's happening though, Chooseco went after Netflix for using the same phrase with Black Mirror: Bandersnatch.

      • Dying Light is doing a Chivalry crossover event with new weapons and an outfit

        Things are getting a bit medieval in Dying Light, with a new Chivalry crossover event that's arrived with some new free goodies to grab.

        Running until December 16, this event has some new random encounters available as you travel through either the Slums or Old Town. One of the event quests needs you to take two airdrops from Rais' men, this will reward you with a Agatha Medieval Shield. The other new event quest will require you to save some helpless people from monsters and bandits, help some survivors in their fight against the undead (both parts need doing twice) and that will reward you with a Zweihänder Sword.

      • Atari VCS going through 'Engineering Validation Testing' on the road to release

        Another update on the Linux-powered little console the Atari VCS, which is now going through Engineering Validation Testing (EVT) as it's on the road to release next year.

        In the last update we posted last month, the Atari VCS was going through pre-production. Something that stuck out, was the actual units looking seriously cheap and shiny.

      • The 15 Best NES Emulator Apps for Android Device in 2020

        Did you ever hear about NES Emulator? Well, NES Emulator is a system that helps you to play old days games in your Android device. The word NES stands for the Nintendo Entertainment System. It is a kind of iconic gaming console. The main task of this console is to make you eligible to play those classic games. However, if you are nostalgic, want to have the experience of playing those exotic games, you can install an NES app from PlayStore. Here, I have added some useful NES Emulator apps for Android that you can find for free to use and enjoy those classic games.

    • Desktop Environments/WMs

      • Customize your Linux desktop with FVWM

        The FVWM window manager started out as modifications to TWM, back in 1993. After several years of iteration, what emerged is an extremely customizable environment where any behavior, action, or event is configurable. It has support for custom key bindings, mouse gestures, theming, scripting, and much more.

        While FVWM is usable immediately after installation, its default distribution provides only the absolute minimum configuration. It's a great foundation to start your own custom desktop environment, but if you just want to use it as a desktop, then you probably want to install a full configuration distributed by another user. There are a few different distributions of FVWM, including FVWM95, which mimics Windows 95 (at least in appearance and layout). I tried FVWM-Crystal, a modern-looking theme with some common Linux desktop conventions.

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.18 featuring new emoji picker to release in Feb 2020

          Although the KDE Plasma 5.17 release is just a few months old (released in October 2019), news of the next major KDE offering, KDE Plasma 5.18, is already making headlines. KDE Plasma 5.18 is not only the next major release of the distro.

          It is their next LTS version of the open-source Linux distro. The last LTS release was KDE Plasma 5.12 LTS launched in February 2018.

          Let’s take a gander at the improvements and new features planned for KDE Plasma 5.18 LTS.

        • Legislating is patch review

          Patch review is a process by which newcomers and experts debate proposed changes to a codebase–a textual description of how a particular human-created system is to function. In KDE, we use Phabricator for this, but we’re switching to GitLab soon. Both serve the same purpose: to provide a forum where proposed changes can be discussed, revised, and decided upon.

          [...]

          Rushing isn’t such a huge deal as long as you have a QA process and discrete releases. These tools provide time for regressions to be fixed and rough edges to me smoothed out. When patches can be evaluated in a safe sandbox of sorts and subsequently tweaked before their effects are released to users, it’s not so bad to move quickly. But you can’t expose your users to the churn stirred up by a fast process; it needs to be contained internally.

          Lesson for politicians: You don’t need so much process surrounding lawmaking if you don’t roll out all approved changes immediately. Before new bills take effect, let them simmer for a while in a “release branch” where they can undergo QA so that regressions can be found before they’re inflicted on unsuspected citizens (users)!

          As software people, there are lessons we can take from our governments’ successes (and more often these days it seems, their failures), because this aspect of our professions overlaps quite a bit. It also exposes an uncomfortable truth: changing the rules and behaviors of a system that effects everyone is inherently political. That’s why we invented patch review processes: to make sure that important voices are heard, that the system doesn’t become inhumane for people who depend on it, and that its overall trajectory is positive.

          Personally I’m a lot more sanguine about the prospect of this in software than government right now, and I think that’s something that needs to change. The efficacy and positive societal impacts of our governments’ lawmaking seems to be at a bit of an ebb at this moment in time. But there may come a point in time when our experience in patch review becomes useful on a larger stage, and benefits not only users of KDE software, but also the people of the world. We shouldn’t shy away from politics. Our everyday experiences in KDE are in fact the prefect preparation! Far from being distant and scary, it’s something we’re engaging in–and succeeding at–every time we contribute to KDE.

        • A better Qt because of Open Source and KDE

          The development framework Qt is available both as Open Source and under paid license terms. Two decades ago, when Qt 2.0 was first released as Open Source, this was exceptional. Today, most popular developing frameworks are Free/Open Source Software1. Without the dual licensing approach, Qt would not exist today as a popular high-quality framework.

          There is another aspect of Qt licensing which is still very exceptional today, and which is not as well-known as it ought to be. The Open Source availability of Qt is legally protected through the by-laws and contracts of a foundation.

          The KDE Free Qt Foundation was created in 1998 and guarantees the continued availability of Qt as Free/Open Source Software2. When it was set up, Qt was developed by Trolltech, its original company. The foundation supported Qt through the transitions first to Nokia and then to Digia and to The Qt Company.

          In case The Qt Company would ever attempt to close down Open Source Qt, the foundation is entitled to publish Qt under the BSD license. This notable legal guarantee strengthens Qt. It creates trust among developers, contributors and customers.

          The KDE Free Qt Foundation is a cooperation between The Qt Company on the one hand and KDE on the other hand. KDE is one of the largest Free Software communities for general purpose end-user software, founded in 1996. In case of ties, KDE has an extra vote, ensuring that The Qt Company does not have a veto on decisions.

          My in-depth presentation below provides an overview of the history of the Foundation and describes its importance for Qt today. It explains in detail why the existence of the Foundation has a positive influence on the long-term market success of Qt.

    • Distributions

      • Best Linux Distributions that Look Like MacOS

        The Linux world is filled with several distributions born of the desire to solve a specified problem using unique design and build approaches. There are distros created for chemists, astrologers, music producers, and there are ones created to emulate macOS.

        Do you miss the UI/UX of your old Mac? Or do you want to turn up your computing experience by giving your laptop a shiny new look with an appearance difficult to distinguish from macOS? Today’s list is of the best Linux distributions that look like macOS.

      • Screenshots/Screencasts

      • Fedora Family

        • rpminspect-0.10 released

          I released rpminspect-0.10 today. There are a lot of bug fixes in this release, but also some new features.

        • Fedora 31 : Can be better? part 003.

          Yes! The Fedora distro Linux can be better. One bad problem for most Fedora users is video drivers. I have an old NVIDIA graphic card: NVIDIA Corporation GT218 [GeForce 210] (rev a2).

        • Fedora 32 Will Still Allow Empty Passwords By Default

          Last month was a proposal for Fedora 32 to disallow empty passwords for local users by default but at today's Fedora Engineering and Steering Committee (FESCo) they completely shot down that proposal.

          Fedora has been shipping with the Fedora PAM module parameter that allows for empty/null passwords on local users -- to be clear, root passwords cannot be null and the default OpenSSH server configuration doesn't allow empty passwords either for logging into user accounts. Fedora local accounts can have an empty password for legitimate use-cases like testing environments where security is of little to no importance, throw-away VMs/instances, and some tooling like Fedora Live images relying upon this behavior.

        • Quality and Badlisting in Kanidm

          Passwords are still a required part of any IDM system. As much as I wish for Kanidm to only support webauthn and stronger authentication types, at the end of the day devices can be lost, destroyed, some people may not be able to afford them, some clients aren’t compatible with them and more.

          This means the current state of the art is still multi-factor auth. Something you have and something you know.

          Despite the presence of the multiple factors, it’s still important to quality check passwords. Microsoft’s Azure security team have written about passwords, and it really drives home the current situation. I would certainly trust these people at Microsoft to know what they are talking about given the scale of what they have to defend daily.

          The most important take away is that trying to obscure the password from a bruteforce is a pointless exercise because passwords end up in password dumps, they get phished, keylogged, and more. MFA matters!

          It’s important here to look at the “easily guessed” and “credential stuffing” category. That’s what we really want to defend against with password quality, and MFA protects us against keylogging, phising (only webauthn), and reuse.

        • Fedora Women’s Day Report (Bhubaneswar)

          For the very first time, Fedora Women’s Day was celebrated in Bhubaneswar, India. The event happened on 26th November 2019 at the College of Engineering and Technology, Bhubaneswar. My aim as an organiser was to have a session on “Getting started with OpenSource” which includes understanding the opportunities Fedora Project provides as an Open-source community as well as getting to know what open source is. Since I had a diverse audience of students from different years, I had to plan the event in favour of both. So, the session was divided into 2 parts, with the first part being What is Open Source and how to get started with it and the second part which introduced Fedora Project as an open-source community. A huge crowd of students showed up, which consists of both genders. I was accompanied by @amitosh (Amitosh Swain Mohapatra), another community member of Fedora. The session was for 2 hours.

          I started introducing what is open source, what are the perks of doing open source. I spoke about Git and Github and how they are so important in the life of an aspired developer. Followed which I moved on to explain to them about different internship programs like Outreachy, GSoC, GSSoc, RGSoC etc. A closed overview of the following internship included talking about their community, stipend and perks. Then I shared my experience as an Outreachy intern with Fedora and my experience at Flock 2019.

      • Debian Family

        • Debian GR on init systems - Ballot paper format

          You are allowed to reorder the choices on your ballot paper, and this is effective.

          That is, you can take the ballot paper in the CFV and edit the lines in it into your preferred order with cut and paste. You can look at the letters, or the Secretary's summary lines, when you do that.

          It's important to use a proper text editor and not linewrap things while you do this.

          After, that you can simply write numbers 1 to 8 into the boxes down the left hand side.

          Rank all the options. That way when you get your vote ack back, any parse failure will show up as a blank space in the ack.

        • Debian init systems GR - voting guide

          If you don't know what's going on, you may wish to read my summary and briefing blog post from a few weeks ago. There are 7 options on the ballot, plus Further Discussion (FD). With this posting I'm trying to help voting Debian Members (Debian Developers) cast their votes.

          I am going to be neutral about the technical merits of systemd. My advice does not depend on your opinion about that.

          So my advice here is addressed to people who like systemd and want to keep running it, and developing with it, as well as, of course, people who prefer not to use systemd. I'm even addressing readers who think systemd has useful features which they would like Debian packages to be able to use.

          However, I am going to be opinionated about one key question: My baseline is that Debian must welcome code contributions to support running without systemd, just as it welcomes code contributions for other non-default setups. If you agree with that principle, then this posting is for you. Unfortunately this principle is controversial. Several of the options on the current GR mean rejecting contributions of non-systemd support. So in that sense I am not neutral.

        • Philipp Kern: Voting for systemd

          I have voted putting Proposal F first, Proposal B second and everything else after Further Discussion. I think if something truly better than systemd comes around, people in Debian will not stand in the way of people making it work - even despite this GR passing. That's how systemd started out after all. But the fact that we also want to support inferior old ways holds us back.

          At the point where Debian decided on the question of upstart vs. systemd, to me upstart was not a valid contender anymore. I had to deal professionally with it and no-one really know how to hold it in the right way so that modifications to upstart jobs did not break the boot. For systemd - despite the complexity everyone mentions as the problem - I only recall one major one where a certain machine type did not boot anymore and that was actually due to a regression in udev. If we would be discussing this as we debate the next serious contender to systemd, I would vote differently.

        • Gunnar Wolf: GR vote: init systems

          For Debian followers, it should not be a surprise: a new General Resolution regarding the init systems is underway, trying to finally settle the set of issues that stem from the way our project works, following the 2014-003 vote, init system coupling. Back in 2014, I find it quite understandable the project was not in a collective mental state that would have allowed for closure after the infamously long and flamey bug #727708.

          As others have shared theirs, and given this is a non-secret vote (choices will be spelt out once the vote is done), I am doing so as well.

        • Lucas Nussbaum: init systems GR vote

          At this point, I don’t think that it is useful anymore for Debian to spend energy on supporting several init systems. I believe that experimentation is useful, that Debian should support it, but that it does not need to happen inside Debian. Interested people can work on derivative distributions, or even just maintain a small set of packages installable on top of Debian that will add support for alternative init systems where needed.

        • Wouter Verhelst: GR 2019 002



          Just sent in my vote. After carefully considering what I consider to be important, and reading all the options, I ended up with 84312756.

          There are two options that rule out any compromise position; choice 1, "Focus on systemd", essentially says that anything not systemd is unimportant and we should just drop it. At the same time, choice 6, "support for multiple init systems is required", essentially says that you have to keep supporting other systems no matter what the rest of the world is doing lalala I'm not listening mom he's stealing my candy again.

          Debian has always been a very diverse community; as a result, historically, we've provided a wide range of valid choices to our users. The result of that is that some of our derivatives have chosen Debian to base their very non-standard distribution on. It is therefore, to me, no surprise that Devuan, the very strongly no-systemd distribution, was based on Debian and not Fedora or openSUSE.

      • Canonical/Ubuntu Family

        • Ubuntu Weekly Newsletter Issue 608

          Welcome to the Ubuntu Weekly Newsletter, Issue 608 for the week of December 1 – 7, 2019. The full version of this issue is available here.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Developers shouldn't distribute their own software

        Thankfully, each distro includes its own set of volunteers dedicated to this specific job: packaging software for the distribution and making sure it conforms to the norms of the target environment. This model also adds a set of checks and balances to the system, in which the distro maintainers can audit each other’s work for bugs and examine the software being packaged for anti-features like telemetry or advertisements, patching it out as necessary. These systems keep malware out of the repositories, handle distribution of updates, cryptographically verifying signatures, scaling the distribution out across many mirrors - it’s a robust system with decades of refinement.

      • attention please: host's IP stack behavior got changed slightly

        Your laptops, desktops and servers now check packet destination address with IP address bound to interface, where such packet is received on. If there will be mismatch the packet will be discarded and 'wrongif' counter will be bumped. You can use 'netstat -s|grep wrongif' to display the counter value.

      • Web Browsers

        • Mozilla

          • Trusted Recursive Resolvers – Protecting Your Privacy with Policy and Technology

            In keeping with a longstanding commitment to privacy and online security, this year Mozilla has launched products and features that ensure privacy is respected and is the default. We recognize that technology alone isn’t enough to protect your privacy. To build a product that truly protects people, you need strong data policies.

            An example of our work here is the U.S. deployment of DNS over HTTPS (DoH), a new protocol to keep people’s browsing activity safe from being intercepted or tampered with, and our Trusted Recursive Resolver program (TRR). Connecting the right technology with strict operational requirements will make it harder for malicious actors to spy on or tamper with users’ browsing activity, and will protect users from DNS providers, including internet service providers (ISPs), that can abuse their data.

            DoH’s ability to encrypt DNS data addresses only half the problem we are trying to solve. The second half is requiring that companies with the ability to see and store your browsing history change their data handling practices. This is what the TRR program is for. With these two initiatives, we’re helping close data leaks that have been part of the Internet since the DNS was created 35 years ago.

          • Mozilla Privacy Blog: Mozilla comments on CCPA regulations

            Around the globe, Mozilla has been a supporter of data privacy laws that empower people – including the California Consumer Protection Act (CCPA). For the last few weeks, we’ve been considering the draft regulations, released in October, from Attorney General Becerra. Today, we submitted comments to help California effectively and meaningfully implement CCPA.

            We all know that people deserve more control over their online data. And we take care to provide people protection and control by baking privacy and the same principles we want to see in legislation into the Firefox browser.

      • Productivity Software/LibreOffice/Calligra

        • New: Collabora Office for Android

          We are excited to announce a complete new version of Collabora Office for Android, available now in Google Play, with the following main improvements:

          - A great looking interface, easy to use with just one hand on your phone - Editing of complex office documents, not just viewing - Now re-uses the same technology as Collabora Online.

          In common with other Collabora Productivity products, this new Android release enables people to edit their documents without compromising on privacy. There is no longer a reason to hand over your data to get rich mobile editing. The new release marks the end of a period of rewriting important parts of the application. We now share much of the code and user experience from Collabora Online’s collaborative editor as well as Collabora Office 6.2 for displaying the documents.

      • FSF

        • Licensing / Legal

          • Linux is junk, but GPL is for ever

            Once in a while people used to say that the lovely programs they used becomes obsolete. Then talk about its nostalgia.

            What will be the status of linux kernel after 100 years? Lets say 50 years? Will it be there supporting the new technologies of that time? I don’t think so.

            Linux like all other technologies may not able to adapt to those new environments.

            Where as GPL is eternal. As far as there is software, the rules of GPL will be valid.

      • Programming/Development

        • Dirk Eddelbuettel: RcppClassic 0.9.12

          A maintenance release 0.9.12 of the RcppClassic package arrived earlier today on CRAN. This package provides a maintained version of the otherwise deprecated initial Rcpp API which no new projects should use as the normal Rcpp API is so much better.

          Changes are all internal. Testing is now done via tinytest, vignettes are now pre-built and at the request of CRAN we no longer strip the resulting library. No other changes were made.

          CRANberries also reports the changes relative to the previous release from July of last year.

        • [llvm-dev] [10.0.0 Release] Release schedule
          Hello everyone,
          
          

          I know 9.0.1 is still in full swing, and 10.0.0 isn't due for some time, but I'd like to get the schedule settled well before we start.

          Below is my proposed timeline. It's essentially the same as last time.

          - 15 January 2020: Create the release branch, Release Candidate 1 ships soon after

          - 5 February 2020: Release Candidate 2

          - 26 February 2020: Final (this usually slips a little, but let's try not to).

          Please let me know what you think.

          Thanks, Hans
        • LLVM / Clang 10.0 Should Be Out In Late February Or Early March

          Google's Hans Wennborg is once again stepping up to manager the next feature release of LLVM and sub-projects like Clang. If all goes well, LLVM 10.0 will be out with Clang 10.0 and friends before the end of February.

          For the projected release date of 26 February to be realized, Wennborg is aiming to branch the code (and thereby the feature freeze) around 15 January and after that to issue the first release candidate.

        • Niko Matsakis: Async Interview #2: cramertj

          For the second async interview, I spoke with Taylor Cramer – or cramertj, as I’ll refer to him. cramertj is a member of the compiler and lang teams and was – until recently – working on Fuchsia at Google. They’ve been a key player in Rust’s Async I/O design and in the discussions around it. They were also responsible for a lot of the implementation work to make async fn a reality.

        • Excellent Free Tutorials to Learn JavaScript

          JavaScript is possibly one of the easiest language to get up and running with. But to truly master the language requires a firm foundation of its intricacies.

          JavaScript is an interpreted, prototype-based, scripting computer programming language. It came to popular attention as a simple client-side scripting tool, interacting with the user using forms and controlling the web browser, and remains a front-end language for web applications.

          JavaScript features dynamic types, it’s weakly typed, supports the structured programming syntax from C, uses prototypes instead of classes for inheritance, and copies many names and naming conventions from Java. It also borrows design principles from Scheme and Self, as well as concepts and syntax idioms such as C-style procedural roots.

        • Lessons learned from programming in Go

          When you are working with complex distributed systems, you will likely come across the need for concurrent processing. At Mode.net, we deal daily with real-time, fast and resilient software. Building a global private network that dynamically routes packets at the millisecond scale wouldn’t be possible without a highly concurrent system. This dynamic routing is based on the state of the network and, while there are many parameters to consider here, our focus is on link metrics. In our context, link metrics can be anything related to the status or current properties of a network link (e.g.: link latency).

        • Add address of FreeBSD iocage jails to PF table

          I started mucking about with PF, but that’s not my department … and so the jails table remained empty which meant the jail could not access anything beyond the host.

          After a bit of searching I found iocage supports most jail(8) parameters, so I did this: [...]

        • Perl / Raku

          • 2019.49 Almost Starring

            Patrick Spek has made the first release candidate of Rakudo Star 2019.11 available for download. If you are working with Raku from Rakudo Star distributions, then this is the moment to test the distribution so that you can be sure that nothing was missed! So please, download and test it! Which of course you can also do if you’re not generally a user of Rakudo Star

        • Python

          • More fun with Jinja2 templates

            When last I left this discussion, I was advocating using Python 3 dataclasses to wrap Jinja2 templates. I had another idea and a chance to experiment with it, and I was reasonably happy with the results.

            Can the dataclass corresponding to the Jinja2 template be used by the test suite to check that all required parameters for a template are present in the dataclass?

            The answer is mostly yes, although unfortunately there are some substantial caveats because Jinja2 doesn't provide all of the tools that one would like to analyze parsed templates.

          • Django Weblog: 2020 DSF Board Election Results

            Our 2020 Django Software Foundation Election results are in. The Top 7 candidates are listed below in order of their ranking:

            Frank Wiles Anna Makarudze James Bennett William Vincent Kátia Nakamura Aaron Bassett Sayantika Banik

          • Python 3.8.1rc1

            The Python 3.8 series is the newest major release of the Python programming language, and it contains many new features and optimizations.

          • Python 3.8.1rc1 is now available for testing

            Python 3.8.1rc1 is the release candidate of the first maintenance release of Python 3.8.

            The Python 3.8 series is the newest feature release of the Python language, and it contains many new features and optimizations. You can find Python 3.8.1rc1 here: https://www.python.org/downloads/release/python-381rc1/

            Assuming no critical problems are found prior to 2019-12-16, the scheduled release date for 3.8.1 as well as Ned Deily's birthday, no code changes are planned between this release candidate and the final release.

            That being said, please keep in mind that this is a pre-release of 3.8.1 and as such its main purpose is testing.

            See the “What’s New in Python 3.8” document for more information about features included in the 3.8 series. Detailed information about all changes made in 3.8.0 can be found in its change log.

            Maintenance releases for the 3.8 series will continue at regular bi-monthly intervals, with 3.8.2 planned for February 2020.

          • Python Docstrings

            In this tutorial, we will learn about Python docstrings. More specifically, we will learn how and why docstrings are used with the help of examples. Python docstrings (documentation strings) are the string literals that appear right after the definition of a function, method, class, or module. Let's take an example.

          • Python Comments

            Comments are descriptions that help programmers better understand the intent and functionality of the program.

            They are completely ignored by the Python interpreter.

          • 3 easy steps to update your apps to Python 3

            The 2.x series of Python is officially over, but converting code to Python 3 is easier than you think. Over the weekend, I spent an evening converting the frontend code of a 3D renderer (and its corresponding PySide version) to Python 3, and it was surprisingly simple in retrospect, although it seemed relatively hopeless during the refactoring process.

  • Leftovers

    • Joey Hess: counterpoint on Yahoo Groups archiving

      Yahoo Groups being shut down and the data deleted is a big enough story that it's being talked about on the radio. The typical presentation is that they're deleting these mailing list archives, and blocking attempts to save them and so huge amount of things will be lost from the historical record.

      That's a common story these data, but it's not entirely accurate in this case. These are mailing lists, so they're not necessarily only archived by Yahoo. Anyone who subscribed to a mailing list may have archived it. I've been on a couple of those mailing lists, and the emails I kept from them are already archived rather well (10+ copies). I probably didn't keep every email, and I probably won't be exhuming those emails to add them to some large archive.org collection of Yahoo Groups. But multiply all the people who subscribed to these lists by all the traffic to them, by the probability that people keep copies of mailing list mails, and there's a huge, well-distributed archive of Yahoo Groups out there.

    • Health/Nutrition

      • Polish Minister of Health Proposes Carcinogenic 5G Emission Levels as National Norm

        Hundreds of letters are pouring into the office of Polish Minister of Health, Lukaz Szumowski, from Polish citizens and people all over the world, responding to Mr Szumowski’s proposition to exponentially raise the officially recognized limit for cell phone emissions.

      • Hitting at Cuban Doctors and at Human Solidarity

        News item: Three rightwing Latin American governments have forced out Cuban doctors working in their countries. Over 8000 of them departed from Brazil in late 2018 and 382 doctors left Ecuador in mid-November, 2019. Some 700 Cuban doctors exited Bolivia after the coup there on November 10. Brazilian President Bolsonaro alleged that Cuban doctors were incompetent. In referring to money paid by Brazil for their services and retained by Cuba’s government, Bolsonaro accused the Cuban government of enslaving them. Governments in Ecuador and Bolivia claimed the Cubans doctors had supported their political opponents.

      • Setting Gallup Record, Quarter of Americans Say They or Family Member Delayed Medical Care Over Cost in Last Year

        "This is the 'choice based' system Joe Biden and Pete Buttigieg want to preserve."

      • From Health Insurance Spin Doctor to Truth Teller

        “I was getting people to make decisions based on misleading information that could have life or death consequences.”

      • 'An Abomination': Sanders Decries Reality in Which GoFundMe Has a 'Six Cancer Fundraising Tips' Webpage

        Not upset with with the crowdfunding service for providing resources to those in desperate need, 2020 presidential candidate lashed out against a system that creates the need for such campaigns in the first place.

      • The NHS Shows What Life Outside the Market Could Look Like

        Deeper democratic planning would unite health care workers with patients and entire communities, as active coproducers of health and collective owners of a health care service. The very idea of an NHS, even as it is being undermined and partly dismantled, represents the possibility of this new economy. A public universal system free at the point of service is also one that builds its own constituency and creates a different kind of people — more willing to cooperate and to see their own destinies cooperatively tied up with those of others.

        The example of the NHS shows that even the planning of ostensibly public sector endeavors is not always fully democratic — and, to the extent that it exists, that it is constantly under threat of privatization, or at least marketization through the back door.

    • Integrity/Availability

      • Proprietary

        • You can now email your emails in Gmail [iophk: they begin to close the protocol]

          Fervent emailers can attach as many emails, which will appear as an .eml file, as they like. Users who love to have multiple tabs open may also be pleased to hear that the attachment will open in a new window.

        • More than half of NHS devices are still running Windows 7 [iophk: Why is Canonical not spinning this into gold?]

          As per the FoI, 52 per cent of the total 447,000+ devices being used in the NHS, including desktops, laptops, and tablets, are still running Windows 7, which reaches end-of-life status on 14 January 2020.

          That's despite the fact that the Department of Health and Social Care (DHSC) last year announced a €£150m plan to upgrade all NHS systems to Windows 10 by the time that Windows 7 reaches the digital graveyard. However, it's worth noting that the NHS is an E5 licence holder, which means it'll get an extra year of Windows 7 support for free.

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • AGL Announces CES 2020 Demos by 18 Members

                Automotive Grade Linux (AGL), a cross-industry effort developing an open source platform for all connected car technologies, will be at CES 2020 demonstrating open source infotainment and instrument cluster applications along with 20+ connected car demonstrations developed by AGL members.

                The AGL Booth in the Westgate Hotel Pavilion #1815 will feature a 2020 Toyota RAV4 with an AGL-based multimedia system that is currently in production, a 2020 Mazda CX-30 showcasing a proof of concept (POC) demo using new AGL reference hardware, and automotive technology demonstrations by: AISIN AW, DENSO, DENSO TEN, Igalia, IoT.bzh, LG Electronics, Mazda, Microchip, NTT DATA MSE, OpenSynergy, Panasonic, Renesas, SafeRide Technologies, Suzuki, SYSGO, Tuxera and VNC Automotive. The booth will be open to the public during CES show hours from January 7-10, 2020.

                “Instrument Cluster has been a big focus over the past year, and we look forward to demonstrating the amazing work being done by our members to optimize the AGL platform for use in lower performance processors and low-cost vehicles, including motorcycles,” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “We are proud to be showing vehicles from Toyota and Mazda and we will also have 20+ open source demos in our booth, a small sampling of some of the AGL-based products and services that automakers and suppliers continue to bring to market.”

        • Security

          • It's Not A VPN-busting Bug, It's A Social Media Enhancer For UNIX Users

            Kidding aside, this vulnerability applies to most UNIX based OSes, with most Linux distros, Android, iOS, macOS, FreeBSD, and OpenBSD all affected. The attacker needs to be able to intercept your data, which means they need to already be on the same network span as your machine or by having control of the router or other exit point, but if they do they can use this flaw to determine the exact SEQ and ACK numbers in your encrypted session.

            That information can be used to successfully inject data, hijack the connection and possibly redirect your VPN session to imposter pages or other places on the web you really don’t want to go to. Not all VPNs are vulnerable, the researches quoted at The Register tested this on OpenVPN, WireGuard, and IKEv2/IPSe.

          • Privacy/Surveillance

            • TikTok Settles Its Child Privacy Class Action for $1.1 Million

              As expected, TikTok has quickly settled a class-action lawsuit brought against it by parents of users who felt that the company had violated child privacy laws.

            • Apple explains location seeking behavior on iPhone 11 Pro

              Apple has released a detailed explanation of the privacy invading location seeking behavior observed on the iPhone 11 Pro by security researcher Brian Krebs. Privacy Online News first reported on the iPhone 11 Pro phoning home with location data earlier in December. Apple has explained that the location data is used by Ultra Wideband technology to check for geo-restrictions on use of that technology.

            • Health Records on iPhone Now Available to Bayhealth Patients

              Bayhealth now supports Health Records on iPhone, which brings together hospitals, clinics and the existing Apple Health app to make it easy for patients to see their available medical data from multiple providers whenever they choose.

            • A DNA Firm That Caters to Police Just Bought a Genealogy Site

              On Monday afternoon, GEDmatch announced it was being taken over by a new owner, the forensic genomics firm Verogen. The San Diego-based company spun out of sequencing giant Illumina two years ago, specializing in next-generation DNA testing services catered to law enforcement. With the acquisition of GEDmatch, Verogen may also start offering genealogy searches like the ones that have so far identified suspects in as many as 70 cases. “Never before have we as a society had the opportunity to serve as a molecular eyewitness, enabling law enforcement to solve violent crimes efficiently and with certainty,” Verogen CEO Brett Williams said in a statement announcing the deal. The terms of the agreement were not disclosed.

            • It's the end of the road for Google Glass Explorer Edition

              THERE'S AN ELEMENT OF RISK in being an explorer, as Wikipedia grimly documents. Perhaps with hindsight, the words "Explorer Edition" that featured prominently on the first generation of Google Glass should have warned of a similarly disappointing end.

              Google plans to put out one final software update and then to cut all those Explorers loose. And it's less of a last hoorah and more a last wah-wah.

              The update simply lets you pair Glass with the phone, as MyGlass will stop working. Bluetooth will continue, as will the ability to creepily take photos and videos via your lenses.

              People who refuse to apply the update will still be able to use it for the time being, but mirrored apps such as Gmail, YouTube and Hangouts won't work. But really, how dedicated to Google do you have to be to be using Hangouts on your Glass in 2019?

    • Defence/Aggression/Deaths

      • Premature Democratic Socialists: Reasons for Hope and Change

        In the United States there was a time in the previous century when a political campaign was waged against “premature antifascists,” namely against members of the socialist left who warned and fought against fascism well before World War II.

      • In Wag the Dog Move, Indicted Israeli PM Netanyahu Moves to Annex 25% of Palestinian West Bank

        Netanyahu is brazenly planning to steal a quarter of all the land in the Palestinian West Bank, forever ending any chance of a Palestinian state.

      • 'Read Every Word of This': WaPo Investigation Reveals US Officials' Public Deception Campaign on Afghan War

        Officials repeatedly told the public "progress" was being made, but new documents show they knew that wasn't true.

      • I Knew the War in Afghanistan Was a Lie

        Nightmares still haunt me. Sometimes it’s the standard stuff associated with classic post-traumatic stress disorder: flashbacks of horrible attacks and images of my mutilated troopers. More often, though, peculiar as it may sound, I dream that my sociopathic, career-obsessed colonel calls to give me another late-night order to do something unnecessary—usually dangerous, always absurd—the next day.

      • U.S. Misled Public on Progress in Afghanistan, Documents Show

        The U.S. government across three White House administrations misled the public about failures in the Afghanistan war, often suggesting success where it didn’t exist, according to thousands of pages of documents obtained by The Washington Post.

      • Sri Lanka Continues Its Delicate Dance With India

        Sri Lanka is a role model for the dictum of diplomacy being the extension of a country’s national policies. Sri Lanka’s performance must be commended since it also grapples with an unresolved nationality question in which its big neighbor India has historically staked claim as stakeholder, a claim that Sri Lanka cannot brusquely repudiate due to the huge asymmetry in their comprehensive national power.

      • These Homes for Mentally Ill Adults Have Been Notoriously Mismanaged. Now, One Is a Gruesome Crime Scene.

        On the afternoon of Dec. 3, workers at the Oceanview Manor Home for Adults found resident Ann McGrory, 58, lying on the floor, lifeless, with her pants down around her ankles. She had cuts and bruises on her hands, head and face. By her side, seated atop his bed in Room 512, was resident Frank Thompson, 64, her sometimes-boyfriend who had a reputation at the home as a heavy drinker with a short temper. The aides called police. Thompson was brought into custody for questioning later that day and placed under arrest on Wednesday.

        He is charged with second-degree attempted murder rather than murder because the medical examiner has not yet determined the cause of death to be a homicide, according to a law enforcement source. McGrory also had serious preexisting medical issues, including brain cancer. The criminal complaint, however, lays out evidence that McGrory was severely beaten. She was found with a bruised, swollen eye, blood on the back of her head, broken fingernails and what appeared to be blood beneath them. Thompson has not yet entered a plea. Brooklyn Defender Services, which is representing him, declined to comment because the case is in such an early phase.

      • Myanmar: Hearings Begin in Genocide Case
      • Juice WRLD Fallout Begins: Two Bodyguards Arrested at Chicago Airport

        The fallout from the sudden death of rapper Juice WRLD is already beginning, with the arrest of two of his bodyguards, along with the onset of an investigation by Homeland Security.

      • Cameroon: Make Humanitarian Response More Inclusive

        Concrete action is needed to make the humanitarian response to the crisis in the Anglophone regions of Cameroon more inclusive of people with disabilities, Human Rights Watch said today on International Human Rights Day. In September 2019, the United Nations under-secretary-general for humanitarian affairs made a commitment to make the humanitarian response more inclusive, but the commitment needs to be translated into action on the ground.

        Violence has intensified since July 2019 in the North-West and South-West regions, escalating in August after a Yaoundé military court handed down life sentences to 10 leaders of the separatist Ambazonia Interim Government following a flawed trial. Human Rights Watch research and media reports indicate that at least 130 civilians have been killed in over 100 incidents since July, and thousands have been forced to flee. Given the ongoing violence and the difficulty of collecting information from remote areas, the number of civilian deaths – including of people with disabilities – is most likely higher.

      • 5 Dead, 8 Missing After New Zealand Volcano Eruption

        A volcano off the New Zealand coast erupted Monday with a towering blast of ash and scalding steam as dozens of tourists were exploring the moon-like surface, killing five people and leaving eight others missing and feared dead, authorities said.

      • Preventing India’s Factory Disasters
      • Russia: Domestic Violence Bill Falls Short

        At a Moscow rally in support of domestic violence legislation, a woman holds a banner that reads "We demand a law against domestic violence. We are not killed yet, but we're close", Monday, Nov. 25, 2019.

      • Uzbekistan: Torture Widespread, Routine

        Screenshot from a video showing a photo of a prisoner working at Uzbekistan's Jaslyk prison.

    • Transparency/Investigative Reporting

      • Interview: Writer Tom Mueller On His Book, ‘Crisis Of Conscience: Whistleblowing In An Age Of Fraud’

        Writer Tom Mueller joins the “Unauthorized Disclosure” weekly podcast to discuss his book, Crisis of Conscience: Whistleblowing In An Age Of Fraud, which was released in October.

        During the interview, Mueller describes how he came to work on this book, which over 500-plus pages documents and explores whistleblowing in many different arenas—corporate, institutional, government, etc. He highlights common threads he sees in various whistleblower cases, such as what leads one to become a whistleblower.

      • The Last Days of the BBC?

        For those of us familiar with the politics of the BBC, it has all been fairly predictable, even if still a little depressing, and sometimes even shocking, to watch. Let’s start with the prime minister. As a number of critics have noted, the public persona of “Boris” was partly honed on the BBC in a series of appearances on its tired satirical show, Have I Got News for You, and the institution has since proved for the most part either unable or unwilling to puncture the performance and hold the politician to account.

      • Away replaces CEO Steph Korey after Verge investigation

        The news comes after days of public backlash due to leaked documents showing Korey routinely intimidated employees on public Slack channels. After The Verge’s initial story broke, new leaks showed Away was directing employees not to engage with the article even from their personal social media accounts.

        Away does not allow employees to email each other, and asks that direct messages be kept to a minimum. The result is that almost all conversations take place on public Slack channels where executives give harsh feedback and reprimand people for small mistakes. “You could hear her typing and you knew something bad was going to happen,” a former employee told The Verge, as we reported on December 5th.

    • Environment

      • Carbon Majors Can Be Held Liable for Human Rights Violations, Philippines Commission Rules

        The world’s biggest polluters could be held legally liable for their contributions to climate change, a major national inquiry into the links between climate and human rights has€ concluded.

      • Investors fight back against climate wreckers

        Investors are using their shareholdings to force polluting companies to change their ways and cut carbon emissions.

      • 8- and 11-Year-Old Siblings Rappel From Bridge Demanding Climate Action

        As hundreds of thousands marched to the main stage during Friday’s climate march in Madrid, two young children — a brother and sister aged 8 and 11 — staged an act of civil disobedience from a bridge overlooking the protest. While demonstrators marched beneath them, the two children rappelled from an overpass, dangling from ropes in mid-air to hang a banner calling for climate action. Democracy Now! briefly spoke to them after their action.

      • Indigenous and Youth Activists Slam Global Leaders for Climate Inaction
      • Alaska Is Already Irreparably Changed by Climate Disruption

        Recently, I was in Homer, Alaska, to talk about my book The End of Ice. Seconds after I had thanked those who brought me to the small University of Alaska campus there, overwhelmed with some mix of sadness, love and grief about my adopted state — and the planet generally — I wept.

      • Calling for 'Climate President,' 500+ Groups Demand Next Administration Take Immediate Action

        "Swift action to confront the climate emergency has to start the moment the next president enters the Oval Office."

      • Energy

        • Coal and the Regions Left Behind

          The NYT had an article that focused on Buchanan County, Virginia as an example of a left behind area in the United States. The county’s economy had centered on coal.

        • Even Insurance Companies Are Turning Their Backs on Coal

          It’s rapidly running out of friends in the financial world: coal is now too hot for many big insurers to want anything more to do with it. The burning of coal is one of the key factors behind rising emissions of climate-changing greenhouse gases.

        • Big Energy Front Group Launches Push for Troubled Atlantic Coast Pipeline

          A lobbying group formed by oil and gas industry insiders to push for increased fossil fuel production has turned its focus from promoting offshore drilling in the Atlantic to championing Dominion Energy’s and Duke Energy’s controversial Atlantic Coast Pipeline (ACP). It’s doing so under the guise of being a pro-consumer group concerned about energy justice, even while its members include major gas production companies as well as Dominion Energy.

        • Police Halt Activist-Led “Toxic Tour” of Corporate Polluters Sponsoring COP25

          In Spain, the country’s biggest fossil fuel polluters are also some of the most generous sponsors for this year’s U.N. climate talks. On Saturday, we joined activists on a “toxic tour” of Madrid from the Madrid stock exchange to Santander Bank. Activists explained that when Spanish President Pedro Sánchez announced that Spain would host COP25, he went to IBEX 35 — the 35 biggest listed companies in the Spanish stock exchange — offering them a 90% tax break on a $2 million sponsorship. Advocates say that these same companies “have deep and dirty links to the fossil fuel industry.” But midway through, the police shut down the tour, threatening fines of over 3,000 euros if the peaceful tour did not disperse. Climate justice campaigner for Friends of the Earth International Héctor de Prado says he was shocked and “ashamed” by the attempts by police to halt the tour. “It is not normal,” he says.

      • Wildlife/Nature

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • The Subtweet Defense Wins: Elon Musk Cleared In Defamation Case

        A little over a year ago when cave diver Vern Unsworth sued Elon Musk for defamation, we noted that (unlike many defamation cases), it did not appear to be an out-and-out SLAPP case. That said, we noted that many of the claims in the lawsuit did not look to be about defamatory speech at all, and that would make much of the lawsuit an uphill battle. The part that appeared to be the most problematic for Musk, however, was the emails he had sent to Buzzfeed reporter Ryan Mac after the initial tweets, in which he made more detailed accusations, including what appeared to be factual statements implying deeper knowledge about Unsworth.

      • Russia Blocks All Of Shutterstock Due To 'Offensive' Image Involving The Russian Flag

        We've talked quite a bit over the years about Rozcomnadzor, the Russian agency in charge of policing the internet for copyright infringing content... and really anything else that the Russian government decides it doesn't like. The agency operates exactly as deftly as you would expect, routinely blocking entire sites that are in regular use in Russia over a tiny percentage of "illicit" use. The problem, of course, is that Rozcomnadzor often interprets "illicit" uses of the internet to mean embarrassing public Russian figures with ties to the government, criticizing the government itself, or using basic internet security tools such as VPN to keep the Russian government out of one's internet use. This makes it all the more infuriating that American groups such as the MPAA have happily signed on with the Russian agency in an effort to protect copyright content, despite the agency's more widespread aims.

      • Ex-Governor Tries To Silence A Critic With A Bar Complaint; Gains Critic 70,000+ New Twitter Followers

        The whitest boy on the beach, former Arkansas Governor Mike Huckabee, has decided to bring his beach-grabbing exploits to the attention of everyone.

      • Kenn Burrows and Amber Yang - The Project Censored Show
      • First Russian journalist punished under ‘fake news’ law gets fine cancelled on appeal

        A Vladivostok court has cancelled the 30,000-ruble ($471) fine against Mikhail Romanov, a journalist for Yakutsk Vecherny (The Evening Yakutsk) who was sentenced the administrative violation of “abusing the freedom of information.” Vitaly Obedin, the newspaper’s editor-in-chief, posted about the ruling on Facebook.

    • Freedom of Information / Freedom of the Press

      • Snowden Needs a Better Public Interest Defense: Disposing of the Journalist Filter

        Assuming the NSA, focusing all its forensic powers on understanding what had been, to that point, the agency’s worst breach ever, managed to correctly assess the vulnerability Snowden used by October 29, 2014, the date the NSA wrote a report describing “Methods Used by Edward Snowden To Remove Documents from NSA Networks,” then the NSA has presumably already fixed the vulnerability.

        I honestly don’t know why, then, Snowden kept that detail secret. It’s possible it’s something banal, an effort to avoid sharing the critical forensic detail that would be used to prosecute him if he ever were to stand trial (though it’s not like there’s any doubt he took the documents). I can think of other possible reasons, but why he withheld this detail is a big question about the choices he made about what to disclose and what not to disclose in this book.

      • Trump campaign says it will shut out Bloomberg News from events

        President Donald Trump’s campaign said Monday it will no longer give credentials to Bloomberg News reporters to cover campaign events because of coverage “biases,” an accusation that the news organization rejects.

        The decision comes a week after the news service’s founder, billionaire Michael Bloomberg, announced he was seeking the Democratic nomination for president. And Bloomberg News, which the former New York City mayor founded in 1990, said it would not investigate him or his Democratic rivals but would continue to probe the Trump administration, as the sitting government.

    • Civil Rights/Policing

      • Supreme Court Won't Hear Appeal of Kentucky's Forced Ultrasound Law, Allowing Law Intended to 'Shame' Patients Stand

        "The goal is to shame and intimidate people ending pregnancies. It's scary when laws are used for that and scarier that the Supreme Court let it stand."

      • "It Is About Perseverance Against Cruelty": California Church's Nativity Scene Shows Holy Family Separated in Cages

        "If this isn't your church's politics, you've got the wrong faith."

      • Kenya: Elusive Justice for Gross Injustice, Abuse

        Residents flee as anti-riot policemen pursue opposition protestors in Mathare, Nairobi, on August 12.

      • Attorney General To Law Enforcement Critics: Good Luck Getting A Cop When You Need One

        Attorney General Barr to America: Fuck you, you ungrateful bastards. You're on your own.

      • Lawyer Asks Racists To Use Sketchy Millions They Got From UNC To Fund Scholarships For Black Students To Avoid Lawsuit For Bogus Takedown

        Last week we wrote about the sketchy, sketchy deal in which UNC gave some racists $2.5 million to settle a lawsuit that was filed after the agreement was made, and settled moments later. More and more details keep coming out, making the whole situation look even sketchier (and even less legal). However, for our purposes, we're focused on the copyright angle of this story. As you'll recall, the lawyer who tracked down many of the details, T. Greg Doucette, also got his hands on a letter from the racist group, the Sons of Confederate Veterans, explaining the whole deal, including them admitting flat out that they didn't have standing to sue, and any lawsuit would be thrown out almost immediately. That is, unless you've set it up so that the University has already agreed to give you millions of dollars. Doucette posted the letter to his Dropbox account, where he had posted other documents regarding this mess.

      • Human Rights Watch Film Festival

        The Human Rights Watch Toronto Film Festival poster featuring a still from the opening night feature, ‘I Am Not Alone’. The festival will run from January 30 to February 4, 2020.

      • Meet Virgil Griffith: America's Newest Political Prisoner

        On November 29, FBI agents arrested hacker and cryptocurrency developer Virgil Griffith. His alleged crime: Talking.

      • Lighting Up Hope for Human Rights

        Human Rights Watch has arranged for 17 landmarks across the globe to shine bright blue on December 10, 2019, to celebrate Human Rights Day. From New York to Sydney, Munich to Toronto, the world will light up in solidarity with the fundamental principles of human dignity that the Universal Declaration of Human Rights affirms, and that Human Rights Watch works to defend each day.

        “Human Rights Watch is working to build a world where everyone is free to say what they believe, to marry the person they love, can put food on the table and send their kids to school,” said Kenneth Roth, executive director of Human Rights Watch. “We’re part of a movement that puts the dignity of each and every person on this planet before any politician’s quest for power or profit.”

      • In Kurdistan, Women Are Coming Into Their Own

        In a restaurant off a busy road in Sulaymaniyah, in the south of Kurdistan, dozens of women sit in a group, talking animatedly and drinking glasses of black, sweet tea. The women, some wearing headscarves, others in jeans and colorful nail polish, are part of a feminist organization called the Sofia Society.

      • ‘This Is Not a Troll. This Is Real Life.’
      • Utah Governor to Trump: ‘Allow Us to Accept More Refugees’

        Recently, Gary R. Herbert, the Republican governor for the US state of Utah, sent a letter to President Donald Trump saying Utah would like to sponsor more refugees because, “We empathize deeply with individuals and groups who have been forced from their homes and we love giving them a new home and a new life.” It was a refreshing appeal, recalling the country’s historically supportive approach toward refugee resettlement.

        But that’s probably not the response Trump had in mind when he signed an executive order in September saying refugees would only be resettled in places where both state and local officials indicated in writing their willingness to receive refugees. The intent of that order, to undercut refugee resettlement, was underscored by the Trump administration lowering the annual refugee admissions cap to 18,000, the lowest annual ceiling in the nearly three-decade history of the US refugee resettlement program. In October, the first month of the new fiscal year, the number of refugees admitted to the United States reached a new low: zero.

      • Trump's Hand-Picked Prosecutor John Durham Cleared the CIA Once, Will He Again?

        For months, the names of Michael Horowitz and John Durham have figured in the pounding rhythms of right-wing media in which a heroically afflicted president faces down his perfidious enemies.€  A steady drumbeat of reports from Fox News, echoed by President Trump and Republican loyalists in Congress, proclaimed these two obscure Justice Department officials would get to the bottom of an alleged conspiracy against the Trump presidency.

      • Speaking Freely: Rima Sghaier

        Rima Sghaier is a human rights activist and researcher who works at the intersection of technology and human rights, particularly in the Middle East and North Africa.€ 

        Rima grew up in Tunisia under the regime of Zine El Abidine Ben Ali,€ which lasted for twenty-four years. Although Tunisia was among the earliest countries in its region to connect to the internet (in 1991), its use by dissidents and subcultures led to the government increasingly restricting access to information and communications tools. By the end of 2010, Tunisians had had enough and overthrew the Ben Ali government in a popular revolution that kicked off what some have referred to as the "Arab Spring."

      • Russian penitentiary employees demand housing nationwide as Penitentiary Service calls their campaign a ‘provocation’

        Former and current employees of Russia’s Federal Penitentiary Service (FSIN) have begun posting protest videos addressed to the agency’s leadership and Russian President Vladimir Putin. The videos say employees have been denied or kicked out of housing that was promised to them, leading them to launch a national campaign they call “The Homeless Regiment.” A video featuring FSIN employees from 30 regions of Russia is scheduled to be posted on December 11.

      • The Fight to Secure Labor Rights for Exploited Prisoners

        Their 10 demands were straightforward, and sought to address systemic injustices as well as dangerous conditions within the prison walls. The strikers called for voting rights, for increased rehabilitation and educational opportunities, and for an end to racist policies. They also demanded an end to prison slavery, a horrifying reality that remains legal thanks to the 13th Amendment. A legal loophole buried within its text allows what amounts to slavery to be used as a penalty for those convicted of a crime — another toxic stain on the U.S. government’s already barbaric history. “The system of slavery continues not just in the prison setting but in the way people are rendered socially dead in amerikan society, in the white power structure assault on Black lives, communities of color, and on poor people's lives,” explained a member of the Incarcerated Workers Organizing Committee (IWOC), a branch of the Industrial Workers of the World (IWW) comprised of organizers inside and outside detention facilities, when I reached out around the anniversary of the 2018 strike.

        Just over a year later, how much has changed? Those demands have not been met. Advocates say that conditions for people in prison have continued to deteriorate, and while the conversation about restoring voting rights to formerly incarcerated people (and those currently in prison) has picked up steam ahead of the 2020 presidential election, we’re still a long way from universal suffrage. But organizers say the sacrifices those incarcerated workers made in 2018 were not in vain.

    • Internet Policy/Net Neutrality

      • Study Says US Ranked 68th Out Of 100 In Mobile Video Quality

        While the telecom sector often enjoys crowing about the superiority of U.S. wireless, the reality is we're not all that superior. While the U.S. was among the first countries to deploy 4G LTE, US 4G speeds tend to be fairly pathetic, with one study ranking the US 47th out of 77 countries studied. US wireless data prices are also significantly higher than a long list of other developed nations, thanks in no small part to regulatory capture and revolving door regulators.

    • Monopolies

      • Uber Has Always Been a Criminal Organization

        But anyone who’s really paid any attention to Uber’s history shouldn’t be surprised at all. Uber’s whole business model was premised on criminality — the willful, systematic flouting of local taxi regulations, based on a wager that the company could retroactively absolve itself by getting the laws changed via big-money lobbying. With that kind of mission, it’s not surprising its executives had blood on their hands long before they started taking Saudi blood money. It comes from a mindset that pursues growth at quite literally any cost — human or financial.

      • Copyrights

        • The Pirate Bay is Trialing High-Quality Video Streaming Links

          Developments over the past few days indicate that The Pirate Bay may about to fully launch a brand new feature. In addition to traditional magnet links, many titles now feature a subtle 'B' button which allow users to stream movies and TV shows directly in the browser on a new site called BayStream.

        • Filmmaker Wins Piracy Lawsuit Against YouTube and Google India

          YouTube and Google are liable for infringing the copyrights of Indian filmmaker Suneel Darshan, a local court has ruled. The video platform was ordered to pay compensation and must prevent similar infringements going forward. In its defense, YouTube argued that it's a neutral intermediary which responds to takedown notices, but that's not enough, the court concluded.

        • Save the Date: Public Domain Day 2020 Is Happening in January in Washington, D.C.

          Registration is free—and open now! Please join us for an evening of celebrating our shared culture and heritage. Be on the lookout for more information coming soon.

        • Widow of Chris Cornell Suing Soundgarden Over Unpaid Royalties

          The widow of Soundgarden singer Chris Cornell is suing both the band and its business manager over unpaid royalties while accusing them of trying to force her to turn over some of Cornell’s unreleased recordings.

        • Deezer Inks Major Telco Partnership With Saudi Telecom Company

          Deezer has landed a major deal with Saudi Telecom Company. It’s the French music streaming service’s first MENA telco expansion since launch in the region.

        • Revolving Door Revolves Some More: Head Of Copyright Office Leaves To Join MPAA

          For many years we've been covering the rather disturbing revolving door between the US Copyright Office and Hollywood. This includes a bunch of copyright maximalists going back and forth between entertainment industry lobbying organizations and government positions. It seems to happen over and over and over again. Indeed, the former head of the Copyright Office, Maria Pallante, now leads the Association of American Publishers, where she's been advocating for ever more ridiculous copyright laws.



Recent Techrights' Posts

2025 Will be Fought and Fraught With LLM Slop or Fake 'Articles' (Former Media/News Sites Turning to Marketing Spam)
The elephant in the room?
Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 26/12/2024: Japan-China Mitigations and Mozambique Prison Escape (1,500 Prisoners)
Links for the day
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024