Bonum Certa Men Certa

Links 18/12/2019: Mint Release Made Official, Red Hat Quay 3.2 is Out



  • GNU/Linux

    • Purism’s Librem Server Is Now Generally Available

      Purism has announced the general availability of Librem Server, its first enterprise offering to secure server environments for businesses. Librem Server has already been successfully in use by established business customers for the past year that serve important clients such as Boeing, GE, NASA and Toyota.

      Librem Server comes bundled with Pureboot, Purism’s complete secured boot process with a neutralized and disabled Intel Management Engine, coreboot BIOS replacement and BIOS, kernel and boot tamper detection.

    • Desktop/Laptop

      • Raspberry Pi 4: Chronicling the Desktop Experience – Viewing PDFs – Week 9

        This is a weekly blog about the Raspberry Pi 4 (“RPI4”), the latest product in the popular Raspberry Pi range of computers.

        For this week’s blog, I’m putting the RPI4 through its paces as a viewer for Portable Document Format (PDF) files. I look at the pre-installed solutions including qpdfview. On the second page, I compare qpdfview to the many other PDF viewers in the Raspbian repositories. This week’s blog ends with information about all the software.

        PDF is a file format created by Adobe Systems in 1993 for document exchange. The format includes a subset of the PostScript page description programming language, a font-embedding system, and a structural storage system.

      • Linux desktops for minimalists: Getting started with LXQt and LXDE

        Preserving and resurrecting old computers is a popular part of the Linux hacker's ethos, and one way to help make that possible is with a desktop environment that doesn't use up scarce system resources. After all, the fact that a current version of Linux can run effectively on a computer over 15 years old is quite a feat, but it doesn't make the CPU and RAM any better than the day they were slotted in. There are extremely light desktops available, but there's usually a catch: the user must assemble the parts. Fortunately, a number of lightweight desktops have appeared over the years in an attempt to provide a fast and light desktop with no setup required.

        Two early implementations of this idea were LXDE and Razor-qt, the former based on GTK (the libraries used by GNOME) and the latter based on Qt (the libraries used by KDE). Coincidentally, the lead maintainer of LXDE discovered the bliss that is Qt development and decided to port (just as a side project!) the entire desktop to Qt. LXDE, the Qt port of it, and the Razor-qt project were combined to form LXQt, although today, LXDE and LXQt coexist as separate projects.

      • Meet The New KDE Linux Laptop That’s More Powerful Than MacBook Pro

        If you’re looking for a high-end Linux laptop for gaming or development work (or both), meet the new competitor to the mighty System76 Oryx Pro. It should even shake out to be a worthy competitor to the MacBook Pro in terms of raw performance. It’s called the Kubuntu Focus and is a joint effort between The Kubuntu Council, Tuxedo Computers and Mindshare Management.

        The press release emphasizes that the target audience for the Kubuntu Focus is users who find the MacBook Pro too limited in power and compatibility with Linux deployment environments. But looking at the specs, I’d feel comfortable expanding that target to all Linux power-users, gamers, content creators and developers.

      • The PC is dead. Long live the cloud PC.

        Then there's Linux. I use Linux all the time. I recommend you try one of the major end-user friendly distros such as Mint or Ubuntu. But even Linus Torvalds thinks the Linux desktop's future lies more with Android and Chrome OS than it does on traditional desktops. That said, Linux desktop developers are finally working on its fragmentation problem.

        It's my hope that Linux can finally become a real alternative desktop choice. Soon, it will be the only affordable true desktop available.

    • Server

      • IBM

        • Comparison Between RHEL 8 vs RHEL 7 vs RHEL 6

          Between RHEL 6, RHEL 7 and RHEL 8 there are numerous changes in tools, commands and workflows.

          Included the possible difference between them in this article.

          We have gone through several Red Hat articles and RHEL 6, 7 and 8 Release Notes to gather this information.

          We have added a comparison table based on category.

          It has five categories and each type contains related information.

          This will give you a comparison between RHEL8 vs RHEL7 vs RHEL6.

          If we missed any points, please update your query in the comment section so that we can update the article.

          It will help others to know about it.

          Red Hat Enterprise Linux 8 (Ootpa) is based on Fedora 28 and modular software repository, curated 3rd-party software repositories notable new features.

          This release provides a stable, secure and good foundation to deploy Linux containers to public and private clouds, which support customer’s workloads and operations seamlessly.

        • Red Hat Shares ― Special edition: This year in open source (2019)

          Red Hat€® Shares covered lots of technology topics during the past year. Check out our 10 most popular stories from 2019, and tell us what you'd like for us to do differently in the new year.

        • Red Hat selects the American Foundation for Suicide Prevention for 2019 U.S. corporate holiday donation

          For the twelfth year in a row, Red Hatters took an active role in selecting a charitable organization to be the beneficiary of our holiday U.S. corporate donation. During the process, they nominated more than 140 charities and more than 1,250 associates participated in the final vote. For our 2019 corporate holiday donation, Red Hatters have chosen to support the American Foundation for Suicide Prevention (AFSP) with a $75,000 donation that will contribute to the organization's efforts to save lives and bring hope to those affected by suicide.

          AFSP is a voluntary health organization that gives those affected by suicide a nationwide community empowered by research, education and advocacy to take action against a leading cause of death. AFSP creates a culture that’s smart about mental health by funding scientific research, educating the public about mental health and suicide prevention and advocating for public policies in mental health and suicide prevention.

        • Use Red Hat Enterprise Linux on IBM Z

          In November, the IBM Z community came together and hosted IBM Z Day, where various companies, organizations, and individuals told their stories and shared their expertise with IBM Z. In the open source track, we welcomed representatives from SUSE, Red Hat, and Canonical (Ubuntu) to talk about what their respective companies and Linux distributions had to offer.

          In the case of Red Hat, IBM and Red Hat have been working together for more than 20 years helping customers and partners build solutions in open source technologies and innovations that amplify the value of open source for the developer community. In his in-depth session on this topic, Red Hat Global Solutions Architect Murthy Garimella began by exploring Red Hat’s relationship with IBM and their place in open source. In this blog post, I cover some of the key points from his talk. The link to the talk for on-demand viewing is available at the end of this post.

          As a leader in the open source space, Red Hat is working across the community with technical leaders, developers, and partners to enable Red Hat open source technology to drive projects and products with rich features and commitment.

          Red Hat and IBM share a common objective in their commitment to open source ecosystems, and both invest in the advancement of open source communities to build solutions across hybrid and multi-cloud environments. To find out more, I suggest reading “Red Hat and IBM: Accelerating the adoption of open source” by Red Hat CTO Chris Wright.

          [...]

          Red Hat continues to focus on supporting developers, as described in the blog post “Preserving the Red Hat developer experience.” The company is involved in many communities and supports everything from open source to containers to middleware to storage to OpenStack — all the way up to management and automation.

          You can learn more about Red Hat Enterprise Linux on IBM Z and LinuxONE by watching Murthy Garimella’s recent presentation at IBM Z Day.

        • Red Hat Quay 3.2: Welcome to the Container Security Operator

          Today Red Hat announces Red Hat Quay 3.2. This enterprise container registry release focuses on improving the management of Quay and hardens features introduced in past Quay releases. Based on customer input and feedback we've stabilized repository mirroring and the Quay Setup Operator to bring them to general availability. This release also introduces the general availability of the Container Security Operator, which integrates Quay’s image vulnerability scanning capabilities to Kubernetes for improved security.

        • What is Helm?
        • Move your APIs into the serverless era with Camel K and Knative

          In the past few years, developers have addressed the challenge of evolving from monolith systems to microservices architecture. These days, we hear about the adoption of serverless systems.

          Like many trends in software, there’s no one clear view of how to define serverless or how this approach offers added value for our software architecture. The perfect place to start with serverless systems and discover serverless capabilities is through a use case.

        • Secure your Microservices

          Microservices architectures are becoming the de facto way developers are thinking about how their applications are constructed. But security remains a top concern to most organizations. Therefore, it is important to understand the intersection of security and microservices. While not guaranteeing your application will be secure, we can look at some of the capabilities that can be leveraged to address security concerns with microservices.

          OpenShift Service Mesh uses Istio’s three main principles to solve this new paradigm of security. The first one is Security by default, meaning that users won’t need to change any single line of code in order to use its security features. Secondly, Defense in depth where users can integrate their own security services with the service mesh existent ones (for instance, combining it with Kubernetes RBAC system). And last but not least, Zero-trust network that states that Service Mesh won’t consider security measures installed in the underneath platform. Strong identities, mTLS and RBAC are the most common features. Let’s explore the mTLS and how Kiali can help with that.

    • Audiocasts/Shows

      • Zorin OS, ArcoLinux, Mesa, DXVK, QEMU, Microsoft Teams, RISC-V, Disney+ | This Week in Linux 90

        On this episode of This Week in Linux, we have distro releases from Zorin OS and ArcoLinux. We’re going to check out the latest releases from core projects like Mesa, QEMU, DXVK & D9VK. The RISC-V Foundation has decided to move their headquarters out of the US. Microsoft has announced Teams for Linux while Canonical has announced their sponsorship for a WSL Conference. Later in the show we’ll take a look at a text editor called Textosaurus, the latest deals from Humble Bundle and we got some good news regarding Disney+ on Linux. All that and much more on Your Weekly Source for Linux GNews!

      • 2019-12-17 | Linux Headlines

        Firefox gains a new DNS-over-HTTPS provider, NVIDIA releases a Python framework for video processing, A Cloud Guru acquires Linux Academy, and an update on the beleaguered Atari VCS console.

      • The WSL Secrets | LINUX Unplugged 332

        Big things are coming to Microsoft's WSL so we get the inside scoop on what's just around the corner.

        Plus a few new GNOME features, some Arch server follow up, and more!

    • Kernel Space

      • Linux 5.4.4

        I'm announcing the release of the 5.4.4 kernel.

        All users of the 5.4 kernel series must upgrade.

        The updated 5.4.y git tree can be found at:

        git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y

        and can be browsed at the normal kernel.org git web browser:

        https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

      • Linux 5.3.17
      • Linux 4.19.90
      • Linux 4.14.159
      • CPU/GPU

        • Serpente R2 Microchip SAMD21 Board Features a Male USB Type-C Port
        • NVIDIA Announces DRIVE AGX Orin With New SoC Built On Next-Gen GPU + Arm Hercules Cores

          NVIDIA announced the new DRIVE AGX Orin last night as their software-defined platform for robots and vehicles. Besides the DRIVE AGX itself, making it very notable is the use of their new Tegra "Orin" SoC.

          The Orin SoC is described as "NVIDIA’s next-generation GPU architecture and Arm Hercules CPU cores, as well as new deep learning and computer vision accelerators." NVIDIA says Orin is nearly seven times faster than the Xavier SoC, per this press release.

        • AMD Sends Updated Zen CPU Microcode To Linux-Firmware Tree

          w AMD Family 17h (Zen) CPU family microcode was merged today into linux-firmware.git.

          Though as is usually the case with the binary-only microcode/firmware files hitting the tree just not from AMD but from all hardware vendors, change-logs are usually non-existent and that is the case again today.

          The update simply notes it's the 2019-12-18 Family 17h CPU microcode revision. The previous update was 2019-10-21.

    • Benchmarks

      • Intel Core i9 10980XE: Windows 10 vs. Linux Performance

        few weeks back having done Threadripper 3970X Windows vs. Linux benchmarks for seeing how the competing operating systems are performing, following the recent i9-10980XE 11-way Linux distributions tests I loaded up Microsoft Windows 10 Pro November 2019 Update... Here are those benchmarks for those wondering how the Cascadelake-X platform is running in Windows vs. Linux performance.

        Immediately following the 11-way Linux distribution tests were tests done on Microsoft Windows 10 November 2019 Update with the test profiles that are compatible with Windows 10 and comparable to the Linux builds. The Intel Core i9 10980XE was used for this round of benchmarking with the GIGABYTE X299X DESIGNARE 10GB, 4 x 8GB Corsair DDR4-3200 memory, Samsung 970 PRO 512GB NVMe SSD, and Radeon RX Vega 64 graphics.

    • Applications

      • Release Roundup: Moonlight PC 1.2.0, Monolith 2.1.0, Flowblade 2.4 And Shotcut 19.12

        Quite a few applications received updates recently. I didn't have time to post articles about all of them, so this article covers (in short summary) the new releases of Moonlight PC 1.2.0, Monolith 2.1.0, Flowblade 2.4 and Shotcut 19.12.

      • qBittorrent 4.2.1 Released with Libtorrent Fixes (Ubuntu PPA)

        qBittorrent torrent client 4.2.1 was released today. Here’s how to install it in Ubuntu 18.04, Ubuntu 19.04, and Ubuntu 19.10.

        qBittorrent 4.2.1 brings libtorrent fixes which make UDP through proxies work again. The listening IP/interface selection code has been reworked. If you have a specific network interface/local address set in the Advanced Settings, go and make sure that your settings have stayed the same.

    • Instructionals/Technical

    • Games

      • SteamVR 1.9 is out, Linux VR users may want to opt into a Beta

        With that said, there's quite a lot of improvements included even just for Linux.

        Valve fixed a vrwebhelper crash that could make the dashboard disappear, they fixed the pairing UI window content not showing up the first time it was opened and they fixed a few behavior quirks in vrwebhelper's desktop windows. There's also now a rate-limit in place when "attempting to open the tracing filesystem to once every 5 seconds", SteamVR will now attempt to set thread priorities through rtkit (when available) and they also added some tracking to try and help find a rare stuck haptics bug on Linux.

        It's nice to see the Linux side of SteamVR continue to pull in quite a lot of improvements, it shows Valve are committed to making VR on Linux better. Ahead of the release of Half-Life: Alyx, hopefully Valve will confirm Linux support if SteamVR keeps improving.

      • Streets of Rogue gains a new playable Robot character

        Streets of Rogue, the absolutely crazy action RPG rogue-lite from Matt Dabrowski continues polishing up the level editor and Steam Workshop support. While we wait for those bits to leave Beta, a new Robot character became available.

        To unlock the Robot character, it's quite amusing as you need to have hacked a Cop Bot or a Killer Robot. You can do that very early on too! Easy enough way to do it: pick the hacker, hack into the computer you find in the building holding a Gorilla hostage (level 1 usually has it), install malware on it and Cop Bots will get deployed, then just hack one. Okay, not exactly a walk in the park since the Cop Bot will track you down but it's seriously fun to try!

      • War Thunder 1.95 "Northern wind" released, adding in some brand new Swedish units

        War Thunder has expanded again to add in a brand new Swedish Aircraft tech tree, the first Swedish tanks, ten new mixed nation naval units and more.

        Some of the new vehicles included are "Premium", meaning you need to pay for them in some form. That much is true for the Swedish ground vehicles Strv 103-0 and the SAV 20.12.48 when looking in-game earlier. There's over 20 new Swedish aircraft, only two of them Premium the rest are just needing Research as normal so that's not so bad. Also included in this update is 10 new naval units, 2 new naval battle locations and the usual mass assortment of balance changes and bug fixes.

      • Flax Engine 0.6 beta released, adds Linux support

        Nice to see even more game engines add Linux support. Flax Engine is one we covered recently, after they announced their plans to support Linux and now it has arrived.

        Linux support comes with their Vulkan rendering system, allowing developers to support desktop Linux and cloud gaming too.

      • Total War: THREE KINGDOMS - Mandate of Heaven announced, coming to Linux 'shortly' after Windows

        Total War: THREE KINGDOMS - Mandate of Heaven is the next expansion to the hit strategy game, the biggest yet too.

        Depicting events before and leading up to the Yellow Turban Rebellion, it expands the gameplay possibilities and the history once again. It introduces new characters and playable faction leaders, with a campaign beginning in 182CE and you can continue it on well into the Three Kingdoms period.

      • Intel iGPU Linux Gamers May Be Better Off With The "Powersave" Governor

        While it's normally recommended switching to the P-State/CPUFreq "performance" governor for the optimal Linux gaming experience and the preferred default of Feral's GameMode Linux gaming daemon, in the case of Intel integrated graphics you may find better results in using the "powersave" governor.

        One of the areas I had been meaning to investigate since buying the Dell XPS 7390 Ice Lake laptop earlier this quarter with Core i7 CPU bearing Gen 11 graphics was seeing the impact of different CPU frequency scaling governors. Now that Intel's graphics are much more capable with Gen11 and beyond, it's an interesting area to explore with gaming becoming more viable. But Jason Ekstrand of Intel's open-source Linux graphics driver team has beat me to sharing some numbers.

      • Open Joystick Display, a FOSS tool to show off gamepad input in videos

        Do you create gaming videos or livestream? Open Joystick Display seems like an incredibly useful free, open source and cross-platform tool to display your inputs on-screen.

        It supports Linux, macOS and Windows, it can work with a lot of different gamepads, you can add in custom themes and mappings, there's an easy to use broadcast mode that hides everything but the animated image to show your inputs for easy recording and it even has a client/server mode if you stream/record from a different PC.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Krita, the FOSS painting program gets an Epic MegaGrant

          Following not long after game manager Lutris got an Epic MegaGrant, it was just announced today that the FOSS painting program Krita just got an Epic MegaGrant too.

          [...]

          Really great to see Epic dig deeper into their vast pockets to support more free and open source applications. I'm sure plenty will argue $25K is a drop in the ocean for Epic but it's still going to help Krita, Lutris and others a great deal and such moves absolutely should be supported. No strings attached money to help progress applications many people use—great!

        • Krita Receives Epic MegaGrant

          Epic, the makers of the Unreal game engine, have supported Krita with a $25,000 MegaGrant!

          Epic has supported other free software projects, such as Blender and Lutris before, and now supports Krita. The purpose of this grant is to fund improvements to our development process so Krita’s development gets more sustainable. This is something we have already started on, and which want to accelerate. With an estimated five million users, making sure that we can release as stable a version of Krita as possible in as dependable a way as possible is pretty important!

        • Krita Just Got an Epic Christmas Present

          But the latest monetary injection comes courtesy of Epic’s MegaGrant, a $100 million fund set-up earlier this year by the Epic Games, makers of Unreal Engine.

          The MegaGrant was set up to support “game developers, enterprise professionals, media and entertainment creators, students, educators, and tool developers doing amazing things with Unreal Engine or enhancing open-source capabilities for the 3D graphics community”.

          And Krita, with a flock of faithful fans behind it, certainly fits the bill.

          Plus, as this is a grant and not a loan, the money doesn’t need to be paid back. The Krita development team is free to spend the money as they wish, be on hiring more developers, funding a feature spring, or ordering $25k worth of pizza (though Krita, please: don’t do the latter).

          The best-known beneficiary of the Epic MegaGrant to date is Blender, the open source 3D tool. It scored a cool $1.2 million MegaGrant earlier this year.

        • Keysmith v0.1 release

          I am happy to announce the v0.1 release of the keysmith.

          Keysmith is Two-factor code generator for Plasma Mobile and Desktop.

      • GNOME Desktop/GTK

        • GNOME's GLib Adds GMemoryMonitor As Another Step In Helping Cope With Linux RAM Pressure

          With the new GNOME GLib 2.63.3 library release is a new "GMemoryMonitor" API for allowing notifications of when an application should attempt to free any non-critical system memory in an effort to help the system cope with memory pressure.

          Red Hat / GNOME folks back in August announced the Low-Memory-Monitor project for helping cope with Linux RAM/responsiveness issues while another step is now ready in addressing Linux desktop responsiveness problems when low on RAM. This next step is the GMemoryMonitor API that is part of the newly-released GLib 2.63.3.

        • GNOME's Mutter Now Batches Clipping Rectangles For Better Performance

          After recently taking some time off of work, Canonical's Daniel van Vugt has been back on the GNOME bug hunt in the continuing quest of optimizing its performance. This GNOME 3.36 cycle is particularly important considering the upcoming Ubuntu 20.04 LTS release.

          [...]

          GNOME 3.36 is already quite good in the performance department on X11 and Wayland while it will be exciting to see how much they can achieve before the desktop update in March.

    • Distributions

      • 5 Best Linux Distros of 2019 (As Picked By You)

        See, this might be a blog about Ubuntu and the world around it, but it don’t exist in a vacuum. There are a tonne of Linux distros, spins, and offshoots out there, all thriving well beyond the orange bubble.

        And I know that some of you reading these very words right now are using them!

        So we asked, and you answered; below is a list of the best Linux distro releases of 2019, as selected by you and your fellow omg! ubuntu! readers…

      • Packaging, Vendoring, and How It’s Changing

        Let’s start by clarifying what distribution packaging is. This is your linux or platforms method of distributing it’s programs libraries. For our discussion we really only care about linux so say suse or fedora here. How macOS or FreeBSD deal with this is quite different.

        Now these distribution packages are built to support certain workflows and end goals. Many open source C projects release their source code in varying states, perhaps also patches to improve or fix issues. These code are then put into packages, dependencies between them established due to dynamic linking, they are signed for verification purposes and then shipped.

        This process is really optimised for C applications. C has been the “system language” for many decades now, and so we can really see these features designed to promote - and fill in gaps - for these applications.

        For example, C applications are dynamicly linked. Because of this it encourages package maintainers to “split” applications into smaller units that can have shared elements. An example that I know is openldap which may be a single source tree, but often is packaged to multiple parts such as the libldap.so, lmdb, openldap-client applications, it’s server binary, and probably others. The package maintainer is used to taking their scapels and carfully slicing sources into elegant packages that can minimise how many things are installed to what is “just needed”.

        We also see other behaviours where C shared objects have “versions”, which means you can install multiple versions of them at once and programs declare in their headers which library versions they want to consume. This means a distribution package can have many versions of the same thing installed!

        This in mind, the linking is simplistic and naive. If a shared object symbol doesn’t exist, or you don’t give it the “right arguments” via a weak-compile time contract, it’s likely bad things (tm) will happen. So for this, distribution packaging provides the stronger assertions about “this program requires that library version”.

        As well, in the past the internet was a more … wild place, where TLS wasn’t really widely used. This meant that to gain strong assertions about the source of a package and that it had not been tampered, tools like GPG were used.

      • SUSE/OpenSUSE

        • Highlights of YaST Development Sprint 91

          Let’s start with a redemption story. Some time ago we implemented feature fate#326485 which requested dropping the “Package Groups” view from the package manager UI. That was quite an easy task.

          However, a few weeks later we got a bug report that the lists of recommended, suggested, etc… packages couldn’t be displayed anymore. It turned out that, in the Qt package manager front-end, the removed “Package Groups” view not only used to display the static group data from the packages but it also contained some special computed package lists like orphaned, suggested or recommended packages. So these lists were lost as a collateral damage of removing the “Package Groups” view.

          The ncurses package manager was not affected by the same problem because, in that front-end, those views are grouped in a separate “Package Classification” section. So the task for this sprint was to somehow revive the lists in Qt and make them again available to the users.

          We partly reverted the Package Groups removal and restored displaying those special package groups. To make it consistent we also use the “Package Classification” name for the view, like in the ncurses package manager.

      • Fedora Family

        • PHP 7.1 is dead

          After PHP 5.6, and as announced, PHP version 7.1.33 was the last official release of PHP 7.1

          Which means that after version 7.2.26, 7.3.13 and 7.4.1 releases, some security vulnerabilities are not, and won't be, fixed by the PHP project.

        • PHP version 7.2.26, 7.3.13 and 7.4.1PHP version 7.2.26, 7.3.13 and 7.4.1



          RPMs of PHP version 7.4.1 are available in remi-php73 repository for Fedora ≥ 29 and Enterprise Linux ≥ 7 (RHEL, CentOS).

          RPMs of PHP version 7.3.13 are available in remi repository for Fedora 30-31 and remi-php73 repository for Fedora 29 and Enterprise Linux ≥ 6 (RHEL, CentOS).

          RPMs of PHP version 7.2.26 are available in remi repository for Fedora 29 and remi-php72 repository for Enterprise Linux ≥ 6 (RHEL, CentOS).

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • FreeDOS 1.3 RC2 now available with “Live CD” support

        Before we get to the release of FreeDOS 1.3, the brains behind the product have announced another release candidate that accompanies a new feature and various changes.

        In this article, we will discuss what the new release candidate of FreeDOS has in store for us. But first, let’s take a brief look at what the OS is actually about.

        As the name implies, FreeDOS is an operating system for anyone who wants a taste of the DOS environment and has an IBM-compatible computer. With this OS, you will not only be able to run legacy software but also support embedded systems. Other than that, FreeDOS is based on the monolithic kernel and offers a command-line interface.

      • The 10 Hottest New Open-Source Technologies And Tools of 2019

        The open source movement is a leading driver of technological innovation in the cloud era, delivering a seemingly endless chain of new projects that help organizations adopt cloud-native application architectures and methods. The magic of open source is that its methodology enables and encourages industry giants, solo developers and innovative startups to all cooperate in pursuit of a common technological vision to the benefit of a vast user base.

        Through open projects, those entities find common ground, leading to them complementing each other’s work to build and promote code that solves real-world enterprise problems in a cost-effective and scalable manner. Click the link below to know about 10 open source projects that changed the game in 2019…

      • Luis Antonio Galindo Castro is an OSI Member and you should be too!

        For almost 20 years Luis Antonio Galindo Castro has been an intense user of Free Libre Open Source Software (FLOSS), and for eight of those years--since the founding of our membership program--he's been an OSI Individual Member. We hope you too, as an intense user of FLOSS, will join us as an OSI member.

        Luis' work in, with, and for the FLOSS community highlights the collaborative and contributory nature of the community. As an instructor for various organizations, Luis has shared his knowledge and expertise to those new to technology and software while also benefiting from the experiences and perspectives of his students. As a speaker at various forums and conferences, in the spirit of open source, Luis shares his successes with FLOSS on topics such as virtualization of high demand environments on GNU Linux with kvm and how to apply data science with FLOSS to understand communities, but he also contributes his issues as a tester, bug reporter, and participant in forums. Luis is, "a big fan of all those who contribute in the community."

      • BTCPay Server Is Bitcoin’s Open-Source Unicorn

        Bitcoin is not a company — as many snarky commentators were quick to point out. But they’re missing the point, Srinivasan protested. Speaking from an investment standpoint, “nothing else founded in the same timeframe held at $100B for a longer time” than bitcoin, he tweeted, not to mention that the return on investment for bitcoin far exceeds the tech unicorns that Srinivasan said it eclipsed.

      • Web Browsers

        • Mozilla

          • Mozilla adds NextDNS to list of DNS-over-HTTPS providers

            Good news for Firefox users interested in turning on the browser’s DNS-over-HTTPS (DoH) privacy feature – they now have two providers to choose from.

            The first, of course, is Cloudflare, which Mozilla partnered with during the two-year development and testing of its DoH service, finally turned on for users in September.

            Not all Firefox users were at ease with this – entrusting DNS privacy to a single company felt like a risk no matter how many assurances were being offered.

            By adding a second provider, startup NextDNS, founded in May 2019, Mozilla has not only added an alternative but got its promised Trusted Recursive Resolver program (TRR) off the ground.

          • Introducing Joel Johnson / JR (Rina’s Maternity cover)

            Please say hi to Joel Johnson who’s going to cover Rina Tambo Jensen while she’s away for her parental leave for the next 6 months. JR has an extensive background in starting and setting up support teams across different companies. We’re so excited to have him on our team.

          • What Is a Tor Browser?

            Technically, a Tor browser is any web browser that allows you to connect to the Tor anonymity network, a free and open-source project whose goal is to enable anonymous communication.

            However, there’s really only one Tor browser you need to know about, the official Tor Browser developed by The Tor Project, a research-education non-profit organization responsible for maintaining software for the Tor anonymity network.

            The Tor Browser is based on Mozilla Firefox ESR, and it includes the Tor proxy, which facilitates the actual connection to the Tor network, as well as the TorButton, TorLauncher, NoScript, and HTTPS Everywhere Firefox extensions.

            The goal of the Tor Browser is to provide a bullet-proof solution for routing traffic through the Tor network, one that doesn’t give users much chance to accidentally deanonymize themselves by making a mistake during installation or configuration.

            Users can simply launch the Tor Browser just like they would launch any other web browser, wait for it to automatically start Tor background processes, and enjoy private web browsing.

      • Productivity Software/LibreOffice/Calligra

      • CMS

        • A few quick tips on Gutenberg on mobile devices

          Initially, you will land in the title, as usual. Enter it and press Enter.

          Pressing Enter will by default create a new paragraph block. Unlike on the desktop, there is no Slash command available here to change the block type on the fly. But usually, the first block you want is a paragraph block anyway, and if not, you can add one and simply move it up as you wish.

          To add a new block, find the Add Block toolbar item that is located above the keyboard, or if you are using an external one, in the lower left corner of your screen. That will open a popover with all the blocks it currently knows about. Choose a More block, a Heading block, a List block, etc., whatever you prefer. It is an intelligent list that shows you your last used block types first.

          Go ahead and choose a new heading block. You can then write a heading. By default, this is a heading level 2. With each block, there is a toolbar associated with it. The elements except the Add Block, undo, redo, and some other common actions, each block has a few specific items. The Heading block, for example, has a group of buttons where you can switch which level the heading should have. You can easily switch to a heading of levels 3 or 4 here. In a paragraph block, you’ll find items to bold, italicize, underline text, or insert a link.

          Notice as you are now in the Heading block, as you swipe left, you will encounter the previous paragraph block and the title. To the right of the currently focused block, you have buttons to move the block up a position, down (if available), or remove it alltogether. Depending on some blocks, you may even have the ability to move blocks right or left a column.

          [...]

          The mobile version of Gutenberg inside the WordPress apps is more consistent and less dynamic than the desktop counterpart currently is. There is work being done to better the situation there, too, and when the time comes, I will blog about it here. The mobile version is actually a great option to play around with blocks, move them, get a feel for what you can do with posts, see what happens in the preview, etc.

          So if, after reading my introduction for the desktop, you find it daunting, this mobile option may be a way for you to familiarize yourself with blocks in a little more controlled environment. The toolbar buttons are always visible, regardless of whether text is selected in a block or not, for example. And with the mobile version being very touch friendly, there is also no mouse hover state that can do seemingly unpredictable things.

      • FSF

        • Licensing / Legal

          • November 2019 License-Discuss Summary

            Antoine Thomas seeking help on how to embed, re-distribute libraries (unmodified), license software and ship in OSL? To this Kevin P Fleming responded developer shall distributes source code of a software with its licenses, provide copyright notice and adhere to terms and conditions of ‘other’ included software. Florian Weimer is of the opinion that by shifting entire input to build system OSL compliance will be easier. Lawrence Rosen thinks developer while shipping a project in OSL can aggregate Apache V2 and OSL code as both licenses allows to release derivate work under OSL. Gustavo G. Mármol is of the opinion that license should be interpreted based on the jurisdiction of the business entity.

      • Programming/Development

        • FLANG Fortran Compiler Preparing To Land In The LLVM Source Tree

          It looks like the FLANG Fortran compiler (also previously referred to as f18) could soon be landing in the LLVM source tree and in time for the LLVM 10.0 branching.

          Earlier this year the LLVM Foundation approved this Fortran compiler led by NVIDIA for integration as an official sub-project. There has been some roundabouts on this latest naming whether it be f18, Fortran, or FLANG, but in the end the FLANG name has been the consensus with being to Fortran as Clang is to C/C++/Objective-C.

        • Emacs for Vim users: Getting started with the Spacemacs text editor

          I use Vim a lot. I'm a site reliability engineer (SRE), and Vim is the one thing I know I can access on every machine in our fleet. I also like Emacs, with its wide variety of useful packages, ease of extending, and its many built-in tools. Because they each have their own set of commands, I have to actively switch codes in my head (usually after typing :wq in Emacs or trying to C+X in Vim). The Evil package for Emacs helps quite a bit by making Emacs behave more like Vim, but there is some effort required to set it up the first time.

        • Python

          • Using pyenv to manage your Python interpreters

            This article was published at Using pyenv to manage your Python interpreters . If you are reading this on any other page, which is not some “planet” or aggregator, you are reading stolen content. Please read this article at its source, which is linked before to ensure to get the best reading experience; thank you!

            When I started to learn Python a few years ago, I often wondered about what’s the “correct” or “best” way to prepare your system’s Python environment for the requirements your software project or some Python-based application you’d like to start using may have: Should I install modules using the package manager of my OS? Or by using Python tools for it like pip? What are “virtual environments” and how do I utilize these for my projects? What’s all this pyenv, pip, pipenv, easy_install, setuptools, anaconda, conda, miniconda …

            In this article series, I’d like to introduce the most common tools and techniques on how to do this in the Python world. At the end of the series, I will share some of my thoughts, doubts, and questions I had back then, tell about some experiences I gathered in the meantime and generally share the outcome of this journey and what my Python-Workflow looks like, nowadays.

          • Python Data Weekly Roundup – Dec 18 2019

            This is a very good ‘how to’ for beginners to learn to tweak the Matplotlib visualization library. This article explains how to tweak matplotlib charts including changing the size, removing borders, changing colors and widths of chart lines. Each tweak includes python code to make the tweaks.

          • HPy kick-off sprint report

            Recently Antonio, Armin and Ronan had a small internal sprint in the beautiful city of Gdańsk to kick-off the development of HPy. Here is a brief report of what was accomplished during the sprint.

          • Run Python Versions in Docker: How to Try the Latest Python Release

            There’s always a new version of Python under development. However, it can be cumbersome to compile Python yourself to try out a new version! As you work through this tutorial, you’ll see how to run different Python versions using Docker, including how you can have the latest alpha running on your computer within minutes.

            [...]

            Docker is a platform for running containers with prepackaged applications. It’s a very powerful system that’s particularly popular for packaging and deploying applications and microservices. In this section, you’ll see the fundamental concepts you’ll need to know to use Docker.

          • A Failed SaaS Postmortem

            My Software as a Service failed. After three years of running College Conductor, I’m shutting it down. The service failed for a host of reasons, and this article details what I learned from the whole experience. This is a chance for me to reflect, and give you some ideas of what pitfalls can happen if you’re planning to build a SaaS.

            [...]

            My initial plan sounded simple: build an app that would track schools and admissions deadlines.

            In the spirit of doing things that don't scale, I planned to get as many US colleges and universities as I could into a database. From there, I would operate as the Wizard of Oz and manually look up the admissions deadlines for a school whenever my wife added the school to a student’s list. (Adding the school to a list would trigger a “back office” task to inform me that I had work to do.) To me, this felt like the scrappy kind of attitude that I needed to build something quickly.

          • Django security releases issued: 3.0.1, 2.2.9, and 1.11.27

            In accordance with our security release policy, the Django team is issuing Django 3.0.1, Django 2.2.9 and Django 1.11.27. These release addresses the security issue detailed below. We encourage all users of Django to upgrade as soon as possible.

            CVE-2019-19844: Potential account hijack via password reset form

            By submitting a suitably crafted email address making use of Unicode characters, that compared equal to an existing user email when lower-cased for comparison, an attacker could be sent a password reset token for the matched account.

            In order to avoid this vulnerability, password reset requests now compare the submitted email using the stricter, recommended algorithm for case-insensitive comparison of two identifiers from Unicode Technical Report 36, section 2.11.2(B)(2). Upon a match, the email containing the reset token will be sent to the email address on record rather than the submitted address.

          • Python profiling data

            This post is an attempt to document what's in profile.out, since the python documentation does not cover it. I have tried to figure this out by looking at the sources of the pstats module, the sources of gprof2dot, and trying to make sense of the decoded structure, and navigate it.

          • How to Plot a Histogram in Python

            Plotting a histogram in python is very easy. I will talk about two libraries - matplotlib and seaborn. Plotting is very easy using these two libraries once we have the data in the Python pandas dataframe format.

          • Precise Unit Tests with PyHamcrest

            Unit test suites help maintain high-quality products by signaling problems early in the development process. An effective unit test catches bugs before the code has left the developer machine, or at least in a continuous integration environment on a dedicated branch. This marks the difference between good and bad unit tests: good tests increase developer productivity by catching bugs early and making testing faster. Bad tests decrease developer productivity.

            Productivity decreases when testing incidental features. The test fails when the code changes, even if it is still correct. This happens because the output is different, but in a way that is not part of the function's contract.

            A good unit test, therefore, is one that helps enforce the contract to which the function is committed.

        • Shell/Bash/Zsh/Ksh

          • Introduction to automation with Bash scripts

            Sysadmins, those of us who run and manage Linux computers most closely, have direct access to tools that help us work more efficiently. To help you use these tools to their maximum benefit to make your life easier, this series of articles explores using automation in the form of Bash shell scripts.

  • Leftovers

    • The Far Side is officially online for the first time, with new comics to come

      Iconic comic strip The Far Side launched its official website today, which debuted with a selection of classic cartoons, doodles from creator Gary Larson’s sketchbooks, and a letter from the cartoonist himself. Despite the strip’s cultural ubiquity in the form of books, calendars, and posters, the official website marks the first time the comic has ever been authorized to be available online. To mark the 40th anniversary of the strip, which was syndicated from 1980 to 1995, thefarside.com will periodically post new comics from Larson in 2020.

    • Announcing Oracle Solaris 11.4 SRU16

      Today we are releasing SRU 16 for Oracle Solaris 11.4, our last SRU of 2019. It is available via 'pkg update' from the support repository or by downloading the SRU from My Oracle Support Doc ID 2433412.1.

    • Oracle Pushes Out Another Solaris 11.4 Update To End Out 2019

      Oracle Solaris 11.4 SRU16 is their last planned update to Solaris in 2019. This update features some updates for Oracle VM Server on SPARC and besides that a number of package updates. Among the packages seeing updates for 11.4 SRU16 are Node.js, OpenSSL, ImageMagick, WebKitGTK4, Python 2.7, D-Bus, PHP 7, GNU Tar, and then a number of other patches seeing updates in the name of security fixes.

    • Education

      • Correctional Education Programs Benefit Inmates, Reduce Recidivism

        As Lois Davis, a senior policy researcher at RAND and leader of the study, told Citizen Truth, the study “dispelled the myths about whether or not education helps inmates when they get out. Education is, by far, such a clear winner.” She also promoted the benefits of educating incarcerated people for wider society. “What do you want for your community? …If you don’t rehabilitate them, how are they going to successfully rejoin society?”

      • Democratic 2020 Candidates Focus on Public Education at Historic Forum

        Ahead of the last Democratic presidential debate of the year this Thursday, seven candidates appeared Saturday at the historic Democratic Presidential Forum on Public Education in Pittsburgh, an event organized by public education organizations, unions, civil rights organizations and community groups. We play highlights from the forum and get response from Keron Blair, director of the Alliance to Reclaim Our Schools in Atlanta; Jitu Brown, national director of the Journey for Justice Alliance; and Carol Burris, executive director of the Network for Public Education Action. She recently authored a report titled Still Asleep at the Wheel: How the Federal Charter Schools Program Results in a Pileup of Fraud and Waste.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • StaffCop Enterprise 4.6: Enhanced monitoring on Windows and GNU/Linux

          “Atom Security” released a new version of StaffCop – StaffCop Enterprise 4.6, a software system that monitors employees’ activity, information channels and system events on workstations and servers; in order to analyze, block and notify about dangerous and unproductive activity of employees and applications.

          The system monitors all the communication channels available on a computer: network, instant messengers, removable drives, printers. With the help of StaffCop you can compile an archive suitable for searching and visualizing of collected data, set up policies on information security with automatic alerts on incidents, get detailed reports on a risk group activity as StaffCop collects all the metadata from screenshots and dialogues and can draw a graph of employees relations, and even block or restrict access to applications, web-resources, USB-drives and Wi-Fi networks.

        • Best Hootsuite Alternatives You Must Try in 2020

          Hootsuite is one of the world’s leading Social Media Management Systems. What’s a Social Media Management Systems? It’s a software that enables users to track the activities of their social network channels as well as manage its content from a single dashboard.

          The most important features of software like Hootsuite includes the option to schedule and automatically publish Instagram and Twitter posts, respond to messages instantly, and track your business analytics.

        • Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up

          As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their operations instead of quietly acquiescing to their tormentors.

        • New Orleans Mayor Signs Declaration of Emergency After City Government Latest Targeted by Cyberattack [iophk: stop using MS Windows]

          According to an afternoon press conference, New Orleans Mayor LaToya Cantrell has signed a Declaration of Emergency order after suspicious activity—an influx of reported phishing attempts—were noted by employees on computers belonging to the New Orleans city government Friday morning in a suspected ransomware attack.

          All computers attached to the network were shut down and disconnected from the network, according to The Associated Press.

        • Pseudo-Open Source

          • Openwashing

            • Setting the record straight on AWS and open source

              This New York Times article is skewed and misleading. The reporter had a story he wanted to write and didn’t let the facts get in the way of his story. He ignored most of what we shared with him, left out many of the positive partner comments various partners shared with him, and conflated various software terms.

              First, AWS has a very large, vibrant, successful partner community that has achieved significant additional success building on top of AWS and selling in the popular AWS Marketplace. Close partnerships with companies like Acquia, Adobe, Datadog, Databricks, Infor, Informatica, New Relic, PagerDuty, Salesforce, Splunk, VMware, and Workday are a few of the many examples. We’re passionate about our partners and have very strong relationships with the vast majority of them. The journalist largely ignores the many positive comments he got from partners because it’s not as salacious copy for him.

        • Security

          • Security updates for Wednesday

            Security updates have been issued by Debian (debian-edu-config, harfbuzz, libvorbis, and python-ecdsa), Fedora (chromium, fribidi, libssh, and openslp), openSUSE (chromium), Oracle (grub2), Red Hat (rh-maven35-apache-commons-beanutils), SUSE (kernel, libssh, mariadb, samba, and xen), and Ubuntu (openjdk-8, openjdk-lts).

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Lazarus Group Unleashes Its First Linux Malware

              azarus Group is a highly notorious North Korea’s state-backed hacker group that is popular for authoring 2017’s WannaCry ransomware attack that affected as many as 300,000 computers all over the world. Now, the group has launched a new Remote Access Trojan (RAT) malware called Dacls affecting both Windows and Linux devices.

            • Lazarus Group targets Linux systems in new remote-access virus campaign

              The Lazarus Group, the North Korean-linked hacking group believed to be behind in the spread of the WannaCry ransomware in 2017 and linked to a campaign targeting banks and financial institutions in 2018, is back again.

              Now it’s targeting Linux systems alongside Windows. The new Lazarus campaign, detailed today by Qihoo 360 Netlab researchers, uses a remote-access Trojan virus dubbed Dacls.

          • Privacy/Surveillance

            • Don’t Trust. Verify.

              The VPN industry looks just like the world of religion – everyone has their different beliefs on who to trust. However, even the diamond in the rough lied to the princess. Is it really possible to blindly trust a person or entity without getting hurt in the end?

            • Twitter Denies It Failed to Warn Saudi Dissident of Account Hack

              Twitter Inc. said an outspoken Saudi dissident whose account was hacked in 2015 by an employee at the social network was properly warned about the intrusion at the time, contrary to his claims in a lawsuit.

              The company on Monday asked a San Francisco federal judge to throw out the case, saying the central allegation by Omar Abdulaziz is wrong. McKinsey & Co., accused by Abdulaziz of writing a report that alerted the Saudi government to his human rights activism, is also seeking dismissal of the suit.

            • Due To New Law, San Diego’s Law Enforcement Facial Recognition Program Will End in 2020

              Thanks to a statewide policy banning law enforcement use of facial recognition for three years, several agencies in San Diego will lose access to a database of facial scans on January 1, 2020.

    • Defence/Aggression

      • Aung San Suu Kyi Denies Burmese Genocide of Rohingya at The Hague

        Burma’s de facto leader Aung San Suu Kyi has asked the U.N. International Court of Justice to drop the genocide case against Myanmar, formerly Burma. Suu Kyi is a Nobel Peace Prize winner who spent over a decade fighting against the Burmese military, which she is now defending. Last week, Suu Kyi appeared in person at the court to dispute the charges and called the allegations of genocide against Rohingya Muslims “incomplete and misleading.” The Burmese military killed and raped thousands of Rohingya and forced more than 700,000 to flee into neighboring Bangladesh in a brutal army crackdown in 2017. Gambia brought the genocide case to the International Court, accusing Burma of trying to “destroy the Rohingya as a group, in whole or in part, by the use of mass murder, rape and other forms of sexual violence.” In Barcelona, Spain, we speak with Reed Brody, a counsel and spokesperson for Human Rights Watch. He is also helping Gambian victims seeking to prosecute the former dictator Yahya Jammeh.

      • US-Backed Counterinsurgency in the Philippines Targets Indigenous Land Defenders

        A series of reports by Karapatan on the human rights situation the Philippines confirm that Philippine counterinsurgency campaign targets civilians—including especially land defenders and indigenous activists—rather than communist insurgents. According to a July 2019 report by Global Witness, thirty of the 164 land and environmental defenders reported killed in 2018 were from the Philippines, making it the deadliest country in the world for people protecting their land or the environment.

      • Philippines: 80 Massacre Suspects Remain At Large

        People commemorate the 10th anniversary of the gruesome Ampatuan Massacre in Manila, Philippines on November 23, 2019.

      • More Americans Facing Murder Charges in Drug Deaths

        Emma Semler, 24, cried in a Pennsylvania federal courtroom as she waited for the judge to hand down her sentence.

      • 'Not What Resistance to Trump Looks Like': Bernie Sanders Rips Senate for Passing $738 Billion Pentagon Budget

        "We need to fundamentally change our priorities as a nation," said the 2020 Democratic candidate as military spending bill heads to president's desk.

      • Why Did So Many Democrats Vote for Trump's Defense Budget?

        What follows is a conversation between the Friends Congressional National Legislative Committee’s Hassan El-Tayyab and Sharmini Peries of The Real News Network. Read a transcript of their conversation below or watch the video at the bottom of the post.

      • 'Democrats Must Do Better': Progressive Caucus Leaders Condemn $1.4 Trillion Spending Bill That Boosts War Budget, Funds Trump's Wall

        "The bill before us today will not stop the abuse and wrongful detention of people in custody, nor will it prevent the Trump administration from misusing federal funds to advance their horrific mass detention and deportation agenda."

      • House Passes $1.4 Trillion Federal Spending Bill

        WASHINGTON — The Democratic-controlled House voted Tuesday to pass a $1.4 trillion government-wide spending package, handing President Donald Trump a victory on his U.S.-Mexico border fence while giving Democrats spending increases across a swath of domestic programs.

      • Reuters Shields OAS Over False Claims That Sparked Bolivia Coup

        Organization of American States (OAS) election monitors€  published a “final report” on December 4—22 days later than promised—on Bolivia’s October 20 presidential election, won by President Evo Morales. The tardy release of the final report contrasted sharply with the way the OAS rushed to impugn the election the day after it took place.

      • Meet the Dutch girls who seduced Nazis — and lured them to their deaths

        In addition to killing Nazis, Hannie also worked to sabotage German military installations, bombing power lines and munitions shipments. The Oversteegens worked closely with Hannie, part of an underground cell of seven committed and fierce fighters.

      • Migrant arrivals in Europe from Turkey nearly double in 2019

        The development raises questions about the extent to which Turkey is complying with the 2016 refugee agreement with the European Union, Die Welt reported.

      • Why NUKEMAP isn’t on Google Maps anymore

        But more importantly, the changes to the pricing model that have been recently put in place are, to put it lightly, insane, and punishing if you are an educational web developer that builds anything that people actually find useful.

        NUKEMAP gets around 15,000 hits a day on a slow day, and around 200,000 hits a day per month, and has done this consistently for over 5 years (and it occasionally has spikes of several hundred thousand page views per day, when it goes viral for whatever reason). While that’s pretty impressive for an academic’s website, it’s what I would call “moderately popular” by Internet terms. I don’t think this puts the slightest strain on Google’s servers (who also run, like, all of YouTube). And from 2012 through 2016, Google didn’t charge a thing for this. Which was pretty generous, and perhaps unsustainable. But it encouraged a lot of experimentation, and something like NUKEMAP wouldn’t exist without that.

        [...]

        But in 2018, Google changes its pricing model, and my bill jumped to more like $1,800 per month. As in, over $20,000 a year. Which is several times my main hosting fees (for all of my websites).

        I reached out to Google to find out why this was. Their new pricing sheet is… a little hard to make sense of. Which is sort of why I didn’t see this coming. They do have a “pricing calculator,” though, that lets you see exactly how terrible the pricing scheme is, though it is a little tricky to find and requires having a Google account to access. But if you start playing with the “dynamic map loads” button (there are other charges, but that’s the big one) you can see how expensive it gets, quickly. I contacted Google for help in figuring all this out, and they fobbed me off onto a non-Google “valued partner” who was licensed to deal with corporations on volume pricing. Hard pass, sorry.

    • Transparency/Investigative Reporting

      • Journalists Need to Do a Better Job Matching ‘Experts’ to Their Actual Expertise [iophk: Fox News is in no way intended to actually be journalism though]

        At this point, the reporter reminds me about the tight deadline, and I offer up what little I know. Often, this suffices. Reporters on tight deadlines generally are not seeking stunning and original insights. Usually, they just want basic information that they can attribute to somebody credible. The title of “professor” apparently supplies that credibility. Being the best person to comment on an issue with nuance and perfect accuracy? That is much less salient.

        Compounding this problem is the phenomenon whereby risk-averse and time-stressed journalists simply follow one another’s lead: Once I am quoted in a story about a particular legal issue, I am much more likely to get calls from other journalists reporting on the same issue. I might find myself quoted all over the place. This will not be because I am a leading expert—or even because I am necessarily correct. Rather, it will be because of my promptness in returning reporters’ calls and my willingness to be quoted.

    • Environment

      • India's Himalayan apple farmers feel the heat
      • This Is Why the World Is Facing Climate Catastrophe

        Perhaps the most damning fact is that no one expected very much. Despite a barrage of alarming, infuriating, and downright apocalyptic reports published in the weeks before this year’s Conference of the Parties—or COP, as the United Nations’ conferences on climate change are informally known—the summit was expected to be a largely “technical” meeting, one at which not much happened, or not much that could be understood by mortals not fluent in the obfuscatory argot of climate technocrats. Next year’s COP in Glasgow would be the one that really counted, the experts said. It would be there that the 187 parties to the Paris Agreement, minus the one that has announced its intention to withdraw, would unveil new and updated commitments to meet the modest goal, agreed to in Paris in 2015, of “pursuing efforts” to keep global warming below 1.5 degrees Celsius.

      • Trump's North America Trade Deal Is Poised to Worsen Climate Change

        While Congressional Democrats made clear that they would not bring the United States-Mexico-Canada Agreement (USMCA) to a vote until it had the backing of the AFL-CIO, support they finally secured last week, Democrats appear comfortable voting on the replacement trade deal that has virtually no support from leading environmental groups.

      • 10 Cool Things Scott Morrison Can Do On Holidays In Hawaii While Australia Burns

        Sometimes, you’ve just gotta go overseas and chill… with cocktails… in a tropical paradise… while the world around you burns. Especially if you’re an elected leader, because that sh*t is really stressful. Chris Graham helpfully suggests some things the Aussie PM can do in Hawaii while the rest of us try to save our homes.

      • Food at risk as third of plants face extinction

        More than a third of the world’s plants are so rare they face extinction. In a warmer world, that would leave supplies of food at risk.

      • Energy

        • Energy Analysts Deliver More Bad News for US Fracking Industry's Business Model

          In this webinar, which explored the€ declining production€ rates of oil wells in the Permian region,€ research director Ben Shattuck noted how it was impossible to accurately forecast how much oil a shale play held based on estimates from existing€ wells.

        • Joe Biden’s Campaign Co-Chair Is a Big Oil and Gas Booster

          Former Vice President Joe Biden has surrounded himself with people tied to the natural gas industry for his 2020 presidential campaign. His climate adviser, Heather Zichal, is a former board member of natural gas company Cheniere Energy, while one of his fundraisers is a cofounder of natural gas company Western LNG. In addition, the super PAC supporting his candidacy has a former gas lobbyist on its board.

        • Alaska Natives Demanded Goldman Sachs Not Fund Arctic Drilling—And It Listened

          Money talks, and that’s why environmental activists—and, more specifically, indigenous peoples—have been pressuring banks for years to stop throwing their money toward fossil fuel extraction projects. Finally, major banks are starting to listen. Goldman Sachs announced Sunday that it’s finally listening and won’t fund new coal projects globally or any extraction projects in the Arctic, including in the pristine Arctic National Wildlife Refuge.

          This is a big freaking deal. Goldman Sachs is one of the world’s top funders to the oil and gas industry, according to an annual report by the Rainforest Action Network. This is the first time a major U.S. bank—think JPMorgan Chase, Citi, and Bank of America—has responded to environmentalist pressure to stop funding extraction projects. Environmental groups have been cranking up the heat on banks since at least the early 2000s, and the efforts really ratcheted up during the indigenous-led Standing Rock protests against the Dakota Access Pipeline.

      • Wildlife/Nature

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

      • Police reject criticism over attacks on media at protest sites

        Facing intense criticism from the media over attacks on journalists covering the anti-government protests, the police insisted that their officers would never deliberately target media personnel and that reporters should follow some procedures to ensure their safety while on duty.

        Media workers at protest sites should avoid staying close to police cordon lines when dispersal actions and arrests are being conducted, the police said.

      • Fewer journalists killed but more detained

        The good news is that the global number of journalist killings fell significantly in 2019. In the previous year, 87 professional journalists, citizen-journalists and media workers were killed, while in the first 11 months of 2019 the number was 49 — the lowest toll in 16 years. The number of reporters who died in conflict zones fell especially sharply.

      • Assange: Concerns over use of embassy surveillance in extradition proceedings

        ARTICLE 19 has said that recordings of conversations between Julian Assange and his lawyers and other visitors, made during his stay in the Ecuadorian embassy, should not be used in his extradition case or any prosecution.

        ARTICLE 19 also reiterated its call on the UK court to reject the extradition of the founder and publisher of Wikileaks to the US, where he faces charges that relate to the publication of Wikileaks material. If found guilty, Assange could face up to 175 years in prison.

        Executive Director Thomas Hughes said:

        “We call on the UK court to reject the extradition order that could lead to Julian Assange being prosecuted and potentially imprisoned for exposing human rights violations.

    • Civil Rights/Policing

      • Trinidad And Tobago's 'You Can't Afford That' Forfeiture Law Claims Its First Victims

        Here in the United States, asset forfeiture is pretty straightforward. In civil asset forfeiture, the government decides it wants something you have and files the paperwork to take it. In criminal asset forfeiture, the government takes your stuff pre-trial to prevent you from mounting a decent defense and finalizes the transfer of wealth post-conviction.

      • Moms Reclaim Vacant Home Amid National Attacks on Homeless People

        Despite working full time and playing by all the rules, Dominique Walker still found herself homeless in Oakland, one of several California cities where the housing affordability crisis is most dire.

      • Study Demonstrates That Suspensions Contribute to School to Prison Pipeline

        The study focused primarily on North Carolina’s Charlotte-Mecklenberg School District, where approximately 23 percent of middle school students are suspended annually, the majority of whom are male students of color. The study examined school administrative records, data on arrests and incarcerations, and college attendance records to assess how the district’s suspension policy and other factors affected later life outcomes.

      • Greece: Unaccompanied Children at Risk

        A boy stands next to a hole in the fence of the Moria camp following rainfall, on the island of Lesbos, Greece, November 22, 2019.€ 

      • Israel/West Bank: Grant Palestinians Equal Rights

        Israel should grant Palestinians in the West Bank rights protections at least equal to those afforded Israeli citizens, Human Rights Watch said in a report released today, citing Israel’s 52 years of occupation with no end in sight. The law of occupation permits occupiers to restrict some civil rights in the early days of an occupation based on limited security justifications, but sweeping restrictions are unjustified and unlawful after five decades.€  December 17, 2019 ReportBorn Without Civil RightsIsrael’s Use of Draconian Military Orders to Repress Palestinians in the West Bank Download the full report in English Download the annex in English

      • White-Black Couple ‘Rob And Karen’ Revert To Their Middle Names Amid Mildura Racism Row

        If you haven’t followed the latest Australian racism scandal, I strongly suggest you do. At one level, it’s as disgusting as any garden variety Australian racism scandal. But at another level… it’s quite something to watch.

      • We Need to Support Every Workers' Struggle, Including the Fight at Google

        The progressive movement in this country owes thanks to the new generation of workplace organizers, who are carrying our movement forward. Among them are four activists we should recognize and support: Laurence Berland, Rebecca Rivers, Paul Duke and Sophie Waldman, who were fired from Google for organizing their fellow workers.

      • South Carolina Prisoners Call For UN Intervention As Abusive Conditions Worsen

        As most South Carolina prisoners started their day on October 23, activists attempted to deliver a demand letter to the United States Embassy in London. The letter condemned inhumane conditions in South Carolina’s prisons and called for international intervention.

        Within a matter of hours, demands written by prisoners were delivered or read at three United Nations facilities and shared with visitors at the U.S. Embassy. Protesters almost 5,000 miles apart in the U.S., Caribbean, and the United Kingdom requested international humanitarian action on behalf of S.C. prisoners.

      • ICE Retaliates Against Immigrant Rights Activists By Suspending Visitation Program In Alabama

        Immigration and detention officials canceled visits at the Etowah County Detention Center following a protest calling for the facility’s closure and the abolition of immigration detention.

        Freedom For Immigrants (FFI), a nonprofit immigrant rights group, has organized visitation projects with over 4,500 volunteers from local groups like the Etowah Visitation Project (EVP). The visitation projects exist at 69 prisons and jails in 26 states.€ 

    • Internet Policy/Net Neutrality

      • Mozilla, Consumer Groups Petition For Rehearing of Net Neutrality Case

        Last October, the U.S. Court of Appeals for the District of Columbia Circuit ruled that the FCC was within its authority when it buckled to telecom providers and eliminated not only the agency's net neutrality rules, but its authority over telecom providers. The ruling was a mixed blessing for big ISPs like Comcast and AT&T however, given that while it eliminated the federal guidance, it blocked the FCC from banning states from passing their own consumer protections. As a result, the telecom sector now faces a sometimes discordant patchwork of state protections, a problem of the industry's own making.

      • There Are Kentuckians Who Still Don’t Have Broadband Because the Former Governor Chose an Investment Bank Over Experts

        Former Kentucky Gov. Steve Beshear’s administration repeatedly ignored expert advice before embarking on KentuckyWired, the massively over budget statewide broadband project that will leave rural residents waiting months, if not years, for the improved internet access they were promised, a new state audit says.

        The report, released Monday by state Auditor Mike Harmon, says consultants and outside lawyers warned Kentucky officials more than four years ago that negotiations with the Australian investment bank Macquarie Capital could lead to a higher price tag and fewer protections for the state.

    • Monopolies

      • Patents

      • Copyrights

        • OpenSubtitles Redirects Danish IP-Addresses Following Anti-Piracy Group Request

          The popular subtitle site OpenSubtitles is voluntarily barring Danish visitors from its platform. Instead, it redirects all Danish IP-addresses to a court order hosted on the website of local anti-piracy group RettighedsAlliancen. The move is in response to the site receiving an email from the anti-piracy outfit requesting it to stop further infringements.

        • After Helix Hosting, PrimeStreams IPTV Suffers Hack, $70K Extortion Attempt

          IPTV provider PrimeStreams says it is being blackmailed by an alleged hacker who gained access to its billing panel. The currently unknown person also claims to have hacked Helix Hosting last week. In common with that situation, PrimeStreams said a bitcoin ransom was demanded to prevent its databases being leaked out onto the Internet.

        • Juice WRLD Is Still Being Sued for $15 Million Over 'Lucid Dreams'

          Despite the tragic death of Juice WRLD earlier this month, members of the punk-pop band Yellowcard are continuing their aggressive lawsuit against the rapper.

        • Celebrate Public Domain Day with Events Around the World

          In January 2020 there will be events all over the world to celebrate the fact that new works have entered the public domain. The country where a work is published determines when copyright expires. For example, where I’m from in the Netherlands, copyright vested in a work expires on the first day of January—70 years after the death of the work’s author. Meanwhile, works published in Mexico are copyrighted for a full 100 years after their death of their authors. That’s a long time!€ 

        • ECSA Strongly Condemns 'Malpractices' of Epidemic Sound

          The European Composer and Songwriter Alliance (ECSA) has issued a condemnation of music licensing platform Epidemic Sound, insisting that it shows “disrespect for fundamental authors’ economic and moral rights.”



Recent Techrights' Posts

Security Advisory: Debian falls for social engineering hacks
Reprinted with permission from Daniel Pocock
The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory
Time to get back to paper? Or read an old paper?
Today We Got an Early Birthday Gift
Exciting times
 
"Many Applications Labelled as "Cybersecurity" and Given a Veneer of Legitimacy Are Really "Weaponised" and Abusive Code"
New from Dr. Andy Farnell
[Teaster] [Meme] New Ways of Wrecking (NWoW)
The EPO
Gateway for News and Blogs
In the long run, this site and its sister site (less overlap between them now) should hopefully become a popular destination for people who look for information, not chaff
Going Even Faster
We hope the site will be faster soon
Psychopaths Who Reaffirm Our Work's Value
Psychopaths and sociopaths lack empathy, so they're willing to go very far and stoop as low as they deem necessary
[Meme] How Low Can You Go at the European Patent Office?
Not just in terms of patent quality
More Cuts/End to Benefits for EPO Workers (Europe's Working Conditions Incompatible With the European Patent Convention)
"The Office is now reviving it but plans to introduce new cuts on benefits"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 07, 2024
IRC logs for Thursday, November 07, 2024
Gemini Links 08/11/2024: US Election, RetroChallenge 2024, and More
Links for the day
[Meme] Questioning Proprietary Software? Not OK...
A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry
Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table
Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI
They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day
They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code
proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More
Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding
Links for the day
[Meme] Election Day at the European Patent Office
Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today
In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out
many leaks received today
[Meme] Going Too Far to the Left Can Breed Militant Ideology
Some people can never be appeased because they prefer not to be appeased
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed
In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did)
Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
A President Trump is Excellent News to Microsoft
His racist policies gave lots of contracts to Microsoft
Who Next on the Linux Foundation's 'Kill List'?
Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
Links 07/11/2024: Facebook Scams, Journalists on Strike
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024
IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor"
"The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!
Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues
Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Would You Trust a Liar?
Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day