Bonum Certa Men Certa

Links 30/12/2019: Linux 5.5 RC4 and Freedb Shutting Down

  • GNU/Linux

    • Desktop/Laptop

      • 10 Best Webcams for Ubuntu in 2020

        If you have Ubuntu installed on desktop computer then you need to install Webcam externally for making work related video conferencing, connecting with loved ones or broadcasting your video gaming skills to the world. In recent years developers have made much advancement in Ubuntu OS to support more webcams in the market but before buying one for Ubuntu you must make sure it integrates well with Ubuntu drivers.

        There are many reliable and high on quality webcams available in market from makers like Logitech, Pro Stream and LOETAD. But there are some things you must consider buying one for your Ubuntu. So before starting with list of webcams for Ubuntu, let’s have a roundup of things you must consider before buying a webcam.

      • Your Full Guide on Migrating from Windows 7 to Linux

        Windows 7 was released a decade ago in 2009. A lot of people consider it to be the best Windows version Microsoft has ever made. Sadly Microsoft announced that Windows 7 will be disconnected in 14th of January, 2020. Being disconnected means that your OS will no longer receive updates, including security updates, at all. Which puts you in danger and under the pressure of switching to another OS as a lot of other apps will gradually stop working on Windows 7 too.

        According to NetMarketShare (which is a very horrible source btw), 26% of desktop users are still using Windows 7, which is really huge considering that the OS will become out of service in few days. So, where to go from here? You could pay $100 to upgrade to Windows 10, which is very much heavier, full of data-collection mechanisms and adware. Or, you know, you could switch into using Linux, which is miles ahead of Windows in terms of almost everything.

        This article will take you in detailed tour on why you should switch to Linux from Windows 7 (if you still haven’t), how to do it and everything else you may need to know.

    • Server

      • Medley India Infosolution helps Indian Railways build crew management software system

        The system design is end-to-end UNIX and Linux thereby immunising the systems against malicious threats. The solution has with immense power to control the client locations from central location by way of maintenance tasks, time synchronisation, patch updates and variety of user access requirements thus speeding up the service request handling from a remote location. Service requests can be lodged into the CMS system and are automated through SMS call lodging and reminder mechanisms. At the client side the users are authenticated via a biometric device (thumb impression reader) for logging onto the applications via a kiosk which ensures an audit trail and logging of activities for transparency and accountability.

      • IBM

        • Of NUCs and Bastions

          I have two NUCs – a NUC5i5RYH and a NUC5i5RYK. The YH runs Fedora 31 and the YK Red Hat Enterprise Linux 8. Both have now been updated with the latest BIOS. Updating them was a trivial exercise of first downloading the ZIP file which happens to contain the needed file for the BIOS and fortunately is the same for both the NUCs. Second, copy the unzipped file on to a USB drive and plug that into the NUC and reboot. Hit the F7 button to pick the file from the USB device and proceed. That’s about it. Very easy and as simple as can be.

          Now both of the NUCs have the latest BIOS and latest and best operating systems running on them. The two NUCs provide a host of services for the family – a Nextcloud instance, a ssh host, ssh bastion host and as a gateway between my primary broadband provider – the one that I pay for – MyRepublic and a “free” broadband from Starhub which could just as well not be there.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.5-rc4
        To absolutely nobody's surprise, last week was very quiet indeed. It's
        hardly even worth making an rc release, but there are _some_ fixes in
        here, so here's the usual weekly Sunday afternoon rc.

        It's drivers (gpio, i915, scsi, libata), some cifs fixes, and io_uring fixes. And some kunit/selftest updates. And one or two other random small things.

        Go test it, you still have some time before the New Year's Eve celebrations commence. Let's all hope for a happy new year, but I suspect the next rc is going to be on the small side too as most people are probably still in holiday mode..

      • Linux 5.5-rc4 Released Following A Light Christmas Week

        With New Year's this coming week, Linux 5.5-rc5 is likely to be quite small too. Thus Linux 5.5 will likely see eight release candidates at least depending upon how the next few weeks play out, meaning Linux 5.5 is lining up for its stable release on 26 January or 2 February.

      • One Of The Reasons Why Linux 5.5 Can Be Running Slower

        Going back to the start of December with the Linux 5.5 merge window we have encountered several significant performance regressions. Over the weeks since we've reproduced the behavior on both Intel and AMD systems along with large and small CPUs. Following some holiday weekend bisecting fun, here is the cause at least partially for the Linux 5.5 slowdowns.

        On a number of different systems this month we've seen several regressions in real-world workloads like NPB and Parboil, PostgreSQL, Memcached, RocksDB, and also synthetic tests like the Hackbench scheduler benchmark. Worth noting, as to be explained, all these systems were running Ubuntu Linux.

        But even with hitting these regressions on multiple systems, we're now past mid-way through the Linux 5.5 cycle without any solution in place or much fuss on the kernel mailing list... So perhaps it's something not reproducible by the configurations of many upstream developers. Ultimately, yes, that is partially the cause as to be explained. Yet all the Ubuntu daily kernel images have seemingly been affected by the Linux 5.5 lower performance on these multiple systems.

      • Linux's exFAT Driver Looking To Still Be Replaced By A Newer Driver From Samsung

        Introduced with Linux 5.4 was a long-awaited Microsoft exFAT file-system driver albeit within the kernel's staging area and based upon some dated Samsung file-system driver code. That exFAT staging driver was improved upon more with Linux 5.5 but ultimately there is a concurrent effort for replacing it with a driver derived from newer Samsung open-source code and to be merged outside of staging.

      • Controlling AMD Wraith Prism RGB Heatsinks On Linux Is Easy Now With CM-RGB

        With the Wraith Prism heatsink fan included with many modern AMD Ryzen processors there is configurable RGB lighting, which unfortunately AMD hadn't publicly documented or offered a Linux utility for manipulating the RGBs under Linux. Fortunately, there is now a straight-forward solution for dealing with those Wraith Prism RGB LEDs thanks to the open-source and independent CM-RGB project.

        Just like AMD doesn't offer any CPU overclocking client from the Linux desktop, they don't offer any RGB control software for Linux. But CM-RGB is a Python-written independent utility that is command-line based and allows easily controlling the heatsink's lighting under Linux. The program allows setting the lighting mode, color based upon hex code, brightness, and other factors.

      • Graphics Stack

        • Gallium3D's Software Rasterizers Are Close To Having OpenGL Tessellation Support

          Mesa 20.0 continues getting more interesting with the infrastructure around the Gallium3D LLVM "Gallivm" and TGSI IR now supporting tessellation.

          Thanks to Intel's Jan Zielinski, tessellation shader support was wired up for the TGSI IR with Gallivm code. This is one step away from enabling OpenGL tesselation shader support within their OpenSWR software rasterizer.

          It's also then just a stone throw away as well from having OpenGL tessellation support flipped on too for LLVMpipe, when using TGSI over its new NIR code-path.

    • Benchmarks

      • Some Of The Workloads Still Seeing Lower Performance On Linux 5.5 Git

        Last night I shared the results from what's causing one of the performance regressions in Linux 5.5 but sadly more regressions remain that are currently being tracked down.

        Later today I hope to have the results to publish on a bisect of a second regression in Linux 5.5 Git. But overnight I did complete a run to rule out the workloads still affected even when disabling the kernel's AppArmor support per yesterday's article. These tests were done on the dual socket Xeon Platinum 8280 Cascade Lake server on Linux 5.5 Git as of yesterday.

    • Applications

      • phpMyAdmin 5.0.0 released with modern UI and new metro theme

        A significant update of phpMyAdmin in version 5.0.0 is finally here, and users will now be able to get the taste of a new user interface along with various other features and enhancements.

        Before we get to the news itself, let’s have a brief look at what this software is all about. phpMyAdmin is a handy tool that allows users to manage their MySQL and MariaDB databases in a more comfortable, better way with the help of a user interface panel. As you might have guessed from its name, PHP has been used to program this software.

      • subdirmk 0.3 - ergonomic preprocessing assistant for non-recursive make

        Peter Miller's 1997 essay Recursive Make Considered Harmful persuasively argues that it is better to arrange to have a single make invocation with the project's complete dependency tree, rather than the currently conventional $(MAKE) -C subdirectory approach.

        However, I have found that actually writing a project's build system in a non-recursive style is not very ergonomic. So with some help and prompting from Mark Wooding, I have made a tool to help.

      • PeaZip 7.0.1

        PeaZip is an open source file and archive manager. It's freeware and free of charge for any use. PeaZip can extract most of archive formats both from Windows and Unix worlds, ranging from mainstream 7Z, RAR, TAR and ZIP to experimental ones like PAQ/LPAQ family, currently the most powerful compressor available.

    • Instructionals/Technical

    • Games

      • Dark open-world turn-based RPG 'Urtuk: The Desolation' launching on Steam in February 2020

        After launching on while still in development, the impressive dark fantasy open-world RPG, Urtuk: The Desolation, is launching into Early Access on Steam next year.

        In the announcement on their itch page, they've set a date for February 14th. This is after it's already been in development for 4 years, with it being live on itch in First Access and now pushing forwards onto Steam to take development even further.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • FreeBSD end-of-year

          Since I wear many hats, there’s multiple end-of-year retrospectives to have.

          Huh, it seems like I’ve been a FreeBSD (ports) committer for a little over two years now. Time flies when you’re having fun and/or doing soul-crushing administrative busywork.

          It depends on how you see packaging and tool support – what does it mean and what is your relationship with upstream.

          The kde@ team maintains a bunch of C++ and toolkit infrastructure – CMake and Qt to name two – and that means that we have a lot of consumers that are not directly maintained by us. Changes in the infrastructure often affect other packages in some way – CMake no longer finds a specific package, or Boost gets away from us again, or changes in default C++ warning flags cause unmaintained code from 2002 to fail to build. All that is par-for-the-course when participating in a giant group project to maintain over 30000 packages.

        • Calamares end-of-year

          As 2019 draws to a close, I’d like to use a blog entry to look back at what happened in Calamares in this year. I’m not doing this on the Calamares website itself, since this is more of a personal-retrospective than anything else.

          In this year, there were 16 Calamares releases. There was at least one release every month except march (that one took a long time, and prompted a switch to “short cycle” later) and september (bracketed by august 30 and october 1 releases). I have tried to switch to “short cycle” releases (starting with Calamares 3.2.6) so that there’s faster turn-around on bugfixes and small features can be delivered more easily.

          The short-cycles are about three weeks, and that’s held up reasonably well. What I do notice is that the number of small things remains constant and a couple of big-ticket items are still languishing. That’s still something I don’t know how to deal with.

      • GNOME Desktop/GTK

        • Sonja Heinze: First milestone, GStreamer pipelines and range requests

          This is the second blog post about my Outreachy internship at Fractal. The project I’m working on is the integration of a video player in Fractal.


          A pipeline in GStreamer seems to be one of those concepts whose basic idea is pretty easy to grasp, but that can get as complicated as you want. As its name suggests, a pipeline is a system of connecting pieces that manipulate the media in one way or another. Those connecting pieces are called elements. The element where the media comes from is called source element and the one(s) where it’s rendered is/are called sink element. An example is shown in the drawing in . As you can see there, every element itself again has a source and/or one or more sinks, that connect the elements among each other. The phenomenon, just described, of finding the same concept at the level of elements and at the level of the pipeline is not uncommon. I’ll give two more examples.

          The first example is about buffering. On one hand, when pushing data through the pipeline, an element step by step gets access to the media by receiving a pointer to a small buffer in memory from the preceding element (buffers on the level of elements). Before receiving that, the element cannot start working on that piece of media. On the other hand, one can add a buffer element to the pipeline. That element is responsible for letting bigger chunks of data get stored (buffers on the level of the pipeline). Before that’s done, the pipeline cannot start the playback.

          The second example concerns external and internal communication. The way a pipeline communicates internally is by sending events from one element to another. There are different kinds of events. Some of them are responsible for informing all pieces of the pipeline about an instruction that might come from outside the pipeline. An example is wanting to access a certain point of the video and playing the video from there, called seek event. For that to happen, the application can send a seek event to the pipeline (event on the level of pipeline). When that happens, that seek event is put on all sink elements of the pipeline and from there sent upstream, element by element (events on the level of elements), until it reaches the source element, which then pulls the requested data and sends it through the pipeline. But events are just one example of communication. Of course, there are other means. To mention some more: messages the pipeline leaves on the pipeline bus for the application to listen to, state changes and queries on elements or pads.

          So I find the concept of pipelines quite interesting. But to practically get media processed the way I want, I’d have to set up a whole pipeline correspondingly. Creating an adequate pipeline and communicating with it and/or its elements can get complicated. But luckily for me, the audio player in Fractal is implemented using a concept called GstPlayer, so that’s what I’ve also used for video. It’s an abstraction of a pipeline that sets up a simple pipeline for you when creating it. It also has a simple API to manipulate certain functionalities of the pipeline once created. And to go beyond those functionalities, you can still extract the underlying pipeline from a GstPlayer and manipulate it manually.

    • Distributions

      • Screenshots/Screencasts

      • Fedora Family

        • Top articles of 2019: Editors’ choice

          The year is still ending and the perfect time to reflect and look back at some Magazine articles continues. This time, let’s see if the editors chose some interesting ones from 2019. Yes, they did!


          Fedora Magazine exists thanks to our great contributors. And you (yes, you!) can become one, too! Contributions include topic proposals, writing, and editorial tasks. This article shows you how to join the team and help people learn about Linux.

      • Debian Family

        • Why is there so much fragmentation and division in Debian?

          Many people noticed Debian Developers have started making wholesale leaks of material from debian-private.

          This finishes off the same year where we saw the death of Lucy Wayland, the cover-up of a controversial $300,000 donation from Google and the blackmailing of Norbert Preining.

          What these divisions demonstrate is a maturity gap. The cabals running the project have never really grown up. Like a 15-year-old who receives a Ferrari for his birthday, the Debian Account Managers are not mature enough to handle the power associated with their positions.

          Anybody familiar with the content of debian-private can see this is true: some leadership figures who have been in the project for decades are still behaving the same way that they did in the nineteen nineties yet we are about to begin 2020.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • CNBC Reports Open Source Software Has Essentially 'Taken Over the World' [Ed: CNBC speaks to too many Microsoft people and omits the fact GitHub is proprietary software with racist censorship and surveillance; but then again, corporate media should be expected to do revisionism for someone's gain. Free software is everywhere, but most of us still have no software freedom because of paradigm changes like DRM, so-called openwashing ('Open Source') and 'clown computing'.]

        CNBC Explores released a 14-minute documentary this month called "The Rise Of Open-Source Software." It's already racked up 558,802 views on YouTube, arguing that open-source software "has essentially taken over the world. Companies in every industry, from Walmart to Exxon Mobile to Verizon, have open-sourced their projects. Microsoft has completely changed its point of view, and is now seen as a leader in the space. And in 2016 the U.S. government even promised to open-source at least 20% of all its new custom-developed code."

        The documentary does mention the 1990s, when Microsoft "even went so far as to call Open Source 'Unamerican' and bad for intellectual property rights." But two and a half minutes in, they also tell the famous story of that 1970s printer jam at MIT which led to the purchase of a proprietary printer that inspired Richard Stallman to quit his job to develop the GNU operating system and spearhead the free software movement. And at three and a half minutes in, they also describe how Linus Torvalds "unceremoniously released" Linux in 1991, and report that "By the turn of the century, NASA, Dell, and IBM were all using it." And at 4:18, they mention "other open source projects" gaining popularity, including MySQL, Perl, and Apache.


        Here's a list (in order of appearance) of the people interviewed: Nat Friedman, CEO of GitHub Devon Zuegel, Open-Source Product Manager, GitHub Chris Wright, CTO of Red Hat Jim Zemlin, Executive Director of the Linux Foundation Feross Aboukhadijeh, Open-Source Maintainer Chen Goldberg, Google's Director of Engineering

      • Events

        • The Ecosystem is Moving

          In his presentation, Marlinspike basically states that federated systems have the issue of being frozen in time while centralized systems are flexible and easy to change.

          As an example, Marlinspike names HTTP/1.1, which was released in 1999 and on which we are stuck on ever since. While it is true, that a huge part of the internet is currently running on HTTP 1.0 and 1.1, one has to consider that its successor HTTP/2.0 was only released in 2015. 4 / 5 years are not a long time to update the entirety of the internet, especially if you consider the fact that the big browser vendors announced to only make their browsers work with HTTP/2.0 sites when they are TLS encrypted.

          Marlinspike then goes on listing 4 expectations that advocates of federated systems have, namely privacy, censorship resistance, availability and control. This is pretty accurate and matches my personal expectations pretty well. He then argues, that Signal as a centralized application can fulfill those expectations as well, if not better than a decentralized system.

        • Linux Application Summit 2019 – retrospective

          I wanted to pen something before the year is gone about the recent Linux Application Summit 2019. This is the 3rd iteration of the conference and each iteration has moved the needle forward.

          The thing that excites me going forward is what we can do when we work together between our various free and open source communities. LAS represents forming a partnership and building a new community around applications. By itself the ‘desktop’ doesn’t mean much to the larger open source ecosystems not because it isn’t important because the frenetic pace of open source community expansion have moved so fast that these communities do not have organizational history of foundational technologies that our communities have built over the years that they use every day and maintain.

          To educate them would be too large of a task instead we need to capitalize on the hunger for technology, toolchains, and experience that build and possess. We can do that by presenting ourselves as the apps community which presents no prejudice to the outside community. We own apps, because we own the mindshare through maturity, experience, and communities that spring around it.

          From here, we can start representing apps not just through the main Linux App Summit, but through other venues. Create the Apps tracks at FOSDEM, Linux Foundation events, Plumbers etc.

      • FSF

        • GNU Projects

          • How to install GIMP on Linux Mint 19.3 Tricia

            Linux Mint is a great operating system, but with the most recent version (19.3 "Tricia"), there was some shocking news -- GIMP (GNU Image Manipulation Program) was being removed! Crazy, right? I mean, of all of the great software available for Linux, GIMP is one of the best. It is an essential image editing tool that rivals Adobe Photoshop.

            So, why did Linux Mint remove it as a pre-installed program? The developers thought the software was too advanced for newer Linux users. While I think that is a bit of nonsense, I can understand why the Mint developers would want to cater to beginners. Thankfully, it is totally easy to install GIMP on a new Linux Mint 19.3 installation.

          • PSPP now supports .spv files

            I just pushed support for SPV files to the master branch of PSPP.


            I would appreciate experience reports, positive or negative. The main known limitation is that graphs are not yet supported (this is actually a huge amount of work due to the way that SPSS implements graphs).

        • Licensing / Legal

          • Building ethical software based on the four freedoms

            Just because a license is not the right place to enforce ethical software usage doesn't mean we don't recognize the problem, or respect the people raising it. We should encourage and participate in conversations about the ethical usage of software. With the ground rules of free software as the baseline, anyone can build systems to specifically promote ethical use.

          • Google’s Monopoly is Stifling Free Software

            If you’d like a regular certificate, you can do so by attaching your public legal name to your software and sending in a copy of your driver’s license. And that is to say nothing of the risks you take these days online by publishing your legal name.

            And even if you do all of this and start signing your executables, I still can’t find any assurance whether Google will begin to treat these executables as safe or not.

      • Openness/Sharing/Collaboration

        • Open Data

          • Urgent notice

   and its services will be shut down on March 31st of 2020.

          • freedb is shutting down in March, 2020 (free music database)

            Freedb is a free online database of track listings for millions of CDs. Without this type of database, you’d either end up with a bunch of nameless files, or you’d have to manually type the album names, artist info, song titles, and other data into your computer.

            While FreeDB isn’t the only game in town, it’s been one of the most prominent services providing track listing data for nearly two decades — and according to a note at the freedb website, it’ll shut down at the end of March, 2020.

            Freedb data was originally based on information from the CDDB (Compact Disc Database), which eventually became proprietary software and which prohibited unlicensed applications from using that data. So freedb, which is a free service operated under a GPL license, now consists of user-generated data.

      • Programming/Development

        • The Debate Over GCC's SVN-to-Git Conversion Approach Won't Be Settled This Year

          The GNU Compiler Collection (GCC) plans for transitioning from SVN to Git over New Year's Day looks like for sure now that goal will not be realized. There still is no firm consensus over which SVN to Git conversion approach to utilize.

          On Christmas Eve, Eric S Raymond announced his Reposurgeon software should be ready for a full and correct GCC conversion of the SVN source tree to Git. Since then, various minors bugs have been pointed out and tweaking to Reposurgeon has continued.

        • Serverless Kafka on Kubernetes

          DevNation tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this presentation, you’ll learn about the serverless developer experience on Kubernetes with Knative and Apache Kafka from Matthias Wessendorf.

          Apache Kafka has emerged as a leading platform for building real-time data pipelines and for high-throughput/low-latency messaging. With its scalable and distributed design, Apache Kafka is a good fit for platforms like Kubernetes. Knative, on the other hand, is a Kubernetes-based platform that comes with a set of building blocks to build, deploy, and manage modern serverless workloads.

        • 8 must-read DevOps articles for success in 2020

          I am an avid reader, but I go through periods where I'm so busy that it's hard to find the time to keep up with my reading list. Even during my busiest times, I try to stay up to date on DevOps news since it's one of my areas of focus.

          Here, I've summarized key takeaways from the top eight DevOps articles published this year so you can increase your knowledge even if you don't have time to read all of them. Since DevOps is about people, processes, and tools, I've categorized the top eight articles around those themes.

        • Donald Knuth’s 2019 ‘Christmas Tree Lecture’ Explores Pi in ‘The Art of Computer Programming’

          But for this year’s lecture, Knuth did something special. He showed the audience how, throughout the last half of a century, he’s whimsically worked the digits of pi into various exercises in his book — again, and again, and again. Knuth tells the audience that he’s searched the entire text of his own book, The Art of Computer Programming, using the Linux tool egrep, and he’s found a whopping 1,700 occurrences of the word pi, “which mean pi occurs maybe twice every five pages in the book so far.” He feels that using pi in his examples assures readers that the algorithms really will work, even on an arbitrarily chosen cluster of digits.

        • The best resources for agile software development

's six-part guide to Small Scale Scrum (which I helped co-author) advises smaller teams on how to bring agile into their work. The traditional scrum framework outlined in the official Scrum Guide recommends a minimum of three people for the framework to realize its full potential. However, it provides no guidance for how teams of one or two people can follow scrum successfully. Our six-part series aims to formalize Small Scale Scrum and examines our experience with it in the real world. The series was received very warmly by our readers—so much such that the six individual articles comprise 60% of our Top 10 list. So, if you haven't already, make sure to download them from our Introduction to Small Scale Scrum page.

        • Python

          • Namespaces are the shamash candle of the Zen of Python

            Modules are namespaces. This means that correctly predicting module semantics often just requires familiarity with how Python namespaces work. Classes are namespaces. Objects are namespaces. Functions have access to their local namespace, their parent namespace, and the global namespace.

            The simple model, where the . operator accesses an object, which in turn will usually, but not always, do some sort of dictionary lookup, makes Python hard to optimize, but easy to explain.

            Indeed, some third-party modules take this guideline and run with it. For example, the variants package turns functions into namespaces of "related functionality." It is a good example of how the Zen of Python can inspire new abstractions.

          • How to use Pandas get_dummies to Create Dummy Variables in Python

            The post How to use Pandas get_dummies to Create Dummy Variables in Python appeared first on Erik Marsja.

            In this post, we will learn how to use Pandas get_dummies() method to create dummy variables in Python. Dummy variables (or binary/indicator variables) are often used in statistical analyses as well as in more simple descriptive statistics.

  • Leftovers

    • 2020 Is Not A New Decade… You Innumerate Bastards

      If you’re one of those people looking forward to a new decade on Wednesday, Lindsay Foyle has no plans to let you anywhere near his finances, although he might let you score for him in cricket.

    • Education

      • How Schools Can Sustain Students' Cultures

        High school students enter a classroom at Rainier Beach High School in Seattle on an October morning. They sit at their desks, but they’re soon asked to rearrange their chairs into a circle. Today is Thursday, which means they’ll be having their weekly class in restorative justice.

      • Digital Divide: What It’s Like to Be a Student Without Internet at Home

        The same Census Bureau report featured an analysis of internet subscription rates in Memphis, Tennessee, showing high connectivity in the suburbs around the city, but noticeably large gaps in both the urban core, and in rural areas. As a recent Washington Post headline put it, “cities, not rural areas, are the real Internet deserts.” And education experts interviewed by Teen Vogue say that internet connectivity is just one of many issues creating a digital divide among students.

    • Integrity/Availability

      • Proprietary

        • Election security, ransomware dominate cyber concerns for 2020 [iophk: Windows TCO]

          Senate Democrats have repeatedly tried to force Senate Majority Leader Mitch McConnell (R-Ky.) to schedule votes on a raft of various election security bills. The House has passed three major pieces of election security legislation this year that have stalled amid Republican objections in the Senate.

        • Pseudo-Open Source

        • Security

          • 36C3: Open Source Is Insufficient To Solve Trust Problems In Hardware

            With open source software, we’ve grown accustomed to a certain level of trust that whatever we are running on our computers is what we expect it to actually be. Thanks to hashing and public key signatures in various parts in the development and deployment cycle, it’s hard for a third party to modify source code or executables without us being easily able to spot it, even if it travels through untrustworthy channels.

            Unfortunately, when it comes to open source hardware, the number of steps and parties involved that are out of our control until we have a final product — production, logistics, distribution, even the customer — makes it substantially more difficult to achieve the same peace of mind. To make things worse, to actually validate the hardware on chip level, you’d ultimately have to destroy it.

            On his talk this year at the 36C3, [bunnie] showed a detailed insight of several attack vectors we could face during manufacturing. Skipping the obvious ones like adding or substituting components, he’s focusing on highly ambitious and hard to detect modifications inside an IC’s package with wirebonded or through-silicon via (TSV) implants, down to modifying the netlist or mask of the integrated circuit itself. And these aren’t any theoretical or “what if” scenarios, but actual possible options — of course, some of them come with a certain price tag, but in the end, with the right motivation, money is only a detail.

          • 10 articles to enhance your security aptitude

            Whether you're learning the first steps or looking to add to your skills, there's something for you in's top 10 security articles of 2019.

            If security is a process (and it is), then it stands to reason that different projects (and contributors) are in different places. Some applications have years of security testing, with design done by people who have worked in information security for decades. Others are brand new projects by developers working on their first open source project. It comes as no surprise that's top security articles of 2019 represent this range of experience. We have articles that introduce basic security practices as well as deep dives into more advanced topics.

            Whether you're learning the first steps or looking to add to your skills acquired over a storied career, there's something for you in the top 10 security articles of 2019.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • There’s Money To Be Made In Taming Open Source Software Code

              “We’re trying to create order out of chaos,” said CEO Wayne Jackson of his company, Sonatype.


              “We are building the world’s critical infrastructure on software somebody else wrote, a stranger with unknown skills, motivations and desires, but the desire to innovate is so high, we’re willing to accept the risk of using some random person’s software invention,” Jackson said.

              Sometimes developers understand the practical use of the open source code they’re creating, and sometimes they don’t, according to Jackson.

          • Privacy/Surveillance

            • Courts Grapple with a Sea Change in Fourth Amendment Law After Carpenter v US: Year in Review 2019

              Last year, the Supreme Court issued a landmark opinion in a case we’ve written about a lot, called Carpenter v. United States, ruling that the Fourth Amendment protects data generated by our phones called historical cell-site location information or CSLI. The Court recognized that CSLI creates a “detailed chronicle of a person’s physical presence compiled every day, every moment over years.” As a result, police must now get a warrant to access it.€ 

              In the year and a half since the Supreme Court’s ruling, Carpenter has been cited in more than 450 criminal and civil cases across the country. Carpenter caused a sea change in Fourth Amendment law because it expressly recognized that, under the right circumstances, we have a reasonable expectation of privacy in information we share with third parties and in our actions while we’re in public. The question courts began to grapple with in 2019 and will continue to address in 2020 is what those circumstances are.

            • Edward Snowden Sets the Record Straight

              I generally care relatively little for the personal lives of people of note, but something that always nagged me just slightly about Edward Snowden’s 2013 revelations that the NSA was spying on pretty much everyone was — how angry was his girlfriend?

            • Encrypting DNS: Year in Review 2019

              This February, with Venezuela rocked by economic collapse and a presidential succession crisis, an opposition party put out a call for volunteers. Juan Guaidó, a political leader with the Popular Will party, called on supporters to register at the site “Volunteers for Venezuela”. Guaidó announced that the call was successful, with over 100,000 supporters submitting their contact information to the site.

              But according to researchers with Venezuela Inteligente, CrowdStrike, and Kaspersky Lab, bad actors used DNS response injection to route these visitors to a fake version of the site. The fake version of the site looked identical to the real one, but researchers believe that the information collected was sent to the attackers instead of to Guaidó’s party. On February 17th, the identities of the activists were leaked by a media outlet supporting Guaidó’s rival Nicolás Maduro, which the Atlantic Council’s Digital Forensics Research Lab believes had access to the database of phished information.

            • Episode 60 – Regulating the Internet: From Children's Online Privacy Protection Act to CA's 2020 Privacy Protection Law - Along The Line Podcast

              Along the Line, is a member of the Demcast network, brought to you by the Media Freedom Foundation. On today’s episode€ hosts Nicholas Baham III (Dr. Dreadlocks), Janice Domingo,€  and Nolan Higdon discuss Internet regulation from its inception to California’s 2020 privacy protection law.€ ATL’s€  Creative Director is Dylan Lazaga.€  Mickey Huff is ATL’s producer. ATL’s engineer is Janice Domingo. Adam Armstrong is ATL’s webmaster.

            • Police Use Face-Recognition Software as India Protests Intensify

              The Indian Express report may spark fears that the state is using the police to prevent democratic protests against a law that bars undocumented Muslims from three neighboring nations seeking Indian citizenship, but allows people of other faiths to do so.

    • Defence/Aggression

      • Taliban OKs Cease-Fire to Advance Afghanistan Peace Talks

        The Taliban’s ruling council agreed Sunday to a temporary cease-fire in Afghanistan, providing a window in which a peace agreement with the United States can be signed, officials from the insurgent group said. They didn’t say when it would begin.

      • Is anti-Hasidism more acceptable than antisemitism?

        On December 10, A kosher grocery store in Jersey City was attacked and 3 people killed.

        This was next door to a Jewish school which appears to have been the real target.

        In response to this, and to ongoing attacks over the past several years, New York City Mayor Bill De Blasio announced an increase in patrols in the affected neighborhoods.


        And here’s where I claim blogger’s privilege and write without sourcing: the grocery attack and the Hanukkah attack are not new; there has been ongoing violence against the Jewish communities of New York City and its suburbs for some years now, without outsiders taking much interest in it. Passers-by on the streets — mothers, the elderly, and others considered to be innocent and defenseless, assaulted in ways that range from petty to serious injuries. But those same voices who in other contexts proclaim their opposition to racism and prejudice of all kinds, back off and say, “it’s complicated.”

      • 'The Jewish Community is Terrified': 5 Stabbed in Latest Anti-Semitic Attack

        A knife-wielding man stormed into a rabbi’s home and stabbed five people as they celebrated Hanukkah in an Orthodox Jewish community north of New York City, an ambush the governor said Sunday was an act of domestic terrorism fueled by intolerance and a “cancer” of growing hatred in America.

      • After 2018 spike in domestic violence deaths, experts look to data for solutions [Ed: See 2018's 'The President of the United States says it's OK to grab women by their private parts'<./a>]

        When Longmont Police Department Detective Sandra Campanella thinks ahead to the new year, she thinks of the work that has to be done to improve resources for domestic violence victims so that they can safely leave abusive relationships.

        This feeling surfaced last week , when Campanella reflected on a Colorado Domestic Violence Fatality Review Board report released by the Colorado Office of the Attorney General showed 43 people died from domestic violence in 2018, a number that surged in comparison to 2017, which saw a total of 39 deaths. While Campanella said population growth likely was a factor in the rise, it still points to an issue.

        “It’s 43 people too many,” Campanella said.

        The Colorado Domestic Violence Fatality Review Board is comprised of experts from the field who work with victims. The board was created in 2017 by the Colorado General Assembly to analyze data and create state policy recommendations. To compile the report, the board worked with the Denver Metro Domestic Violence Fatality Review committee.

        “We need to always figure out how to learn from tragedy,” said Attorney General Phil Weiser. “We need to go back and see what happened. What were the warning signs that were missed?”

      • Denver talk radio show canceled after host wishes “for a nice school shooting” to interrupt impeachment

        “All right, Chuck Bonniwell, Julie Hayden here, a little after 1:30, talking about the never-ending impeachment of Donald Trump,” host Chuck Bonniwell said on his show Tuesday, chuckling. “You know you wish for a nice school shooting” to interrupt the impeachment news, he said, as his co-host jumped in, decrying the statement.

        “Don’t even — don’t even say that. No, don’t even say that,” Hayden said. “Don’t call us. Chuck didn’t say that.” As he laughed, Bonniwell continued, “– which no one would be hurt.”

        On Wednesday evening, 710 KNUS posted on Twitter that Bonniwell’s program was canceled: “Given the history of school violence that has plagued our community, 710 KNUS confirms that an inappropriate comment was made on the Chuck & Julie show by co-host Chuck Bonniwell. A programming decision was made to end the program immediately.”

      • U.S. Strikes Militia Targets in Iraq and Syria

        The U.S. has carried out military strikes in Iraq and Syria targeting a militia blamed for a rocket attack that killed an American contractor, a Defense Department spokesman said Sunday.

    • Environment

    • Finance

    • AstroTurf/Lobbying/Politics

    • Freedom of Information / Freedom of the Press

      • Here Are Five Ways to Support Chelsea Manning in 2020

        The year 2019 has been a nightmare for whistleblower Chelsea Manning and her supporters. While Donald Trump cleared three members of the United States Army who reportedly murdered Afghani civilians, Manning is, once again, confined for acting in accord with her own principles. In 2010, she was imprisoned for leaking classified military and diplomatic documents that exposed U.S. war crimes, including the murder of Iraqi and Afghani civilians.

      • Addresses of Elton John, Olivia Newton-John Leaked by UK Government

        Reuters is reporting that the British government published the physical addresses of a number of celebrities online by accident, including those of Elton John and Olivia Newton-John.

      • The Bernie Blackout Is Over

        The media shift on Sanders, matched by a change in attitude among establishment Democrats, is one sign that Sanders has a chance. But there are still hurdles the candidate has to clear. The most important barrier is the concern Democratic primary voters have over electability.

    • Civil Rights/Policing

    • Monopolies

      • The Holidays Suck For Gig Workers

        Things aren’t just grim for Instacart workers this winter. Across the United States, gig workers on apps including Uber, Lyft, and UberEats saw precipitous drops in their income this year, as companies slash wages in anticipation of initial public offerings on the stock market. The companies have also flooded the markets with new workers, making “gig” assignments harder to come by. (Both Uber and Lyft made their stock market debuts this year, while Instacart’s CEO hinted earlier this year that the company, which has been valued at $7.8 billion, plans to file for an IPO.)

        The changes have left gig workers struggling to pay for food, utilities, and medical bills.

      • Patents

        • Patent case: Judgment of Barcelona Court of Appeals No. 861/2019 dated 10 May 2019, Spain

          In a thorough decision, Barcelona Commercial Court (Section 15) clarifies important findings on novelty, inventive step and claim construction. A technical feature disclosed in the prior art will not anticipate an identical feature if the exact same functionality is not described in the prior art, even if it is common ground that the prior art’s feature may indeed perform the same function.

        • CG Technology Development, LLC v. Fanduel, Inc. (Fed. Cir. 2019)

          CG Technology Development, LLC (CG Tech) appealed the Patent Trial and Appeal Board's Final Written Decision holding that the claims of U.S. Patent RE39,818 would have been obvious. The Federal Circuit found that even though the disputed limitations in the claims were improperly construed, the claims were nevertheless invalid under the proper construction. [...]

          The Federal Circuit agreed with CG Tech that the Board erred in construing the "authorize play based on age" limitations. The Board's construction was found to fail to distinguish the two embodiments described in the claims and the specification: authorizing and adjusting. "Authorize" indicates only prohibiting (or not prohibiting) the player from playing the game, a concept distinct from "adjusting" the game. The claims also distinguish between "authorizing" game execution based on user age and "adjusting" the game.

          The specification similarly distinguishes between authorizing and adjusting game play. The specification describes a controller that ensures "amusement games designed for a specific age group [are] not operated by an inappropriate user" such that a "video game can be prohibited based on the user age." But it separately explains that "educational video 'games' can be adjusted to the age of the user." The intrinsic record thus supports the conclusion that the "authorize play based on age" limitations do not include adjustment and therefore are properly construed as requiring "a control that prohibits operation of a video game based on the user's age."

          Although the Board incorrectly construed the "authorize play based on age" limitations, its findings regarding Kelly were limited to Kelly's disclosure of "prohibiting" game play based on age. The incorrect claim construction was therefore found to be harmless error since substantial evidence supported the Board's finding.


          Thus, because substantial evidence supported the Board's finding that Kelly teaches these limitations under the proper construction, the Federal Circuit affirmed the Board's decision.

      • Copyrights

        • Australian Piracy Rates Drop, But So Does Spending

          This week Australia's Department of Communications and the Arts published its latest consumer survey on copyright infringement. The data reveal that while there are apparently fewer Aussie pirates, overall spending on music, movies and games is down too. Pirate site blocking does seem to have some effect, even though the survey overstates the effectiveness somewhat.

        • The Top 19 Most Significant Piracy Shutdowns of 2019

          The online piracy wars have claimed many victims over the years, from regular file-sharers to anti-piracy companies that collapsed under their own controversies. But perhaps the most obvious are the many pirate sites, platforms and services that have gone down due to a firestorm of litigation, overwhelming threats, or raids by law enforcement authorities. Here are the Top 19 casualties of 2019.

Recent Techrights' Posts

Women in Free Software (FOSS) Need Action, Not Mere Words
the men who are loudest about women's rights are some of the very worst offenders
Embrace, Extend, Extinguish Minecraft
These folks should check out Minetest
Techrights Statement on Men Who Viciously Attack Women in Free Software
history shows women will win
Tux Machines: Third Party Impending
There will be more next week
Bing Has Run Out of Time and Microsoft Might Dismantle It (Save a Financial Miracle)
How much more of investors' money is Microsoft willing to throw in the trash?
Microsoft is Dying in Africa
Based on the Central African Republic, which "is around the same size as France"
Microsoft Needs to be Banned From Contracts, Including Government Contracts, Not Just for Security Failings But for Criminal Negligence, Corruption, and Fatal Cover-ups
How many deaths will it take for Microsoft to face real, effective scrutiny rather than kid gloves treatment?
[Meme] Code Liberates Kids
Matthias Kirschner: I can't code, but I can write a book
In Armenia, Bing is Measured at 0.6%, About Ten Times Less Than Yandex
Bing will probably get mothballed in the coming years
[Meme] A Pack and Pact (Collusion Against Computer Users)
They never really cared about users, no more than drug dealers care about drug users...
GNU/Linux in Azerbaijan: From ~0.1% to 7%
Azerbaijan is around the same size as Portugal
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 14, 2024
IRC logs for Friday, June 14, 2024
[Meme] People Who Cannot Find Gainful Employment Because of Their Poor Behaviour Online (Not the People Who Merely Call Them Out on It)
Imagine trying to become a lecturer while talking like this in public
You Too Would Get Nervous
countries where Windows is down to 2%
[Meme] The Two Phases (and Faces) of Microsofters
Microsofters: stalk IRC, then troll IRC
The 'Nobody Reads Techrights Anyway' Crowd
Send In the Clowns
Books in the Making
I intend to spend a considerable amount of time explaining what my family and I were subjected to for the 'crime' of promoting/covering Free software
Microsoft is Still Losing Malta
And GNU/Linux is doing well on laptops and desktops
Links 14/06/2024: Microsoft Layoffs in the News Again, East-West Conflict/Tensions Update
Links for the day
Links 14/06/2024: Comments on the Death of Email and Lagrange Commentary
Links for the day
Dutch Government Appoints Microsofters to Combat "OSS Fetishism"
What corruption looks like
Microsoft's Collapse in Africa and Shutdown of Entire 'Development Centre'
Unlike what Microsoft claimed in face-saving statements
[Meme] Not Your Typical IRC Troll and Harasser
I say, let's punch nazis...
GNU/Linux's Journey in Qatar: From 0.1% to Over 3%
Windows is no longer an important contender there
Secret Contracts and Corpses
The media pretends it's just some generic "IT" issue, but it is not
Statement on Antisemitism in Our IRC Network and in Social Control Media
In an ideal world nobody would have to be banned from IRC
Gemini Links 14/06/2024: Ads vs. Content, Why Aliases Are Har
Links for the day
Vista 11 Has Fallen in Switzerland, a Country That is More Microsoft Friendly Than Most of Europe
GNU/Linux rose to its highest level there in almost half a decade
[Meme] Microsoft in Africa
Are you telling me Windows is now down to 1% 'market share' in some countries?
Management of the European Patent Office Misleads Staff on Views of the Office's Staff Committee
The EPO as a workplace very rapidly deteriorates
[Meme] Newer is Worse
"They say those are New Ways of Working (NWoW); New does not mean better, it is worse"
Links 14/06/2024: Violence, Famines, and Montana Has More Cows Than People
Links for the day
Microsoft Telecom Layoffs, Facebook Layoffs in Africa: A Month After Microsoft's Mass Layoffs in Lagos (Nigeria) Facebook/Meta Does the Same and Microsoft is Now Retreating and Quitting an Entire Sector! (Affirmed Networks and Metaswitch)
Disasters in the making for GAFAM. Money down the drain.
Papua New Guinea: GNU/Linux Growing, Windows Down Below 15%
it seems indisputable there's headway and momentum
"Planets" Cannot Replace Social Control Media, They're Very Much Akin to It (Censorship Hubs, Gatekeepers)
Don't be subjected to gaslighting; make your own OPML file
Topics That Truly Irritate and Consistently Infuriate the Microsofters (Whenever We Cover These)
Censoring uncomfortable information is a difficult activity that has its limits, even in Reddit
Honduras: Vista 11 Down, GNU/Linux Up
Valve sees GNU/Linux as bigger than Apple's MacOS
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 13, 2024
IRC logs for Thursday, June 13, 2024
LibrePlanet 2024 and the Lost Video/Audio of Talks
After the event was over someone informed us that due to technical issues they had lost (or failed to acquire) recordings of the talks
Choosing Between Options to Outsource to Evades the Best Solution (Self-Hosting)
Most users don't need this sort of complexity
IBM Layoffs at Kyndryl
This can soon spill over to Red Hat
Turkmenistan: GNU/Linux Leaps Past 5% This Month?
This is how statCounter sees it
Watch This Space
what matters most is not the volume or quantity of publications but their underlying depth and quality
Short Downtimes, Planned Maintenance
Hypervisor maintenance is planned
Links 13/06/2024: Ongoing Sharp Increases in Deaths, Mediterranean Diet Linked to 23% Lower Risk of Death in Women
Links for the day
Gemini Links 13/06/2024: Linuxing of the Dell Laptop and Deep Dive into the World of the OpenEarth Foundation
Links for the day
New Highs for Android in Haiti (Nearly 80%), Microsoft Windows at Only 4%
that's Android at another new high and very close to 80% (it now seems inevitable)
[Meme] How Stefano Maffulli (and Microsoft's Own OSI Insiders) Make Money
Milking what's left of the OSI by attacking its very mission - something that more people now recognise
Mobs Don't Get the Job Done (Mob Leaders Have Lost Credibility/Visibility, Job, or Both)
their demands weren't met
Montenegro: GNU/Linux "Proper" at Over 6%
Windows is down to record lows
Links 13/06/2024: Overpopulation Woes, Best Buy Lays Off More Employees
Links for the day
Nationwide Eventually Did Listen
Miles better than their original nonresponse
The Corruption of Open Source Initiative (OSI), a Front Group of Microsoft and GAFAM, Openwashing Proprietary Things and Even Plagiarism, GPL Violations
Stefano Maffulli (and Microsoft's staff that works with him) basically profits from anti-FOSS
In Malawi, Windows Down to 10%, GNU/Linux Growing
it's not a small country
[Meme] Featuritis
Newer is not always better
"AI" Tech Bubble
How much "hype quotient" does this whole "hey hi" (AI) thing have left in it?
Links 13/06/2024: Science, Politics, and Gemini
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 12, 2024
IRC logs for Wednesday, June 12, 2024